VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Zmizel Antivirus, nelze znovu naisntalovat.

https://forum.viry.cz:443/viewtopic.php?t=156699

Stránka 1 z 2

Zmizel Antivirus, nelze znovu naisntalovat.

Napsal: 03 led 2020 23:28
od zuznay
Zdravím, dnes jsem si všimla že zmizel antivirus (ESET), nelze ho znovu nainstalovat. Nainstalovala jsem Malwarebytes smazalo to toho spoustu, ale problém přetrvává.

logy:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-12-2019
Ran by Administrator_1 (administrator) on DESKTOP-2LUJDH2 (MSI MS-7917) (03-01-2020 23:21:31)
Running from C:\Users\Administrator_1\Downloads
Loaded Profiles: Administrator_1 (Available Profiles: Administrator_1)
Platform: Windows 10 Pro Version 1903 18362.476 (X64) Language: Czech (Czech Republic)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0348909.inf_amd64_f9f8b711ad4efca4\B349181\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0348909.inf_amd64_f9f8b711ad4efca4\B349181\atiesrxx.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Driver Booster\7.1.0\Pub\PubMonitor.exe
(Malwarebytes Inc -> Malwarebytes) D:\DOWNLOADS\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) D:\DOWNLOADS\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11911.1001.9.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(WhatsApp, Inc -> WhatsApp) C:\Users\Administrator_1\AppData\Local\WhatsApp\app-0.3.9309\WhatsApp.exe
(WhatsApp, Inc -> WhatsApp) C:\Users\Administrator_1\AppData\Local\WhatsApp\app-0.3.9309\WhatsApp.exe
(WhatsApp, Inc -> WhatsApp) C:\Users\Administrator_1\AppData\Local\WhatsApp\app-0.3.9309\WhatsApp.exe
(WhatsApp, Inc -> WhatsApp) C:\Users\Administrator_1\AppData\Local\WhatsApp\app-0.3.9309\WhatsApp.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9269352 2019-11-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [egui] => "C:\Program Files\ESET\ESET Security\ecmds.exe" /run /hide /proxy
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [139624 2019-12-13] (IDSA Production signing key -> Intel)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3107723246-2406789225-4189533835-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Fliqlo.scr [679936 2019-11-09] (ScreenTime Media) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.88\Installer\chrmstp.exe [2019-12-18] (Google LLC -> Google LLC)
IFEO\osppsvc.exe: [Debugger] rundll32.exe KMS.dll,PatcherMain

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {07CB590E-CD05-4835-ACF3-591200A170AF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4321688 2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {0E3F9677-BF67-4052-95B8-3C62ADBA4454} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61112 2019-11-01] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {13DD415D-6E3D-4BFA-B2A7-F5D841DDF67C} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1373592 2019-12-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {16A14A8B-0197-4E01-B60E-86103D6A44DC} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {1E73895A-FB68-40BB-A730-FED88E7F1BD6} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [68280 2019-11-01] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {31CBAABB-2721-4559-91D9-94AF4401C8AE} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {31D0587D-327B-4B03-BC0C-50FB4B4B68B6} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24671608 2019-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {347C2F30-3C24-44FA-B2F9-8A7A363F3164} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [468992 2019-11-01] (Advanced Micro Devices, Inc.) [File not signed]
Task: {37687884-540B-42C9-9B56-8B90292EDAE1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-09] (Google Inc -> Google LLC)
Task: {40CEF2F5-CD59-4629-8A67-EB5C4A283858} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [112984 2019-12-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {48138990-D717-469D-8783-496965DD0857} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24671608 2019-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {7CF9CDBC-86D4-4907-9046-CFE15918D5A5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-09] (Google Inc -> Google LLC)
Task: {84055921-48BC-467F-9C0C-0CB414A4F5E1} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18744 2019-04-15] (Intel(R) Software Development Products -> Intel Corporation)
Task: {88BD4D61-5F0F-4916-BCA8-3500BE4EE8B8} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [468992 2019-11-01] (Advanced Micro Devices, Inc.) [File not signed]
Task: {89DBEEE9-94C9-4811-8368-91568E2F54EA} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18744 2019-04-15] (Intel(R) Software Development Products -> Intel Corporation)
Task: {94AA34E4-867A-421D-8FF3-CB38BB3E91C4} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\7.1.0\Scheduler.exe [149776 2019-10-31] (IObit Information Technology -> IObit)
Task: {AA68B619-496C-4EB2-A137-09203EA94F83} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {AF09F91D-FDCA-4F0A-9505-EB9EE0AF766A} - System32\Tasks\Driver Booster SkipUAC (Administrator_1) => C:\Program Files (x86)\IObit\Driver Booster\7.1.0\DriverBooster.exe [7757072 2019-10-31] (IObit Information Technology -> IObit)
Task: {B198ABD8-F3B4-4422-870D-604D431B6F9A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4321688 2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {BFDB1C6A-1B28-4F19-BF81-103B93232941} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {C6DB01B5-65FB-48CB-B0BA-32759210ED5E} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [112984 2019-12-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {CD1549DA-5757-4160-BCEE-459DF8F0B018} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1373592 2019-12-14] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{c184bee4-9402-4a2d-b9c5-d518643f0599}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultSearchURL: Default -> hxxps://photos.google.com/u/1/albums
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Administrator_1\AppData\Local\Google\Chrome\User Data\Default [2020-01-03]
CHR Extension: (Prezentace) - C:\Users\Administrator_1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-11-09]
CHR Extension: (Dokumenty) - C:\Users\Administrator_1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-11-09]
CHR Extension: (Disk Google) - C:\Users\Administrator_1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-11-09]
CHR Extension: (YouTube) - C:\Users\Administrator_1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-11-09]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Administrator_1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-11-09]
CHR Extension: (Notifier for Gmail™) - C:\Users\Administrator_1\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcjichoefijpinlfnjghokpkojhlhkgl [2019-11-09]
CHR Extension: (Tabulky) - C:\Users\Administrator_1\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-11-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\Administrator_1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-11-10]
CHR Extension: (Blue/Green Cubes) - C:\Users\Administrator_1\AppData\Local\Google\Chrome\User Data\Default\Extensions\iipbjjaibkibpabddphfcgbngfhhfkml [2019-11-09]
CHR Extension: (Grammarly for Chrome) - C:\Users\Administrator_1\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2019-12-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Administrator_1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-09]
CHR Extension: (Gmail) - C:\Users\Administrator_1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-11-09]
CHR Extension: (Chrome Media Router) - C:\Users\Administrator_1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-17]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AMD External Events Utility; C:\Windows\System32\DriverStore\FileRepository\c0348909.inf_amd64_f9f8b711ad4efca4\B349181\atiesrxx.exe [509144 2020-01-03] (Advanced Micro Devices, Inc. -> AMD)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8402648 2019-11-21] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11345992 2019-11-28] (Microsoft Corporation -> Microsoft Corporation)
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [38248 2019-12-13] (IDSA Production signing key -> Intel)
R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [145768 2019-12-13] (IDSA Production signing key -> Intel)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [777856 2019-11-21] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [877368 2019-08-16] (Intel(R) Software Development Products -> )
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373744 2016-11-01] (Intel(R) pGFX -> Intel Corporation)
S3 Intel(R) SUR QC SAM; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18744 2019-04-15] (Intel(R) Software Development Products -> Intel Corporation)
R2 MBAMService; D:\DOWNLOADS\MBAMService.exe [6960640 2020-01-03] (Malwarebytes Inc -> Malwarebytes)
R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe [204088 2019-08-16] (Intel(R) Software Development Products -> )
S3 uncheater_bgl; C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe [2097008 2019-11-12] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [877368 2019-08-16] (Intel(R) Software Development Products -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\NisSrv.exe [3201616 2019-11-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [2156368 2019-08-01] (Wacom Technology Corporation -> Wacom Technology, Corp.)
S3 wuauserv; C:\Windows\system32\svchost.exe [53744 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 wuauserv; C:\Windows\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S2 ekrn; "C:\Program Files\ESET\ESET Security\ekrn.exe" [X]
S3 ekrnEpfw; "C:\Program Files\ESET\ESET Security\ekrn.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdkmdag; C:\Windows\System32\DriverStore\FileRepository\c0348909.inf_amd64_f9f8b711ad4efca4\B349181\atikmdag.sys [60671704 2020-01-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DriverStore\FileRepository\c0348909.inf_amd64_f9f8b711ad4efca4\B349181\atikmpag.sys [598232 2020-01-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [103456 2019-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [108152 2019-07-24] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 e2xw10x64; C:\Windows\System32\drivers\e2xw10x64.sys [145920 2019-03-19] (Microsoft Windows -> Qualcomm Atheros, Inc.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [149944 2019-10-03] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [103264 2019-10-03] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15800 2019-09-30] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [189512 2019-10-03] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [50712 2019-10-03] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [77184 2019-10-03] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [114136 2019-10-03] (ESET, spol. s r.o. -> ESET)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153312 2020-01-03] (Malwarebytes Corporation -> Malwarebytes)
R3 ETDSMBus; C:\Windows\system32\DRIVERS\ETDSMBus.sys [33328 2019-11-15] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2019-11-08] (Martin Malik - REALiX -> REALiX(tm))
R3 KillerEth; C:\Windows\System32\drivers\e2xw10x64.sys [145920 2019-03-19] (Microsoft Windows -> Qualcomm Atheros, Inc.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [216544 2020-01-03] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [20936 2020-01-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [224408 2020-01-03] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73584 2020-01-03] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [278344 2020-01-03] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [116832 2020-01-03] (Malwarebytes Corporation -> Malwarebytes)
S3 ptun0901; C:\Windows\System32\drivers\ptun0901.sys [27136 2014-08-08] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [41816 2019-08-16] (Intel Corporation -> )
R3 WacHidRouterPro; C:\Windows\System32\drivers\wachidrouter.sys [131736 2019-08-01] (Wacom Technology Corporation -> Wacom Technology, Corp.)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [46472 2019-11-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [351968 2019-11-08] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [53984 2019-11-08] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\Windows\xhunter1.sys [74552 2019-11-16] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-03 23:21 - 2020-01-03 23:21 - 000026843 _____ C:\Users\Administrator_1\Downloads\FRST.txt
2020-01-03 23:20 - 2020-01-03 23:21 - 000000000 ____D C:\FRST
2020-01-03 23:20 - 2020-01-03 23:20 - 002272256 _____ (Farbar) C:\Users\Administrator_1\Downloads\FRST64.exe
2020-01-03 22:58 - 2020-01-03 22:58 - 005504960 _____ (ESET) C:\Users\Administrator_1\Downloads\eset_internet_security_live_installer.exe
2020-01-03 22:55 - 2020-01-03 22:55 - 000278344 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2020-01-03 22:55 - 2020-01-03 22:55 - 000224408 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2020-01-03 22:55 - 2020-01-03 22:55 - 000116832 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2020-01-03 22:55 - 2020-01-03 22:55 - 000073584 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2020-01-03 22:37 - 2020-01-03 22:37 - 000216544 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2020-01-03 22:37 - 2020-01-03 22:37 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-01-03 22:37 - 2020-01-03 22:37 - 000020936 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2020-01-03 22:37 - 2020-01-03 22:37 - 000000614 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-01-03 22:37 - 2020-01-03 22:37 - 000000000 ____D C:\Users\Administrator_1\AppData\Local\mbamtray
2020-01-03 22:37 - 2020-01-03 22:37 - 000000000 ____D C:\Users\Administrator_1\AppData\Local\mbam
2020-01-03 22:37 - 2020-01-03 22:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2020-01-03 22:37 - 2020-01-03 22:37 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-01-03 22:34 - 2020-01-03 22:35 - 000000000 ____D C:\AdwCleaner
2020-01-03 22:24 - 2020-01-03 22:24 - 000000000 ____D C:\Windows\system32\appmgmt
2020-01-03 22:17 - 2020-01-03 22:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blackmagic Design
2020-01-03 22:08 - 2020-01-03 22:08 - 000000000 ____D C:\Windows\LastGood.Tmp
2020-01-03 22:08 - 2020-01-03 22:08 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies
2020-01-03 22:07 - 2020-01-03 22:07 - 001593048 _____ (AMD) C:\Windows\system32\coinst_19.30.dll
2020-01-03 22:07 - 2020-01-03 22:07 - 001243352 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2020-01-03 22:07 - 2020-01-03 22:07 - 001073336 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2020-01-03 22:07 - 2020-01-03 22:07 - 001073336 _____ C:\Windows\system32\vulkan-1.dll
2020-01-03 22:07 - 2020-01-03 22:07 - 000930112 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2020-01-03 22:07 - 2020-01-03 22:07 - 000930112 _____ C:\Windows\SysWOW64\vulkan-1.dll
2020-01-03 22:07 - 2020-01-03 22:07 - 000852392 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2020-01-03 22:07 - 2020-01-03 22:07 - 000852392 _____ C:\Windows\system32\vulkaninfo.exe
2020-01-03 22:07 - 2020-01-03 22:07 - 000710056 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-01-03 22:07 - 2020-01-03 22:07 - 000710056 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2020-01-03 22:07 - 2020-01-03 22:07 - 000122072 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2020-01-03 22:07 - 2020-01-03 22:07 - 000020392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\detoured.dll
2020-01-03 22:07 - 2020-01-03 22:07 - 000020392 _____ (Microsoft Corporation) C:\Windows\system32\detoured.dll

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-03 22:59 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-01-03 22:58 - 2019-11-09 23:18 - 000000000 ____D C:\Users\Administrator_1\AppData\Roaming\WhatsApp
2020-01-03 22:55 - 2019-11-13 17:43 - 000000000 ____D C:\Users\Administrator_1\AppData\Roaming\WTablet
2020-01-03 22:55 - 2019-11-08 20:27 - 000003132 _____ C:\Windows\system32\Tasks\AMDLinkUpdate
2020-01-03 22:55 - 2019-11-07 17:16 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2020-01-03 22:55 - 2019-11-07 17:09 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-01-03 22:54 - 2019-11-08 20:27 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2020-01-03 22:54 - 2019-03-19 05:37 - 000524288 _____ C:\Windows\system32\config\BBI
2020-01-03 22:40 - 2019-11-10 10:38 - 000000000 ____D C:\ProgramData\KMSAutoS
2020-01-03 22:37 - 2019-11-08 20:33 - 000000000 ____D C:\Users\Administrator_1\AppData\Local\cache
2020-01-03 22:37 - 2019-11-08 20:28 - 000000000 ____D C:\Users\Administrator_1\AppData\Local\D3DSCache
2020-01-03 22:37 - 2019-03-19 05:52 - 000000000 ___HD C:\Windows\ELAMBKUP
2020-01-03 22:24 - 2019-03-19 05:50 - 000000000 ____D C:\Windows\INF
2020-01-03 22:22 - 2019-11-25 18:14 - 000000000 ____D C:\Users\Administrator_1\AppData\LocalLow\uTorrent
2020-01-03 22:22 - 2019-11-10 09:00 - 000000000 ____D C:\Users\Administrator_1\AppData\Roaming\uTorrent
2020-01-03 22:10 - 2019-11-07 17:17 - 000000000 ____D C:\Users\Administrator_1\AppData\Local\Packages
2020-01-03 22:10 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\AppReadiness
2020-01-03 22:09 - 2019-11-08 20:29 - 000000000 ____D C:\Users\Administrator_1\AppData\Roaming\IObit
2020-01-03 22:08 - 2019-11-08 20:46 - 000002355 _____ C:\Users\Public\Desktop\Driver Booster 7.lnk
2020-01-03 22:08 - 2019-11-08 20:25 - 000000000 ____D C:\Program Files\AMD
2020-01-03 22:07 - 2019-11-04 16:29 - 003916504 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amfrt64.dll
2020-01-03 22:07 - 2019-11-04 16:29 - 003518168 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amfrt32.dll
2020-01-03 22:07 - 2019-11-04 16:29 - 001714384 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2020-01-03 22:07 - 2019-11-04 16:29 - 001243352 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2020-01-03 22:07 - 2019-11-04 16:29 - 000761560 _____ (AMD) C:\Windows\system32\atieclxx.exe
2020-01-03 22:07 - 2019-11-04 16:29 - 000574888 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Rapidfire64.dll
2020-01-03 22:07 - 2019-11-04 16:29 - 000493784 _____ C:\Windows\system32\dgtrayicon.exe
2020-01-03 22:07 - 2019-11-04 16:29 - 000485800 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\Rapidfire.dll
2020-01-03 22:07 - 2019-11-04 16:29 - 000481192 _____ C:\Windows\system32\GameManager64.dll
2020-01-03 22:07 - 2019-11-04 16:29 - 000469208 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2020-01-03 22:07 - 2019-11-04 16:29 - 000440536 _____ C:\Windows\system32\atieah64.exe
2020-01-03 22:07 - 2019-11-04 16:29 - 000382376 _____ C:\Windows\SysWOW64\GameManager32.dll
2020-01-03 22:07 - 2019-11-04 16:29 - 000352984 _____ C:\Windows\SysWOW64\atieah32.exe
2020-01-03 22:07 - 2019-11-04 16:29 - 000349400 _____ C:\Windows\system32\clinfo.exe
2020-01-03 22:07 - 2019-11-04 16:29 - 000242904 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2020-01-03 22:07 - 2019-11-04 16:29 - 000214744 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2020-01-03 22:07 - 2019-11-04 16:29 - 000184768 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2020-01-03 22:07 - 2019-11-04 16:29 - 000179376 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2020-01-03 22:07 - 2019-11-04 16:29 - 000163752 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2020-01-03 22:07 - 2019-11-04 16:29 - 000159448 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2020-01-03 22:07 - 2019-11-04 16:29 - 000158216 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2020-01-03 22:07 - 2019-11-04 16:29 - 000153504 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2020-01-03 22:07 - 2019-11-04 16:29 - 000139176 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2020-01-03 22:07 - 2019-11-04 16:29 - 000136408 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2020-01-03 22:07 - 2019-11-04 16:29 - 000135384 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2020-01-03 22:07 - 2019-11-04 16:29 - 000126168 _____ (AMD) C:\Windows\system32\atimuixx.dll
2020-01-03 22:07 - 2019-11-04 16:29 - 000124632 _____ C:\Windows\system32\atidxx64.dll
2020-01-03 22:07 - 2019-11-04 16:29 - 000107736 _____ C:\Windows\SysWOW64\atidxx32.dll
2020-01-03 22:07 - 2019-11-04 16:29 - 000070872 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ati2erec.dll
2020-01-03 22:07 - 2019-11-04 16:29 - 000047552 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\RapidFireServer64.dll
2020-01-03 22:07 - 2019-11-04 16:29 - 000044456 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\RapidFireServer.dll
2020-01-03 22:07 - 2019-11-04 16:28 - 059441064 _____ C:\Windows\system32\amdcomgr64.dll
2020-01-03 22:07 - 2019-11-04 16:28 - 049336744 _____ C:\Windows\SysWOW64\amdcomgr.dll
2020-01-03 22:07 - 2019-11-04 16:28 - 000941992 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr64.dll
2020-01-03 22:07 - 2019-11-04 16:28 - 000769448 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr32.dll
2020-01-03 22:07 - 2019-11-04 16:28 - 000554408 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmcl64.dll
2020-01-03 22:07 - 2019-11-04 16:28 - 000473512 _____ C:\Windows\system32\amdgfxinfo64.dll
2020-01-03 22:07 - 2019-11-04 16:28 - 000384424 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmcl32.dll
2020-01-03 22:07 - 2019-11-04 16:28 - 000382368 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2020-01-03 22:07 - 2019-11-04 16:28 - 000121560 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdxc64.dll
2020-01-03 22:07 - 2019-11-04 16:28 - 000106200 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdxc32.dll
2020-01-03 22:07 - 2019-11-04 12:28 - 000554696 _____ C:\Windows\system32\amdmiracast.dll
2020-01-03 22:07 - 2019-11-04 12:28 - 000135664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2020-01-03 22:07 - 2019-11-04 12:28 - 000128952 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2020-01-03 22:07 - 2019-11-04 12:28 - 000128736 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2020-01-03 22:07 - 2019-11-04 12:28 - 000120064 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2020-01-03 22:07 - 2019-11-04 12:28 - 000108560 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2020-01-03 22:07 - 2019-11-04 12:28 - 000108352 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2020-01-03 22:07 - 2019-11-01 21:12 - 003471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2020-01-03 22:07 - 2019-11-01 21:12 - 003437632 _____ C:\Windows\system32\atiumd6a.cap
2020-01-03 22:07 - 2019-11-01 21:09 - 000555880 _____ C:\Windows\SysWOW64\atiapfxx.blb
2020-01-03 22:07 - 2019-11-01 21:09 - 000555880 _____ C:\Windows\system32\atiapfxx.blb
2020-01-03 22:05 - 2019-11-08 20:46 - 000000000 ____D C:\ProgramData\ProductData
2020-01-03 22:03 - 2019-12-01 22:02 - 000000683 _____ C:\Users\Administrator_1\Desktop\blender.lnk
2020-01-03 22:02 - 2019-11-26 19:24 - 000001487 _____ C:\Users\Administrator_1\Desktop\Discord.lnk
2020-01-03 22:00 - 2019-11-11 13:17 - 000000000 ____D C:\Users\Administrator_1\AppData\Local\CrashDumps
2020-01-03 22:00 - 2019-11-10 09:25 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-01-03 21:19 - 2019-11-25 18:14 - 000000000 ____D C:\Users\Administrator_1\AppData\Local\BitTorrentHelper
2020-01-03 13:40 - 2019-11-10 10:47 - 000000000 ____D C:\Users\Administrator_1\Documents\The Witcher 3
2020-01-02 23:08 - 2019-11-07 17:09 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-12-28 17:40 - 2019-11-25 11:16 - 000000000 ____D C:\Users\Administrator_1\AppData\Roaming\vlc
2019-12-21 13:41 - 2019-11-10 10:03 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-12-19 21:44 - 2019-11-07 17:16 - 000000000 ____D C:\Users\Administrator_1
2019-12-19 20:36 - 2019-11-08 20:29 - 000000000 ____D C:\ProgramData\IObit
2019-12-18 09:35 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\LiveKernelReports
2019-12-18 09:10 - 2019-11-09 19:58 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-12-17 18:27 - 2019-11-07 17:28 - 000001510 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk
2019-12-17 18:27 - 2019-11-07 17:22 - 000000000 ____D C:\ProgramData\Package Cache
2019-12-17 18:27 - 2019-11-07 17:16 - 000000000 ____D C:\Program Files (x86)\Intel
2019-12-16 19:56 - 2019-11-09 23:18 - 000000000 ____D C:\Users\Administrator_1\AppData\Local\WhatsApp
2019-12-16 19:55 - 2019-11-09 23:18 - 000000000 ____D C:\Users\Administrator_1\AppData\Local\SquirrelTemp
2019-12-16 11:40 - 2019-11-08 20:25 - 000000000 ____D C:\Users\Administrator_1\AppData\Local\ElevatedDiagnostics
2019-12-14 20:41 - 2019-11-10 09:47 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-12-14 08:04 - 2019-11-09 19:58 - 000003420 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2019-12-14 08:04 - 2019-11-09 19:58 - 000003296 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore

==================== Files in the root of some directories ========

2019-11-10 10:10 - 2019-11-10 10:10 - 000000000 _____ () C:\Users\Administrator_1\AppData\Local\oobelibMkey.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-12-2019
Ran by Administrator_1 (03-01-2020 23:22:18)
Running from C:\Users\Administrator_1\Downloads
Windows 10 Pro Version 1903 18362.476 (X64) (2019-11-07 16:11:55)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3107723246-2406789225-4189533835-500 - Administrator - Disabled)
Administrator_1 (S-1-5-21-3107723246-2406789225-4189533835-1001 - Administrator - Enabled) => C:\Users\Administrator_1
DefaultAccount (S-1-5-21-3107723246-2406789225-4189533835-503 - Limited - Disabled)
Guest (S-1-5-21-3107723246-2406789225-4189533835-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3107723246-2406789225-4189533835-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
FW: ESET Firewall (Enabled) {B066057A-E576-007C-D591-56C163D3B33B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3107723246-2406789225-4189533835-1001\...\uTorrent) (Version: 3.5.5.45395 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Illustrator CC 2019 (HKLM-x32\...\ILST_23_0_1) (Version: 23.0.1 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.11.1 - Advanced Micro Devices, Inc.)
Blender (HKLM\...\{053A73FE-DBF8-4674-8EC0-63BD07615695}) (Version: 2.81.0 - Blender Foundation)
Branding64 (HKLM\...\{EE2AFCE4-0238-4DE0-A140-1647021627C1}) (Version: 1.00.0001 - Advanced Micro Devices, Inc.) Hidden
Combined Community Codec Pack 64bit 2015-10-18 (HKLM\...\Combined Community Codec Pack 64bit_is1) (Version: 2015.10.19.0 - CCCP Project)
Discord (HKU\S-1-5-21-3107723246-2406789225-4189533835-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
Driver Booster 7 (HKLM-x32\...\Driver Booster_is1) (Version: 7.1.0 - IObit)
ESET Security (HKLM\...\{6D46484B-0BE2-4060-9CD3-FA87ED960ED9}) (Version: 13.0.22.0 - ESET, spol. s r.o.)
Fliqlo Screen Saver (HKLM-x32\...\Fliqlo) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Intel Driver && Support Assistant (HKLM-x32\...\{3EAAD5EA-1D87-442D-8426-FD4FCE62119D}) (Version: 19.12.50.5 - Intel) Hidden
Intel(R) Computing Improvement Program (HKLM\...\{A9133872-C9FE-45CC-8F01-D1947B0F09EA}) (Version: 2.4.04755 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel® Driver & Support Assistant (HKLM-x32\...\{8d174f37-ea1a-4e4d-be82-c10521a3c687}) (Version: 19.12.50.5 - Intel)
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProPlusRetail - cs-cz) (Version: 16.0.12228.20364 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.12228.20364 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3107723246-2406789225-4189533835-1001\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8581 - Realtek Semiconductor Corp.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1495134320_is1) (Version: 2.0.0.51 - GOG.com)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.36-1 - Wacom Technology Corp.)
WhatsApp (HKU\S-1-5-21-3107723246-2406789225-4189533835-1001\...\WhatsApp) (Version: 0.3.9309 - WhatsApp)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)

Packages:
=========
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20368.0_x64__8wekyb3d8bbwe [2019-11-10] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-11-09] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-11-09] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x64__8wekyb3d8bbwe [2019-11-10] (Microsoft Corporation) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0 [2019-11-14] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3107723246-2406789225-4189533835-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (IDSA Production signing key -> Intel)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\DOWNLOADS\mbshlext.dll [2020-01-03] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2019-11-01] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2016-11-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\DOWNLOADS\mbshlext.dll [2020-01-03] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Administrator_1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) =============

2019-01-08 13:03 - 2019-01-08 13:03 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 003598336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2019-08-16 14:29 - 2019-08-16 14:29 - 001902080 _____ (SQLite Development Team) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 001441280 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2019-11-01 16:17 - 2019-11-01 16:17 - 005999104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 006413824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 001141760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 000339968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 004143104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 003840000 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 000332800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 000349184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 080959488 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 005622272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 000190464 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 002825216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2019-01-08 13:04 - 2019-01-08 13:04 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2019-01-08 13:04 - 2019-01-08 13:04 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2019-01-08 13:04 - 2019-01-08 13:04 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2019-01-08 13:04 - 2019-01-08 13:04 - 000330752 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-01-08 13:04 - 2019-01-08 13:04 - 000137216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2019-01-08 13:04 - 2019-01-08 13:04 - 000090112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-01-08 13:04 - 2019-01-08 13:04 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Administrator_1\Data aplikací:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Administrator_1\Data aplikací:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
AlternateDataStreams: C:\Users\Administrator_1\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Administrator_1\AppData\Roaming:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2019-11-10 09:13 - 000001027 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 activate.adobe.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3107723246-2406789225-4189533835-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Administrator_1\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{BEA8971F-4348-4097-A4E6-C2D374CE5453}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{2932C2DA-C11C-48FA-A594-53B7C07CD5EC}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{7D51C0D3-ED06-402D-A412-DFC5B7D7E380}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{44C8B0D6-2A80-438C-A095-764C06143960}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{69022073-09EA-425B-8A0F-D8DF03AA7F9F}] => (Allow) D:\GAMES\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{14E84FB4-5244-4B5C-A684-8575BF4E29F8}] => (Allow) D:\GAMES\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{B8015009-FBB5-48C0-B90B-9C6056A9F3C0}] => (Allow) D:\GAMES\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{9E79A587-E435-4730-9079-300612625853}] => (Allow) D:\GAMES\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{D3743C60-74CC-4627-AD9B-1CB3D10650B0}] => (Allow) C:\Users\Administrator_1\Downloads\utorrent_2.2.1_build_25302\utorrent_2.2.1_build_25302.exe No File
FirewallRules: [{F4097D76-C5FC-48D0-909E-9C89D140C87B}] => (Allow) C:\Users\Administrator_1\Downloads\utorrent_2.2.1_build_25302\utorrent_2.2.1_build_25302.exe No File
FirewallRules: [{DD165D38-A7F4-4DCB-9555-41A3AC6F5BA3}] => (Block) D:\Program Files (x86)\Adobe\Adobe Photoshop CC 2015\Photoshop.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
FirewallRules: [{2761FBDA-FE86-4E12-8336-A641CDCEF910}] => (Block) %ProgramFiles%\Adobe\Adobe Illustrator CC 2019\Support Files\Contents\Windows\Illustrator.exe No File
FirewallRules: [{6BA67EAE-72AD-4E4B-898C-7A8999856173}] => (Block) %ProgramFiles% (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe No File
FirewallRules: [{01D403B0-5DF0-4621-8385-61723F229EF6}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{465D28A6-6125-457E-BEB2-680B888AB3C7}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1374DA3B-5772-4999-852E-59B8253E5794}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EEF4C9ED-E51E-4FB7-9C00-B5DC55C18312}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6865B00A-50E9-41F8-86EE-120DAEE5C7EE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8FCD8688-125E-4E52-847C-67CD84B47113}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{23072AEE-349B-41F2-A711-AE266496D0CA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F92094B9-6D3F-4737-A1F3-42443C90D70C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{154F3B07-08B0-4D4E-9BEA-49B641B4C554}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8A04EB78-0ABF-40ED-803A-06AF470B0D48}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{26A7B0EA-BB29-4B4F-A51C-0D3A98730E1C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9F72930E-10F3-48E2-A359-95D47440F77B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{25173E95-F86D-497E-BA89-429159E9988D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4248D5DA-F1CA-442A-873E-E1F688A0A092}] => (Allow) D:\GAMES\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{6BF8CF45-90BC-4AF7-9594-108CB35FEEDD}] => (Allow) D:\GAMES\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{7CC0F04C-2F39-42F1-8DCB-58A865C35D93}] => (Allow) D:\GAMES\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (Bluehole, Inc. -> PUBG Corporation )
FirewallRules: [{EAFC5118-5D48-440F-A2AD-A9C401F478A9}] => (Allow) D:\GAMES\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (Bluehole, Inc. -> PUBG Corporation )
FirewallRules: [TCP Query User{99DAAFF6-6F32-4898-B546-D18117AE958A}D:\games\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\games\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (Bluehole, Inc. -> Bluehole GinnoGames, Inc.)
FirewallRules: [UDP Query User{D71F8322-F3AE-47DD-B873-0F2409AE8CC7}D:\games\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\games\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (Bluehole, Inc. -> Bluehole GinnoGames, Inc.)
FirewallRules: [{A5F7B18B-5056-452A-B9E8-3AD2BAD65E38}] => (Allow) C:\Users\Administrator_1\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{3C60ACFB-9B41-45F9-8570-930687CC95B1}] => (Allow) C:\Users\Administrator_1\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{1A9A8A13-309C-4070-AAEA-19D120BB4332}] => (Allow) D:\DOWNLOADS\Resolve.exe No File
FirewallRules: [{907E4839-A695-4C3C-9620-9C284049D2EC}] => (Allow) D:\DOWNLOADS\bmdpaneld.exe No File
FirewallRules: [{D733B642-DD0A-4222-AAD6-C463FFF6C7D6}] => (Allow) D:\DOWNLOADS\DaVinciPanelDaemon.exe No File
FirewallRules: [{A59BB4AB-9EF7-496F-9397-781459757DC2}] => (Allow) D:\DOWNLOADS\JLCooperPanelDaemon.exe No File
FirewallRules: [{DF041387-0E0F-4F9D-AEBD-ED6AF6DCFFB9}] => (Allow) D:\DOWNLOADS\EuphonixPanelDaemon.exe No File
FirewallRules: [{A56ED8D3-A812-49CD-BA73-EFC66FB4B5E7}] => (Allow) D:\DOWNLOADS\TangentPanelDaemon.exe No File
FirewallRules: [{C880C5E5-C1D5-47CB-B8F4-89B96D371F2F}] => (Allow) D:\DOWNLOADS\ElementsPanelDaemon.exe No File
FirewallRules: [{987816E5-C7D7-4B15-B4B1-7172396BDBD6}] => (Allow) D:\DOWNLOADS\OxygenPanelDaemon.exe No File
FirewallRules: [{81F928CC-9421-4A1F-BCDF-2938D6E84E00}] => (Allow) D:\DOWNLOADS\DPDecoder.exe No File
FirewallRules: [{9D9B080B-C4DF-4923-9BCA-5B97205EAAA9}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe No File
FirewallRules: [TCP Query User{FC4824E7-FCB9-4A3E-916E-5CB3EF07DF5B}D:\downloads\dpdecoder.exe] => (Allow) D:\downloads\dpdecoder.exe No File
FirewallRules: [UDP Query User{FC1E8E99-1539-46D5-AC2C-213009F35550}D:\downloads\dpdecoder.exe] => (Allow) D:\downloads\dpdecoder.exe No File
FirewallRules: [TCP Query User{B7198C97-9007-4573-B2D3-829819DC3EC5}D:\downloads\resolve.exe] => (Allow) D:\downloads\resolve.exe No File
FirewallRules: [UDP Query User{8E8C7AB8-F6C2-468F-B9E7-39622A7ED57F}D:\downloads\resolve.exe] => (Allow) D:\downloads\resolve.exe No File
FirewallRules: [TCP Query User{59D105B0-C157-41DB-A8E1-F8074258C5B6}D:\downloads\fuscript.exe] => (Allow) D:\downloads\fuscript.exe No File
FirewallRules: [UDP Query User{BCE593AB-1256-4A22-886F-900BD8E2BA94}D:\downloads\fuscript.exe] => (Allow) D:\downloads\fuscript.exe No File
FirewallRules: [TCP Query User{D8F1E589-A345-4EBC-B066-496E1AC20039}D:\downloads\davincipaneldaemon.exe] => (Allow) D:\downloads\davincipaneldaemon.exe No File
FirewallRules: [UDP Query User{AC835C89-EB4C-4028-8C2E-C4FF2003138A}D:\downloads\davincipaneldaemon.exe] => (Allow) D:\downloads\davincipaneldaemon.exe No File
FirewallRules: [{AE6A2CFE-C454-471B-A844-39B7E3AB2484}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

17-12-2019 18:27:17 Intel® Driver & Support Assistant
02-01-2020 19:14:10 Scheduled Checkpoint
03-01-2020 22:06:35 Driver Booster : Radeon RX 580 Series

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (01/03/2020 11:01:36 PM) (Source: MsiInstaller) (EventID: 11922) (User: DESKTOP-2LUJDH2)
Description: Product: ESET Security -- Chyba 1922. Službu 'ESET Service' (ekrn) nelze odstranit. Přesvědčte se, zda máte dostatečná oprávnění pro odstraňování systémových služeb.

Error: (01/03/2020 11:01:03 PM) (Source: MsiInstaller) (EventID: 11922) (User: DESKTOP-2LUJDH2)
Description: Product: ESET Security -- Chyba 1922. Službu 'ESET Service' (ekrn) nelze odstranit. Přesvědčte se, zda máte dostatečná oprávnění pro odstraňování systémových služeb.

Error: (01/03/2020 11:00:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RadeonSettings.exe, version: 10.1.2.1783, time stamp: 0x5dbc92d7
Faulting module name: igdrcl64.dll, version: 20.19.15.4531, time stamp: 0x57ed260c
Exception code: 0xc0000005
Fault offset: 0x000000000007a74a
Faulting process ID: 0x33c
Faulting application start time: 0x01d5c28080d650db
Faulting application path: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
Faulting module path: C:\Windows\SYSTEM32\igdrcl64.dll
Report ID: 4f97971e-0f9b-4932-bfa2-6737934fe34c
Faulting package full name:
Faulting package-relative application ID:

Error: (01/03/2020 10:57:00 PM) (Source: MsiInstaller) (EventID: 11922) (User: DESKTOP-2LUJDH2)
Description: Product: ESET Security -- Chyba 1922. Službu 'ESET Service' (ekrn) nelze odstranit. Přesvědčte se, zda máte dostatečná oprávnění pro odstraňování systémových služeb.

Error: (01/03/2020 10:56:27 PM) (Source: MsiInstaller) (EventID: 11922) (User: DESKTOP-2LUJDH2)
Description: Product: ESET Security -- Chyba 1922. Službu 'ESET Service' (ekrn) nelze odstranit. Přesvědčte se, zda máte dostatečná oprávnění pro odstraňování systémových služeb.

Error: (01/03/2020 10:51:02 PM) (Source: MsiInstaller) (EventID: 11922) (User: DESKTOP-2LUJDH2)
Description: Product: ESET Security -- Chyba 1922. Službu 'ESET Service' (ekrn) nelze odstranit. Přesvědčte se, zda máte dostatečná oprávnění pro odstraňování systémových služeb.

Error: (01/03/2020 10:50:29 PM) (Source: MsiInstaller) (EventID: 11922) (User: DESKTOP-2LUJDH2)
Description: Product: ESET Security -- Chyba 1922. Službu 'ESET Service' (ekrn) nelze odstranit. Přesvědčte se, zda máte dostatečná oprávnění pro odstraňování systémových služeb.

Error: (01/03/2020 10:47:59 PM) (Source: MsiInstaller) (EventID: 11922) (User: DESKTOP-2LUJDH2)
Description: Product: ESET Security -- Chyba 1922. Službu 'ESET Service' (ekrn) nelze odstranit. Přesvědčte se, zda máte dostatečná oprávnění pro odstraňování systémových služeb.


System errors:
=============
Error: (01/03/2020 11:21:13 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The wuauserv service terminated with the following error:
The system cannot find the file specified.

Error: (01/03/2020 11:21:13 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.

Error: (01/03/2020 11:19:13 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The wuauserv service terminated with the following error:
The system cannot find the file specified.

Error: (01/03/2020 11:19:13 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-2LUJDH2)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.

Error: (01/03/2020 11:17:13 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The wuauserv service terminated with the following error:
The system cannot find the file specified.

Error: (01/03/2020 11:17:13 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.

Error: (01/03/2020 11:15:13 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The wuauserv service terminated with the following error:
The system cannot find the file specified.

Error: (01/03/2020 11:15:13 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.


CodeIntegrity:
===================================

Date: 2020-01-03 23:22:19.922
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\DOWNLOADS\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-03 23:22:19.825
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\DOWNLOADS\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-03 23:20:26.489
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\DOWNLOADS\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-03 23:20:26.476
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\DOWNLOADS\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-03 23:20:26.319
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\DOWNLOADS\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-03 23:20:22.395
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\DOWNLOADS\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-03 23:20:22.171
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\DOWNLOADS\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-03 23:20:22.135
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\DOWNLOADS\mbae64.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. V1.13 02/16/2016
Motherboard: MSI Z97 GAMING 5 (MS-7917)
Processor: Intel(R) Core(TM) i5-4690K CPU @ 3.50GHz
Percentage of memory in use: 32%
Total physical RAM: 16332.79 MB
Available physical RAM: 11062.29 MB
Total Virtual: 18764.79 MB
Available Virtual: 9707.98 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:110.72 GB) (Free:60.33 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:562.46 GB) NTFS
Drive e: () (Fixed) (Total:232.76 GB) (Free:232.61 GB) NTFS

\\?\Volume{b7fb99b9-1100-4786-a3c1-2f347de891e9}\ () (Fixed) (Total:0.44 GB) (Free:0.43 GB) NTFS
\\?\Volume{894b344b-121f-4822-bdf1-053ff1a2fc9c}\ () (Fixed) (Total:0.52 GB) (Free:0.1 GB) NTFS
\\?\Volume{75a7b41f-1f87-47b3-b471-fc809ab2b65b}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 111.8 GB) (Disk ID: 95C73D49)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: B7B85CBD)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (Protective MBR) (Size: 232.9 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

Re: Zmizel Antivirus, nelze znovu naisntalovat.

Napsal: 04 led 2020 01:25
od Conder
Ahoj :)

:arrow: Odporucam nepouzivat a odinstalovat vsetky programy od IObit (napr. Driver Booster, Advanced SystemCare, Uninstaller, atd.) - su to cinske smejdy, ktore mozu poskodit system.

:arrow: Poprosim aj o log zo skenu Malwarebytes - mal by sa nachadzat v Malwarebytes v casti Zpravy.

:arrow: Urob v Malwarebytes uplny sken
  • Otvor Malwarebytes a vlavo klikni na "Skenovat"
  • Klikni na "Vlastne skenovanie" a potom na "Nakonfigurovat skenovanie" (Nastavit sken)
  • Vpravo oznac vsetky disky v PC a vlavo oznac moznost "Vyhladavat rootkity"
  • Klikni na Skenovat teraz a pockaj na dokoncenie
  • Po dokonceni klikni na Exportovat zhrnutie -> Skopirovat do schranky
  • Skopirovany log vloz do dalsej odpovede
  • Obrazkovy navod (bohuzial pre starsiu verziu): https://forum.viry.cz/viewtopic.php?f=29&t=144868

Re: Zmizel Antivirus, nelze znovu naisntalovat.

Napsal: 04 led 2020 11:55
od zuznay
Malwarebytes:
první scan
Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 03/01/2020
Scan Time: 22:38
Log File: 5ffc9a00-2e71-11ea-b2b2-448a5b9f760a.json

-Software Information-
Version: 4.0.4.49
Components Version: 1.0.785
Update Package Version: 1.0.17189
Licence: Trial

-System Information-
OS: Windows 10 (Build 18362.476)
CPU: x64
File System: NTFS
User: DESKTOP-2LUJDH2\Administrator_1

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 279186
Threats Detected: 35
Threats Quarantined: 0
Time Elapsed: 0 min, 58 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 18
Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Microsoft\Windows\WDI\SrvHost, No Action By User, 476, 735769, , , ,
Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{C58D5B55-C3B0-4588-9BDE-C47876492A1E}, No Action By User, 476, 735769, , , ,
Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{C58D5B55-C3B0-4588-9BDE-C47876492A1E}, No Action By User, 476, 735769, , , ,
Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Microsoft\Windows\Application Experience\STARTUPCHECKLIBRARY, No Action By User, 476, 735770, , , ,
Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{3AB195D6-1846-4713-AD92-FE562BB56D0B}, No Action By User, 476, 735770, , , ,
Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{3AB195D6-1846-4713-AD92-FE562BB56D0B}, No Action By User, 476, 735770, , , ,
Generic.Malware/Suspicious, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\KMSAutoNet, No Action By User, 0, 392686, , , ,
Generic.Malware/Suspicious, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{55A0CF52-0245-4E57-AF71-D3C861378435}, No Action By User, 0, 392686, , , ,
Generic.Malware/Suspicious, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{55A0CF52-0245-4E57-AF71-D3C861378435}, No Action By User, 0, 392686, , , ,
Trojan.BitCoinMiner, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Microsoft\Windows\Wininet\Winlogui, No Action By User, 598, 767023, , , ,
Trojan.BitCoinMiner, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{91CD0CF9-380E-4DA9-A1C2-E2DF9BF423BB}, No Action By User, 598, 767023, , , ,
Trojan.BitCoinMiner, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{91CD0CF9-380E-4DA9-A1C2-E2DF9BF423BB}, No Action By User, 598, 767023, , , ,
Trojan.BitCoinMiner, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Microsoft\Windows\Windows Error Reporting\winrmsrv, No Action By User, 598, 767022, , , ,
Trojan.BitCoinMiner, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{C1DB4ED8-337C-43F8-99B0-5608D6261287}, No Action By User, 598, 767022, , , ,
Trojan.BitCoinMiner, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{C1DB4ED8-337C-43F8-99B0-5608D6261287}, No Action By User, 598, 767022, , , ,
Trojan.FakeMS.TskLnk, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Application Experience\StartupCheckLibrary, No Action By User, 4097, -1, 0.0.0, , action,
Trojan.FakeMS.TskLnk, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3AB195D6-1846-4713-AD92-FE562BB56D0B}, No Action By User, 4097, -1, 0.0.0, , action,
Trojan.FakeMS.TskLnk, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3AB195D6-1846-4713-AD92-FE562BB56D0B}, No Action By User, 4097, -1, 0.0.0, , action,

Registry Value: 0
(No malicious items detected)

Registry Data: 3
PUM.Optional.DisabledSecurityCenter, HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER|ANTIVIRUSDISABLENOTIFY, No Action By User, 13422, 293294, 1.0.17189, , ame,
PUM.Optional.DisabledSecurityCenter, HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER|FIREWALLDISABLENOTIFY, No Action By User, 13422, 293295, 1.0.17189, , ame,
PUM.Optional.DisabledSecurityCenter, HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER|UPDATESDISABLENOTIFY, No Action By User, 13422, 293296, 1.0.17189, , ame,

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 14
Trojan.Agent, C:\WINDOWS\SYSTEM32\TASKS\MICROSOFT\WINDOWS\WDI\SRVHOST, No Action By User, 476, 735769, 1.0.17189, , ame,
Backdoor.Agent, C:\WINDOWS\SYSTEM32\WINSCOMRSSRV.DLL, No Action By User, 3586, 653659, 1.0.17189, , ame,
Trojan.Agent, C:\WINDOWS\SYSTEM32\TASKS\MICROSOFT\WINDOWS\APPLICATION EXPERIENCE\STARTUPCHECKLIBRARY, No Action By User, 476, 735770, 1.0.17189, , ame,
Generic.Malware/Suspicious, C:\WINDOWS\SYSTEM32\TASKS\KMSAutoNet, No Action By User, 0, 392686, , , ,
Generic.Malware/Suspicious, C:\PROGRAMDATA\KMSAUTOS\KMSAUTO NET.EXE, No Action By User, 0, 392686, 1.0.17189, , shuriken,
Generic.Malware/Suspicious, C:\PROGRAMDATA\KMSAUTOS\BIN\KMSSS.EXE, No Action By User, 0, 392686, 1.0.17189, , shuriken,
Trojan.BitCoinMiner, C:\WINDOWS\SYSTEM32\TASKS\Microsoft\Windows\Wininet\Winlogui, No Action By User, 598, 767023, , , ,
Trojan.BitCoinMiner, C:\WINDOWS\SYSTEM32\WINLOGUI.EXE, No Action By User, 598, 767023, 1.0.17189, , ame,
Trojan.FakeMS.TskLnk, C:\WINDOWS\SYSTEM32\STARTUPCHECKLIBRARY.DLL, No Action By User, 4097, 676770, 1.0.17189, , ame,
Trojan.BitCoinMiner, C:\WINDOWS\SYSTEM32\TASKS\Microsoft\Windows\Windows Error Reporting\winrmsrv, No Action By User, 598, 767022, , , ,
Trojan.BitCoinMiner, C:\WINDOWS\SYSTEM32\WINRMSRV.EXE, No Action By User, 598, 767022, 1.0.17189, , ame,
Trojan.FakeMS.TskLnk, C:\WINDOWS\SYSTEM32\TASKS\Microsoft\Windows\Application Experience\StartupCheckLibrary, No Action By User, 4097, -1, 0.0.0, , action,
HackTool.AutoKMS, C:\PROGRAMDATA\KMSAUTOS\BIN\TUNMIRROR.EXE, No Action By User, 7711, 765435, 1.0.17189, , ame,
HackTool.AutoKMS, C:\PROGRAMDATA\KMSAUTOS\BIN\TUNMIRROR2.EXE, No Action By User, 7711, 765096, 1.0.17189, , ame,

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)

druhý full scan:
Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 04/01/2020
Scan Time: 09:15
Log File: 6a4fa58e-2eca-11ea-803a-448a5b9f760a.json

-Software Information-
Version: 4.0.4.49
Components Version: 1.0.785
Update Package Version: 1.0.17219
Licence: Trial

-System Information-
OS: Windows 10 (Build 18362.476)
CPU: x64
File System: NTFS
User: DESKTOP-2LUJDH2\Administrator_1

-Scan Summary-
Scan Type: Custom Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 510592
Threats Detected: 2
Threats Quarantined: 2
Time Elapsed: 2 hr, 32 min, 36 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 2
Generic.Malware/Suspicious, D:\DOWNLOADS\THE.OUTER.WORLDS.UPDATE.V1.1.1.0-CODEX\UPDATE\SETUP.EXE, Quarantined, 0, 392686, 1.0.17219, , shuriken,
Generic.Malware/Suspicious, D:\DOWNLOADS\THE.OUTER.WORLDS.UPDATE.V1.2.0.418-CODEX\UPDATE\SETUP.EXE, Quarantined, 0, 392686, 1.0.17219, , shuriken,

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)

Re: Zmizel Antivirus, nelze znovu naisntalovat.

Napsal: 04 led 2020 12:14
od zuznay
Ještě jsem si všimla, že na D v některých složkách vyžaduje smazání souborů povolení administrátora, i když jsem administrátor...

Re: Zmizel Antivirus, nelze znovu naisntalovat.

Napsal: 04 led 2020 23:31
od Conder
:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
  • Nechaj zaskrtnute vsetky nalezy
  • Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah sem skopiruj

Re: Zmizel Antivirus, nelze znovu naisntalovat.

Napsal: 05 led 2020 11:08
od zuznay
# -------------------------------
# Malwarebytes AdwCleaner 8.0.1.0
# -------------------------------
# Build: 12-17-2019
# Database: 2020-01-02.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-05-2020
# Duration: 00:00:01
# OS: Windows 10 Pro
# Cleaned: 12
# Failed: 1


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\IOBIT\Driver Booster
Deleted C:\ProgramData\IOBIT\Driver Booster
Deleted C:\ProgramData\IObit\Advanced SystemCare
Deleted C:\Users\Administrator_1\AppData\Roaming\IOBIT\Driver Booster
Deleted C:\Users\Administrator_1\AppData\Roaming\IObit\Advanced SystemCare

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\driver-booster-free.en.softonic.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\en.softonic.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\softonic.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\en.softonic.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\softonic.com
Deleted HKLM\Software\Wow6432Node\IObit\Driver Booster
Not Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\driver-booster-free.en.softonic.com

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted Softonic EN

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [4184 octets] - [03/01/2020 22:35:42]
AdwCleaner[S01].txt - [4245 octets] - [03/01/2020 22:36:24]
AdwCleaner[S02].txt - [3303 octets] - [05/01/2020 11:06:58]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########

Re: Zmizel Antivirus, nelze znovu naisntalovat.

Napsal: 06 led 2020 23:07
od Conder
Poprosim o obidva nove logy z FRST.

Re: Zmizel Antivirus, nelze znovu nainstalovat.

Napsal: 07 led 2020 12:49
od zuznay
Je toho hodně tak to musím rozkouskovat.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-12-2019
Ran by Administrator_1 (administrator) on DESKTOP-2LUJDH2 (MSI MS-7917) (07-01-2020 10:22:23)
Running from C:\Users\Administrator_1\Downloads
Loaded Profiles: Administrator_1 (Available Profiles: Administrator_1)
Platform: Windows 10 Pro Version 1903 18362.476 (X64) Language: Czech (Czech Republic)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0348909.inf_amd64_f9f8b711ad4efca4\B349181\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0348909.inf_amd64_f9f8b711ad4efca4\B349181\atiesrxx.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(Malwarebytes Inc -> Malwarebytes) D:\DOWNLOADS\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) D:\DOWNLOADS\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11911.1001.9.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9269352 2019-11-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [egui] => "C:\Program Files\ESET\ESET Security\ecmds.exe" /run /hide /proxy
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [139624 2019-12-13] (IDSA Production signing key -> Intel)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3107723246-2406789225-4189533835-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Fliqlo.scr [679936 2019-11-09] (ScreenTime Media) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.88\Installer\chrmstp.exe [2019-12-18] (Google LLC -> Google LLC)
IFEO\osppsvc.exe: [Debugger] rundll32.exe KMS.dll,PatcherMain

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {07CB590E-CD05-4835-ACF3-591200A170AF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4321688 2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {0E3F9677-BF67-4052-95B8-3C62ADBA4454} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61112 2019-11-01] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {13DD415D-6E3D-4BFA-B2A7-F5D841DDF67C} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1373592 2019-12-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {16A14A8B-0197-4E01-B60E-86103D6A44DC} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {1E73895A-FB68-40BB-A730-FED88E7F1BD6} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [68280 2019-11-01] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {31CBAABB-2721-4559-91D9-94AF4401C8AE} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {31D0587D-327B-4B03-BC0C-50FB4B4B68B6} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24671608 2019-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {347C2F30-3C24-44FA-B2F9-8A7A363F3164} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [468992 2019-11-01] (Advanced Micro Devices, Inc.) [File not signed]
Task: {37687884-540B-42C9-9B56-8B90292EDAE1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-09] (Google Inc -> Google LLC)
Task: {40CEF2F5-CD59-4629-8A67-EB5C4A283858} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [112984 2019-12-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {48138990-D717-469D-8783-496965DD0857} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24671608 2019-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {5A5257C0-C782-45D9-828F-D0BFEFE22F18} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [468992 2019-11-01] (Advanced Micro Devices, Inc.) [File not signed]
Task: {7CF9CDBC-86D4-4907-9046-CFE15918D5A5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-09] (Google Inc -> Google LLC)
Task: {84055921-48BC-467F-9C0C-0CB414A4F5E1} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18744 2019-04-15] (Intel(R) Software Development Products -> Intel Corporation)
Task: {89DBEEE9-94C9-4811-8368-91568E2F54EA} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18744 2019-04-15] (Intel(R) Software Development Products -> Intel Corporation)
Task: {AA68B619-496C-4EB2-A137-09203EA94F83} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {B198ABD8-F3B4-4422-870D-604D431B6F9A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4321688 2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {BFDB1C6A-1B28-4F19-BF81-103B93232941} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {C6DB01B5-65FB-48CB-B0BA-32759210ED5E} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [112984 2019-12-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {CD1549DA-5757-4160-BCEE-459DF8F0B018} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1373592 2019-12-14] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{c184bee4-9402-4a2d-b9c5-d518643f0599}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
URLSearchHook: [S-1-5-21-3107723246-2406789225-4189533835-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01072020101956492] ATTENTION => Default URLSearchHook is missing
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: wr3vedgt.default
FF ProfilePath: C:\Users\Administrator_1\AppData\Roaming\Mozilla\Firefox\Profiles\wr3vedgt.default [2020-01-04]
FF ProfilePath: C:\Users\Administrator_1\AppData\Roaming\Mozilla\Firefox\Profiles\hqsgobq9.default-release [2020-01-04]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultSearchURL: Default -> hxxps://photos.google.com/u/1/albums
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Administrator_1\AppData\Local\Google\Chrome\User Data\Default [2020-01-07]
CHR Extension: (Prezentace) - C:\Users\Administrator_1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-11-09]
CHR Extension: (Dokumenty) - C:\Users\Administrator_1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-11-09]
CHR Extension: (Disk Google) - C:\Users\Administrator_1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-11-09]
CHR Extension: (YouTube) - C:\Users\Administrator_1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-11-09]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Administrator_1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-11-09]
CHR Extension: (Notifier for Gmail™) - C:\Users\Administrator_1\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcjichoefijpinlfnjghokpkojhlhkgl [2019-11-09]
CHR Extension: (Tabulky) - C:\Users\Administrator_1\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-11-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\Administrator_1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-11-10]
CHR Extension: (Blue/Green Cubes) - C:\Users\Administrator_1\AppData\Local\Google\Chrome\User Data\Default\Extensions\iipbjjaibkibpabddphfcgbngfhhfkml [2019-11-09]
CHR Extension: (Grammarly for Chrome) - C:\Users\Administrator_1\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2019-12-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Administrator_1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-09]
CHR Extension: (Gmail) - C:\Users\Administrator_1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-11-09]
CHR Extension: (Chrome Media Router) - C:\Users\Administrator_1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-17]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AMD External Events Utility; C:\Windows\System32\DriverStore\FileRepository\c0348909.inf_amd64_f9f8b711ad4efca4\B349181\atiesrxx.exe [509144 2020-01-03] (Advanced Micro Devices, Inc. -> AMD)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8402648 2019-11-21] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11345992 2019-11-28] (Microsoft Corporation -> Microsoft Corporation)
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [38248 2019-12-13] (IDSA Production signing key -> Intel)
R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [145768 2019-12-13] (IDSA Production signing key -> Intel)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [777856 2019-11-21] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [877368 2019-08-16] (Intel(R) Software Development Products -> )
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373744 2016-11-01] (Intel(R) pGFX -> Intel Corporation)
S3 Intel(R) SUR QC SAM; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18744 2019-04-15] (Intel(R) Software Development Products -> Intel Corporation)
R2 MBAMService; D:\DOWNLOADS\MBAMService.exe [6960640 2020-01-03] (Malwarebytes Inc -> Malwarebytes)
R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe [204088 2019-08-16] (Intel(R) Software Development Products -> )
S3 uncheater_bgl; C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe [2097008 2019-11-12] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [877368 2019-08-16] (Intel(R) Software Development Products -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\NisSrv.exe [3201616 2019-11-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [2123088 2019-12-12] (Wacom Technology Corporation -> Wacom Technology, Corp.)
S3 wuauserv; C:\Windows\system32\svchost.exe [53744 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 wuauserv; C:\Windows\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S2 ekrn; "C:\Program Files\ESET\ESET Security\ekrn.exe" [X]
S3 ekrnEpfw; "C:\Program Files\ESET\ESET Security\ekrn.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdkmdag; C:\Windows\System32\DriverStore\FileRepository\c0348909.inf_amd64_f9f8b711ad4efca4\B349181\atikmdag.sys [60671704 2020-01-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DriverStore\FileRepository\c0348909.inf_amd64_f9f8b711ad4efca4\B349181\atikmpag.sys [598232 2020-01-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [103456 2019-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [108152 2019-07-24] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 e2xw10x64; C:\Windows\System32\drivers\e2xw10x64.sys [145920 2019-03-19] (Microsoft Windows -> Qualcomm Atheros, Inc.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [149944 2019-10-03] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [103264 2019-10-03] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15800 2019-09-30] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [189512 2019-10-03] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [50712 2019-10-03] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [77184 2019-10-03] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [114136 2019-10-03] (ESET, spol. s r.o. -> ESET)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153312 2020-01-03] (Malwarebytes Corporation -> Malwarebytes)
R3 ETDSMBus; C:\Windows\system32\DRIVERS\ETDSMBus.sys [33328 2019-11-15] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2019-11-08] (Martin Malik - REALiX -> REALiX(tm))
R3 KillerEth; C:\Windows\System32\drivers\e2xw10x64.sys [145920 2019-03-19] (Microsoft Windows -> Qualcomm Atheros, Inc.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [216544 2020-01-03] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [20936 2020-01-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [224408 2020-01-07] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73584 2020-01-07] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [278344 2020-01-07] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [116832 2020-01-07] (Malwarebytes Corporation -> Malwarebytes)
S3 ptun0901; C:\Windows\System32\drivers\ptun0901.sys [27136 2014-08-08] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [41816 2019-08-16] (Intel Corporation -> )
S3 WacHidRouterPro; C:\Windows\System32\drivers\wachidrouter.sys [134096 2019-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Wacom Technology, Corp.)
S3 wacomrouterfilter; C:\Windows\System32\drivers\wacomrouterfilter.sys [35256 2019-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Wacom Technology, Corp.)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [46472 2019-11-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [351968 2019-11-08] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [53984 2019-11-08] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\Windows\xhunter1.sys [74552 2019-11-16] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Three months (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-07 10:18 - 2020-01-07 10:18 - 000278344 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2020-01-07 10:18 - 2020-01-07 10:18 - 000224408 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2020-01-07 10:18 - 2020-01-07 10:18 - 000116832 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2020-01-07 10:18 - 2020-01-07 10:18 - 000073584 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2020-01-05 11:11 - 2020-01-05 11:11 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom Tablet
2020-01-05 11:09 - 2020-01-05 11:09 - 000003251 _____ C:\Users\Administrator_1\Desktop\AdwCleaner[C02].txt
2020-01-05 11:04 - 2020-01-05 11:04 - 008237744 _____ (Malwarebytes) C:\Users\Administrator_1\Downloads\adwcleaner_8.0.1.exe
2020-01-04 14:27 - 2020-01-04 14:27 - 000000000 ____D C:\Users\Administrator_1\AppData\Local\Meltytech
2020-01-04 11:55 - 2020-01-04 11:55 - 000001512 _____ C:\Users\Administrator_1\Desktop\text 2.txt
2020-01-04 09:54 - 2020-01-04 09:58 - 000000000 ____D C:\Users\Administrator_1\AppData\LocalLow\Mozilla
2020-01-04 09:54 - 2020-01-04 09:54 - 000000000 ____D C:\Users\Administrator_1\AppData\Roaming\Mozilla
2020-01-04 09:54 - 2020-01-04 09:54 - 000000000 ____D C:\Users\Administrator_1\AppData\Local\Mozilla
2020-01-04 09:54 - 2020-01-04 09:54 - 000000000 ____D C:\ProgramData\Mozilla
2020-01-03 23:37 - 2020-01-03 23:37 - 000000785 _____ C:\Users\Administrator_1\Desktop\Shotcut.lnk
2020-01-03 23:36 - 2020-01-03 23:36 - 000000785 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shotcut.lnk
2020-01-03 23:28 - 2020-01-03 23:28 - 000006549 _____ C:\Users\Administrator_1\Desktop\text files.txt
2020-01-03 23:22 - 2020-01-03 23:22 - 000035422 _____ C:\Users\Administrator_1\Downloads\Addition.txt
2020-01-03 23:21 - 2020-01-07 10:22 - 000025882 _____ C:\Users\Administrator_1\Downloads\FRST.txt
2020-01-03 23:20 - 2020-01-07 10:22 - 000000000 ____D C:\FRST
2020-01-03 23:20 - 2020-01-03 23:20 - 002272256 _____ (Farbar) C:\Users\Administrator_1\Downloads\FRST64.exe
2020-01-03 22:58 - 2020-01-03 22:58 - 005504960 _____ (ESET) C:\Users\Administrator_1\Downloads\eset_internet_security_live_installer.exe
2020-01-03 22:37 - 2020-01-03 22:37 - 000216544 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2020-01-03 22:37 - 2020-01-03 22:37 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-01-03 22:37 - 2020-01-03 22:37 - 000020936 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2020-01-03 22:37 - 2020-01-03 22:37 - 000000614 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-01-03 22:37 - 2020-01-03 22:37 - 000000000 ____D C:\Users\Administrator_1\AppData\Local\mbamtray
2020-01-03 22:37 - 2020-01-03 22:37 - 000000000 ____D C:\Users\Administrator_1\AppData\Local\mbam
2020-01-03 22:37 - 2020-01-03 22:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2020-01-03 22:37 - 2020-01-03 22:37 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-01-03 22:34 - 2020-01-05 11:07 - 000000000 ____D C:\AdwCleaner
2020-01-03 22:24 - 2020-01-03 22:24 - 000000000 ____D C:\Windows\system32\appmgmt
2020-01-03 22:17 - 2020-01-03 22:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blackmagic Design
2020-01-03 22:08 - 2020-01-03 22:08 - 000000000 ____D C:\Windows\LastGood.Tmp
2020-01-03 22:08 - 2020-01-03 22:08 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies
2020-01-03 22:07 - 2020-01-03 22:07 - 001593048 _____ (AMD) C:\Windows\system32\coinst_19.30.dll
2020-01-03 22:07 - 2020-01-03 22:07 - 001243352 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2020-01-03 22:07 - 2020-01-03 22:07 - 001073336 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2020-01-03 22:07 - 2020-01-03 22:07 - 001073336 _____ C:\Windows\system32\vulkan-1.dll
2020-01-03 22:07 - 2020-01-03 22:07 - 000930112 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2020-01-03 22:07 - 2020-01-03 22:07 - 000930112 _____ C:\Windows\SysWOW64\vulkan-1.dll
2020-01-03 22:07 - 2020-01-03 22:07 - 000852392 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2020-01-03 22:07 - 2020-01-03 22:07 - 000852392 _____ C:\Windows\system32\vulkaninfo.exe
2020-01-03 22:07 - 2020-01-03 22:07 - 000710056 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-01-03 22:07 - 2020-01-03 22:07 - 000710056 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2020-01-03 22:07 - 2020-01-03 22:07 - 000122072 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2020-01-03 22:07 - 2020-01-03 22:07 - 000020392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\detoured.dll
2020-01-03 22:07 - 2020-01-03 22:07 - 000020392 _____ (Microsoft Corporation) C:\Windows\system32\detoured.dll
2019-12-01 22:02 - 2020-01-03 22:03 - 000000683 _____ C:\Users\Administrator_1\Desktop\blender.lnk
2019-12-01 22:02 - 2019-12-01 22:02 - 000000000 ____D C:\Users\Administrator_1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blender
2019-12-01 21:58 - 2019-12-01 21:58 - 000001043 _____ C:\Users\Administrator_1\Desktop\ALENKA V ŘÍŠI CHAOSU - Shortcut.lnk
2019-11-26 19:24 - 2020-01-03 22:02 - 000001487 _____ C:\Users\Administrator_1\Desktop\Discord.lnk
2019-11-26 19:24 - 2019-11-27 09:29 - 000000000 ____D C:\Users\Administrator_1\AppData\Roaming\Discord
2019-11-26 19:24 - 2019-11-26 19:24 - 000000000 ____D C:\Users\Administrator_1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2019-11-26 19:24 - 2019-11-26 19:24 - 000000000 ____D C:\Users\Administrator_1\AppData\Local\Discord
2019-11-26 18:44 - 2019-11-26 18:44 - 000000000 ____D C:\Users\Public\Documents\Blackmagic Design
2019-11-26 18:44 - 2019-11-26 18:44 - 000000000 ____D C:\Users\Administrator_1\Documents\Blackmagic Design
2019-11-26 18:43 - 2019-11-26 18:43 - 000000000 ____D C:\Users\Administrator_1\AppData\Roaming\Blackmagic Design
2019-11-26 10:38 - 2019-11-14 19:33 - 000024512 _____ C:\Windows\system32\7B296FC0-376B-497d-B013-58F4D9633A22-5P-1.B5841A4C-A289-439d-8115-50AB69CD450
2019-11-25 18:14 - 2020-01-03 22:22 - 000000000 ____D C:\Users\Administrator_1\AppData\LocalLow\uTorrent
2019-11-25 18:14 - 2020-01-03 21:19 - 000000000 ____D C:\Users\Administrator_1\AppData\Local\BitTorrentHelper
2019-11-25 18:13 - 2019-11-25 18:19 - 000001010 _____ C:\Users\Administrator_1\Desktop\µTorrent.lnk
2019-11-25 11:16 - 2020-01-04 14:57 - 000000000 ____D C:\Users\Administrator_1\AppData\Roaming\vlc
2019-11-22 19:28 - 2019-11-22 19:28 - 000000000 ____D C:\Users\Administrator_1\AppData\Local\TslGame
2019-11-22 19:28 - 2019-11-22 19:28 - 000000000 ____D C:\Users\Administrator_1\AppData\Local\NVIDIA Corporation
2019-11-22 19:27 - 2019-11-22 19:27 - 000000000 ____D C:\Users\Administrator_1\AppData\Local\BattlEye
2019-11-22 19:19 - 2019-11-22 19:19 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat
2019-11-22 08:43 - 2019-11-26 10:38 - 000000024 _____ C:\Windows\system32\WinUpdates105.dat
2019-11-22 08:43 - 2019-11-26 10:38 - 000000003 _____ C:\Windows\system32\wdbcache.tmp
2019-11-21 20:34 - 2019-11-21 20:34 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2019-11-21 11:54 - 2019-11-21 11:57 - 000000000 ____D C:\ProgramData\tmp
2019-11-21 11:54 - 2019-11-21 11:57 - 000000000 ____D C:\ProgramData\hps
2019-11-15 09:11 - 2019-11-15 09:11 - 000033328 _____ (ELAN Microelectronic Corp.) C:\Windows\system32\Drivers\ETDSMBus.sys
2019-11-15 09:11 - 2019-11-15 09:11 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ETDSMBus_01011.Wdf
2019-11-15 09:11 - 2019-11-15 09:11 - 000000000 ____D C:\Program Files\Elantech
2019-11-14 19:33 - 2019-11-14 19:33 - 000024512 _____ C:\Windows\system32\7B296FC0-376B-497d-B013-58F4D9633A22-5P-1.B5841A4C-A289-439d-8115-50AB69CD450B
2019-11-14 19:33 - 2019-11-14 19:33 - 000000000 _____ C:\Windows\system32\setup4.2.6.tmp
2019-11-14 18:42 - 2019-11-27 18:12 - 000000000 ___RD C:\Users\Administrator_1\Documents\Scanned Documents
2019-11-14 18:42 - 2019-11-14 18:42 - 000000000 ____D C:\Users\Administrator_1\Documents\Fax
2019-11-13 21:45 - 2019-01-19 20:42 - 010638132 _____ C:\Users\Administrator_1\Downloads\RODEO-BRUSH-CC-TheVectorLab.ai
2019-11-13 21:30 - 2015-05-21 11:12 - 000000000 ____D C:\Users\Administrator_1\Downloads\__MACOSX
2019-11-13 21:30 - 2015-05-21 11:11 - 000000000 ____D C:\Users\Administrator_1\Downloads\Stipple-Shading-Illustrator-Brushes
2019-11-13 21:24 - 2019-11-13 21:24 - 000000000 ____D C:\Users\Administrator_1\AppData\Roaming\WPersistent
2019-11-13 17:44 - 2019-11-13 17:44 - 000000000 ____D C:\Users\Administrator_1\.android
2019-11-13 17:43 - 2020-01-07 10:18 - 000000000 ____D C:\Users\Administrator_1\AppData\Roaming\WTablet
2019-11-13 17:42 - 2020-01-05 11:11 - 000000000 ____D C:\Program Files\Tablet
2019-11-13 17:42 - 2019-12-12 22:26 - 002481488 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wacom_Tablet.dll
2019-11-13 17:42 - 2019-12-12 22:26 - 002474320 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wacom_Touch_Tablet.dll
2019-11-13 17:42 - 2019-12-12 22:26 - 002333520 _____ (Wacom Technology, Corp.) C:\Windows\system32\WacomMT.dll
2019-11-13 17:42 - 2019-12-12 22:26 - 002298704 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wintab32.dll
2019-11-13 17:42 - 2019-12-12 22:26 - 002020176 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wacom_Tablet.dll
2019-11-13 17:42 - 2019-12-12 22:26 - 002013008 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wacom_Touch_Tablet.dll
2019-11-13 17:42 - 2019-12-12 22:26 - 001866064 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\WacomMT.dll
2019-11-13 17:42 - 2019-12-12 22:26 - 001834320 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wintab32.dll
2019-11-13 17:42 - 2019-12-12 22:26 - 001822008 _____ (Microsoft Corporation) C:\Windows\system32\wdfcoinstaller01011.dll
2019-11-13 17:42 - 2019-12-12 22:26 - 000134096 _____ (Wacom Technology, Corp.) C:\Windows\system32\Drivers\wachidrouter.sys
2019-11-13 17:42 - 2019-12-12 22:26 - 000035256 _____ (Wacom Technology, Corp.) C:\Windows\system32\Drivers\wacomrouterfilter.sys
2019-11-13 17:42 - 2019-08-01 23:07 - 001721576 _____ (Microsoft Corporation) C:\Windows\system32\wdfcoinstaller01009.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 025901056 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 025444352 _____ (Microsoft Corporation) C:\Windows\system32\Hydrogen.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 022627840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 019849216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 018020352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 017787904 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 014816256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 009928208 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 009711616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 008011264 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 007904152 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 007849424 _____ (Microsoft Corporation) C:\Windows\system32\OneCoreUAPCommonProxyStub.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 007754240 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 007600448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 007278592 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 007262456 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 007195648 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 007015936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 006521768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 006435840 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 006232576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 006227104 _____ (Microsoft Corporation) C:\Windows\system32\StartTileData.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 006166016 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 006082808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 005943296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 005914112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 005890048 _____ (Microsoft Corporation) C:\Windows\system32\Windows.AI.MachineLearning.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 005763848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 005501952 _____ (Microsoft Corporation) C:\Windows\system32\cdp.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 005112320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 004615616 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 004578816 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 004307968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 004150272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.AI.MachineLearning.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 004140544 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsThresholdAdminFlowUI.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 004129408 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 004047360 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 004005888 _____ (Microsoft Corporation) C:\Windows\system32\EdgeContent.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 003968512 _____ (Microsoft Corporation) C:\Windows\system32\tellib.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 003967920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 003791360 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 003752960 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 003742544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneCoreUAPCommonProxyStub.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 003728384 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2019-11-13 09:59 - 2019-11-13 09:59 - 003703296 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 003591208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2019-11-13 09:59 - 2019-11-13 09:59 - 003487232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 003387392 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 003371928 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 003263488 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 003105792 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 003084800 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 002988344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2019-11-13 09:59 - 2019-11-13 09:59 - 002956472 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 002871848 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 002870784 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 002800640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2019-11-13 09:59 - 2019-11-13 09:59 - 002772272 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 002763016 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 002716672 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2019-11-13 09:59 - 2019-11-13 09:59 - 002703872 _____ (Microsoft Corporation) C:\Windows\system32\WebRuntimeManager.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 002698768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2019-11-13 09:59 - 2019-11-13 09:59 - 002586816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 002576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 002562048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 002399232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AcGenral.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 002369552 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.AppAgent.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 002305536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 002284032 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 002258848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 002188808 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystems64.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 002158080 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.ModernAppAgent.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 002126112 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 002120704 _____ (Microsoft Corporation) C:\Windows\system32\WpcDesktopMonSvc.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 002114048 _____ (Microsoft Corporation) C:\Windows\system32\Windows.CloudStore.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 002081976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 001974824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys
2019-11-13 09:59 - 2019-11-13 09:59 - 001942528 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 001920512 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 001916984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 001866272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 001856512 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 001757096 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-11-13 09:59 - 2019-11-13 09:59 - 001748480 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 001743888 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 001726480 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 001718584 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntVirtualization.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 001691648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 001687040 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 001664688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 001659192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Uev.AppAgent.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 001656392 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 001647064 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 001616696 _____ (Microsoft Corporation) C:\Windows\system32\AppVIntegration.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 001610752 _____ (Microsoft Corporation) C:\Windows\system32\HologramCompositor.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 001495864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppVEntSubsystems32.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 001451520 _____ (Microsoft Corporation) C:\Windows\system32\usocoreworker.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 001428992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2019-11-13 09:59 - 2019-11-13 09:59 - 001413912 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 001413864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 001399096 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 001394168 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 001387024 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystemController.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 001348096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 001327064 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 001312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 001283072 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 001259416 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 001257472 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 001189376 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 001185792 _____ (Microsoft Corporation) C:\Windows\system32\AgentService.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 001182720 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.CommonBridge.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 001171704 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 001154656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 001149712 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 001126912 _____ (Microsoft Corporation) C:\Windows\system32\ApplySettingsTemplateCatalog.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 001098712 _____ (Microsoft Corporation) C:\Windows\system32\DolbyDecMFT.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 001094656 _____ (Microsoft Corporation) C:\Windows\system32\WpcRefreshTask.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 001072952 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 001070080 _____ (Microsoft Corporation) C:\Windows\system32\BTAGService.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 001069064 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManager.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 001066496 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 001062912 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 001059840 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 001047352 _____ (Microsoft Corporation) C:\Windows\system32\AppVPolicy.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 001027000 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 001017680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 001007616 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000982840 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000975872 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000960040 _____ (Microsoft Corporation) C:\Windows\system32\AppVManifest.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000913920 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000911824 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000892696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000874936 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000874536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2019-11-13 09:59 - 2019-11-13 09:59 - 000868864 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.Service.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000864256 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000849920 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000844800 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000842752 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000832000 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000827192 _____ (Microsoft Corporation) C:\Windows\system32\AppVOrchestration.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000822200 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000822072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicenseManager.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000816952 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntStreamingManager.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000811536 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000774456 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000768528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000768488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000765440 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000762880 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.PrinterCustomActions.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000750080 _____ (Microsoft Corporation) C:\Windows\system32\ActivationManager.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000747320 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000743224 _____ (Microsoft Corporation) C:\Windows\system32\AppVReporting.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000741376 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Office2013CustomActions.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000735744 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000708096 _____ (Microsoft Corporation) C:\Windows\system32\agentactivationruntimewindows.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000704000 _____ (Microsoft Corporation) C:\Windows\system32\agentactivationruntime.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Mirage.Internal.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000700416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BTAGService.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000689664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000679152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000673664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000669696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000669352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000666640 _____ (Microsoft Corporation) C:\Windows\system32\AppVCatalog.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000657424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2019-11-13 09:59 - 2019-11-13 09:59 - 000649728 _____ (Microsoft Corporation) C:\Windows\system32\DevicesFlowBroker.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000644096 _____ (Microsoft Corporation) C:\Windows\system32\cdpsvc.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000642560 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000638264 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000632320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000618496 _____ (Microsoft Corporation) C:\Windows\system32\CredProvDataModel.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000606720 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000604984 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000599552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActivationManager.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000598528 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000598016 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000595968 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000589592 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000586768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2019-11-13 09:59 - 2019-11-13 09:59 - 000578560 _____ (Microsoft Corporation) C:\Windows\system32\SppExtComObj.Exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000563712 _____ (Microsoft Corporation) C:\Windows\system32\wpnprv.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000552448 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000551736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Vid.sys
2019-11-13 09:59 - 2019-11-13 09:59 - 000550400 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-11-13 09:59 - 2019-11-13 09:59 - 000534528 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Bluetooth.UserService.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000532480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000530944 _____ (Microsoft Corporation) C:\Windows\system32\usosvc.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000524800 _____ (Microsoft Corporation) C:\Windows\system32\cdpusersvc.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000522176 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000517432 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000516544 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000514576 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000513536 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000513336 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000512512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Uev.Office2013CustomActions.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000510792 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000496640 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000494904 _____ (Microsoft Corporation) C:\Windows\system32\TransportDSA.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000492032 _____ (Microsoft Corporation) C:\Windows\system32\Narrator.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000487424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.FileExplorer.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000477712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2019-11-13 09:59 - 2019-11-13 09:59 - 000477184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000469504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000466928 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000465208 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000461320 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000457216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cldflt.sys
2019-11-13 09:59 - 2019-11-13 09:59 - 000456192 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.ConversationalAgent.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000455168 _____ (Microsoft Corporation) C:\Windows\system32\upnphost.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000453632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredProvDataModel.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000452920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000446464 _____ (Microsoft Corporation) C:\Windows\system32\Magnify.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000443904 _____ (Microsoft Corporation) C:\Windows\system32\edgeIso.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000441144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2019-11-13 09:59 - 2019-11-13 09:59 - 000435200 _____ (Microsoft Corporation) C:\Windows\system32\wincorlib.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000431616 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.BioFeedback.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000429568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000423936 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.CscUnpinTool.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000416016 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000415544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000404904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000401920 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000401408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000396088 _____ (Microsoft Corporation) C:\Windows\system32\AppVScripting.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000392192 _____ (Microsoft Corporation) C:\Windows\system32\Search.ProtocolHandler.MAPI2.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000382976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000381952 _____ (Microsoft Corporation) C:\Windows\system32\AppLockerCSP.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000380944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000380928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AcLayers.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000375720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000372752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2019-11-13 09:59 - 2019-11-13 09:59 - 000368128 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000359424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\MbbCx.sys
2019-11-13 09:59 - 2019-11-13 09:59 - 000358400 _____ (Microsoft Corporation) C:\Windows\system32\AcGenral.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Magnify.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000350720 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_SpeechPrivacy.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000336384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000332288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000327680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnphost.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000327680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgeIso.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000324624 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32k.sys
2019-11-13 09:59 - 2019-11-13 09:59 - 000322504 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\AcLayers.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000308736 _____ (Microsoft Corporation) C:\Windows\system32\msIso.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000307712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000299520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000292664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2019-11-13 09:59 - 2019-11-13 09:59 - 000291256 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000287744 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.ManagedEventLogging.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000283648 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000283136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000282112 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.ConfigWrapper.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000280064 _____ (Microsoft Corporation) C:\Windows\system32\cmd.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000278016 _____ (Microsoft Corporation) C:\Windows\system32\WpcTok.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000277504 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_CapabilityAccess.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000265216 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000259384 _____ (Microsoft Corporation) C:\Windows\system32\AppVFileSystemMetadata.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000256000 _____ (Microsoft Corporation) C:\Windows\system32\UpdateDeploymentProvider.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000251904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000251512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000250880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winnat.sys
2019-11-13 09:59 - 2019-11-13 09:59 - 000249856 _____ (Gracenote, Inc.) C:\Windows\SysWOW64\gnsdk_fp.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000247856 _____ (Microsoft Corporation) C:\Windows\system32\weretw.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000241152 _____ (Microsoft Corporation) C:\Windows\system32\policymanagerprecheck.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000240640 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000239104 _____ (Microsoft Corporation) C:\Windows\system32\vdsbas.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000237056 _____ (Microsoft Corporation) C:\Windows\system32\accessibilitycpl.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000236032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000236032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000235008 _____ (Microsoft Corporation) C:\Windows\system32\fwpolicyiomgr.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000230200 _____ (Microsoft Corporation) C:\Windows\system32\AppVStreamMap.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000227840 _____ (Microsoft Corporation) C:\Windows\system32\IndexedDbLegacy.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000225280 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000224768 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE
2019-11-13 09:59 - 2019-11-13 09:59 - 000220472 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000219136 _____ (Microsoft Corporation) C:\Windows\system32\wscinterop.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000214528 _____ (Microsoft Corporation) C:\Windows\system32\DiagSvc.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000214016 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.CmUtil.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000211968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000206336 _____ (Microsoft Corporation) C:\Windows\system32\wincredui.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000204816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spacedump.sys
2019-11-13 09:59 - 2019-11-13 09:59 - 000204800 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000202552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-11-13 09:59 - 2019-11-13 09:59 - 000201728 _____ (Microsoft Corporation) C:\Windows\system32\AppXApplicabilityBlob.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\accessibilitycpl.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000199480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000197632 _____ (Microsoft Corporation) C:\Windows\system32\Win32CompatibilityAppraiserCSP.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000193800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\weretw.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000189440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fwpolicyiomgr.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWWIN.EXE
2019-11-13 09:59 - 2019-11-13 09:59 - 000184832 _____ (Microsoft Corporation) C:\Windows\system32\AarSvc.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IndexedDbLegacy.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000175616 _____ (Microsoft Corporation) C:\Windows\system32\dmvdsitf.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000169472 _____ (Microsoft Corporation) C:\Windows\system32\SpatialAudioLicenseSrv.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscinterop.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000164776 _____ (Microsoft Corporation) C:\Windows\system32\omadmapi.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000164368 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000162816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredui.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000162304 _____ (Microsoft Corporation) C:\Windows\system32\fwbase.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000160768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000159232 _____ (Microsoft Corporation) C:\Windows\system32\srpapi.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000157184 _____ (Microsoft Corporation) C:\Windows\system32\RMapi.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000154112 _____ (Microsoft Corporation) C:\Windows\system32\dssvc.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmvdsitf.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000147456 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SpatialAudioLicenseSrv.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000139776 _____ (Microsoft Corporation) C:\Windows\system32\Chakrathunk.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000136536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\omadmapi.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000132608 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fwbase.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000129024 _____ (Microsoft Corporation) C:\Windows\system32\UtcDecoderHost.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys
2019-11-13 09:59 - 2019-11-13 09:59 - 000127064 _____ (Microsoft Corporation) C:\Windows\system32\win32u.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000126464 _____ (Microsoft Corporation) C:\Windows\system32\WinHvPlatform.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\ApplicationControlCSP.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000122880 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000118784 _____ (Microsoft Corporation) C:\Windows\system32\Utilman.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000118272 _____ (Microsoft Corporation) C:\Windows\system32\EaseOfAccessDialog.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys
2019-11-13 09:59 - 2019-11-13 09:59 - 000113160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2019-11-13 09:59 - 2019-11-13 09:59 - 000113152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000111104 _____ (Microsoft Corporation) C:\Windows\system32\AxInstSv.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000108032 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000105984 _____ (Microsoft Corporation) C:\Windows\system32\utcutil.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000105488 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000105472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakrathunk.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000100352 _____ (Microsoft Corporation) C:\Windows\system32\sethc.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2019-11-13 09:59 - 2019-11-13 09:59 - 000094720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Utilman.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EaseOfAccessDialog.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000093496 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000090624 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000089568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32u.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000088568 _____ (Microsoft Corporation) C:\Windows\system32\remoteaudioendpoint.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\ApiSetHost.AppExecutionAlias.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AcXtrnal.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000086016 _____ (Microsoft Corporation) C:\Windows\system32\AtBroker.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000084488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winhvr.sys
2019-11-13 09:59 - 2019-11-13 09:59 - 000084488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvservice.sys
2019-11-13 09:59 - 2019-11-13 09:59 - 000083456 _____ (Microsoft Corporation) C:\Windows\system32\wscui.cpl
2019-11-13 09:59 - 2019-11-13 09:59 - 000083456 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.SyncController.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dtdump.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sethc.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000079360 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\CustomInstallExec.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\autopilot.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000074240 _____ (Microsoft Corporation) C:\Windows\system32\reg.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000073024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\remoteaudioendpoint.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000071480 _____ (Microsoft Corporation) C:\Windows\system32\win32appinventorycsp.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Common.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000068096 _____ (Microsoft Corporation) C:\Windows\system32\udhisapi.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscui.cpl
2019-11-13 09:59 - 2019-11-13 09:59 - 000066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AtBroker.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\iemigplugin.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000065272 _____ (Microsoft Corporation) C:\Windows\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ApiSetHost.AppExecutionAlias.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iemigplugin.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\vss_ps.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000061240 _____ (Microsoft Corporation) C:\Windows\system32\hvhostsvc.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\AxInstUI.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\reg.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000058880 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.ModernAppCore.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\udhisapi.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000057856 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000057344 _____ (Microsoft Corporation) C:\Windows\system32\audioresourceregistrar.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\UevAppMonitor.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000054272 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.CabUtil.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000051200 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000048128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys
2019-11-13 09:59 - 2019-11-13 09:59 - 000047616 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000047208 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.EventLogMessages.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Office2010CustomActions.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\LaunchWinApp.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\UevAgentPolicyGenerator.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\upnpcont.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000039936 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthMini.SYS
2019-11-13 09:59 - 2019-11-13 09:59 - 000036368 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Uev.Office2010CustomActions.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnpcont.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\winnsi.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LaunchWinApp.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\posetup.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000030720 _____ C:\Windows\system32\uwfservicingapi.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\nsisvc.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000028344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winnsi.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000027648 _____ (Microsoft Corporation) C:\Windows\system32\wscisvif.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\appidtel.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\autopilotdiag.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000024792 _____ (Microsoft Corporation) C:\Windows\system32\nsi.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Management.WmiAccess.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Management.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000021304 _____ (Microsoft Corporation) C:\Windows\system32\kdhvcom.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000020992 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.ModernAppData.WinRT.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000020352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nsi.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000019456 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.SyncCommon.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\wscproxystub.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Common.WinRT.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000018432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\applockerfltr.sys
2019-11-13 09:59 - 2019-11-13 09:59 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.LocalSyncProvider.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\iscsilog.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000015360 _____ (Microsoft Corporation) C:\Windows\system32\AcXtrnal.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.ModernSync.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDJPN.DLL
2019-11-13 09:59 - 2019-11-13 09:59 - 000013824 _____ (Microsoft Corporation) C:\Windows\system32\UevTemplateBaselineGenerator.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\dstokenclean.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000012800 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\pacjsworker.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\UevTemplateConfigItemGenerator.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.SmbSyncProvider.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000009216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000009216 _____ (Microsoft Corporation) C:\Windows\system32\wscadminui.exe
2019-11-13 09:59 - 2019-11-13 09:59 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.MonitorSyncProvider.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbd106.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000007680 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.SyncConditions.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2019-11-13 09:59 - 2019-11-13 09:59 - 000005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000003072 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2019-11-13 09:59 - 2019-11-13 09:59 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2019-11-13 09:59 - 2019-11-13 09:59 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\tier2punctuations.dll
2019-11-13 09:55 - 2019-10-17 07:17 - 000492544 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2019-11-13 09:55 - 2019-10-17 07:01 - 000390656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2019-11-12 20:20 - 2019-11-22 19:28 - 000000000 ____D C:\Users\Administrator_1\AppData\Local\UnrealEngine
2019-11-12 20:20 - 2019-11-16 15:11 - 000074552 _____ (Wellbia.com Co., Ltd.) C:\Windows\xhunter1.sys
2019-11-12 20:20 - 2019-11-12 20:20 - 000000000 ____D C:\Users\Administrator_1\AppData\Local\ShadowTrackerExtra
2019-11-12 20:20 - 2019-11-12 20:20 - 000000000 ____D C:\Program Files\Common Files\Uncheater
2019-11-11 18:53 - 2019-11-11 18:53 - 000000000 ____D C:\ProgramData\PUBG
2019-11-11 13:57 - 2019-11-11 13:57 - 000000000 ____D C:\Windows\Tasks\ImCleanDisabled
2019-11-11 13:17 - 2020-01-03 22:00 - 000000000 ____D C:\Users\Administrator_1\AppData\Local\CrashDumps
2019-11-11 09:52 - 2019-11-11 09:52 - 000000000 ____D C:\ProgramData\Blackmagic Design
2019-11-11 09:42 - 2019-12-01 11:12 - 000000988 _____ C:\Users\Administrator_1\Desktop\TATTOO.lnk
2019-11-11 09:38 - 2019-11-25 09:47 - 000003400 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3107723246-2406789225-4189533835-1001
2019-11-10 23:44 - 2019-11-13 10:02 - 000000000 ____D C:\Windows\system32\MRT
2019-11-10 23:44 - 2019-11-13 10:01 - 128443096 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-11-10 23:42 - 2019-11-10 23:42 - 019811840 _____ (Microsoft Corporation) C:\Windows\system32\HologramWorld.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 005865272 _____ (Microsoft Corporation) C:\Windows\system32\spwizimg.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 005041664 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 004562688 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2019-11-10 23:42 - 2019-11-10 23:42 - 004538880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 004481536 _____ (Microsoft Corporation) C:\Windows\system32\DHolographicDisplay.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 003553280 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 003525592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 003184128 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 002861568 _____ (Microsoft Corporation) C:\Windows\system32\xpsservices.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 002821120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 002755584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2019-11-10 23:42 - 2019-11-10 23:42 - 002755584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-11-10 23:42 - 2019-11-10 23:42 - 002590208 _____ C:\Windows\system32\dwmscene.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 002552120 _____ (Microsoft Corporation) C:\Windows\system32\UpdateAgent.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 002494440 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 002466304 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 002456064 _____ (Microsoft Corporation) C:\Windows\system32\InstallService.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 002448712 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 002422592 _____ (Microsoft Corporation) C:\Windows\system32\WMVCORE.DLL
2019-11-10 23:42 - 2019-11-10 23:42 - 002314648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 002236144 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 002160640 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 002138472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVCORE.DLL
2019-11-10 23:42 - 2019-11-10 23:42 - 002132280 _____ (Microsoft Corporation) C:\Windows\system32\wsp_fs.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 002095104 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 002069504 _____ (Microsoft Corporation) C:\Windows\system32\ISM.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 002000168 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 001957008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 001952360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 001940952 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 001847808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsservices.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 001845408 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 001835008 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 001830200 _____ (Microsoft Corporation) C:\Windows\system32\rdpserverbase.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 001819136 _____ (Microsoft Corporation) C:\Windows\system32\CoreShell.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 001788728 _____ (Microsoft Corporation) C:\Windows\system32\wsp_health.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 001730560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallService.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 001687040 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 001664376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 001657856 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 001616784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 001616608 _____ (Microsoft Corporation) C:\Windows\system32\ttdrecordcpu.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 001607680 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 001563648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 001562424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpserverbase.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 001543168 _____ (Microsoft Corporation) C:\Windows\system32\WindowManagement.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 001512320 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-11-10 23:42 - 2019-11-10 23:42 - 001510752 _____ (Microsoft Corporation) C:\Windows\system32\msvproc.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 001505320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_fs.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 001482040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2019-11-10 23:42 - 2019-11-10 23:42 - 001473488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 001412096 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 001383856 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 001372160 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 001366128 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-11-10 23:42 - 2019-11-10 23:42 - 001334064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ttdrecordcpu.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 001319936 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 001297936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_health.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 001273392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 001263616 _____ (Microsoft Corporation) C:\Windows\system32\opengl32.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 001261800 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 001244944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 001217904 _____ (Microsoft Corporation) C:\Windows\system32\ClipUp.exe
2019-11-10 23:42 - 2019-11-10 23:42 - 001214976 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 001182240 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2019-11-10 23:42 - 2019-11-10 23:42 - 001178816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 001152016 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 001150240 _____ (Microsoft Corporation) C:\Windows\system32\InputHost.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 001091584 _____ (Microsoft Corporation) C:\Windows\system32\TpmCoreProvisioning.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 001084432 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 001080320 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 001054872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 001047968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 001036800 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 001029432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ClipSp.sys
2019-11-10 23:42 - 2019-11-10 23:42 - 001023128 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 001012792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 001009152 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000960512 _____ (Microsoft Corporation) C:\Windows\system32\assignedaccessmanagersvc.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000952416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DolbyDecMFT.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000950784 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000944664 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000939008 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000931840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdiWiFi.sys
2019-11-10 23:42 - 2019-11-10 23:42 - 000923136 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000923136 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000904704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\opengl32.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000904208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000893952 _____ (Microsoft Corporation) C:\Windows\system32\RecoveryDrive.exe
2019-11-10 23:42 - 2019-11-10 23:42 - 000890472 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000882688 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000875008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000858112 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000856576 _____ C:\Windows\system32\MBR2GPT.EXE
2019-11-10 23:42 - 2019-11-10 23:42 - 000843776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000841216 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000839680 _____ (Microsoft Corporation) C:\Windows\system32\d3d9on12.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000836608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TpmCoreProvisioning.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000833312 _____ (Microsoft Corporation) C:\Windows\system32\pkeyhelper.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000829536 _____ (Microsoft Corporation) C:\Windows\system32\BioIso.exe
2019-11-10 23:42 - 2019-11-10 23:42 - 000818688 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000792296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputHost.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000784384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000783480 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2019-11-10 23:42 - 2019-11-10 23:42 - 000775768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000759488 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000758584 _____ (Microsoft Corporation) C:\Windows\system32\wimgapi.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000750080 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.Search.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000742912 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000732176 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_StorageSense.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000722944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fveapi.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000717312 _____ (Microsoft Corporation) C:\Windows\system32\mousocoreworker.exe
2019-11-10 23:42 - 2019-11-10 23:42 - 000702464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2019-11-10 23:42 - 2019-11-10 23:42 - 000701952 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.FileExplorer.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000691712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000674072 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2019-11-10 23:42 - 2019-11-10 23:42 - 000673080 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000669496 _____ (Microsoft Corporation) C:\Windows\system32\computecore.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000667136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000659456 _____ (Microsoft Corporation) C:\Windows\system32\AssignedAccessManager.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000656960 _____ (Microsoft Corporation) C:\Windows\system32\d3d11on12.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000652800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000649016 _____ (Microsoft Corporation) C:\Windows\system32\AppVPublishing.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000647168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000639400 _____ (Microsoft Corporation) C:\Windows\system32\msvcp_win.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.Search.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000623104 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000617784 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000612864 _____ (Microsoft Corporation) C:\Windows\system32\dmenrollengine.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000599552 _____ (Microsoft Corporation) C:\Windows\system32\SmsRouterSvc.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000598024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wimgapi.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000587776 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_PCDisplay.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys
2019-11-10 23:42 - 2019-11-10 23:42 - 000568336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000558592 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Notifications.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000551424 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEnroller.exe
2019-11-10 23:42 - 2019-11-10 23:42 - 000546816 _____ (Microsoft Corporation) C:\Windows\system32\dxdiagn.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000541696 _____ (Microsoft Corporation) C:\Windows\system32\ResourceMapper.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000541480 _____ (Microsoft Corporation) C:\Windows\system32\policymanager.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000539648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9on12.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000537600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000533504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000530432 _____ (Microsoft Corporation) C:\Windows\system32\sppcext.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000524800 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000518656 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000516408 _____ (Microsoft Corporation) C:\Windows\system32\wimserv.exe
2019-11-10 23:42 - 2019-11-10 23:42 - 000510464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmenrollengine.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000507704 _____ (Microsoft Corporation) C:\Windows\system32\spwizeng.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000507152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskschd.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000502784 _____ C:\Windows\system32\AssignedAccessCsp.dll

Re: Zmizel Antivirus, nelze znovu naisntalovat.

Napsal: 07 led 2020 12:50
od zuznay
2019-11-10 23:42 - 2019-11-10 23:42 - 000501232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp_win.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000500736 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-11-10 23:42 - 2019-11-10 23:42 - 000499200 _____ (Microsoft Corporation) C:\Windows\system32\rdpshell.exe
2019-11-10 23:42 - 2019-11-10 23:42 - 000487576 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase_enclave.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000483328 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000476672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000463272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\policymanager.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000462848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000456504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2019-11-10 23:42 - 2019-11-10 23:42 - 000450560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxdiagn.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000450360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11on12.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000449888 _____ (Microsoft Corporation) C:\Windows\system32\MMDevAPI.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000448000 _____ (Microsoft Corporation) C:\Windows\system32\SettingsEnvironment.Desktop.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000442704 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000422008 _____ (Microsoft Corporation) C:\Windows\system32\SgrmEnclave_secure.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-11-10 23:42 - 2019-11-10 23:42 - 000417280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000412152 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe
2019-11-10 23:42 - 2019-11-10 23:42 - 000401408 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000398728 _____ (Microsoft Corporation) C:\Windows\system32\wininit.exe
2019-11-10 23:42 - 2019-11-10 23:42 - 000392704 _____ (Microsoft Corporation) C:\Windows\system32\NotificationControllerPS.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000387832 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000383984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MMDevAPI.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000382976 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000379840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000376832 _____ (Microsoft Corporation) C:\Windows\system32\rdpinit.exe
2019-11-10 23:42 - 2019-11-10 23:42 - 000369664 _____ (Microsoft Corporation) C:\Windows\system32\dxdiag.exe
2019-11-10 23:42 - 2019-11-10 23:42 - 000363624 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000355840 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicSvc.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000346624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000342896 _____ (Microsoft Corporation) C:\Windows\system32\ttdwriter.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000334936 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000334336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fveapibase.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000327168 _____ (Microsoft Corporation) C:\Windows\system32\VAN.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000327168 _____ (Microsoft Corporation) C:\Windows\system32\ComposableShellProxyStub.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000315904 _____ (Microsoft Corporation) C:\Windows\system32\dmenterprisediagnostics.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000315392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxdiag.exe
2019-11-10 23:42 - 2019-11-10 23:42 - 000300184 _____ (Microsoft Corporation) C:\Windows\system32\skci.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000293344 _____ (Microsoft Corporation) C:\Windows\system32\cfgmgr32.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000285696 _____ (Microsoft Corporation) C:\Windows\system32\directxdatabaseupdater.exe
2019-11-10 23:42 - 2019-11-10 23:42 - 000285256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000284160 _____ (Microsoft Corporation) C:\Windows\system32\container.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000283688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ttdwriter.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000282112 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.AppDefaults.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000278080 _____ (Microsoft Corporation) C:\Windows\system32\LsaIso.exe
2019-11-10 23:42 - 2019-11-10 23:42 - 000275968 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000268800 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000268288 _____ (Microsoft Corporation) C:\Windows\system32\dot3svc.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000261632 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicCapsule.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000252416 _____ (Microsoft Corporation) C:\Windows\system32\wpnservice.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000248832 _____ (Microsoft Corporation) C:\Windows\system32\ManageCI.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glu32.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000244736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2019-11-10 23:42 - 2019-11-10 23:42 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Gpu.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000239104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000236544 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000236520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\tetheringservice.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000231936 _____ (Microsoft Corporation) C:\Windows\system32\InstallServiceTasks.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000231440 _____ (Microsoft Corporation) C:\Windows\system32\AppVShNotify.exe
2019-11-10 23:42 - 2019-11-10 23:42 - 000225080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wof.sys
2019-11-10 23:42 - 2019-11-10 23:42 - 000221696 _____ (Microsoft Corporation) C:\Windows\system32\dxgiadaptercache.exe
2019-11-10 23:42 - 2019-11-10 23:42 - 000210744 _____ (Microsoft Corporation) C:\Windows\system32\tcbloader.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000208384 _____ (Microsoft Corporation) C:\Windows\system32\wuuhosdeployment.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000206336 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000202768 _____ (Microsoft Corporation) C:\Windows\system32\AppVStreamingUX.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\container.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000181776 _____ (Microsoft Corporation) C:\Windows\system32\AppVDllSurrogate.exe
2019-11-10 23:42 - 2019-11-10 23:42 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallServiceTasks.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000179512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-11-10 23:42 - 2019-11-10 23:42 - 000178176 _____ (Microsoft Corporation) C:\Windows\system32\prntvpt.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000176440 _____ (Microsoft Corporation) C:\Windows\system32\uxlib.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000176152 _____ (Microsoft Corporation) C:\Windows\system32\imm32.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000174080 _____ (Microsoft Corporation) C:\Windows\system32\sud.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000173568 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe
2019-11-10 23:42 - 2019-11-10 23:42 - 000173072 _____ (Microsoft Corporation) C:\Windows\system32\AppVNice.exe
2019-11-10 23:42 - 2019-11-10 23:42 - 000165832 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2019-11-10 23:42 - 2019-11-10 23:42 - 000163328 _____ (Microsoft Corporation) C:\Windows\system32\glu32.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000159112 _____ (Microsoft Corporation) C:\Windows\system32\devobj.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000158720 _____ (Microsoft Corporation) C:\Windows\system32\umpo.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000158208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2019-11-10 23:42 - 2019-11-10 23:42 - 000157184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ComposableShellProxyStub.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000155648 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_AppExecutionAlias.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000152408 _____ (Microsoft Corporation) C:\Windows\system32\KerbClientShared.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_BackgroundApps.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000150328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2019-11-10 23:42 - 2019-11-10 23:42 - 000145208 _____ (Microsoft Corporation) C:\Windows\system32\CscMig.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imm32.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000140800 _____ (Microsoft Corporation) C:\Windows\system32\mdmmigrator.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000140496 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sud.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prntvpt.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000137864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000137728 _____ (Microsoft Corporation) C:\Windows\system32\dwmredir.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000133632 _____ (Microsoft Corporation) C:\Windows\system32\appvetwclientres.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000132608 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_ForceSync.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000132408 _____ (Microsoft Corporation) C:\Windows\system32\offlinelsa.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\CloudDomainJoinAUG.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000125232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KerbClientShared.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000121856 _____ (Microsoft Corporation) C:\Windows\system32\updatecsp.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000119840 _____ (Microsoft Corporation) C:\Windows\system32\OpenWith.exe
2019-11-10 23:42 - 2019-11-10 23:42 - 000117048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bindflt.sys
2019-11-10 23:42 - 2019-11-10 23:42 - 000116904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000110080 _____ C:\Windows\system32\ResBParser.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000107008 _____ (Microsoft Corporation) C:\Windows\system32\CoreShellExtFramework.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000105832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OpenWith.exe
2019-11-10 23:42 - 2019-11-10 23:42 - 000103936 _____ (Microsoft Corporation) C:\Windows\system32\dot3msm.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000100664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbkmcl.sys
2019-11-10 23:42 - 2019-11-10 23:42 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\mcbuilder.exe
2019-11-10 23:42 - 2019-11-10 23:42 - 000093184 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2019-11-10 23:42 - 2019-11-10 23:42 - 000092624 _____ (Microsoft Corporation) C:\Windows\system32\taskhostw.exe
2019-11-10 23:42 - 2019-11-10 23:42 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\dot3api.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000089088 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicAgent.exe
2019-11-10 23:42 - 2019-11-10 23:42 - 000083456 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\rdvvmtransport.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mcbuilder.exe
2019-11-10 23:42 - 2019-11-10 23:42 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\tetheringclient.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000071680 _____ (Microsoft Corporation) C:\Windows\system32\dwm.exe
2019-11-10 23:42 - 2019-11-10 23:42 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000066832 _____ (Microsoft Corporation) C:\Windows\system32\iumcrypt.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvvmtransport.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\CertEnrollCtrl.exe
2019-11-10 23:42 - 2019-11-10 23:42 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\AssignedAccessRuntime.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\devrtl.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000056832 _____ (Microsoft Corporation) C:\Windows\system32\pnppolicy.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\BdeUISrv.exe
2019-11-10 23:42 - 2019-11-10 23:42 - 000053248 _____ C:\Windows\system32\Drivers\UsbPmApi.sys
2019-11-10 23:42 - 2019-11-10 23:42 - 000052736 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000052224 _____ (Microsoft Corporation) C:\Windows\system32\tetheringconfigsp.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnrollCtrl.exe
2019-11-10 23:42 - 2019-11-10 23:42 - 000049152 _____ (Microsoft Corporation) C:\Windows\system32\enrollmentapi.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000047616 _____ C:\Windows\system32\UsbPmApi.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AssignedAccessRuntime.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\cellulardatacapabilityhandler.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\WiredNetworkCSP.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000039304 _____ (Microsoft Corporation) C:\Windows\system32\NtlmShared.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000037904 _____ (Microsoft Corporation) C:\Windows\system32\SyncAppvPublishingServer.exe
2019-11-10 23:42 - 2019-11-10 23:42 - 000037176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wimmount.sys
2019-11-10 23:42 - 2019-11-10 23:42 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\IcsEntitlementHost.exe
2019-11-10 23:42 - 2019-11-10 23:42 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\enrollmentapi.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000033048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NtlmShared.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicPS.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys
2019-11-10 23:42 - 2019-11-10 23:42 - 000027648 _____ (Microsoft Corporation) C:\Windows\system32\Win32_DeviceGuard.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\CSystemEventsBrokerClient.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000021816 _____ (Microsoft Corporation) C:\Windows\system32\ScriptRunner.exe
2019-11-10 23:42 - 2019-11-10 23:42 - 000020944 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000019456 _____ (Microsoft Corporation) C:\Windows\system32\wmsgapi.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\bindflt.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000016696 _____ (Microsoft Corporation) C:\Windows\system32\spwizres.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\d3d8thk.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000013824 _____ (Microsoft Corporation) C:\Windows\system32\appvetwstreamingux.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d8thk.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\TSErrRedir.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000011576 _____ (Microsoft Corporation) C:\Windows\system32\uxlibres.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TpmCertResources.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000003584 _____ (Microsoft Corporation) C:\Windows\system32\TpmCertResources.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2019-11-10 23:42 - 2019-11-10 23:42 - 000000315 _____ C:\Windows\system32\DrtmAuth9.bin
2019-11-10 23:42 - 2019-11-10 23:42 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2019-11-10 23:42 - 2019-11-10 23:42 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2019-11-10 23:42 - 2019-11-10 23:42 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2019-11-10 23:42 - 2019-11-10 23:42 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2019-11-10 23:42 - 2019-11-10 23:42 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2019-11-10 23:42 - 2019-11-10 23:42 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2019-11-10 23:42 - 2019-11-10 23:42 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2019-11-10 23:42 - 2019-11-10 23:42 - 000000315 _____ C:\Windows\system32\DrtmAuth12.bin
2019-11-10 23:42 - 2019-11-10 23:42 - 000000315 _____ C:\Windows\system32\DrtmAuth11.bin
2019-11-10 23:42 - 2019-11-10 23:42 - 000000315 _____ C:\Windows\system32\DrtmAuth10.bin
2019-11-10 23:42 - 2019-11-10 23:42 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
2019-11-10 23:41 - 2019-11-10 23:41 - 000436536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2019-11-10 23:41 - 2019-11-10 23:41 - 000355000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
2019-11-10 23:41 - 2019-11-10 23:41 - 000223032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-11-10 23:41 - 2019-11-10 23:41 - 000208184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-11-10 23:41 - 2019-11-10 23:41 - 000201016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-11-10 23:41 - 2019-11-10 23:41 - 000199480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-11-10 23:41 - 2019-11-10 23:41 - 000151568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbus.sys
2019-11-10 23:41 - 2019-11-10 23:41 - 000079376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\uaspstor.sys
2019-11-10 23:41 - 2019-11-10 23:41 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidspi.sys
2019-11-10 23:41 - 2019-11-10 23:41 - 000052752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmstorfl.sys
2019-11-10 23:41 - 2019-11-10 23:41 - 000043536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storvsc.sys
2019-11-10 23:41 - 2019-11-10 23:41 - 000028936 _____ (Microsoft Corporation) C:\Windows\system32\vmbuspipe.dll
2019-11-10 17:14 - 2019-11-11 09:41 - 000001621 _____ C:\Users\Administrator_1\Desktop\Word.lnk
2019-11-10 17:12 - 2019-11-10 17:12 - 000000000 ___HD C:\ProgramData\CanonBJ
2019-11-10 17:12 - 2013-04-04 05:00 - 000391168 _____ (CANON INC.) C:\Windows\system32\CNMLMBV.DLL
2019-11-10 17:12 - 2013-02-04 15:12 - 000367104 _____ (CANON INC.) C:\Windows\system32\CNC_BVL.dll
2019-11-10 17:12 - 2012-11-26 12:32 - 000088576 _____ C:\Windows\system32\CNC176ED.TBL
2019-11-10 17:12 - 2012-11-08 13:04 - 000282624 _____ (CANON INC.) C:\Windows\system32\CNC_BVC.dll
2019-11-10 17:12 - 2012-11-08 13:03 - 000106496 _____ (CANON INC.) C:\Windows\system32\CNC_BVI.dll
2019-11-10 17:12 - 2008-08-25 18:02 - 000017920 _____ (CANON INC.) C:\Windows\system32\CNHMCA6.dll
2019-11-10 13:56 - 2019-11-10 13:57 - 000001628 _____ C:\Users\Administrator_1\Desktop\ART.lnk
2019-11-10 10:52 - 2019-11-10 10:52 - 000000000 ____D C:\Users\Administrator_1\Documents\Custom Office Templates
2019-11-10 10:49 - 2019-11-10 10:49 - 000002553 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-11-10 10:49 - 2019-11-10 10:49 - 000002530 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-11-10 10:49 - 2019-11-10 10:49 - 000002525 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-11-10 10:49 - 2019-11-10 10:49 - 000002518 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype pro firmy.lnk
2019-11-10 10:49 - 2019-11-10 10:49 - 000002486 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-11-10 10:49 - 2019-11-10 10:49 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-11-10 10:49 - 2019-11-10 10:49 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-11-10 10:49 - 2019-11-10 10:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2019-11-10 10:47 - 2020-01-03 13:40 - 000000000 ____D C:\Users\Administrator_1\Documents\The Witcher 3
2019-11-10 10:44 - 2019-11-10 10:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher 3 - Wild Hunt [GOG.com]
2019-11-10 10:44 - 2010-06-02 04:55 - 000527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2019-11-10 10:44 - 2010-06-02 04:55 - 000518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2019-11-10 10:44 - 2010-06-02 04:55 - 000239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2019-11-10 10:44 - 2010-06-02 04:55 - 000176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2019-11-10 10:44 - 2010-06-02 04:55 - 000077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2019-11-10 10:44 - 2010-06-02 04:55 - 000074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2019-11-10 10:44 - 2010-05-26 11:41 - 002526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2019-11-10 10:44 - 2010-05-26 11:41 - 002401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2019-11-10 10:44 - 2010-05-26 11:41 - 002106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2019-11-10 10:44 - 2010-05-26 11:41 - 001998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2019-11-10 10:44 - 2010-05-26 11:41 - 001907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2019-11-10 10:44 - 2010-05-26 11:41 - 001868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2019-11-10 10:44 - 2010-05-26 11:41 - 000511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2019-11-10 10:44 - 2010-05-26 11:41 - 000470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2019-11-10 10:44 - 2010-05-26 11:41 - 000276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2019-11-10 10:44 - 2010-05-26 11:41 - 000248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2019-11-10 10:44 - 2010-02-04 10:01 - 000530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2019-11-10 10:44 - 2010-02-04 10:01 - 000528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2019-11-10 10:44 - 2010-02-04 10:01 - 000238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2019-11-10 10:44 - 2010-02-04 10:01 - 000176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2019-11-10 10:44 - 2010-02-04 10:01 - 000078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2019-11-10 10:44 - 2010-02-04 10:01 - 000074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2019-11-10 10:44 - 2010-02-04 10:01 - 000024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2019-11-10 10:44 - 2010-02-04 10:01 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2019-11-10 10:44 - 2009-09-04 17:44 - 000517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2019-11-10 10:44 - 2009-09-04 17:44 - 000515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2019-11-10 10:44 - 2009-09-04 17:44 - 000238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2019-11-10 10:44 - 2009-09-04 17:44 - 000176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2019-11-10 10:44 - 2009-09-04 17:44 - 000073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2019-11-10 10:44 - 2009-09-04 17:44 - 000069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2019-11-10 10:44 - 2009-09-04 17:29 - 005554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2019-11-10 10:44 - 2009-09-04 17:29 - 005501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2019-11-10 10:44 - 2009-09-04 17:29 - 002582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2019-11-10 10:44 - 2009-09-04 17:29 - 002475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2019-11-10 10:44 - 2009-09-04 17:29 - 001974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2019-11-10 10:44 - 2009-09-04 17:29 - 001892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2019-11-10 10:44 - 2009-09-04 17:29 - 000523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2019-11-10 10:44 - 2009-09-04 17:29 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2019-11-10 10:44 - 2009-09-04 17:29 - 000285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2019-11-10 10:44 - 2009-09-04 17:29 - 000235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2019-11-10 10:44 - 2009-03-16 14:18 - 000521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2019-11-10 10:44 - 2009-03-16 14:18 - 000517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2019-11-10 10:44 - 2009-03-16 14:18 - 000235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2019-11-10 10:44 - 2009-03-16 14:18 - 000174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2019-11-10 10:44 - 2009-03-16 14:18 - 000024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2019-11-10 10:44 - 2009-03-16 14:18 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2019-11-10 10:44 - 2009-03-09 15:27 - 005425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2019-11-10 10:44 - 2009-03-09 15:27 - 004178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2019-11-10 10:44 - 2009-03-09 15:27 - 002430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2019-11-10 10:44 - 2009-03-09 15:27 - 001846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2019-11-10 10:44 - 2009-03-09 15:27 - 000520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2019-11-10 10:44 - 2009-03-09 15:27 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2019-11-10 10:44 - 2008-10-27 10:04 - 000518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2019-11-10 10:44 - 2008-10-27 10:04 - 000514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2019-11-10 10:44 - 2008-10-27 10:04 - 000235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2019-11-10 10:44 - 2008-10-27 10:04 - 000175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2019-11-10 10:44 - 2008-10-27 10:04 - 000074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2019-11-10 10:44 - 2008-10-27 10:04 - 000070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2019-11-10 10:44 - 2008-10-27 10:04 - 000025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2019-11-10 10:44 - 2008-10-27 10:04 - 000023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2019-11-10 10:44 - 2008-10-15 06:22 - 005631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2019-11-10 10:44 - 2008-10-15 06:22 - 004379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2019-11-10 10:44 - 2008-10-15 06:22 - 002605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2019-11-10 10:44 - 2008-10-15 06:22 - 002036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2019-11-10 10:44 - 2008-10-15 06:22 - 000519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2019-11-10 10:44 - 2008-10-15 06:22 - 000452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2019-11-10 10:44 - 2008-07-31 10:41 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2019-11-10 10:44 - 2008-07-31 10:41 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2019-11-10 10:44 - 2008-07-31 10:41 - 000072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2019-11-10 10:44 - 2008-07-31 10:41 - 000068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2019-11-10 10:44 - 2008-07-31 10:40 - 000513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2019-11-10 10:44 - 2008-07-31 10:40 - 000509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2019-11-10 10:44 - 2008-07-10 11:01 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2019-11-10 10:44 - 2008-07-10 11:00 - 004992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2019-11-10 10:44 - 2008-07-10 11:00 - 003851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2019-11-10 10:44 - 2008-07-10 11:00 - 001942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2019-11-10 10:44 - 2008-07-10 11:00 - 001493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2019-11-10 10:44 - 2008-07-10 11:00 - 000540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2019-11-10 10:44 - 2008-05-30 14:19 - 000511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2019-11-10 10:44 - 2008-05-30 14:19 - 000507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2019-11-10 10:44 - 2008-05-30 14:18 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2019-11-10 10:44 - 2008-05-30 14:18 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2019-11-10 10:44 - 2008-05-30 14:17 - 000068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2019-11-10 10:44 - 2008-05-30 14:17 - 000065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2019-11-10 10:44 - 2008-05-30 14:17 - 000025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2019-11-10 10:44 - 2008-05-30 14:16 - 000028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2019-11-10 10:44 - 2008-05-30 14:11 - 004991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2019-11-10 10:44 - 2008-05-30 14:11 - 003850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2019-11-10 10:44 - 2008-05-30 14:11 - 001941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2019-11-10 10:44 - 2008-05-30 14:11 - 001491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2019-11-10 10:44 - 2008-05-30 14:11 - 000540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2019-11-10 10:44 - 2008-05-30 14:11 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2019-11-10 10:44 - 2008-03-05 16:04 - 000489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2019-11-10 10:44 - 2008-03-05 16:03 - 000479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2019-11-10 10:44 - 2008-03-05 16:03 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2019-11-10 10:44 - 2008-03-05 16:03 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2019-11-10 10:44 - 2008-03-05 16:00 - 000028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2019-11-10 10:44 - 2008-03-05 16:00 - 000025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2019-11-10 10:44 - 2008-03-05 15:56 - 004910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2019-11-10 10:44 - 2008-03-05 15:56 - 003786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2019-11-10 10:44 - 2008-03-05 15:56 - 001860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2019-11-10 10:44 - 2008-03-05 15:56 - 001420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2019-11-10 10:44 - 2008-02-05 23:07 - 000529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2019-11-10 10:44 - 2008-02-05 23:07 - 000462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2019-11-10 10:44 - 2007-10-22 03:40 - 000411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2019-11-10 10:44 - 2007-10-22 03:39 - 000267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2019-11-10 10:44 - 2007-10-22 03:37 - 000021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2019-11-10 10:44 - 2007-10-22 03:37 - 000017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2019-11-10 10:44 - 2007-10-12 15:14 - 005081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2019-11-10 10:44 - 2007-10-12 15:14 - 003734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2019-11-10 10:44 - 2007-10-12 15:14 - 002006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2019-11-10 10:44 - 2007-10-12 15:14 - 001374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2019-11-10 10:44 - 2007-10-02 09:56 - 000508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2019-11-10 10:44 - 2007-10-02 09:56 - 000444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2019-11-10 10:44 - 2007-07-20 00:57 - 000411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2019-11-10 10:44 - 2007-07-20 00:57 - 000267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2019-11-10 10:44 - 2007-07-19 18:14 - 005073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2019-11-10 10:44 - 2007-07-19 18:14 - 003727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2019-11-10 10:44 - 2007-07-19 18:14 - 001985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2019-11-10 10:44 - 2007-07-19 18:14 - 001358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2019-11-10 10:44 - 2007-07-19 18:14 - 000508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2019-11-10 10:44 - 2007-07-19 18:14 - 000444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2019-11-10 10:44 - 2007-06-20 20:49 - 000409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2019-11-10 10:44 - 2007-06-20 20:46 - 000266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2019-11-10 10:44 - 2007-05-16 16:45 - 004496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2019-11-10 10:44 - 2007-05-16 16:45 - 003497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2019-11-10 10:44 - 2007-05-16 16:45 - 001401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2019-11-10 10:44 - 2007-05-16 16:45 - 001124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2019-11-10 10:44 - 2007-05-16 16:45 - 000506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2019-11-10 10:44 - 2007-05-16 16:45 - 000443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2019-11-10 10:44 - 2007-04-04 18:55 - 000403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2019-11-10 10:44 - 2007-04-04 18:55 - 000261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2019-11-10 10:44 - 2007-04-04 18:54 - 000107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2019-11-10 10:44 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2019-11-10 10:44 - 2007-03-15 16:57 - 000506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2019-11-10 10:44 - 2007-03-15 16:57 - 000443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2019-11-10 10:44 - 2007-03-12 16:42 - 004494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2019-11-10 10:44 - 2007-03-12 16:42 - 003495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2019-11-10 10:44 - 2007-03-12 16:42 - 001400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2019-11-10 10:44 - 2007-03-12 16:42 - 001123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2019-11-10 10:44 - 2007-03-05 12:42 - 000017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2019-11-10 10:44 - 2007-03-05 12:42 - 000015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2019-11-10 10:44 - 2007-01-24 15:27 - 000393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2019-11-10 10:44 - 2007-01-24 15:27 - 000255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2019-11-10 10:44 - 2006-12-08 12:02 - 000251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2019-11-10 10:44 - 2006-12-08 12:00 - 000390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2019-11-10 10:44 - 2006-11-29 13:06 - 004398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2019-11-10 10:44 - 2006-11-29 13:06 - 003426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2019-11-10 10:44 - 2006-11-29 13:06 - 000469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2019-11-10 10:44 - 2006-11-29 13:06 - 000440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2019-11-10 10:44 - 2006-09-28 16:05 - 003977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2019-11-10 10:44 - 2006-09-28 16:05 - 002414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2019-11-10 10:44 - 2006-09-28 16:05 - 000237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2019-11-10 10:44 - 2006-09-28 16:04 - 000364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2019-11-10 10:44 - 2006-07-28 09:31 - 000083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2019-11-10 10:44 - 2006-07-28 09:30 - 000363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2019-11-10 10:44 - 2006-07-28 09:30 - 000236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2019-11-10 10:44 - 2006-07-28 09:30 - 000062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2019-11-10 10:44 - 2006-05-31 07:24 - 000230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2019-11-10 10:44 - 2006-05-31 07:22 - 000354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2019-11-10 10:44 - 2006-03-31 12:41 - 003927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2019-11-10 10:44 - 2006-03-31 12:40 - 002388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2019-11-10 10:44 - 2006-03-31 12:40 - 000352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2019-11-10 10:44 - 2006-03-31 12:39 - 000229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2019-11-10 10:44 - 2006-03-31 12:39 - 000083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2019-11-10 10:44 - 2006-03-31 12:39 - 000062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2019-11-10 10:44 - 2006-02-03 08:43 - 003830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2019-11-10 10:44 - 2006-02-03 08:43 - 002332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2019-11-10 10:44 - 2006-02-03 08:42 - 000355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2019-11-10 10:44 - 2006-02-03 08:42 - 000230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2019-11-10 10:44 - 2006-02-03 08:41 - 000016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2019-11-10 10:44 - 2006-02-03 08:41 - 000014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2019-11-10 10:44 - 2005-12-05 18:09 - 003815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2019-11-10 10:44 - 2005-12-05 18:09 - 002323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2019-11-10 10:44 - 2005-07-22 19:59 - 003807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2019-11-10 10:44 - 2005-07-22 19:59 - 002319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2019-11-10 10:44 - 2005-05-26 15:34 - 003767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2019-11-10 10:44 - 2005-05-26 15:34 - 002297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2019-11-10 10:44 - 2005-03-18 17:19 - 003823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2019-11-10 10:44 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2019-11-10 10:44 - 2005-02-05 19:45 - 003544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2019-11-10 10:44 - 2005-02-05 19:45 - 002222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2019-11-10 10:38 - 2020-01-03 22:40 - 000000000 ____D C:\ProgramData\KMSAutoS
2019-11-10 10:38 - 2014-08-08 17:31 - 000027136 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\ptun0901.sys
2019-11-10 10:38 - 2014-05-25 01:36 - 000015360 _____ C:\Windows\system32\SppExtComObjHook.dll
2019-11-10 10:38 - 2014-05-25 01:36 - 000004608 _____ C:\Windows\system32\SppExtComObjPatcher.exe
2019-11-10 10:36 - 2019-11-10 10:43 - 000000000 ____D C:\Users\Administrator_1\AppData\Local\MSfree Inc
2019-11-10 10:33 - 2019-11-10 10:49 - 000002559 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-11-10 10:31 - 2019-11-10 10:31 - 000000000 ____D C:\Program Files\Microsoft Office 15
2019-11-10 10:26 - 2019-11-10 10:26 - 000000000 ___HD C:\temp
2019-11-10 10:06 - 2019-11-10 10:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2019-11-10 10:04 - 2019-11-10 10:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack 64bit
2019-11-10 10:03 - 2019-12-21 13:41 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-11-10 10:03 - 2019-11-13 16:46 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2019-11-10 09:52 - 2019-11-25 09:47 - 000002397 _____ C:\Users\Administrator_1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-11-10 09:52 - 2019-11-10 09:52 - 000002303 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-11-10 09:52 - 2019-11-10 09:52 - 000002303 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-11-10 09:52 - 2019-11-10 09:52 - 000000000 ____D C:\Users\Administrator_1\AppData\Roaming\Skype
2019-11-10 09:52 - 2019-11-10 09:52 - 000000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2019-11-10 09:47 - 2019-12-14 20:41 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-11-10 09:46 - 2019-11-10 09:46 - 000000000 ____D C:\Users\Administrator_1\AppData\Roaming\WinRAR
2019-11-10 09:46 - 2019-11-10 09:46 - 000000000 ____D C:\Users\Administrator_1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-11-10 09:46 - 2019-11-10 09:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-11-10 09:34 - 2019-11-10 09:34 - 000000000 ____D C:\Users\Administrator_1\AppData\Local\PeerDistRepub
2019-11-10 09:25 - 2020-01-05 21:33 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2019-11-10 09:25 - 2019-11-10 09:25 - 000003518 _____ C:\Windows\system32\Tasks\AdobeGCInvoker-1.0
2019-11-10 09:19 - 2019-11-13 17:55 - 000000000 ____D C:\Users\Administrator_1\AppData\LocalLow\Adobe
2019-11-10 09:19 - 2019-11-13 17:48 - 000003834 _____ C:\Windows\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2019-11-10 09:19 - 2019-11-10 13:48 - 000001682 _____ C:\Users\Administrator_1\Desktop\Adobe Illustrator CC 2019.lnk
2019-11-10 09:19 - 2019-11-10 09:19 - 000002520 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CC 2019.lnk
2019-11-10 09:19 - 2019-11-10 09:19 - 000000000 ____D C:\Program Files\Adobe
2019-11-10 09:18 - 2019-11-10 10:28 - 000000000 ____D C:\Program Files (x86)\Adobe
2019-11-10 09:14 - 2019-11-10 13:50 - 000001546 _____ C:\Users\Administrator_1\Desktop\Photoshop.lnk
2019-11-10 09:10 - 2019-11-10 09:10 - 000000929 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2015.lnk
2019-11-10 09:10 - 2019-11-10 09:10 - 000000000 ____D C:\Users\Administrator_1\Documents\Adobe
2019-11-10 09:10 - 2019-11-10 09:10 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2019-11-10 09:08 - 2019-11-10 09:19 - 000000000 ____D C:\Program Files\Common Files\Adobe
2019-11-10 09:07 - 2019-11-11 09:38 - 000000000 ____D C:\ProgramData\Adobe
2019-11-10 09:06 - 2019-11-13 17:55 - 000000000 ____D C:\Users\Administrator_1\AppData\Local\Adobe
2019-11-10 09:01 - 2019-11-10 09:01 - 000000689 _____ C:\ProgramData\Microsoft\Windows\Start Menu\µTorrent.lnk
2019-11-10 09:00 - 2020-01-03 22:22 - 000000000 ____D C:\Users\Administrator_1\AppData\Roaming\uTorrent
2019-11-09 23:18 - 2020-01-07 10:22 - 000000000 ____D C:\Users\Administrator_1\AppData\Roaming\WhatsApp
2019-11-09 23:18 - 2019-12-16 19:56 - 000000000 ____D C:\Users\Administrator_1\AppData\Local\WhatsApp
2019-11-09 23:18 - 2019-12-16 19:55 - 000000000 ____D C:\Users\Administrator_1\AppData\Local\SquirrelTemp
2019-11-09 23:18 - 2019-11-09 23:19 - 000001445 _____ C:\Users\Administrator_1\Desktop\WhatsApp.lnk
2019-11-09 23:18 - 2019-11-09 23:18 - 000000000 ____D C:\Users\Administrator_1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2019-11-09 22:44 - 2019-11-22 08:43 - 000000000 ___RD C:\Users\Administrator_1\Desktop\Games
2019-11-09 22:30 - 2019-11-09 23:11 - 000001648 _____ C:\Users\Administrator_1\Desktop\Spotify.lnk
2019-11-09 20:58 - 2019-11-09 23:17 - 000000801 _____ C:\Users\Administrator_1\Desktop\CHAOS.lnk
2019-11-09 20:58 - 2019-11-09 23:17 - 000000786 _____ C:\Users\Administrator_1\Desktop\MEEP.lnk
2019-11-09 20:29 - 2019-11-09 23:17 - 000000540 _____ C:\Users\Administrator_1\Desktop\PC.lnk
2019-11-09 20:26 - 2019-11-09 23:13 - 000000647 _____ C:\Users\Public\Desktop\Steam.lnk
2019-11-09 20:26 - 2019-11-09 20:26 - 000000000 ____D C:\Users\Administrator_1\AppData\Local\Steam
2019-11-09 20:26 - 2019-11-09 20:26 - 000000000 ____D C:\Users\Administrator_1\AppData\Local\CEF
2019-11-09 20:26 - 2019-11-09 20:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2019-11-09 20:21 - 2019-11-09 20:21 - 000679936 ____N (ScreenTime Media) C:\Windows\SysWOW64\Fliqlo.scr
2019-11-09 20:21 - 2019-11-09 20:21 - 000679936 _____ (ScreenTime Media) C:\Windows\system32\Fliqlo.scr
2019-11-09 20:21 - 2019-11-09 20:21 - 000000000 ____D C:\Users\Administrator_1\AppData\Roaming\Macromedia
2019-11-09 20:21 - 2019-11-09 20:21 - 000000000 ____D C:\Users\Administrator_1\AppData\Local\Screentime
2019-11-09 20:21 - 2019-11-09 20:21 - 000000000 ____D C:\ProgramData\Screentime
2019-11-09 19:58 - 2019-12-18 09:10 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-11-09 19:58 - 2019-12-14 08:04 - 000003420 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2019-11-09 19:58 - 2019-12-14 08:04 - 000003296 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2019-11-09 19:58 - 2019-11-09 23:12 - 000001532 _____ C:\Users\Public\Desktop\ .lnk
2019-11-09 19:58 - 2019-11-09 20:05 - 000000000 ____D C:\Users\Administrator_1\AppData\Local\Google
2019-11-09 19:58 - 2019-11-09 19:58 - 000000000 ____D C:\Users\Administrator_1\AppData\Roaming\Google
2019-11-09 19:58 - 2019-11-09 19:58 - 000000000 ____D C:\Program Files (x86)\Google
2019-11-08 20:51 - 2019-11-08 20:51 - 000000000 ____D C:\Users\Administrator_1\AppData\Local\OneDrive
2019-11-08 20:49 - 2019-11-08 20:49 - 024335604 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2019-11-08 20:49 - 2019-11-08 20:49 - 003677264 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2019-11-08 20:49 - 2019-11-08 20:49 - 003159512 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2019-11-08 20:49 - 2019-11-08 20:49 - 002930256 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2019-11-08 20:49 - 2019-11-08 20:49 - 001353424 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2019-11-08 20:49 - 2019-11-08 20:49 - 000692264 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2019-11-08 20:49 - 2019-11-08 20:49 - 000541208 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2019-11-08 20:49 - 2019-11-08 20:49 - 000392976 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2019-11-08 20:49 - 2019-11-08 20:49 - 000343600 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2019-11-08 20:49 - 2019-11-08 20:49 - 000327376 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2019-11-08 20:49 - 2019-11-08 20:49 - 000327376 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2019-11-08 20:49 - 2019-11-08 20:49 - 000230792 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2019-11-08 20:49 - 2019-11-08 20:49 - 000220496 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2019-11-08 20:49 - 2019-11-08 20:49 - 000218360 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2019-11-08 20:49 - 2019-11-08 20:49 - 000175032 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2019-11-08 20:49 - 2019-11-08 20:49 - 000122408 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2019-11-08 20:49 - 2019-11-08 20:49 - 000116648 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2019-11-08 20:49 - 2019-11-08 20:49 - 000094008 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2019-11-08 20:48 - 2019-11-08 20:48 - 001469952 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorA.sys
2019-11-08 20:46 - 2020-01-05 11:07 - 000000000 ____D C:\Program Files (x86)\IObit
2019-11-08 20:46 - 2020-01-04 09:13 - 000000000 ____D C:\ProgramData\ProductData
2019-11-08 20:46 - 2019-11-08 20:46 - 000027552 _____ (REALiX(tm)) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2019-11-08 20:46 - 2019-11-08 20:46 - 000000000 ____D C:\Users\Administrator_1\AppData\LocalLow\IObit
2019-11-08 20:38 - 2019-11-08 20:38 - 000000000 ____D C:\Users\Administrator_1\AppData\Local\ESET
2019-11-08 20:36 - 2019-03-18 15:20 - 005739008 _____ (Microsoft Corporation) C:\Windows\system32\prm0009.dll
2019-11-08 20:36 - 2019-03-18 15:19 - 002629120 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0009.dll
2019-11-08 20:36 - 2019-03-18 15:07 - 006359552 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0009.dll
2019-11-08 20:36 - 2019-03-18 15:01 - 005496832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsData0009.dll
2019-11-08 20:33 - 2020-01-03 22:37 - 000000000 ____D C:\Users\Administrator_1\AppData\Local\cache
2019-11-08 20:33 - 2019-11-08 20:54 - 000000000 ____D C:\Users\Administrator_1\AppData\Local\RadeonSettings
2019-11-08 20:30 - 2019-11-08 20:30 - 000000000 ____D C:\ProgramData\ESET
2019-11-08 20:30 - 2019-11-08 20:30 - 000000000 ____D C:\Program Files\ESET
2019-11-08 20:29 - 2020-01-05 11:07 - 000000000 ____D C:\Users\Administrator_1\AppData\Roaming\IObit
2019-11-08 20:29 - 2020-01-05 11:07 - 000000000 ____D C:\ProgramData\IObit
2019-11-08 20:28 - 2020-01-07 10:22 - 000000000 ____D C:\Users\Administrator_1\AppData\Local\D3DSCache
2019-11-08 20:27 - 2020-01-07 10:18 - 000003132 _____ C:\Windows\system32\Tasks\AMDLinkUpdate
2019-11-08 20:27 - 2020-01-06 16:50 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2019-11-08 20:27 - 2019-11-09 19:58 - 000000000 ____D C:\Users\Administrator_1\AppData\LocalLow\AMD
2019-11-08 20:27 - 2019-11-08 20:28 - 000000000 ____D C:\Users\Administrator_1\AppData\Local\AMD
2019-11-08 20:27 - 2019-11-08 20:27 - 000003194 _____ C:\Windows\system32\Tasks\ModifyLinkUpdate
2019-11-08 20:27 - 2019-11-08 20:27 - 000003160 _____ C:\Windows\system32\Tasks\StartCN
2019-11-08 20:27 - 2019-11-08 20:27 - 000003080 _____ C:\Windows\system32\Tasks\StartDVR
2019-11-08 20:27 - 2019-11-08 20:27 - 000000000 ____D C:\Windows\system32\AMD
2019-11-08 20:27 - 2019-11-08 20:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2019-11-08 20:27 - 2019-11-08 20:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Problem Report Wizard
2019-11-08 20:27 - 2019-11-08 20:27 - 000000000 ____D C:\Program Files (x86)\AMD
2019-11-08 20:27 - 2019-11-04 16:28 - 000103456 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\amdkmpfd.sys
2019-11-08 20:25 - 2020-01-04 12:16 - 000000000 ____D C:\Program Files\AMD
2019-11-08 20:25 - 2019-12-16 11:40 - 000000000 ____D C:\Users\Administrator_1\AppData\Local\ElevatedDiagnostics
2019-11-08 20:25 - 2019-11-08 20:25 - 000000000 ____D C:\Users\Administrator_1\AppData\Local\RadeonInstaller
2019-11-08 20:25 - 2019-11-08 20:25 - 000000000 ____D C:\ProgramData\AMD
2019-11-08 20:25 - 2019-11-08 20:25 - 000000000 ____D C:\AMD
2019-11-08 20:21 - 2019-11-08 20:21 - 000741432 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2019-11-07 17:29 - 2019-11-07 17:29 - 000003762 _____ C:\Windows\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132
2019-11-07 17:29 - 2019-11-07 17:29 - 000003528 _____ C:\Windows\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon
2019-11-07 17:28 - 2019-12-17 18:27 - 000001510 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk
2019-11-07 17:28 - 2019-11-07 17:29 - 000002678 _____ C:\Windows\system32\Tasks\USER_ESRV_SVC_QUEENCREEK
2019-11-07 17:26 - 2019-11-10 09:14 - 000000000 ____D C:\ProgramData\Intel
2019-11-07 17:26 - 2019-11-07 17:26 - 000000000 ____D C:\Users\Administrator_1\AppData\Local\Intel
2019-11-07 17:26 - 2019-08-16 14:29 - 000041816 _____ C:\Windows\system32\Drivers\semav6msr64.sys
2019-11-07 17:25 - 2019-11-08 20:49 - 006486608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2019-11-07 17:25 - 2019-11-08 20:49 - 003762704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2019-11-07 17:25 - 2019-11-08 20:49 - 003319520 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2019-11-07 17:25 - 2019-11-08 20:49 - 000193088 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2019-11-07 17:25 - 2019-11-08 20:49 - 000023800 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2019-11-07 17:25 - 2019-11-08 20:49 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2019-11-07 17:25 - 2019-11-08 20:49 - 000000000 ____D C:\Windows\system32\RTCOM
2019-11-07 17:25 - 2019-11-07 17:26 - 000000000 ___HD C:\Program Files (x86)\Temp
2019-11-07 17:25 - 2019-11-07 17:25 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-11-07 17:25 - 2019-11-07 17:25 - 000000000 ____D C:\Program Files\Realtek
2019-11-07 17:25 - 2019-11-07 17:25 - 000000000 ____D C:\Program Files (x86)\Realtek
2019-11-07 17:25 - 2018-02-10 12:12 - 003295064 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2019-11-07 17:25 - 2018-02-10 12:12 - 002050176 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2019-11-07 17:25 - 2018-02-10 12:12 - 001976816 _____ (Creative Technology Ltd.) C:\Windows\system32\MBAPO264.dll
2019-11-07 17:25 - 2018-02-10 12:12 - 001743336 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBAPO232.dll
2019-11-07 17:25 - 2018-02-10 12:12 - 000410024 _____ (Creative Technology Ltd.) C:\Windows\system32\MBWrp64.dll
2019-11-07 17:25 - 2018-02-10 12:12 - 000330552 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2019-11-07 17:25 - 2018-02-10 12:12 - 000041088 _____ (Creative Technology Ltd.) C:\Windows\system32\Drivers\MBfilt64.sys
2019-11-07 17:25 - 2018-02-10 12:11 - 002839520 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2019-11-07 17:25 - 2018-02-10 12:11 - 000574752 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2019-11-07 17:25 - 2018-02-10 12:11 - 000118584 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2019-11-07 17:24 - 2019-11-11 09:37 - 000000000 ____D C:\ProgramData\Packages
2019-11-07 17:24 - 2019-11-09 22:30 - 000000000 ____D C:\Users\Administrator_1\AppData\Local\Comms
2019-11-07 17:23 - 2019-11-07 17:23 - 000000000 ____D C:\Users\Administrator_1\Intel
2019-11-07 17:22 - 2019-12-17 18:27 - 000000000 ____D C:\ProgramData\Package Cache
2019-11-07 17:19 - 2019-11-25 09:47 - 000000000 ___RD C:\Users\Administrator_1\OneDrive
2019-11-07 17:19 - 2019-11-14 16:52 - 000000000 ____D C:\Users\Administrator_1\AppData\Local\PlaceholderTileLogoFolder
2019-11-07 17:18 - 2019-11-07 17:18 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2019-11-07 17:17 - 2020-01-03 22:10 - 000000000 ____D C:\Users\Administrator_1\AppData\Local\Packages
2019-11-07 17:17 - 2019-11-15 18:32 - 000000000 ____D C:\Users\Administrator_1\AppData\Roaming\Adobe
2019-11-07 17:17 - 2019-11-13 16:42 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-11-07 17:17 - 2019-11-13 16:42 - 000000000 ___RD C:\Users\Administrator_1\3D Objects
2019-11-07 17:17 - 2019-11-10 08:45 - 000000000 ____D C:\Users\Administrator_1\AppData\Local\ConnectedDevicesPlatform
2019-11-07 17:17 - 2019-11-08 20:23 - 000000000 ____D C:\Users\Administrator_1\AppData\Local\Publishers
2019-11-07 17:17 - 2019-11-07 17:23 - 000000000 __SHD C:\Users\Administrator_1\IntelGraphicsProfiles
2019-11-07 17:17 - 2019-11-07 17:17 - 000000000 ___HD C:\Users\Administrator_1\MicrosoftEdgeBackups
2019-11-07 17:17 - 2019-11-07 17:17 - 000000000 ____D C:\Users\Administrator_1\AppData\Local\VirtualStore
2019-11-07 17:17 - 2019-11-07 17:17 - 000000000 ____D C:\Users\Administrator_1\AppData\Local\MicrosoftEdge
2019-11-07 17:16 - 2020-01-07 10:18 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-11-07 17:16 - 2020-01-04 12:15 - 000000000 ____D C:\Users\Administrator_1
2019-11-07 17:16 - 2019-12-17 18:27 - 000000000 ____D C:\Program Files (x86)\Intel
2019-11-07 17:16 - 2019-11-14 19:43 - 001606170 _____ C:\Windows\system32\PerfStringBackup.INI
2019-11-07 17:16 - 2019-11-07 17:28 - 000000000 ____D C:\Program Files\Intel
2019-11-07 17:16 - 2019-11-07 17:16 - 000000200 _____ C:\Windows\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2019-11-07 17:16 - 2019-11-07 17:16 - 000000020 ___SH C:\Users\Administrator_1\ntuser.ini
2019-11-07 17:16 - 2019-11-07 17:16 - 000000000 _SHDL C:\Users\Administrator_1\Soubory cookie
2019-11-07 17:16 - 2019-11-07 17:16 - 000000000 _SHDL C:\Users\Administrator_1\Šablony
2019-11-07 17:16 - 2019-11-07 17:16 - 000000000 _SHDL C:\Users\Administrator_1\Poslední
2019-11-07 17:16 - 2019-11-07 17:16 - 000000000 _SHDL C:\Users\Administrator_1\Okolní tiskárny
2019-11-07 17:16 - 2019-11-07 17:16 - 000000000 _SHDL C:\Users\Administrator_1\Okolní síť
2019-11-07 17:16 - 2019-11-07 17:16 - 000000000 _SHDL C:\Users\Administrator_1\Nabídka Start
2019-11-07 17:16 - 2019-11-07 17:16 - 000000000 _SHDL C:\Users\Administrator_1\Dokumenty
2019-11-07 17:16 - 2019-11-07 17:16 - 000000000 _SHDL C:\Users\Administrator_1\Documents\Obrázky
2019-11-07 17:16 - 2019-11-07 17:16 - 000000000 _SHDL C:\Users\Administrator_1\Documents\Hudba
2019-11-07 17:16 - 2019-11-07 17:16 - 000000000 _SHDL C:\Users\Administrator_1\Documents\Filmy
2019-11-07 17:16 - 2019-11-07 17:16 - 000000000 _SHDL C:\Users\Administrator_1\Data aplikací
2019-11-07 17:16 - 2019-11-07 17:16 - 000000000 _SHDL C:\Users\Administrator_1\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2019-11-07 17:16 - 2019-11-07 17:16 - 000000000 _SHDL C:\Users\Administrator_1\AppData\Local\Data aplikací
2019-11-07 17:16 - 2019-11-07 17:16 - 000000000 ____D C:\Intel
2019-11-07 17:16 - 2019-11-07 17:16 - 000000000 _____ C:\Windows\system32\GfxValDisplayLog.bin
2019-11-07 17:13 - 2019-11-07 17:13 - 000000000 ____D C:\Windows\CSC
2019-11-07 17:13 - 2019-11-07 17:13 - 000000000 ____D C:\ProgramData\USOShared
2019-11-07 17:13 - 2019-09-09 18:48 - 002874368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2019-11-07 17:11 - 2019-11-07 17:11 - 000000000 _SHDL C:\Users\Public\Documents\Obrázky
2019-11-07 17:11 - 2019-11-07 17:11 - 000000000 _SHDL C:\Users\Public\Documents\Hudba
2019-11-07 17:11 - 2019-11-07 17:11 - 000000000 _SHDL C:\Users\Public\Documents\Filmy
2019-11-07 17:11 - 2019-11-07 17:11 - 000000000 _SHDL C:\Users\Default\Soubory cookie
2019-11-07 17:11 - 2019-11-07 17:11 - 000000000 _SHDL C:\Users\Default\Šablony
2019-11-07 17:11 - 2019-11-07 17:11 - 000000000 _SHDL C:\Users\Default\Poslední
2019-11-07 17:11 - 2019-11-07 17:11 - 000000000 _SHDL C:\Users\Default\Okolní tiskárny
2019-11-07 17:11 - 2019-11-07 17:11 - 000000000 _SHDL C:\Users\Default\Okolní síť
2019-11-07 17:11 - 2019-11-07 17:11 - 000000000 _SHDL C:\Users\Default\Nabídka Start
2019-11-07 17:11 - 2019-11-07 17:11 - 000000000 _SHDL C:\Users\Default\Dokumenty
2019-11-07 17:11 - 2019-11-07 17:11 - 000000000 _SHDL C:\Users\Default\Documents\Obrázky
2019-11-07 17:11 - 2019-11-07 17:11 - 000000000 _SHDL C:\Users\Default\Documents\Hudba
2019-11-07 17:11 - 2019-11-07 17:11 - 000000000 _SHDL C:\Users\Default\Documents\Filmy
2019-11-07 17:11 - 2019-11-07 17:11 - 000000000 _SHDL C:\Users\Default\Data aplikací
2019-11-07 17:11 - 2019-11-07 17:11 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2019-11-07 17:11 - 2019-11-07 17:11 - 000000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2019-11-07 17:11 - 2019-11-07 17:11 - 000000000 _SHDL C:\Users\Default User\Soubory cookie
2019-11-07 17:11 - 2019-11-07 17:11 - 000000000 _SHDL C:\Users\Default User\Šablony
2019-11-07 17:11 - 2019-11-07 17:11 - 000000000 _SHDL C:\Users\Default User\Poslední
2019-11-07 17:11 - 2019-11-07 17:11 - 000000000 _SHDL C:\Users\Default User\Okolní tiskárny
2019-11-07 17:11 - 2019-11-07 17:11 - 000000000 _SHDL C:\Users\Default User\Okolní síť
2019-11-07 17:11 - 2019-11-07 17:11 - 000000000 _SHDL C:\Users\Default User\Nabídka Start
2019-11-07 17:11 - 2019-11-07 17:11 - 000000000 _SHDL C:\Users\Default User\Dokumenty
2019-11-07 17:11 - 2019-11-07 17:11 - 000000000 _SHDL C:\Users\Default User\Documents\Obrázky
2019-11-07 17:11 - 2019-11-07 17:11 - 000000000 _SHDL C:\Users\Default User\Documents\Hudba
2019-11-07 17:11 - 2019-11-07 17:11 - 000000000 _SHDL C:\Users\Default User\Documents\Filmy
2019-11-07 17:11 - 2019-11-07 17:11 - 000000000 _SHDL C:\Users\Default User\Data aplikací
2019-11-07 17:11 - 2019-11-07 17:11 - 000000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2019-11-07 17:11 - 2019-11-07 17:11 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Data aplikací
2019-11-07 17:11 - 2019-11-07 17:11 - 000000000 _SHDL C:\ProgramData\Šablony
2019-11-07 17:11 - 2019-11-07 17:11 - 000000000 _SHDL C:\ProgramData\Plocha
2019-11-07 17:11 - 2019-11-07 17:11 - 000000000 _SHDL C:\ProgramData\Nabídka Start
2019-11-07 17:11 - 2019-11-07 17:11 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2019-11-07 17:11 - 2019-11-07 17:11 - 000000000 _SHDL C:\ProgramData\Dokumenty
2019-11-07 17:11 - 2019-11-07 17:11 - 000000000 _SHDL C:\ProgramData\Data aplikací
2019-11-07 17:11 - 2019-11-07 17:11 - 000000000 _SHDL C:\Documents and Settings
2019-11-07 17:11 - 2019-11-07 17:11 - 000000000 ____D C:\Windows\minidump
2019-11-07 17:09 - 2020-01-07 10:18 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-11-07 17:09 - 2020-01-05 12:18 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-11-07 17:09 - 2019-11-13 16:41 - 000438944 _____ C:\Windows\system32\FNTCACHE.DAT
2019-11-07 17:09 - 2019-11-10 09:34 - 000000000 ____D C:\Windows\Panther
2019-11-07 17:09 - 2019-11-08 20:24 - 000000000 ____D C:\Windows\system32\Drivers\wd
2019-11-07 17:09 - 2019-11-07 17:09 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2019-11-07 17:09 - 2019-11-07 17:09 - 000000000 ____D C:\Windows\ServiceProfiles
2019-11-04 16:29 - 2020-01-03 22:07 - 003916504 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amfrt64.dll
2019-11-04 16:29 - 2020-01-03 22:07 - 003518168 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amfrt32.dll
2019-11-04 16:29 - 2020-01-03 22:07 - 001714384 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2019-11-04 16:29 - 2020-01-03 22:07 - 001243352 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2019-11-04 16:29 - 2020-01-03 22:07 - 000761560 _____ (AMD) C:\Windows\system32\atieclxx.exe
2019-11-04 16:29 - 2020-01-03 22:07 - 000574888 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Rapidfire64.dll
2019-11-04 16:29 - 2020-01-03 22:07 - 000493784 _____ C:\Windows\system32\dgtrayicon.exe
2019-11-04 16:29 - 2020-01-03 22:07 - 000485800 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\Rapidfire.dll
2019-11-04 16:29 - 2020-01-03 22:07 - 000481192 _____ C:\Windows\system32\GameManager64.dll
2019-11-04 16:29 - 2020-01-03 22:07 - 000469208 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2019-11-04 16:29 - 2020-01-03 22:07 - 000440536 _____ C:\Windows\system32\atieah64.exe
2019-11-04 16:29 - 2020-01-03 22:07 - 000382376 _____ C:\Windows\SysWOW64\GameManager32.dll
2019-11-04 16:29 - 2020-01-03 22:07 - 000352984 _____ C:\Windows\SysWOW64\atieah32.exe
2019-11-04 16:29 - 2020-01-03 22:07 - 000349400 _____ C:\Windows\system32\clinfo.exe
2019-11-04 16:29 - 2020-01-03 22:07 - 000242904 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2019-11-04 16:29 - 2020-01-03 22:07 - 000214744 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2019-11-04 16:29 - 2020-01-03 22:07 - 000184768 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2019-11-04 16:29 - 2020-01-03 22:07 - 000179376 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2019-11-04 16:29 - 2020-01-03 22:07 - 000163752 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2019-11-04 16:29 - 2020-01-03 22:07 - 000159448 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2019-11-04 16:29 - 2020-01-03 22:07 - 000158216 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2019-11-04 16:29 - 2020-01-03 22:07 - 000153504 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2019-11-04 16:29 - 2020-01-03 22:07 - 000139176 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2019-11-04 16:29 - 2020-01-03 22:07 - 000136408 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2019-11-04 16:29 - 2020-01-03 22:07 - 000135384 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2019-11-04 16:29 - 2020-01-03 22:07 - 000126168 _____ (AMD) C:\Windows\system32\atimuixx.dll
2019-11-04 16:29 - 2020-01-03 22:07 - 000124632 _____ C:\Windows\system32\atidxx64.dll
2019-11-04 16:29 - 2020-01-03 22:07 - 000107736 _____ C:\Windows\SysWOW64\atidxx32.dll
2019-11-04 16:29 - 2020-01-03 22:07 - 000070872 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ati2erec.dll
2019-11-04 16:29 - 2020-01-03 22:07 - 000047552 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\RapidFireServer64.dll
2019-11-04 16:29 - 2020-01-03 22:07 - 000044456 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\RapidFireServer.dll
2019-11-04 16:29 - 2019-11-04 16:29 - 000417704 _____ C:\Windows\system32\EEURestart.exe
2019-11-04 16:29 - 2019-11-04 16:29 - 000091560 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mcl64.dll
2019-11-04 16:29 - 2019-11-04 16:29 - 000076200 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mcl32.dll
2019-11-04 16:28 - 2020-01-03 22:07 - 059441064 _____ C:\Windows\system32\amdcomgr64.dll
2019-11-04 16:28 - 2020-01-03 22:07 - 049336744 _____ C:\Windows\SysWOW64\amdcomgr.dll
2019-11-04 16:28 - 2020-01-03 22:07 - 000941992 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr64.dll
2019-11-04 16:28 - 2020-01-03 22:07 - 000769448 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr32.dll
2019-11-04 16:28 - 2020-01-03 22:07 - 000554408 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmcl64.dll
2019-11-04 16:28 - 2020-01-03 22:07 - 000473512 _____ C:\Windows\system32\amdgfxinfo64.dll
2019-11-04 16:28 - 2020-01-03 22:07 - 000384424 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmcl32.dll
2019-11-04 16:28 - 2020-01-03 22:07 - 000382368 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2019-11-04 16:28 - 2020-01-03 22:07 - 000121560 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdxc64.dll
2019-11-04 16:28 - 2020-01-03 22:07 - 000106200 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdxc32.dll
2019-11-04 12:28 - 2020-01-03 22:07 - 000554696 _____ C:\Windows\system32\amdmiracast.dll
2019-11-04 12:28 - 2020-01-03 22:07 - 000135664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2019-11-04 12:28 - 2020-01-03 22:07 - 000128952 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2019-11-04 12:28 - 2020-01-03 22:07 - 000128736 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2019-11-04 12:28 - 2020-01-03 22:07 - 000120064 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2019-11-04 12:28 - 2020-01-03 22:07 - 000108560 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2019-11-04 12:28 - 2020-01-03 22:07 - 000108352 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2019-11-04 12:28 - 2019-11-04 12:28 - 001686832 _____ (AMD) C:\Windows\system32\amf-mft-mjpeg-decoder64.dll
2019-11-04 12:28 - 2019-11-04 12:28 - 001366192 _____ (AMD) C:\Windows\SysWOW64\amf-mft-mjpeg-decoder32.dll
2019-11-01 21:12 - 2020-01-03 22:07 - 003471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2019-11-01 21:12 - 2020-01-03 22:07 - 003437632 _____ C:\Windows\system32\atiumd6a.cap
2019-11-01 21:09 - 2020-01-03 22:07 - 000555880 _____ C:\Windows\SysWOW64\atiapfxx.blb
2019-11-01 21:09 - 2020-01-03 22:07 - 000555880 _____ C:\Windows\system32\atiapfxx.blb
2019-11-01 21:09 - 2019-11-01 21:09 - 000204952 _____ C:\Windows\SysWOW64\ativvsvl.dat
2019-11-01 21:09 - 2019-11-01 21:09 - 000204952 _____ C:\Windows\system32\ativvsvl.dat
2019-11-01 21:09 - 2019-11-01 21:09 - 000157144 _____ C:\Windows\SysWOW64\ativvsva.dat
2019-11-01 21:09 - 2019-11-01 21:09 - 000157144 _____ C:\Windows\system32\ativvsva.dat
2019-11-01 16:26 - 2019-11-01 16:26 - 000174768 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdihk64.dll
2019-11-01 16:26 - 2019-11-01 16:26 - 000146440 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdihk32.dll

==================== Three months (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-07 10:18 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-01-06 16:50 - 2019-03-19 05:37 - 000524288 _____ C:\Windows\system32\config\BBI
2020-01-05 11:11 - 2019-03-19 05:50 - 000000000 ____D C:\Windows\INF
2020-01-03 22:37 - 2019-03-19 05:52 - 000000000 ___HD C:\Windows\ELAMBKUP
2020-01-03 22:10 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\AppReadiness
2019-12-18 09:35 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\LiveKernelReports

==================== Files in the root of some directories ========

2019-11-10 10:10 - 2019-11-10 10:10 - 000000000 _____ () C:\Users\Administrator_1\AppData\Local\oobelibMkey.log

==================== SigCheckExt =========================

2019-11-10 10:38 - 2014-05-25 01:36 - 000015360 _____ C:\Windows\system32\SppExtComObjHook.dll
2019-11-10 10:38 - 2014-05-25 01:36 - 000004608 _____ C:\Windows\system32\SppExtComObjPatcher.exe
2020-01-03 23:20 - 2020-01-03 23:20 - 002272256 _____ (Farbar) C:\Users\Administrator_1\Downloads\FRST64.exe

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


==================== BCD ================================

Firmware Boot Manager
---------------------
identifier {fwbootmgr}
displayorder {bootmgr}
{589f7e76-0178-11ea-9884-92b17b4f78c6}
{589f7e77-0178-11ea-9884-92b17b4f78c6}
{589f7e78-0178-11ea-9884-92b17b4f78c6}
timeout 1

Windows Boot Manager
--------------------
identifier {bootmgr}
device partition=\Device\HarddiskVolume2
path \EFI\MICROSOFT\BOOT\BOOTMGFW.EFI
description Windows Boot Manager
locale cs-CZ
inherit {globalsettings}
default {current}
resumeobject {589f7e7b-0178-11ea-9884-92b17b4f78c6}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30

Firmware Application (101fffff)
-------------------------------
identifier {589f7e76-0178-11ea-9884-92b17b4f78c6}
description Hard Drive

Firmware Application (101fffff)
-------------------------------
identifier {589f7e77-0178-11ea-9884-92b17b4f78c6}
description CD/DVD Drive

Firmware Application (101fffff)
-------------------------------
identifier {589f7e78-0178-11ea-9884-92b17b4f78c6}
description UEFI: Built-in EFI Shell

Windows Boot Loader
-------------------
identifier {current}
device partition=C:
path \Windows\system32\winload.efi
description Windows 10
locale cs-CZ
inherit {bootloadersettings}
recoverysequence {589f7e7d-0178-11ea-9884-92b17b4f78c6}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \Windows
resumeobject {589f7e7b-0178-11ea-9884-92b17b4f78c6}
nx OptIn
bootmenupolicy Standard

Windows Boot Loader
-------------------
identifier {589f7e7d-0178-11ea-9884-92b17b4f78c6}
device ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{589f7e7e-0178-11ea-9884-92b17b4f78c6}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale cs-cz
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{589f7e7e-0178-11ea-9884-92b17b4f78c6}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes

Resume from Hibernate
---------------------
identifier {589f7e7b-0178-11ea-9884-92b17b4f78c6}
device partition=C:
path \Windows\system32\winresume.efi
description Windows Resume Application
locale cs-CZ
inherit {resumeloadersettings}
recoverysequence {589f7e7d-0178-11ea-9884-92b17b4f78c6}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No

Windows Memory Tester
---------------------
identifier {memdiag}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostika pam�ti syst�mu Windows
locale cs-CZ
inherit {globalsettings}
badmemoryaccess Yes

EMS Settings
------------
identifier {emssettings}
bootems No

Debugger Settings
-----------------
identifier {dbgsettings}
debugtype Local

RAM Defects
-----------
identifier {badmemory}

Global Settings
---------------
identifier {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}

Boot Loader Settings
--------------------
identifier {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}

Hypervisor Settings
-------------------
identifier {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200

Resume Loader Settings
----------------------
identifier {resumeloadersettings}
inherit {globalsettings}

Device options
--------------
identifier {589f7e7e-0178-11ea-9884-92b17b4f78c6}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume5
ramdisksdipath \Recovery\WindowsRE\boot.sdi

==================== End of FRST.txt ========================

Re: Zmizel Antivirus, nelze znovu naisntalovat.

Napsal: 07 led 2020 12:50
od zuznay
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-12-2019
Ran by Administrator_1 (07-01-2020 10:24:07)
Running from C:\Users\Administrator_1\Downloads
Windows 10 Pro Version 1903 18362.476 (X64) (2019-11-07 16:11:55)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3107723246-2406789225-4189533835-500 - Administrator - Disabled)
Administrator_1 (S-1-5-21-3107723246-2406789225-4189533835-1001 - Administrator - Enabled) => C:\Users\Administrator_1
DefaultAccount (S-1-5-21-3107723246-2406789225-4189533835-503 - Limited - Disabled)
Guest (S-1-5-21-3107723246-2406789225-4189533835-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3107723246-2406789225-4189533835-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
FW: ESET Firewall (Enabled) {B066057A-E576-007C-D591-56C163D3B33B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3107723246-2406789225-4189533835-1001\...\uTorrent) (Version: 3.5.5.45395 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Illustrator CC 2019 (HKLM-x32\...\ILST_23_0_1) (Version: 23.0.1 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.11.1 - Advanced Micro Devices, Inc.)
Blender (HKLM\...\{053A73FE-DBF8-4674-8EC0-63BD07615695}) (Version: 2.81.0 - Blender Foundation)
Branding64 (HKLM\...\{EE2AFCE4-0238-4DE0-A140-1647021627C1}) (Version: 1.00.0001 - Advanced Micro Devices, Inc.) Hidden
Combined Community Codec Pack 64bit 2015-10-18 (HKLM\...\Combined Community Codec Pack 64bit_is1) (Version: 2015.10.19.0 - CCCP Project)
Discord (HKU\S-1-5-21-3107723246-2406789225-4189533835-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
ESET Security (HKLM\...\{6D46484B-0BE2-4060-9CD3-FA87ED960ED9}) (Version: 13.0.22.0 - ESET, spol. s r.o.)
Fliqlo Screen Saver (HKLM-x32\...\Fliqlo) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Intel Driver && Support Assistant (HKLM-x32\...\{3EAAD5EA-1D87-442D-8426-FD4FCE62119D}) (Version: 19.12.50.5 - Intel) Hidden
Intel(R) Computing Improvement Program (HKLM\...\{A9133872-C9FE-45CC-8F01-D1947B0F09EA}) (Version: 2.4.04755 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel® Driver & Support Assistant (HKLM-x32\...\{8d174f37-ea1a-4e4d-be82-c10521a3c687}) (Version: 19.12.50.5 - Intel)
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProPlusRetail - cs-cz) (Version: 16.0.12228.20364 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.12228.20364 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3107723246-2406789225-4189533835-1001\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8581 - Realtek Semiconductor Corp.)
Shotcut (HKLM-x32\...\Shotcut) (Version: 19.12.31 - Meltytech, LLC)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1495134320_is1) (Version: 2.0.0.51 - GOG.com)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.38-2 - Wacom Technology Corp.)
WhatsApp (HKU\S-1-5-21-3107723246-2406789225-4189533835-1001\...\WhatsApp) (Version: 0.3.9309 - WhatsApp)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)

Packages:
=========
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20368.0_x64__8wekyb3d8bbwe [2019-11-10] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-11-09] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-11-09] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x64__8wekyb3d8bbwe [2019-11-10] (Microsoft Corporation) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0 [2019-11-14] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3107723246-2406789225-4189533835-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (IDSA Production signing key -> Intel)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\DOWNLOADS\mbshlext.dll [2020-01-03] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2019-11-01] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2016-11-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\DOWNLOADS\mbshlext.dll [2020-01-03] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Administrator_1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) =============

2019-01-08 13:03 - 2019-01-08 13:03 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 003598336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2019-08-16 14:29 - 2019-08-16 14:29 - 001635840 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\SQLite.Interop.dll
2019-08-16 14:29 - 2019-08-16 14:29 - 001902080 _____ (SQLite Development Team) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\sqlite3.DLL
2019-08-16 14:29 - 2019-08-16 14:29 - 001902080 _____ (SQLite Development Team) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 001441280 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2019-11-01 16:17 - 2019-11-01 16:17 - 005999104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 006413824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 001141760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 000339968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 004143104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 003840000 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 000332800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 000349184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 080959488 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 005622272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 000190464 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 002825216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2019-01-08 13:04 - 2019-01-08 13:04 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2019-01-08 13:04 - 2019-01-08 13:04 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2019-01-08 13:04 - 2019-01-08 13:04 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2019-01-08 13:04 - 2019-01-08 13:04 - 000330752 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-01-08 13:04 - 2019-01-08 13:04 - 000137216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2019-01-08 13:04 - 2019-01-08 13:04 - 000090112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-01-08 13:04 - 2019-01-08 13:04 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Administrator_1\Data aplikací:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Administrator_1\Data aplikací:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
AlternateDataStreams: C:\Users\Administrator_1\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Administrator_1\AppData\Roaming:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2019-11-10 09:13 - 000001027 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 activate.adobe.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3107723246-2406789225-4189533835-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Administrator_1\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{BEA8971F-4348-4097-A4E6-C2D374CE5453}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{2932C2DA-C11C-48FA-A594-53B7C07CD5EC}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{7D51C0D3-ED06-402D-A412-DFC5B7D7E380}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{44C8B0D6-2A80-438C-A095-764C06143960}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{69022073-09EA-425B-8A0F-D8DF03AA7F9F}] => (Allow) D:\GAMES\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{14E84FB4-5244-4B5C-A684-8575BF4E29F8}] => (Allow) D:\GAMES\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{B8015009-FBB5-48C0-B90B-9C6056A9F3C0}] => (Allow) D:\GAMES\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{9E79A587-E435-4730-9079-300612625853}] => (Allow) D:\GAMES\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{D3743C60-74CC-4627-AD9B-1CB3D10650B0}] => (Allow) C:\Users\Administrator_1\Downloads\utorrent_2.2.1_build_25302\utorrent_2.2.1_build_25302.exe No File
FirewallRules: [{F4097D76-C5FC-48D0-909E-9C89D140C87B}] => (Allow) C:\Users\Administrator_1\Downloads\utorrent_2.2.1_build_25302\utorrent_2.2.1_build_25302.exe No File
FirewallRules: [{DD165D38-A7F4-4DCB-9555-41A3AC6F5BA3}] => (Block) D:\Program Files (x86)\Adobe\Adobe Photoshop CC 2015\Photoshop.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
FirewallRules: [{2761FBDA-FE86-4E12-8336-A641CDCEF910}] => (Block) %ProgramFiles%\Adobe\Adobe Illustrator CC 2019\Support Files\Contents\Windows\Illustrator.exe No File
FirewallRules: [{6BA67EAE-72AD-4E4B-898C-7A8999856173}] => (Block) %ProgramFiles% (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe No File
FirewallRules: [{01D403B0-5DF0-4621-8385-61723F229EF6}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{465D28A6-6125-457E-BEB2-680B888AB3C7}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1374DA3B-5772-4999-852E-59B8253E5794}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EEF4C9ED-E51E-4FB7-9C00-B5DC55C18312}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6865B00A-50E9-41F8-86EE-120DAEE5C7EE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8FCD8688-125E-4E52-847C-67CD84B47113}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{23072AEE-349B-41F2-A711-AE266496D0CA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F92094B9-6D3F-4737-A1F3-42443C90D70C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{154F3B07-08B0-4D4E-9BEA-49B641B4C554}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8A04EB78-0ABF-40ED-803A-06AF470B0D48}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{26A7B0EA-BB29-4B4F-A51C-0D3A98730E1C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9F72930E-10F3-48E2-A359-95D47440F77B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{25173E95-F86D-497E-BA89-429159E9988D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4248D5DA-F1CA-442A-873E-E1F688A0A092}] => (Allow) D:\GAMES\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{6BF8CF45-90BC-4AF7-9594-108CB35FEEDD}] => (Allow) D:\GAMES\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{7CC0F04C-2F39-42F1-8DCB-58A865C35D93}] => (Allow) D:\GAMES\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (Bluehole, Inc. -> PUBG Corporation )
FirewallRules: [{EAFC5118-5D48-440F-A2AD-A9C401F478A9}] => (Allow) D:\GAMES\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (Bluehole, Inc. -> PUBG Corporation )
FirewallRules: [TCP Query User{99DAAFF6-6F32-4898-B546-D18117AE958A}D:\games\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\games\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (Bluehole, Inc. -> Bluehole GinnoGames, Inc.)
FirewallRules: [UDP Query User{D71F8322-F3AE-47DD-B873-0F2409AE8CC7}D:\games\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\games\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (Bluehole, Inc. -> Bluehole GinnoGames, Inc.)
FirewallRules: [{A5F7B18B-5056-452A-B9E8-3AD2BAD65E38}] => (Allow) C:\Users\Administrator_1\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{3C60ACFB-9B41-45F9-8570-930687CC95B1}] => (Allow) C:\Users\Administrator_1\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{1A9A8A13-309C-4070-AAEA-19D120BB4332}] => (Allow) D:\DOWNLOADS\Resolve.exe No File
FirewallRules: [{907E4839-A695-4C3C-9620-9C284049D2EC}] => (Allow) D:\DOWNLOADS\bmdpaneld.exe No File
FirewallRules: [{D733B642-DD0A-4222-AAD6-C463FFF6C7D6}] => (Allow) D:\DOWNLOADS\DaVinciPanelDaemon.exe No File
FirewallRules: [{A59BB4AB-9EF7-496F-9397-781459757DC2}] => (Allow) D:\DOWNLOADS\JLCooperPanelDaemon.exe No File
FirewallRules: [{DF041387-0E0F-4F9D-AEBD-ED6AF6DCFFB9}] => (Allow) D:\DOWNLOADS\EuphonixPanelDaemon.exe No File
FirewallRules: [{A56ED8D3-A812-49CD-BA73-EFC66FB4B5E7}] => (Allow) D:\DOWNLOADS\TangentPanelDaemon.exe No File
FirewallRules: [{C880C5E5-C1D5-47CB-B8F4-89B96D371F2F}] => (Allow) D:\DOWNLOADS\ElementsPanelDaemon.exe No File
FirewallRules: [{987816E5-C7D7-4B15-B4B1-7172396BDBD6}] => (Allow) D:\DOWNLOADS\OxygenPanelDaemon.exe No File
FirewallRules: [{81F928CC-9421-4A1F-BCDF-2938D6E84E00}] => (Allow) D:\DOWNLOADS\DPDecoder.exe No File
FirewallRules: [{9D9B080B-C4DF-4923-9BCA-5B97205EAAA9}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe No File
FirewallRules: [TCP Query User{FC4824E7-FCB9-4A3E-916E-5CB3EF07DF5B}D:\downloads\dpdecoder.exe] => (Allow) D:\downloads\dpdecoder.exe No File
FirewallRules: [UDP Query User{FC1E8E99-1539-46D5-AC2C-213009F35550}D:\downloads\dpdecoder.exe] => (Allow) D:\downloads\dpdecoder.exe No File
FirewallRules: [TCP Query User{B7198C97-9007-4573-B2D3-829819DC3EC5}D:\downloads\resolve.exe] => (Allow) D:\downloads\resolve.exe No File
FirewallRules: [UDP Query User{8E8C7AB8-F6C2-468F-B9E7-39622A7ED57F}D:\downloads\resolve.exe] => (Allow) D:\downloads\resolve.exe No File
FirewallRules: [TCP Query User{59D105B0-C157-41DB-A8E1-F8074258C5B6}D:\downloads\fuscript.exe] => (Allow) D:\downloads\fuscript.exe No File
FirewallRules: [UDP Query User{BCE593AB-1256-4A22-886F-900BD8E2BA94}D:\downloads\fuscript.exe] => (Allow) D:\downloads\fuscript.exe No File
FirewallRules: [TCP Query User{D8F1E589-A345-4EBC-B066-496E1AC20039}D:\downloads\davincipaneldaemon.exe] => (Allow) D:\downloads\davincipaneldaemon.exe No File
FirewallRules: [UDP Query User{AC835C89-EB4C-4028-8C2E-C4FF2003138A}D:\downloads\davincipaneldaemon.exe] => (Allow) D:\downloads\davincipaneldaemon.exe No File
FirewallRules: [{AE6A2CFE-C454-471B-A844-39B7E3AB2484}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{B754B64E-4BAC-4FC7-BBB1-B901A45A1EAA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe No File

==================== Restore Points =========================

17-12-2019 18:27:17 Intel® Driver & Support Assistant
02-01-2020 19:14:10 Scheduled Checkpoint
03-01-2020 22:06:35 Driver Booster : Radeon RX 580 Series

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (01/07/2020 10:24:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RadeonSettings.exe, version: 10.1.2.1783, time stamp: 0x5dbc92d7
Faulting module name: igdrcl64.dll, version: 20.19.15.4531, time stamp: 0x57ed260c
Exception code: 0xc0000005
Fault offset: 0x000000000007a74a
Faulting process ID: 0x2554
Faulting application start time: 0x01d5c53b7e35e3a9
Faulting application path: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
Faulting module path: C:\Windows\SYSTEM32\igdrcl64.dll
Report ID: 4661492d-9a99-4eee-9f2d-58b0bb1aff35
Faulting package full name:
Faulting package-relative application ID:

Error: (01/07/2020 10:22:41 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-2LUJDH2)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (01/05/2020 09:36:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RadeonSettings.exe, version: 10.1.2.1783, time stamp: 0x5dbc92d7
Faulting module name: igdrcl64.dll, version: 20.19.15.4531, time stamp: 0x57ed260c
Exception code: 0xc0000005
Fault offset: 0x000000000007a74a
Faulting process ID: 0x20a0
Faulting application start time: 0x01d5c40718813f76
Faulting application path: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
Faulting module path: C:\Windows\SYSTEM32\igdrcl64.dll
Report ID: f162c806-0118-4f18-ae7d-f91445bcaac6
Faulting package full name:
Faulting package-relative application ID:

Error: (01/05/2020 09:35:03 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-2LUJDH2)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (01/05/2020 09:33:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Photoshop.exe, version: 16.0.0.88, time stamp: 0x55681d39
Faulting module name: igdrcl64.dll, version: 20.19.15.4531, time stamp: 0x57ed260c
Exception code: 0xc0000005
Fault offset: 0x000000000007a74a
Faulting process ID: 0x974
Faulting application start time: 0x01d5c4076aec92c7
Faulting application path: D:\Program Files (x86)\Adobe\Adobe Photoshop CC 2015\Photoshop.exe
Faulting module path: C:\Windows\SYSTEM32\igdrcl64.dll
Report ID: 458fb126-ef46-4a2c-86c3-bbad13b2c7dc
Faulting package full name:
Faulting package-relative application ID:

Error: (01/05/2020 09:27:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RadeonSettings.exe, version: 10.1.2.1783, time stamp: 0x5dbc92d7
Faulting module name: igdrcl64.dll, version: 20.19.15.4531, time stamp: 0x57ed260c
Exception code: 0xc0000005
Fault offset: 0x000000000007a74a
Faulting process ID: 0x20e8
Faulting application start time: 0x01d5c405dba49e9a
Faulting application path: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
Faulting module path: C:\Windows\SYSTEM32\igdrcl64.dll
Report ID: c7d5664c-af0e-4b2d-ace0-253c2755d114
Faulting package full name:
Faulting package-relative application ID:

Error: (01/05/2020 09:26:14 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-2LUJDH2)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (01/05/2020 09:18:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RadeonSettings.exe, version: 10.1.2.1783, time stamp: 0x5dbc92d7
Faulting module name: igdrcl64.dll, version: 20.19.15.4531, time stamp: 0x57ed260c
Exception code: 0xc0000005
Fault offset: 0x000000000007a74a
Faulting process ID: 0x2920
Faulting application start time: 0x01d5c4048b63daa0
Faulting application path: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
Faulting module path: C:\Windows\SYSTEM32\igdrcl64.dll
Report ID: 19c2984f-5e9a-45c5-ab5e-86944137f20f
Faulting package full name:
Faulting package-relative application ID:


System errors:
=============
Error: (01/07/2020 10:22:43 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The wuauserv service terminated with the following error:
The system cannot find the file specified.

Error: (01/07/2020 10:22:43 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-2LUJDH2)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.

Error: (01/07/2020 10:20:43 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The wuauserv service terminated with the following error:
The system cannot find the file specified.

Error: (01/07/2020 10:20:43 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.

Error: (01/07/2020 10:18:43 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The wuauserv service terminated with the following error:
The system cannot find the file specified.

Error: (01/07/2020 10:18:36 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The ekrn service failed to start due to the following error:
The system cannot find the file specified.

Error: (01/06/2020 04:48:42 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The wuauserv service terminated with the following error:
The system cannot find the file specified.

Error: (01/06/2020 04:48:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The ekrn service failed to start due to the following error:
The system cannot find the file specified.


CodeIntegrity:
===================================

Date: 2020-01-07 10:23:54.373
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\DOWNLOADS\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-07 10:23:53.619
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\DOWNLOADS\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-07 10:23:25.706
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\DOWNLOADS\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-07 10:23:24.492
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\DOWNLOADS\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-07 10:23:24.479
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\DOWNLOADS\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-07 10:22:10.530
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\DOWNLOADS\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-07 10:22:10.512
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\DOWNLOADS\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-07 10:22:09.609
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\DOWNLOADS\mbae64.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. V1.13 02/16/2016
Motherboard: MSI Z97 GAMING 5 (MS-7917)
Processor: Intel(R) Core(TM) i5-4690K CPU @ 3.50GHz
Percentage of memory in use: 30%
Total physical RAM: 16332.79 MB
Available physical RAM: 11279.68 MB
Total Virtual: 18764.79 MB
Available Virtual: 10080.71 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:110.72 GB) (Free:58.18 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:562.41 GB) NTFS
Drive e: () (Fixed) (Total:232.76 GB) (Free:232.61 GB) NTFS

\\?\Volume{b7fb99b9-1100-4786-a3c1-2f347de891e9}\ () (Fixed) (Total:0.44 GB) (Free:0.43 GB) NTFS
\\?\Volume{894b344b-121f-4822-bdf1-053ff1a2fc9c}\ () (Fixed) (Total:0.52 GB) (Free:0.1 GB) NTFS
\\?\Volume{75a7b41f-1f87-47b3-b471-fc809ab2b65b}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 111.8 GB) (Disk ID: 95C73D49)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: B7B85CBD)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (Protective MBR) (Size: 232.9 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

Re: Zmizel Antivirus, nelze znovu naisntalovat.

Napsal: 07 led 2020 12:50
od zuznay
Users shortcut scan result (x64) Version: 28-12-2019
Ran by Administrator_1 (07-01-2020 10:24:46)
Running from C:\Users\Administrator_1\Downloads
Boot Mode: Normal

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\Administrator_1\Links\Desktop.lnk -> C:\Users\Administrator_1\Desktop ()
Shortcut: C:\Users\Administrator_1\Links\Downloads.lnk -> C:\Users\Administrator_1\Downloads ()
Shortcut: C:\Users\Administrator_1\Desktop\Adobe Illustrator CC 2019.lnk -> C:\Program Files\Adobe\Adobe Illustrator CC 2019\Support Files\Contents\Windows\Illustrator.exe (Adobe Systems Inc.)
Shortcut: C:\Users\Administrator_1\Desktop\ALENKA V ŘÍŠI CHAOSU - Shortcut.lnk -> D:\MEEP\ART\ALENKA V ŘÍŠI CHAOSU ()
Shortcut: C:\Users\Administrator_1\Desktop\ART.lnk -> D:\MEEP\ART ()
Shortcut: C:\Users\Administrator_1\Desktop\blender.lnk -> D:\DOWNLOADS\blender.exe (Blender Foundation)
Shortcut: C:\Users\Administrator_1\Desktop\CHAOS.lnk -> D:\CHAOS ()
Shortcut: C:\Users\Administrator_1\Desktop\MEEP.lnk -> D:\MEEP ()
Shortcut: C:\Users\Administrator_1\Desktop\PC.lnk -> D:\MEEP\OTHER\custom icons\Martz90-Hex-App-draw.ico ()
Shortcut: C:\Users\Administrator_1\Desktop\Photoshop.lnk -> D:\Program Files (x86)\Adobe\Adobe Photoshop CC 2015\Photoshop.exe (Adobe Systems, Incorporated)
Shortcut: C:\Users\Administrator_1\Desktop\Shotcut.lnk -> D:\Program Files\Shotcut\shotcut.exe ()
Shortcut: C:\Users\Administrator_1\Desktop\Spotify.lnk -> D:\MEEP\OTHER\custom icons\Martz90-Hex-Spotify.ico ()
Shortcut: C:\Users\Administrator_1\Desktop\TATTOO.lnk -> D:\MEEP\ART\4. TATTOO ()
Shortcut: C:\Users\Administrator_1\Desktop\WhatsApp.lnk -> C:\Users\Administrator_1\AppData\Local\WhatsApp\WhatsApp.exe (WhatsApp)
Shortcut: C:\Users\Administrator_1\Desktop\Word.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE (Microsoft Corporation)
Shortcut: C:\Users\Administrator_1\Desktop\µTorrent.lnk -> C:\Users\Administrator_1\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
Shortcut: C:\Users\Administrator_1\Desktop\Games\PUBG LITE.lnk -> D:\GAMES\PUBGLite\Launcher.exe (No File)
Shortcut: C:\Users\Administrator_1\Desktop\Games\The Witcher 3 - Wild Hunt.lnk -> D:\GOG Games\The Witcher 3 - Wild Hunt\bin\x64\witcher3.exe (CD Projekt Red)
Shortcut: C:\Users\Administrator_1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\Administrator_1\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator_1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Co je nového v nejnovější verzi.lnk -> D:\Program Files\WinRAR\WhatsNew.txt ()
Shortcut: C:\Users\Administrator_1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Manuál konzolové verze RARu.lnk -> D:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\Users\Administrator_1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Nápověda WinRARu.lnk -> D:\Program Files\WinRAR\winrar.chm ()
Shortcut: C:\Users\Administrator_1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> D:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\Users\Administrator_1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator_1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator_1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator_1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator_1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp\WhatsApp.lnk -> C:\Users\Administrator_1\AppData\Local\WhatsApp\WhatsApp.exe (WhatsApp)
Shortcut: C:\Users\Administrator_1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator_1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\Administrator_1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Administrator_1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator_1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Administrator_1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blender\blender.lnk -> D:\DOWNLOADS\blender.exe (Blender Foundation)
Shortcut: C:\Users\Administrator_1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator_1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator_1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator_1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator_1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator_1\AppData\Roaming\Microsoft\Windows\SendTo\Přenos souborů pomocí rozhraní Bluetooth.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator_1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\Users\Administrator_1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Administrator_1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator_1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -> D:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
Shortcut: C:\Users\Administrator_1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Photoshop.lnk -> D:\Program Files (x86)\Adobe\Adobe Photoshop CC 2015\Photoshop.exe (Adobe Systems, Incorporated)
Shortcut: C:\Users\Administrator_1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\ .lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\Users\Administrator_1\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator_1\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator_1\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator_1\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator_1\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Administrator_1\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Administrator_1\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator_1\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator_1\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\µTorrent.lnk -> D:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\MSACCESS.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk -> C:\Windows\Installer\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}\SC_Reader.ico (Flexera Software LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CC 2019.lnk -> C:\Program Files\Adobe\Adobe Illustrator CC 2019\Support Files\Contents\Windows\Illustrator.exe (Adobe Systems Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2015.lnk -> D:\Program Files (x86)\Adobe\Adobe Photoshop CC 2015\Photoshop.exe (Adobe Systems, Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTE.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\POWERPNT.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\MSPUB.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shotcut.lnk -> D:\Program Files\Shotcut\shotcut.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype pro firmy.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Co je nového v nejnovější verzi.lnk -> D:\Program Files\WinRAR\WhatsNew.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Manuál konzolové verze RARu.lnk -> D:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Nápověda WinRARu.lnk -> D:\Program Files\WinRAR\winrar.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> D:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom Tablet\Wacom Desktop Center.lnk -> C:\Program Files\Tablet\Wacom\32\WacomDesktopCenter.exe (Wacom Technology, Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom Tablet\Wacom Tablet Properties.lnk -> C:\Program Files\Tablet\Wacom\Professional_CPL.exe (Wacom Technology, Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk -> D:\Program Files (x86)\VideoLAN\VLC\Documentation.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk -> D:\Program Files (x86)\VideoLAN\VLC\NEWS.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk -> D:\Program Files (x86)\VideoLAN\VLC\VideoLAN Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk -> D:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher 3 - Wild Hunt [GOG.com]\The Witcher 3 - Wild Hunt.lnk -> D:\GOG Games\The Witcher 3 - Wild Hunt\bin\x64\witcher3.exe (CD Projekt Red)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher 3 - Wild Hunt [GOG.com]\Uninstall The Witcher 3 - Wild Hunt.lnk -> D:\GOG Games\The Witcher 3 - Wild Hunt\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> D:\GAMES\Steam.exe (Valve Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office\Jazykové předvolby Office.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\SETLANG.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office\Protokol telemetrie pro Office.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\msoev.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office\Správce nahrávek Skypu pro firmy.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\OcPubMgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office\Řídicí panel telemetrie pro Office.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\msotd.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\Malwarebytes.lnk -> D:\DOWNLOADS\mbam.exe (Malwarebytes)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack 64bit\CCCP Settings (64bit).lnk -> D:\Program Files\Combined Community Codec Pack 64bit\CCCP-Settings.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack 64bit\CCCP Uninstall (64bit).lnk -> D:\Program Files\Combined Community Codec Pack 64bit\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack 64bit\Media Player Classic Home Cinema (64bit).lnk -> D:\Program Files\Combined Community Codec Pack 64bit\MPC\mpc-hc64.exe (MPC-HC Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings\AMD Settings.lnk -> C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe (Advanced Micro Devices, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Problem Report Wizard\Run AMD Problem Report Wizard.lnk -> C:\Program Files\AMD\CIM\BIN64\amdprw.exe (Advanced Micro Devices, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Print Management.lnk -> C:\Windows\System32\printmanagement.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\RecoveryDrive.lnk -> C:\Windows\System32\RecoveryDrive.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Registry Editor.lnk -> C:\Windows\regedit.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Defender Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Quick Assist.lnk -> C:\Windows\System32\quickassist.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\Links\OneDrive.lnk -> C:\Program Files (x86)\Microsoft OneDrive\OneDriveSetup.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Program Files (x86)\Microsoft OneDrive\OneDriveSetup.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\Default User\Links\OneDrive.lnk -> C:\Program Files (x86)\Microsoft OneDrive\OneDriveSetup.exe (Microsoft Corporation)
Shortcut: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Program Files (x86)\Microsoft OneDrive\OneDriveSetup.exe (Microsoft Corporation)
Shortcut: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default User\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default User\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default User\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default User\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default User\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Default User\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Default User\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default User\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default User\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\Malwarebytes.lnk -> D:\DOWNLOADS\mbam.exe (Malwarebytes)
Shortcut: C:\Users\Public\Desktop\Steam.lnk -> D:\GAMES\Steam.exe (Valve Corporation)
Shortcut: C:\Users\Public\Desktop\ .lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC)


ShortcutWithArgument: C:\Users\Administrator_1\Desktop\Discord.lnk -> C:\Users\Administrator_1\AppData\Local\Discord\Update.exe (GitHub) -> --processStart Discord.exe
ShortcutWithArgument: C:\Users\Administrator_1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\Administrator_1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc\Discord.lnk -> C:\Users\Administrator_1\AppData\Local\Discord\Update.exe (GitHub) -> --processStart Discord.exe
ShortcutWithArgument: C:\Users\Administrator_1\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Administrator_1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\Administrator_1\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\Administrator_1\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Administrator_1\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\Administrator_1\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\Administrator_1\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\Administrator_1\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Administrator_1\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Administrator_1\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Administrator_1\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Administrator_1\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk -> C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAServiceHelper.exe (Intel) -> installstartup
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk -> D:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) -> --reset-config --reset-plugins-cache vlc://quit
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk -> D:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) -> -Iskins
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office\Database Compare.lnk -> C:\Program Files (x86)\Microsoft Office\root\client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Microsoft Office\Root\Office16\DCF\DATABASECOMPARE.EXE"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office\Office Upload Center.lnk -> C:\Program Files (x86)\Microsoft Office\root\client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Microsoft Office\Root\Office16\MSOUC.EXE"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office\Spreadsheet Compare.lnk -> C:\Program Files (x86)\Microsoft Office\root\client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Microsoft Office\Root\Office16\DCF\SPREADSHEETCOMPARE.EXE"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\Uninstall Malwarebytes.lnk -> D:\DOWNLOADS\mbuns.exe (Malwarebytes) -> /uninstall
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack 64bit\Filters\LAV Audio Settings (64bit).lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "D:\Program Files\Combined Community Codec Pack 64bit\Filters\LAVFilters\LAVAudio.ax",OpenConfiguration
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack 64bit\Filters\LAV Splitter Settings (64bit).lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "D:\Program Files\Combined Community Codec Pack 64bit\Filters\LAVFilters\LAVSplitter.ax",OpenConfiguration
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack 64bit\Filters\LAV Video Settings (64bit).lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "D:\Program Files\Combined Community Codec Pack 64bit\Filters\LAVFilters\LAVVideo.ax",OpenConfiguration
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack 64bit\Filters\VSFilter Configuration (64bit).lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "D:\Program Files\Combined Community Codec Pack 64bit\Filters\vsfilter.dll",DirectVobSub
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Problem Report Wizard\Uninstall AMD Problem Report Wizard.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {E0700E6A-33AE-43C8-9FA0-D9B702EC446D}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk -> C:\Windows\System32\secpol.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default User\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\Default User\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default User\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\Default User\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\Default User\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\Default User\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default User\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default User\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Default User\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Default User\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}


InternetURL: C:\Users\Administrator_1\Desktop\Games\PLAYERUNKNOWN'S BATTLEGROUNDS.url -> URL: steam://rungameid/578080
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher 3 - Wild Hunt [GOG.com]\Documents\Support.url -> URL: hxxp://www.gog.com/support/the_witcher_3_wild_hunt
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam Support Center.url -> URL: hxxp://support.steampowered.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack 64bit\CCCP Playback FAQ.url -> URL: hxxp://www.cccp-project.net/wiki/index.php?title=Main_Page
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack 64bit\CCCP Website.url -> URL: hxxp://www.cccp-project.net/

==================== End of Shortcut.txt =============================

Re: Zmizel Antivirus, nelze znovu naisntalovat.

Napsal: 07 led 2020 17:22
od Conder
:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
IFEO\osppsvc.exe: [Debugger] rundll32.exe KMS.dll,PatcherMain
URLSearchHook: [S-1-5-21-3107723246-2406789225-4189533835-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01072020101956492] ATTENTION => Default URLSearchHook is missing
ExportKey: HKLM\System\CurrentControlSet\Services\wuauserv
2019-11-10 10:38 - 2020-01-03 22:40 - 000000000 ____D C:\ProgramData\KMSAutoS
2019-11-10 10:38 - 2014-05-25 01:36 - 000015360 _____ C:\Windows\system32\SppExtComObjHook.dll
2019-11-10 10:38 - 2014-05-25 01:36 - 000004608 _____ C:\Windows\system32\SppExtComObjPatcher.exe
2019-11-10 10:36 - 2019-11-10 10:43 - 000000000 ____D C:\Users\Administrator_1\AppData\Local\MSfree Inc
2019-11-10 10:26 - 2019-11-10 10:26 - 000000000 ___HD C:\temp
2019-11-08 20:46 - 2020-01-05 11:07 - 000000000 ____D C:\Program Files (x86)\IObit
2019-11-08 20:46 - 2019-11-08 20:46 - 000000000 ____D C:\Users\Administrator_1\AppData\LocalLow\IObit
2019-11-08 20:29 - 2020-01-05 11:07 - 000000000 ____D C:\Users\Administrator_1\AppData\Roaming\IObit
2019-11-08 20:29 - 2020-01-05 11:07 - 000000000 ____D C:\ProgramData\IObit
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll -> No File
AlternateDataStreams: C:\Users\Administrator_1\Data aplikací:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Administrator_1\Data aplikací:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
AlternateDataStreams: C:\Users\Administrator_1\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Administrator_1\AppData\Roaming:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]

Hosts:
EmptyTemp:
End
  • Klikni na Subor a potom na Ulozit
  • Vpravo dole vyber kodovanie UTF-8
  • Subor uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

Re: Zmizel Antivirus, nelze znovu naisntalovat.

Napsal: 07 led 2020 19:50
od zuznay
Fix result of Farbar Recovery Scan Tool (x64) Version: 28-12-2019
Ran by Administrator_1 (07-01-2020 19:46:55) Run:1
Running from C:\Users\Administrator_1\Downloads
Loaded Profiles: Administrator_1 (Available Profiles: Administrator_1)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
IFEO\osppsvc.exe: [Debugger] rundll32.exe KMS.dll,PatcherMain
URLSearchHook: [S-1-5-21-3107723246-2406789225-4189533835-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01072020101956492] ATTENTION => Default URLSearchHook is missing
ExportKey: HKLM\System\CurrentControlSet\Services\wuauserv
2019-11-10 10:38 - 2020-01-03 22:40 - 000000000 ____D C:\ProgramData\KMSAutoS
2019-11-10 10:38 - 2014-05-25 01:36 - 000015360 _____ C:\Windows\system32\SppExtComObjHook.dll
2019-11-10 10:38 - 2014-05-25 01:36 - 000004608 _____ C:\Windows\system32\SppExtComObjPatcher.exe
2019-11-10 10:36 - 2019-11-10 10:43 - 000000000 ____D C:\Users\Administrator_1\AppData\Local\MSfree Inc
2019-11-10 10:26 - 2019-11-10 10:26 - 000000000 ___HD C:\temp
2019-11-08 20:46 - 2020-01-05 11:07 - 000000000 ____D C:\Program Files (x86)\IObit
2019-11-08 20:46 - 2019-11-08 20:46 - 000000000 ____D C:\Users\Administrator_1\AppData\LocalLow\IObit
2019-11-08 20:29 - 2020-01-05 11:07 - 000000000 ____D C:\Users\Administrator_1\AppData\Roaming\IObit
2019-11-08 20:29 - 2020-01-05 11:07 - 000000000 ____D C:\ProgramData\IObit
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll -> No File
AlternateDataStreams: C:\Users\Administrator_1\Data aplikací:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Administrator_1\Data aplikací:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
AlternateDataStreams: C:\Users\Administrator_1\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Administrator_1\AppData\Roaming:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 23
Average :
Sum : 2365121
Maximum :
Minimum :
Property : Length




========= End of Powershell: =========

HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\osppsvc.exe => removed successfully
URLSearchHook: [S-1-5-21-3107723246-2406789225-4189533835-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01072020101956492] ATTENTION => Default URLSearchHook is missing => Error ({ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}): No automatic fix found for this entry.
================== ExportKey: ===================

[HKLM\System\CurrentControlSet\Services\wuauserv]
"Type"="32"
"Start"="3"
"ErrorControl"="1"
"ServiceSidType"="1"
"ImagePath"="C:\Windows\system32\svchost.exe -k netsvcs -p"
"ObjectName"="LocalSystem"
"DependOnService"="rpcss"
"RequiredPrivileges"="SeAuditPrivilege*SeCreateGlobalPrivilege*SeCreatePageFilePrivilege*SeTcbPrivilege*SeAssignPrimaryTokenPrivilege*SeImpersonatePrivilege*SeIncreaseQuotaPrivilege*SeShutdownPrivilege*SeDebugPrivilege*SeB (the data entry has 215 more characters)."

=== End of ExportKey ===
C:\ProgramData\KMSAutoS => moved successfully
C:\Windows\system32\SppExtComObjHook.dll => moved successfully
C:\Windows\system32\SppExtComObjPatcher.exe => moved successfully
C:\Users\Administrator_1\AppData\Local\MSfree Inc => moved successfully
C:\temp => moved successfully
C:\Program Files (x86)\IObit => moved successfully
C:\Users\Administrator_1\AppData\LocalLow\IObit => moved successfully
C:\Users\Administrator_1\AppData\Roaming\IObit => moved successfully
C:\ProgramData\IObit => moved successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ESET Security Shell => removed successfully
HKLM\Software\Classes\CLSID\{B089FE88-FB52-11D3-BDF1-0050DA34150D} => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\ESET Security Shell => removed successfully
C:\Users\Administrator_1\Data aplikací => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS removed successfully
C:\Users\Administrator_1\Data aplikací => ":fbd50e2f7662a5c33287ddc6e65ab5a1" ADS removed successfully
"C:\Users\Administrator_1\AppData\Roaming" => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS not found.
"C:\Users\Administrator_1\AppData\Roaming" => ":fbd50e2f7662a5c33287ddc6e65ab5a1" ADS not found.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 9199616 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 1150973389 B
Java, Flash, Steam htmlcache => 382904156 B
Windows/system/drivers => 12061462 B
Edge => 15762997 B
Chrome => 693195328 B
Firefox => 42103083 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 334300 B
NetworkService => 340226 B
Administrator_1 => 100178509 B

RecycleBin => 7839358 B
EmptyTemp: => 2.2 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:49:37 ====

Re: Zmizel Antivirus, nelze znovu naisntalovat.

Napsal: 09 led 2020 17:03
od Conder
:arrow: Stiahni TDSSKiller: http://www.bleepingcomputer.com/download/tdsskiller/
  • Uloz na plochu a spusti ako spravca
  • Potvrd licencne podmienky
  • Klikni na Change parameters a zaskrtni "Loaded modules"
  • Potvrd restart PC
  • Po restartovani klikni na "Start Scan"
  • V pripade nalezu vyber u vsetkych nalezov "Skip" a klikni na "Continue"
  • Klikni na "Report" (vpravo hore) a tento log sem skopiruj

Re: Zmizel Antivirus, nelze znovu naisntalovat.

Napsal: 11 led 2020 09:46
od zuznay
Nic to nenašlo.
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz