VIRY.CZ

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-02-2020 02
Ran by Patrik (administrator) on DESKTOP-A06A0AB (Dell Inc. OptiPlex 755) (10-02-2020 13:12:30)
Running from C:\Users\Patrik\Desktop
Loaded Profiles: Patrik (Available Profiles: Patrik)
Platform: Windows 10 Pro Version 1903 18362.592 (X64) Language: Čeština (Česko)
Default browser: Opera
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Opera Software AS -> Opera Software) C:\Users\Patrik\AppData\Local\Programs\Opera\66.0.3515.72\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Patrik\AppData\Local\Programs\Opera\66.0.3515.72\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Patrik\AppData\Local\Programs\Opera\66.0.3515.72\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Patrik\AppData\Local\Programs\Opera\66.0.3515.72\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Patrik\AppData\Local\Programs\Opera\66.0.3515.72\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Patrik\AppData\Local\Programs\Opera\66.0.3515.72\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Patrik\AppData\Local\Programs\Opera\66.0.3515.72\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Patrik\AppData\Local\Programs\Opera\66.0.3515.72\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Patrik\AppData\Local\Programs\Opera\66.0.3515.72\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Patrik\AppData\Local\Programs\Opera\66.0.3515.72\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Patrik\AppData\Local\Programs\Opera\66.0.3515.72\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Patrik\AppData\Local\Programs\Opera\66.0.3515.72\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Patrik\AppData\Local\Programs\Opera\66.0.3515.72\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Patrik\AppData\Local\Programs\Opera\66.0.3515.72\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Patrik\AppData\Local\Programs\Opera\66.0.3515.72\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Patrik\AppData\Local\Programs\Opera\66.0.3515.72\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Patrik\AppData\Local\Programs\Opera\66.0.3515.72\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Patrik\AppData\Local\Programs\Opera\66.0.3515.72\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Patrik\AppData\Local\Programs\Opera\66.0.3515.72\opera_crashreporter.exe
(Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-08-27] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645648 2019-10-05] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [RazerCortex] => C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncher.exe [266624 2019-12-04] (Razer USA Ltd. -> Razer Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3089515713-514659430-4046908927-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3311568 2020-01-18] (Valve -> Valve Corporation)
HKU\S-1-5-21-3089515713-514659430-4046908927-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Patrik\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-3089515713-514659430-4046908927-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Patrik\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-3089515713-514659430-4046908927-1001\...\RunOnce: [Uninstall 19.222.1110.0006\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Patrik\AppData\Local\Microsoft\OneDrive\19.222.1110.0006\amd64"
HKU\S-1-5-21-3089515713-514659430-4046908927-1001\...\RunOnce: [Uninstall 19.222.1110.0006] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Patrik\AppData\Local\Microsoft\OneDrive\19.222.1110.0006"
HKU\S-1-5-21-3089515713-514659430-4046908927-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
Startup: C:\Users\Patrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Boom3D.lnk [2019-09-29]
ShortcutTarget: Boom3D.lnk -> C:\Program Files\Global Delight\Boom 3D\Boom3D.exe (Global-Delight) [File not signed]
GroupPolicy: Restriction - Windows Defender <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
CHR HKU\S-1-5-21-3089515713-514659430-4046908927-1001\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {09818C12-3AA7-422C-871A-713685B03170} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3788144 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2676B256-8F94-4C7F-B94B-47037E28A460} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {44E7F0EE-DDC2-4029-B500-D7C24FBBE73B} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4702BCA9-CD0B-4E85-B7C6-6C0F7F7CE5BF} - System32\Tasks\Opera scheduled Autoupdate 1550408868 => C:\Users\Patrik\AppData\Local\Programs\Opera\launcher.exe [1532952 2020-02-05] (Opera Software AS -> Opera Software)
Task: {66066970-5E47-48E8-9905-7C0C02AE6D62} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6D86C6F2-DD8B-4BBB-9135-735BAE15B790} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [648504 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8395DC8D-10E3-4E79-AA52-14B5501D8245} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {867BA8BA-B0B1-418F-8970-132A0D932F29} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {884C764C-DE71-4631-AA19-C53D5DBDDA40} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_321_pepper.exe [1453624 2020-01-21] (Adobe Inc. -> Adobe)
Task: {AB18AB14-CC32-415B-ABCF-1F0A8C25D4F5} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B1A986AE-E6ED-4770-913F-0B76E56EAD98} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [897008 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BF427683-6BA9-43BE-AC47-0A7597F940C2} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [897008 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E282A2D5-A867-42DF-B21C-324C3A1B4492} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-01-21] (Adobe Inc. -> Adobe)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 46.174.32.250 8.8.8.8
Tcpip\Parameters: [NameServer] 82.163.142.9 95.211.158.137
Tcpip\..\Interfaces\{04873148-17dc-4b98-a0a8-3ebd82d6dfc9}: [NameServer] 82.163.142.9 95.211.158.137
Tcpip\..\Interfaces\{04873148-17dc-4b98-a0a8-3ebd82d6dfc9}: [DhcpNameServer] 46.174.32.250 8.8.8.8
Tcpip\..\Interfaces\{26b11a49-585f-4b43-a90c-9af3c3d7b25b}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{6bb4f047-2706-11e5-9bbe-806e6f6e6963}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{f4923159-067b-45e9-accc-7bd588789404}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{f4923159-067b-45e9-accc-7bd588789404}: [DhcpNameServer] 8.8.8.8

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\ssv.dll [2019-12-01] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-12-01] (Oracle America, Inc. -> Oracle Corporation)

Edge:
======
DownloadDir: C:\Users\Patrik\Downloads
Edge Notifications: HKU\S-1-5-21-3089515713-514659430-4046908927-1001 -> hxxps://notification-list.com; hxxps://notification-centar.com; hxxps://www3.premiumpushnotification.com; hxxps://ytmp3.cc

FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-12-01] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-12-01] (Oracle America, Inc. -> Oracle Corporation)

Opera:
=======
OPR Extension: (Adblocker for Youtube™) - C:\Users\Patrik\AppData\Roaming\Opera Software\Opera Stable\Extensions\lgboecahbmochmafbgmadmbbdelkgane [2019-08-17]
OPR Extension: (Google Access Offline) - C:\Users\Patrik\AppData\Roaming\Opera Software\Opera Stable\Extensions\mlapceggdhoiepjnbajcfdohpfofhlpd [2019-09-05]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-08-26] (Apple Inc. -> Apple Inc.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [253776 2019-10-01] (Razer USA Ltd. -> Razer Inc)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [532864 2019-10-28] (Razer USA Ltd. -> Razer Inc.)
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [290864 2019-12-04] (Razer USA Ltd. -> Razer Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2019-11-01] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SmrtService; C:\ProgramData\SmartGuard\lineage2\smrt3d\release\Data\155f037ea35b2a993d885dd538c8638bd141cf3f\smrtsvc64.exe [6618464 2019-03-17] (Eikonect Software SL -> )
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R3 GDPL_BOOM; C:\WINDOWS\system32\drivers\boomvad.sys [50504 2019-01-17] (WDKTestCert Adarsh,131897759775447238 -> Windows (R) Win 7 DDK provider)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_c1a085cc86772d3f\nvlddmkm.sys [17544792 2018-03-25] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-06-13] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
S3 TKCtrl; C:\WINDOWS\system32\TKCtrl2k64.sys [147240 2018-01-29] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.) <==== ATTENTION
S3 TKFsAvM; C:\WINDOWS\system32\TKFsAv64.sys [198808 2018-03-07] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.) <==== ATTENTION
S3 TKFsFtM; C:\WINDOWS\system32\TKFsFt64.sys [28824 2018-03-07] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.) <==== ATTENTION
S3 TKPcFt; C:\WINDOWS\system32\TKPcFtCb64.sys [54504 2018-01-30] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.) <==== ATTENTION
S3 TKRgAc; C:\WINDOWS\system32\TKRgAc2k64.sys [115760 2018-01-29] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.) <==== ATTENTION
S3 TKRgFt; C:\WINDOWS\system32\TKRgFtXp64.sys [68848 2018-02-04] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.) <==== ATTENTION
S3 TKSP; C:\WINDOWS\system32\TKSPxp64.sys [80824 2018-01-29] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.) <==== ATTENTION
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 cpuz149; \??\C:\WINDOWS\temp\cpuz149\cpuz149_x64.sys [X]
U4 napagent; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-02-10 13:10 - 2020-02-10 13:12 - 000030368 _____ C:\Users\Patrik\Desktop\Addition.txt
2020-02-10 13:07 - 2020-02-10 13:13 - 000018465 _____ C:\Users\Patrik\Desktop\FRST.txt
2020-02-10 13:07 - 2020-02-10 13:13 - 000000000 ____D C:\FRST
2020-02-10 13:04 - 2020-02-10 13:04 - 002279424 _____ (Farbar) C:\Users\Patrik\Desktop\FRST64.exe
2020-02-10 12:43 - 2020-02-10 12:43 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3089515713-514659430-4046908927-1001
2020-02-10 12:43 - 2020-02-10 12:43 - 000002364 _____ C:\Users\Patrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-02-08 22:35 - 2020-02-08 22:36 - 000000000 ____D C:\Users\Patrik\Downloads\Narcos 1. serie CZ
2020-02-08 22:34 - 2020-02-08 22:34 - 000034550 _____ C:\Users\Patrik\Desktop\[CzT]Narcos_1_serie_CZ_WebRip_.torrent
2020-02-07 09:47 - 2020-02-07 09:47 - 000004214 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1550408868
2020-02-07 09:47 - 2020-02-07 09:47 - 000001402 _____ C:\Users\Patrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2020-02-05 15:19 - 2020-02-05 15:19 - 000000222 _____ C:\Users\Patrik\Desktop\DiRT Rally.url
2020-02-05 15:16 - 2020-02-05 15:16 - 000000000 ____D C:\Users\Patrik\Desktop\plocha
2020-02-01 12:28 - 2020-02-01 12:28 - 000000000 ____D C:\ProgramData\{CA4E25F3-72C9-9E03-B16F-8012B188D943}
2020-02-01 12:28 - 2020-02-01 12:28 - 000000000 ____D C:\ProgramData\{C31212C6-45FC-975F-8458-DC1B84BF854A}
2020-02-01 12:28 - 2020-02-01 12:28 - 000000000 ____D C:\ProgramData\{971CD6B4-818E-C351-F69C-D24FF67B8B1E}
2020-02-01 12:28 - 2020-02-01 12:28 - 000000000 ____D C:\ProgramData\{929341F1-16CB-C6DE-B30B-5D4AB3EC041B}
2020-02-01 12:28 - 2020-02-01 12:28 - 000000000 ____D C:\ProgramData\{7E4D0B74-5C4E-2A00-3641-83A636A6DAF7}
2020-02-01 12:28 - 2020-02-01 12:28 - 000000000 ____D C:\ProgramData\{32D1BADE-EDE4-669C-9CF0-1FEA9C1746BB}
2020-02-01 12:28 - 2020-02-01 12:28 - 000000000 ____D C:\ProgramData\{23AFD8D6-8FEC-77E2-9492-61FB947538AA}
2020-02-01 12:28 - 2020-02-01 12:28 - 000000000 ____D C:\ProgramData\{1E2B2CFC-7BC6-4A66-BE66-E5C6BE81BC97}
2020-01-29 13:38 - 2020-01-29 13:38 - 000000000 ____D C:\Users\Patrik\AppData\Local\Razer
2020-01-29 13:37 - 2020-01-29 13:37 - 000001244 _____ C:\Users\Patrik\Desktop\Razer Cortex.lnk
2020-01-29 13:37 - 2020-01-29 13:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer Cortex
2020-01-29 13:36 - 2020-01-29 13:37 - 000000000 ____D C:\Program Files (x86)\Razer
2020-01-29 13:34 - 2020-01-29 13:39 - 000000000 ____D C:\ProgramData\Razer
2020-01-29 13:32 - 2020-01-29 13:32 - 004788560 _____ (Razer Inc.) C:\Users\Patrik\Downloads\RazerCortexInstaller.exe
2020-01-17 12:23 - 2020-01-17 12:23 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-01-17 12:23 - 2020-01-17 12:23 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-01-17 12:23 - 2020-01-17 12:23 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-01-17 12:23 - 2020-01-17 12:23 - 008012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-01-17 12:23 - 2020-01-17 12:23 - 007754752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-01-17 12:23 - 2020-01-17 12:23 - 007016448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-01-17 12:23 - 2020-01-17 12:23 - 005913600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-01-17 12:23 - 2020-01-17 12:23 - 002494464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-01-17 12:23 - 2020-01-17 12:23 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-01-17 12:23 - 2020-01-17 12:23 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-01-17 12:23 - 2020-01-17 12:23 - 001106944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-01-17 12:23 - 2020-01-17 12:23 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-01-17 12:23 - 2020-01-17 12:23 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-01-17 12:23 - 2020-01-17 12:23 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-01-17 12:23 - 2020-01-17 12:23 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-01-17 12:23 - 2020-01-17 12:23 - 000571392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-01-17 12:23 - 2020-01-17 12:23 - 000432256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-01-17 12:23 - 2020-01-17 12:23 - 000363840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2020-01-17 12:23 - 2020-01-17 12:23 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2020-01-17 12:23 - 2020-01-17 12:23 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiadss.dll
2020-01-17 12:23 - 2020-01-17 12:23 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-01-17 12:23 - 2020-01-17 12:23 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-01-17 12:23 - 2020-01-17 12:23 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiatrace.dll
2020-01-17 12:22 - 2020-01-17 12:23 - 022627840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 025900032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 009928208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-01-17 12:22 - 2020-01-17 12:22 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 006520480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-01-17 12:22 - 2020-01-17 12:22 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 002801152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-01-17 12:22 - 2020-01-17 12:22 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-01-17 12:22 - 2020-01-17 12:22 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 002473976 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 001985928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 001655880 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 001399096 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-01-17 12:22 - 2020-01-17 12:22 - 001330952 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-01-17 12:22 - 2020-01-17 12:22 - 001051664 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 001020032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 000851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-01-17 12:22 - 2020-01-17 12:22 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 000678712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-01-17 12:22 - 2020-01-17 12:22 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-01-17 12:22 - 2020-01-17 12:22 - 000542496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-01-17 12:22 - 2020-01-17 12:22 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-01-17 12:22 - 2020-01-17 12:22 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 000379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-01-17 12:22 - 2020-01-17 12:22 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-01-17 12:22 - 2020-01-17 12:22 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV1.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-01-17 12:22 - 2020-01-17 12:22 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssrvlic.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-01-17 12:22 - 2020-01-17 12:22 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti_ci.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 000162696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-01-17 12:22 - 2020-01-17 12:22 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiadss.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tsusbhub.sys
2020-01-17 12:22 - 2020-01-17 12:22 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 000127520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-01-17 12:22 - 2020-01-17 12:22 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\LSCSHostPolicy.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\lstelemetry.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-01-17 12:22 - 2020-01-17 12:22 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-01-17 11:46 - 2019-12-10 06:15 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-01-17 11:46 - 2019-12-10 05:59 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-02-10 12:43 - 2019-02-17 13:32 - 000000000 ___RD C:\Users\Patrik\OneDrive
2020-02-10 12:41 - 2019-02-17 14:07 - 000000000 ____D C:\ProgramData\NVIDIA
2020-02-10 12:39 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-02-10 12:38 - 2019-11-01 20:58 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-02-10 12:38 - 2019-11-01 20:27 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-02-09 20:55 - 2019-02-18 19:18 - 000000000 ____D C:\Users\Patrik\AppData\Roaming\TS3Client
2020-02-09 17:18 - 2019-02-17 14:20 - 000000000 ____D C:\Program Files (x86)\Steam
2020-02-09 17:05 - 2019-11-01 20:27 - 000276816 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-02-09 00:52 - 2019-03-19 05:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-02-08 23:51 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-02-08 23:51 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-02-08 20:43 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-02-05 15:31 - 2019-02-23 12:35 - 000000000 ____D C:\Users\Patrik\AppData\Local\PlaceholderTileLogoFolder
2020-02-05 15:19 - 2019-02-17 14:28 - 000000219 _____ C:\Users\Patrik\Desktop\Dota 2.url
2020-02-05 13:07 - 2019-09-26 16:46 - 000000000 ____D C:\Users\Patrik\AppData\Local\Discord
2020-02-05 13:06 - 2019-02-17 13:29 - 000000000 ____D C:\Users\Patrik\AppData\Local\Packages
2020-02-05 13:05 - 2019-07-24 18:49 - 000000000 ____D C:\Program Files (x86)\Naruto Shippuden Ultimate Ninja Storm Revolution
2020-02-01 12:27 - 2019-12-01 17:05 - 000000000 ____D C:\ProgramData\{E384B785-E0BF-B7C9-C7FD-4A3BC71A136A}
2020-02-01 12:27 - 2019-12-01 17:05 - 000000000 ____D C:\ProgramData\{46F2AB2E-FC14-12BF-6CE1-3C9E6C0665CF}
2020-02-01 12:27 - 2019-12-01 17:05 - 000000000 ____D C:\ProgramData\{405F7391-24AB-1412-D339-9198D3DEC8C9}
2020-02-01 12:27 - 2019-12-01 17:05 - 000000000 ____D C:\ProgramData\{1CF0E151-B66B-48BD-13AB-3EC4134C6795}
2020-01-29 13:49 - 2019-11-01 19:02 - 000000000 ___DC C:\WINDOWS\Panther
2020-01-29 13:49 - 2019-03-17 11:51 - 000000000 ____D C:\Users\Patrik\AppData\Local\CrashDumps
2020-01-21 12:45 - 2019-11-01 20:58 - 000004626 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-01-21 12:45 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-01-21 12:45 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-01-21 10:57 - 2019-06-17 21:33 - 000002521 _____ C:\Users\Public\Desktop\Smart View.lnk
2020-01-17 12:39 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-01-17 12:39 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-01-17 12:39 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-01-17 12:39 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-01-17 12:36 - 2019-02-17 18:43 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-01-17 12:32 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-01-17 12:32 - 2019-02-17 18:43 - 120202352 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-01-17 12:22 - 2015-07-10 14:20 - 000410988 __RSH C:\bootmgr

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-02-2020 02
Ran by Patrik (10-02-2020 13:14:56)
Running from C:\Users\Patrik\Desktop
Windows 10 Pro Version 1903 18362.592 (X64) (2019-11-01 19:59:37)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3089515713-514659430-4046908927-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3089515713-514659430-4046908927-503 - Limited - Disabled)
Guest (S-1-5-21-3089515713-514659430-4046908927-501 - Limited - Disabled)
Patrik (S-1-5-21-3089515713-514659430-4046908927-1001 - Administrator - Enabled) => C:\Users\Patrik
WDAGUtilityAccount (S-1-5-21-3089515713-514659430-4046908927-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1.25534 - emc, uTorrent.CZ)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.321 - Adobe)
Aktualizace NVIDIA 37.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 37.0.0.0 - NVIDIA Corporation) Hidden
Apple Mobile Device Support (HKLM\...\{6CECF0FB-EE71-4FE5-8AE0-FA007408934A}) (Version: 13.0.0.38 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Boom 3D (HKLM\...\{482C5E31-E1D9-4069-9B76-30BEE9FB63B4}) (Version: 1.0.7 - Global Delight)
CPUID CPU-Z 1.91 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.91 - CPUID, Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 391.35 - NVIDIA Corporation) Hidden
iTunes (HKLM\...\{A39EE3D3-411E-472C-AF73-9D751E37A7EE}) (Version: 12.10.0.7 - Apple Inc.)
Java 8 Update 231 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180231F0}) (Version: 8.0.2310.11 - Oracle Corporation)
Malwarebytes verze 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Microsoft OneDrive (HKU\S-1-5-21-3089515713-514659430-4046908927-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0005 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
NativeDesktopMediaService (HKLM-x32\...\{4A91D8B3-712F-4815-B29B-E610008C4704}) (Version: 3.6.1 - Jetmedia) <==== ATTENTION
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.19.0.107 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.19.0.107 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Opera Stable 66.0.3515.72 (HKU\S-1-5-21-3089515713-514659430-4046908927-1001\...\Opera 66.0.3515.72) (Version: 66.0.3515.72 - Opera Software)
Ovládací panel NVIDIA 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 391.35 - NVIDIA Corporation) Hidden
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{2DB9CC90-24C4-4260-935D-511973B75707}) (Version: 7.6 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{DC327764-A1B1-4EF3-A07C-38741E3557E7}) (Version: 7.6 - Apple Inc.)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22899 - Microsoft Corporation)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 9.6.34.1043 - Razer Inc.)
Smart View (HKLM-x32\...\{1800D8A5-F7B2-4C20-868E-1CF55CBBDF21}) (Version: 1.0.0.0 - Samsung )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.2.3 - TeamSpeak Systems GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Worms World Party Remastered (HKLM-x32\...\1433238834_is1) (Version: 2.1.0.2 - GOG.com)

Packages:
=========
Cooking Fever -> C:\Program Files\WindowsApps\NORDCURRENT.COOKINGFEVER_7.0.0.2_x86__m9bz608c1b9ra [2019-12-09] (Nordcurrent)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-10-24] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-10-24] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-11] (Microsoft Studios) [MS Ad]
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.35.20273.0_x64__8wekyb3d8bbwe [2020-02-08] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-15] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-20] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-17] (Microsoft Corporation) [MS Ad]
OfficeSuite Personal Free -> C:\Program Files\WindowsApps\MobiSystems.OfficeSuitePersonalFree_3.90.29002.0_x86__8m57vzdwnbybp [2020-01-26] (Mobisystems)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [ixcShellExt] -> {A7047D3E-09F3-11D4-8F6D-1081AD87DD41} => C:\Program Files (x86)\TACHYON\T5\ixShellExt6.dll -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [ixcShellExt] -> {A7047D3E-09F3-11D4-8F6D-1081AD87DD41} => C:\Program Files (x86)\TACHYON\T5\ixShellExt6.dll -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

# -------------------------------
# Malwarebytes AdwCleaner 8.0.2.0
# -------------------------------
# Build: 01-27-2020
# Database: 2020-01-24.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-10-2020
# Duration: 00:00:03
# OS: Windows 10 Pro
# Cleaned: 13
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C58C7844B47FF8B6E079E5A2220E
Deleted HKLM\Software\Classes\Installer\Features\436F6625D7B77354DBCD89DDC6CFAB1A
Deleted HKLM\Software\Classes\Installer\Products\436F6625D7B77354DBCD89DDC6CFAB1A
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|Multitimer
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\436F6625D7B77354DBCD89DDC6CFAB1A
Deleted HKLM\Software\Wow6432Node\Jetmedia
Deleted HKLM\Software\Wow6432Node\\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C58C7844B47FF8B6E079E5A2220E
Deleted HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{04873148-17dc-4b98-a0a8-3ebd82d6dfc9}|NameServer - "82.163.142.9"
Deleted HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{04873148-17dc-4b98-a0a8-3ebd82d6dfc9}|NameServer - "95.211.158.137"
Deleted HKLM\System\CurrentControlSet\Services\Tcpip\Parameters|NameServer - "82.163.142.9"
Deleted HKLM\System\CurrentControlSet\Services\Tcpip\Parameters|NameServer - "95.211.158.137"
Deleted HKU\.DEFAULT\Software\Caphyon\Advanced Updater\{F039D4A9-14D3-4425-A4FA-F2F9D5B0E014}
Deleted HKU\S-1-5-18\Software\Caphyon\Advanced Updater\{F039D4A9-14D3-4425-A4FA-F2F9D5B0E014}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3015 octets] - [10/02/2020 13:19:49]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Ahoj

Poprosim o obidva nove logy z FRST (kedze boli vytvorene pred cistenim cez AdwCleaner a log Addition v prvom prispevku nie je cely)

# -------------------------------
# Malwarebytes AdwCleaner 8.0.2.0
# -------------------------------
# Build: 01-27-2020
# Database: 2020-02-17.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 02-17-2020
# Duration: 00:00:30
# OS: Windows 10 Pro
# Scanned: 34851
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner[S00].txt - [3015 octets] - [10/02/2020 13:19:49]
AdwCleaner[C00].txt - [2969 octets] - [10/02/2020 13:20:03]
AdwCleaner[S01].txt - [1527 octets] - [17/02/2020 14:10:49]
AdwCleaner[S02].txt - [1588 octets] - [17/02/2020 14:12:59]
AdwCleaner[C02].txt - [1778 octets] - [17/02/2020 14:13:34]
AdwCleaner[S03].txt - [1710 octets] - [17/02/2020 14:27:07]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S04].txt ##########

FRST :


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-02-2020
Ran by Patrik (administrator) on DESKTOP-A06A0AB (Dell Inc. OptiPlex 755) (17-02-2020 14:29:39)
Running from C:\Users\Patrik\Desktop
Loaded Profiles: Patrik (Available Profiles: Patrik)
Platform: Windows 10 Pro Version 1903 18362.657 (X64) Language: Čeština (Česko)
Default browser: Opera
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(bookingDesktopApp.) [File not signed] C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Opera Software AS -> Opera Software) C:\Users\Patrik\AppData\Local\Programs\Opera\66.0.3515.72\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Patrik\AppData\Local\Programs\Opera\66.0.3515.72\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Patrik\AppData\Local\Programs\Opera\66.0.3515.72\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Patrik\AppData\Local\Programs\Opera\66.0.3515.72\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Patrik\AppData\Local\Programs\Opera\66.0.3515.72\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Patrik\AppData\Local\Programs\Opera\66.0.3515.72\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Patrik\AppData\Local\Programs\Opera\66.0.3515.72\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Patrik\AppData\Local\Programs\Opera\66.0.3515.72\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Patrik\AppData\Local\Programs\Opera\66.0.3515.72\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Patrik\AppData\Local\Programs\Opera\66.0.3515.72\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Patrik\AppData\Local\Programs\Opera\66.0.3515.72\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Patrik\AppData\Local\Programs\Opera\66.0.3515.72\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Patrik\AppData\Local\Programs\Opera\66.0.3515.72\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Patrik\AppData\Local\Programs\Opera\66.0.3515.72\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Patrik\AppData\Local\Programs\Opera\66.0.3515.72\opera_crashreporter.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-08-27] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645648 2019-10-05] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [RazerCortex] => "C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncher.exe" -autorun
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3089515713-514659430-4046908927-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3311568 2020-01-18] (Valve -> Valve Corporation)
HKU\S-1-5-21-3089515713-514659430-4046908927-1001\...\Run: [Chromium] => "c:\users\patrik\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
HKU\S-1-5-21-3089515713-514659430-4046908927-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
Startup: C:\Users\Patrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Boom3D.lnk [2019-09-29]
ShortcutTarget: Boom3D.lnk -> C:\Program Files\Global Delight\Boom 3D\Boom3D.exe (Global-Delight) [File not signed]
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
CHR HKU\S-1-5-21-3089515713-514659430-4046908927-1001\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {09818C12-3AA7-422C-871A-713685B03170} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3788144 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2676B256-8F94-4C7F-B94B-47037E28A460} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {44E7F0EE-DDC2-4029-B500-D7C24FBBE73B} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4702BCA9-CD0B-4E85-B7C6-6C0F7F7CE5BF} - System32\Tasks\Opera scheduled Autoupdate 1550408868 => C:\Users\Patrik\AppData\Local\Programs\Opera\launcher.exe [1532952 2020-02-05] (Opera Software AS -> Opera Software)
Task: {5E37703C-B6F3-4607-AE6E-D79B8D639934} - System32\Tasks\bookingDesktopAppUpdateTaskMachineUA => C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-02-11] (bookingDesktopApp.) [File not signed]
Task: {66066970-5E47-48E8-9905-7C0C02AE6D62} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6D86C6F2-DD8B-4BBB-9135-735BAE15B790} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [648504 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {70342D90-6385-4745-98F8-235B8144BE78} - System32\Tasks\bookingDesktopAppUpdateTaskMachineCore => C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-02-11] (bookingDesktopApp.) [File not signed]
Task: {8395DC8D-10E3-4E79-AA52-14B5501D8245} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {867BA8BA-B0B1-418F-8970-132A0D932F29} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {884C764C-DE71-4631-AA19-C53D5DBDDA40} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_330_pepper.exe [1453624 2020-02-17] (Adobe Inc. -> Adobe)
Task: {AB18AB14-CC32-415B-ABCF-1F0A8C25D4F5} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B1A986AE-E6ED-4770-913F-0B76E56EAD98} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [897008 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BF427683-6BA9-43BE-AC47-0A7597F940C2} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [897008 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E282A2D5-A867-42DF-B21C-324C3A1B4492} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-02-17] (Adobe Inc. -> Adobe)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 46.174.32.250 8.8.8.8
Tcpip\..\Interfaces\{04873148-17dc-4b98-a0a8-3ebd82d6dfc9}: [DhcpNameServer] 46.174.32.250 8.8.8.8
Tcpip\..\Interfaces\{26b11a49-585f-4b43-a90c-9af3c3d7b25b}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{6bb4f047-2706-11e5-9bbe-806e6f6e6963}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{f4923159-067b-45e9-accc-7bd588789404}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{f4923159-067b-45e9-accc-7bd588789404}: [DhcpNameServer] 8.8.8.8

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\ssv.dll [2019-12-01] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-12-01] (Oracle America, Inc. -> Oracle Corporation)

Edge:
======
DownloadDir: C:\Users\Patrik\Downloads
Edge Notifications: HKU\S-1-5-21-3089515713-514659430-4046908927-1001 -> hxxps://notification-list.com; hxxps://notification-centar.com; hxxps://www3.premiumpushnotification.com; hxxps://ytmp3.cc

FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @bookingdesktopapp.com/bookingDesktopApp Update;version=3 -> C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll [2020-02-11] (bookingDesktopApp.) [File not signed]
FF Plugin-x32: @bookingdesktopapp.com/bookingDesktopApp Update;version=9 -> C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll [2020-02-11] (bookingDesktopApp.) [File not signed]
FF Plugin-x32: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-12-01] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-12-01] (Oracle America, Inc. -> Oracle Corporation)

Opera:
=======
OPR Extension: (Adblocker for Youtube™) - C:\Users\Patrik\AppData\Roaming\Opera Software\Opera Stable\Extensions\lgboecahbmochmafbgmadmbbdelkgane [2019-08-17]
OPR Extension: (Google Access Offline) - C:\Users\Patrik\AppData\Roaming\Opera Software\Opera Stable\Extensions\mlapceggdhoiepjnbajcfdohpfofhlpd [2019-09-05]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-08-26] (Apple Inc. -> Apple Inc.)
S2 bookingdesktopapp; C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-02-11] (bookingDesktopApp.) [File not signed]
S3 bookingdesktopappm; C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-02-11] (bookingDesktopApp.) [File not signed]
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2019-11-01] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SmrtService; C:\ProgramData\SmartGuard\lineage2\smrt3d\release\Data\155f037ea35b2a993d885dd538c8638bd141cf3f\smrtsvc64.exe [6618464 2019-03-17] (Eikonect Software SL -> )
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R3 GDPL_BOOM; C:\WINDOWS\system32\drivers\boomvad.sys [50504 2019-01-17] (WDKTestCert Adarsh,131897759775447238 -> Windows (R) Win 7 DDK provider)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_c1a085cc86772d3f\nvlddmkm.sys [17544792 2018-03-25] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-06-13] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
S3 TKCtrl; C:\WINDOWS\system32\TKCtrl2k64.sys [147240 2018-01-29] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.) <==== ATTENTION
S3 TKFsAvM; C:\WINDOWS\system32\TKFsAv64.sys [198808 2018-03-07] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.) <==== ATTENTION
S3 TKFsFtM; C:\WINDOWS\system32\TKFsFt64.sys [28824 2018-03-07] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.) <==== ATTENTION
S3 TKPcFt; C:\WINDOWS\system32\TKPcFtCb64.sys [54504 2018-01-30] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.) <==== ATTENTION
S3 TKRgAc; C:\WINDOWS\system32\TKRgAc2k64.sys [115760 2018-01-29] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.) <==== ATTENTION
S3 TKRgFt; C:\WINDOWS\system32\TKRgFtXp64.sys [68848 2018-02-04] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.) <==== ATTENTION
S3 TKSP; C:\WINDOWS\system32\TKSPxp64.sys [80824 2018-01-29] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.) <==== ATTENTION
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 cpuz149; \??\C:\WINDOWS\temp\cpuz149\cpuz149_x64.sys [X]
U4 napagent; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-02-17 14:29 - 2020-02-17 14:31 - 000017658 _____ C:\Users\Patrik\Desktop\FRST.txt
2020-02-17 14:29 - 2020-02-17 14:29 - 002279424 _____ (Farbar) C:\Users\Patrik\Desktop\FRST64 (1).exe
2020-02-17 14:29 - 2020-02-17 14:29 - 000000000 ____D C:\Users\Patrik\Desktop\FRST-OlderVersion
2020-02-17 14:18 - 2020-02-17 13:36 - 000410834 __RSH C:\bootmgr
2020-02-17 14:18 - 2020-02-03 21:56 - 000835688 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-02-17 14:18 - 2020-02-03 21:56 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-02-17 14:18 - 2019-03-19 05:44 - 000000001 ___SH C:\BOOTNXT
2020-02-17 14:14 - 2020-02-17 14:14 - 000000000 ____D C:\ProgramData\ssh
2020-02-17 14:11 - 2020-02-17 14:11 - 000001527 _____ C:\Users\Patrik\Desktop\ADW LOG.txt
2020-02-17 13:54 - 2020-02-17 13:54 - 000000043 _____ C:\Users\Patrik\AppData\Roaming\WB.CFG
2020-02-17 13:37 - 2020-02-17 13:37 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-02-17 13:37 - 2020-02-17 13:37 - 019850240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-02-17 13:37 - 2020-02-17 13:37 - 019813376 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-02-17 13:37 - 2020-02-17 13:37 - 018026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-02-17 13:37 - 2020-02-17 13:37 - 007017472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-02-17 13:37 - 2020-02-17 13:37 - 006284800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-02-17 13:37 - 2020-02-17 13:37 - 005912064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-02-17 13:37 - 2020-02-17 13:37 - 005502464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2020-02-17 13:37 - 2020-02-17 13:37 - 004470272 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2020-02-17 13:37 - 2020-02-17 13:37 - 004308480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2020-02-17 13:37 - 2020-02-17 13:37 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-02-17 13:37 - 2020-02-17 13:37 - 003820032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-02-17 13:37 - 2020-02-17 13:37 - 003525592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2020-02-17 13:37 - 2020-02-17 13:37 - 003484672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-02-17 13:37 - 2020-02-17 13:37 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2020-02-17 13:37 - 2020-02-17 13:37 - 003243080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2020-02-17 13:37 - 2020-02-17 13:37 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-02-17 13:37 - 2020-02-17 13:37 - 002493720 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-02-17 13:37 - 2020-02-17 13:37 - 002314952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2020-02-17 13:37 - 2020-02-17 13:37 - 002230232 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2020-02-17 13:37 - 2020-02-17 13:37 - 001835128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2020-02-17 13:37 - 2020-02-17 13:37 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-02-17 13:37 - 2020-02-17 13:37 - 001541632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2020-02-17 13:37 - 2020-02-17 13:37 - 001489064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2020-02-17 13:37 - 2020-02-17 13:37 - 001417760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2020-02-17 13:37 - 2020-02-17 13:37 - 001272360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2020-02-17 13:37 - 2020-02-17 13:37 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-02-17 13:37 - 2020-02-17 13:37 - 001105776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2020-02-17 13:37 - 2020-02-17 13:37 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-02-17 13:37 - 2020-02-17 13:37 - 001080832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2020-02-17 13:37 - 2020-02-17 13:37 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2020-02-17 13:37 - 2020-02-17 13:37 - 000890368 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2020-02-17 13:37 - 2020-02-17 13:37 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-02-17 13:37 - 2020-02-17 13:37 - 000828216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2020-02-17 13:37 - 2020-02-17 13:37 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2020-02-17 13:37 - 2020-02-17 13:37 - 000805376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2020-02-17 13:37 - 2020-02-17 13:37 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-02-17 13:37 - 2020-02-17 13:37 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-02-17 13:37 - 2020-02-17 13:37 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-02-17 13:37 - 2020-02-17 13:37 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2020-02-17 13:37 - 2020-02-17 13:37 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-02-17 13:37 - 2020-02-17 13:37 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-02-17 13:37 - 2020-02-17 13:37 - 000537608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2020-02-17 13:37 - 2020-02-17 13:37 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2020-02-17 13:37 - 2020-02-17 13:37 - 000476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2020-02-17 13:37 - 2020-02-17 13:37 - 000444928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2020-02-17 13:37 - 2020-02-17 13:37 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2020-02-17 13:37 - 2020-02-17 13:37 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2020-02-17 13:37 - 2020-02-17 13:37 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2020-02-17 13:37 - 2020-02-17 13:37 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2020-02-17 13:37 - 2020-02-17 13:37 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2020-02-17 13:37 - 2020-02-17 13:37 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapisrv.dll
2020-02-17 13:37 - 2020-02-17 13:37 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2020-02-17 13:37 - 2020-02-17 13:37 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-02-17 13:37 - 2020-02-17 13:37 - 000174392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppvVemgr.sys
2020-02-17 13:37 - 2020-02-17 13:37 - 000153912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppvVfs.sys
2020-02-17 13:37 - 2020-02-17 13:37 - 000138040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppVStrm.sys
2020-02-17 13:37 - 2020-02-17 13:37 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWSD.dll
2020-02-17 13:37 - 2020-02-17 13:37 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-02-17 13:37 - 2020-02-17 13:37 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-02-17 13:37 - 2020-02-17 13:37 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dfrgui.exe
2020-02-17 13:37 - 2020-02-17 13:37 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdSSDP.dll
2020-02-17 13:37 - 2020-02-17 13:37 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll
2020-02-17 13:37 - 2020-02-17 13:37 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-02-17 13:37 - 2020-02-17 13:37 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-02-17 13:37 - 2020-02-17 13:37 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-02-17 13:37 - 2020-02-17 13:37 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedssync.exe
2020-02-17 13:36 - 2020-02-17 13:36 - 025900032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 022635008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 009929016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-02-17 13:36 - 2020-02-17 13:36 - 008013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 007754752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 007259648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 006519752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 006435840 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 006083832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 005112320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 005041664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 004856832 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 004575232 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 004562896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-02-17 13:36 - 2020-02-17 13:36 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 004348616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 003967888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-02-17 13:36 - 2020-02-17 13:36 - 003792384 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 003550208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 003372440 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 002988552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-02-17 13:36 - 2020-02-17 13:36 - 002861568 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 002800128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-02-17 13:36 - 2020-02-17 13:36 - 002773776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 002766088 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-02-17 13:36 - 2020-02-17 13:36 - 002703872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 002584008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 002260176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 002225160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 002084576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 002032128 _____ C:\WINDOWS\system32\rdpnano.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 001999960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 001916744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 001858560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 001743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 001693184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 001687040 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 001664696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 001664680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 001562424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 001482040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-02-17 13:36 - 2020-02-17 13:36 - 001412096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 001398584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-02-17 13:36 - 2020-02-17 13:36 - 001394168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 001300280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2020-02-17 13:36 - 2020-02-17 13:36 - 001284096 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 001283592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2020-02-17 13:36 - 2020-02-17 13:36 - 001273856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 001218120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2020-02-17 13:36 - 2020-02-17 13:36 - 001216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2020-02-17 13:36 - 2020-02-17 13:36 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 001213752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 001195008 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 001170960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 001154448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 001097216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 001083392 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 001077264 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-02-17 13:36 - 2020-02-17 13:36 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 001051448 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 001000960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000996352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000928120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-02-17 13:36 - 2020-02-17 13:36 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000913408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000904504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000892488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000891736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000875448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000857088 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2020-02-17 13:36 - 2020-02-17 13:36 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000824848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000788992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000784384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-02-17 13:36 - 2020-02-17 13:36 - 000774664 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-02-17 13:36 - 2020-02-17 13:36 - 000768488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000704512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000679368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000673080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-02-17 13:36 - 2020-02-17 13:36 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000661816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-02-17 13:36 - 2020-02-17 13:36 - 000637440 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000629760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000617784 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000597816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000587064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2020-02-17 13:36 - 2020-02-17 13:36 - 000568120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000542288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000518456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2020-02-17 13:36 - 2020-02-17 13:36 - 000512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000510768 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2020-02-17 13:36 - 2020-02-17 13:36 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2020-02-17 13:36 - 2020-02-17 13:36 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000494080 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000486400 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-02-17 13:36 - 2020-02-17 13:36 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000467952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000453432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2020-02-17 13:36 - 2020-02-17 13:36 - 000450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2020-02-17 13:36 - 2020-02-17 13:36 - 000443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000441072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000422008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000416056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2020-02-17 13:36 - 2020-02-17 13:36 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\DispBroker.Desktop.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000405632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-02-17 13:36 - 2020-02-17 13:36 - 000399360 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000375504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000366416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-02-17 13:36 - 2020-02-17 13:36 - 000335448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-02-17 13:36 - 2020-02-17 13:36 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpviewerax.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000311096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapisrv.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000300392 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\msutb.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000274464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BCP47Langs.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpviewerax.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2020-02-17 13:36 - 2020-02-17 13:36 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFMCP.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000259984 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\srrstr.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2020-02-17 13:36 - 2020-02-17 13:36 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2020-02-17 13:36 - 2020-02-17 13:36 - 000220984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-02-17 13:36 - 2020-02-17 13:36 - 000217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msutb.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdsdwmdr.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-02-17 13:36 - 2020-02-17 13:36 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\regapi.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-02-17 13:36 - 2020-02-17 13:36 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\recdisc.exe
2020-02-17 13:36 - 2020-02-17 13:36 - 000193800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000190464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regapi.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000190256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000186880 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe
2020-02-17 13:36 - 2020-02-17 13:36 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000179720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-02-17 13:36 - 2020-02-17 13:36 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000165832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2020-02-17 13:36 - 2020-02-17 13:36 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Winlangdb.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWSD.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000150536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2020-02-17 13:36 - 2020-02-17 13:36 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatialAudioLicenseSrv.exe
2020-02-17 13:36 - 2020-02-17 13:36 - 000143160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000133464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BCP47mrm.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000132624 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetDriverInstall.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdSSDP.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000107832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000106808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfrgui.exe
2020-02-17 13:36 - 2020-02-17 13:36 - 000099712 _____ (Microsoft Corporation) C:\WINDOWS\system32\FsIso.exe
2020-02-17 13:36 - 2020-02-17 13:36 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\compstui.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\globinputhost.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000093496 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2020-02-17 13:36 - 2020-02-17 13:36 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\keyiso.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000089328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000084496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2020-02-17 13:36 - 2020-02-17 13:36 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetDriverInstall.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000072816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\keyiso.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\findnetprinters.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.exe
2020-02-17 13:36 - 2020-02-17 13:36 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtutils.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000063288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-02-17 13:36 - 2020-02-17 13:36 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.exe
2020-02-17 13:36 - 2020-02-17 13:36 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000059221 _____ C:\WINDOWS\system32\srms.dat
2020-02-17 13:36 - 2020-02-17 13:36 - 000058880 _____ C:\WINDOWS\system32\runexehelper.exe
2020-02-17 13:36 - 2020-02-17 13:36 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SrTasks.exe
2020-02-17 13:36 - 2020-02-17 13:36 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtutils.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Websocket.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguageProfileCallback.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000042512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2020-02-17 13:36 - 2020-02-17 13:36 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcicda.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Websocket.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2020-02-17 13:36 - 2020-02-17 13:36 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mciwave.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mciseq.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000021520 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000020944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000019768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2020-02-17 13:36 - 2020-02-17 13:36 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsunattend.exe
2020-02-17 13:36 - 2020-02-17 13:36 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-02-17 13:36 - 2020-02-17 13:36 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe
2020-02-17 13:36 - 2020-02-17 13:36 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-02-17 13:36 - 2020-02-17 13:36 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-02-17 13:36 - 2020-02-17 13:36 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-02-17 13:36 - 2020-02-17 13:36 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-02-17 13:36 - 2020-02-17 13:36 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-02-17 13:36 - 2020-02-17 13:36 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-02-17 13:36 - 2020-02-17 13:36 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-02-17 13:36 - 2020-02-17 13:36 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-02-17 13:36 - 2020-02-17 13:36 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-02-17 13:36 - 2020-02-17 13:36 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-02-17 13:36 - 2020-02-17 13:36 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-02-17 13:36 - 2020-02-17 13:36 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-02-17 13:35 - 2020-02-17 13:36 - 000974336 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 017787904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 007905208 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 006231200 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 006167552 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 004615376 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-02-17 13:35 - 2020-02-17 13:35 - 004470784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 004005888 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 003969536 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 003728896 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-02-17 13:35 - 2020-02-17 13:35 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 003590968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-02-17 13:35 - 2020-02-17 13:35 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 003110400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 002870272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 002714624 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-02-17 13:35 - 2020-02-17 13:35 - 002284544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 002125904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 002071552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 001942016 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 001841152 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 001830200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 001757096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-02-17 13:35 - 2020-02-17 13:35 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 001726480 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 001655880 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 001602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 001512320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-02-17 13:35 - 2020-02-17 13:35 - 001505592 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 001481216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 001480192 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-02-17 13:35 - 2020-02-17 13:35 - 001413912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 001372160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-02-17 13:35 - 2020-02-17 13:35 - 001182232 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2020-02-17 13:35 - 2020-02-17 13:35 - 001149928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-02-17 13:35 - 2020-02-17 13:35 - 001084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 001083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 001026792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 001009664 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthSSO.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-02-17 13:35 - 2020-02-17 13:35 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-02-17 13:35 - 2020-02-17 13:35 - 000804872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2020-02-17 13:35 - 2020-02-17 13:35 - 000803840 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000782848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000758800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000747320 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000737280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000732200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntime.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntimewindows.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000678928 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000642008 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000637968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2020-02-17 13:35 - 2020-02-17 13:35 - 000605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-02-17 13:35 - 2020-02-17 13:35 - 000589592 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2020-02-17 13:35 - 2020-02-17 13:35 - 000558592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-02-17 13:35 - 2020-02-17 13:35 - 000545432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000516648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2020-02-17 13:35 - 2020-02-17 13:35 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2020-02-17 13:35 - 2020-02-17 13:35 - 000465208 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000459896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-02-17 13:35 - 2020-02-17 13:35 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-02-17 13:35 - 2020-02-17 13:35 - 000437776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2020-02-17 13:35 - 2020-02-17 13:35 - 000415808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-02-17 13:35 - 2020-02-17 13:35 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000369504 _____ (Microsoft Corporation) C:\WINDOWS\system32\BCP47Langs.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SpeechPrivacy.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000324616 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000296760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2020-02-17 13:35 - 2020-02-17 13:35 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-02-17 13:35 - 2020-02-17 13:35 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-02-17 13:35 - 2020-02-17 13:35 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Winlangdb.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000194064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2020-02-17 13:35 - 2020-02-17 13:35 - 000187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssrvlic.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000186672 _____ (Microsoft Corporation) C:\WINDOWS\system32\BCP47mrm.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AarSvc.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2020-02-17 13:35 - 2020-02-17 13:35 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AppExecutionAlias.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_BackgroundApps.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\globinputhost.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000128528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2020-02-17 13:35 - 2020-02-17 13:35 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000127280 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationControlCSP.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000117264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2020-02-17 13:35 - 2020-02-17 13:35 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairingExperienceMEM.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000089912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2020-02-17 13:35 - 2020-02-17 13:35 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-02-17 13:35 - 2020-02-17 13:35 - 000088352 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthSystray.exe
2020-02-17 13:35 - 2020-02-17 13:35 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-02-17 13:35 - 2020-02-17 13:35 - 000071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2020-02-17 13:35 - 2020-02-17 13:35 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\LSCSHostPolicy.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguageProfileCallback.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcicda.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000047208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-02-17 13:35 - 2020-02-17 13:35 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000037392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2020-02-17 13:35 - 2020-02-17 13:35 - 000034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mciwave.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mciseq.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\lstelemetry.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\bindflt.dll
2020-02-17 13:35 - 2020-02-17 13:35 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dstokenclean.exe
2020-02-17 13:21 - 2020-01-16 06:07 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-02-17 13:21 - 2020-01-16 05:23 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-02-11 16:08 - 2020-02-11 16:08 - 000000000 ____D C:\ProgramData\ByteFence
2020-02-11 15:58 - 2020-02-11 15:58 - 000003548 _____ C:\WINDOWS\system32\Tasks\bookingDesktopAppUpdateTaskMachineUA
2020-02-11 15:58 - 2020-02-11 15:58 - 000003424 _____ C:\WINDOWS\system32\Tasks\bookingDesktopAppUpdateTaskMachineCore
2020-02-11 15:58 - 2020-02-11 15:58 - 000003264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Booking.lnk
2020-02-11 15:58 - 2020-02-11 15:58 - 000003252 _____ C:\Users\Public\Desktop\Booking.lnk
2020-02-11 15:58 - 2020-02-11 15:58 - 000000000 ____D C:\Program Files (x86)\bookingDesktopApp
2020-02-11 15:57 - 2020-02-11 15:58 - 000000000 ____D C:\Program Files (x86)\Booking
2020-02-11 15:56 - 2020-02-17 14:06 - 000000000 ____D C:\Users\Patrik\AppData\Local\chromium
2020-02-11 15:54 - 2020-02-17 14:09 - 000000000 ____D C:\WINDOWS\system32\Tasks\Kilitadah
2020-02-11 15:54 - 2020-02-11 15:54 - 000001396 _____ C:\Users\Patrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HowToRemove.lnk
2020-02-11 15:54 - 2020-02-11 15:54 - 000000000 ____D C:\ProgramData\{C24EFE72-EA66-860A-B23E-AE225AD676FA}
2020-02-11 15:51 - 2020-02-11 15:51 - 003064600 _____ (Installer File ) C:\Users\Patrik\Desktop\outlook_express_1894727338.exe
2020-02-11 15:40 - 2020-02-11 15:40 - 000009062 _____ C:\Users\Patrik\Desktop\Smlouva.p7s
2020-02-10 13:32 - 2020-02-10 13:33 - 008356016 _____ (Malwarebytes) C:\Users\Patrik\Desktop\adwcleaner_8.0.2 (1).exe
2020-02-10 13:31 - 2020-02-10 13:31 - 000000270 __RSH C:\ProgramData\ntuser.pol
2020-02-10 13:18 - 2020-02-10 13:19 - 000000000 ____D C:\AdwCleaner
2020-02-10 13:18 - 2020-02-10 13:18 - 008356016 _____ (Malwarebytes) C:\Users\Patrik\Desktop\adwcleaner_8.0.2.exe
2020-02-10 13:07 - 2020-02-17 14:30 - 000000000 ____D C:\FRST
2020-02-10 12:43 - 2020-02-10 12:43 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3089515713-514659430-4046908927-1001
2020-02-10 12:43 - 2020-02-10 12:43 - 000002364 _____ C:\Users\Patrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-02-08 22:35 - 2020-02-08 22:36 - 000000000 ____D C:\Users\Patrik\Downloads\Narcos 1. serie CZ
2020-02-08 22:34 - 2020-02-08 22:34 - 000034550 _____ C:\Users\Patrik\Desktop\[CzT]Narcos_1_serie_CZ_WebRip_.torrent
2020-02-07 09:47 - 2020-02-07 09:47 - 000004214 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1550408868
2020-02-07 09:47 - 2020-02-07 09:47 - 000001402 _____ C:\Users\Patrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2020-02-05 15:19 - 2020-02-05 15:19 - 000000222 _____ C:\Users\Patrik\Desktop\DiRT Rally.url
2020-02-05 15:16 - 2020-02-05 15:16 - 000000000 ____D C:\Users\Patrik\Desktop\plocha
2020-02-01 12:28 - 2020-02-01 12:28 - 000000000 ____D C:\ProgramData\{CA4E25F3-72C9-9E03-B16F-8012B188D943}
2020-02-01 12:28 - 2020-02-01 12:28 - 000000000 ____D C:\ProgramData\{C31212C6-45FC-975F-8458-DC1B84BF854A}
2020-02-01 12:28 - 2020-02-01 12:28 - 000000000 ____D C:\ProgramData\{971CD6B4-818E-C351-F69C-D24FF67B8B1E}
2020-02-01 12:28 - 2020-02-01 12:28 - 000000000 ____D C:\ProgramData\{929341F1-16CB-C6DE-B30B-5D4AB3EC041B}
2020-02-01 12:28 - 2020-02-01 12:28 - 000000000 ____D C:\ProgramData\{7E4D0B74-5C4E-2A00-3641-83A636A6DAF7}
2020-02-01 12:28 - 2020-02-01 12:28 - 000000000 ____D C:\ProgramData\{32D1BADE-EDE4-669C-9CF0-1FEA9C1746BB}
2020-02-01 12:28 - 2020-02-01 12:28 - 000000000 ____D C:\ProgramData\{23AFD8D6-8FEC-77E2-9492-61FB947538AA}
2020-02-01 12:28 - 2020-02-01 12:28 - 000000000 ____D C:\ProgramData\{1E2B2CFC-7BC6-4A66-BE66-E5C6BE81BC97}
2020-01-29 13:38 - 2020-02-17 13:59 - 000000000 ____D C:\Users\Patrik\AppData\Local\Razer
2020-01-29 13:34 - 2020-02-17 14:00 - 000000000 ____D C:\ProgramData\Razer
2020-01-29 13:32 - 2020-01-29 13:32 - 004788560 _____ (Razer Inc.) C:\Users\Patrik\Downloads\RazerCortexInstaller.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-02-17 14:23 - 2019-11-01 20:45 - 001693640 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-02-17 14:23 - 2019-03-19 12:57 - 000716944 _____ C:\WINDOWS\system32\perfh005.dat
2020-02-17 14:23 - 2019-03-19 12:57 - 000145024 _____ C:\WINDOWS\system32\perfc005.dat
2020-02-17 14:23 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-02-17 14:19 - 2019-02-23 12:22 - 000000000 ___RD C:\Users\Patrik\3D Objects
2020-02-17 14:19 - 2019-02-17 13:29 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-02-17 14:18 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-02-17 14:18 - 2019-02-17 14:07 - 000000000 ____D C:\ProgramData\NVIDIA
2020-02-17 14:17 - 2019-11-01 20:58 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-02-17 14:17 - 2019-11-01 20:27 - 000276816 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-02-17 14:15 - 2019-03-19 05:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-02-17 14:14 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2020-02-17 14:14 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-02-17 14:14 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2020-02-17 14:14 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-02-17 14:14 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-02-17 14:14 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2020-02-17 14:14 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2020-02-17 14:14 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2020-02-17 14:14 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-02-17 14:14 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-02-17 14:14 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-02-17 14:14 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-02-17 14:14 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\servicing
2020-02-17 13:50 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-02-17 13:47 - 2019-02-17 18:43 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-02-17 13:44 - 2019-02-17 18:43 - 120407888 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-02-17 13:41 - 2019-11-01 20:27 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-02-17 13:02 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-02-17 13:00 - 2019-11-01 20:58 - 000004626 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-02-17 13:00 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-02-17 13:00 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-02-11 15:59 - 2019-02-17 13:29 - 000000000 ____D C:\Users\Patrik\AppData\Local\Packages
2020-02-10 20:56 - 2019-02-17 14:20 - 000000000 ____D C:\Program Files (x86)\Steam
2020-02-10 13:29 - 2019-12-01 17:05 - 000000000 ____D C:\ProgramData\{E384B785-E0BF-B7C9-C7FD-4A3BC71A136A}
2020-02-10 13:29 - 2019-12-01 17:05 - 000000000 ____D C:\ProgramData\{46F2AB2E-FC14-12BF-6CE1-3C9E6C0665CF}
2020-02-10 13:29 - 2019-12-01 17:05 - 000000000 ____D C:\ProgramData\{405F7391-24AB-1412-D339-9198D3DEC8C9}
2020-02-10 13:29 - 2019-12-01 17:05 - 000000000 ____D C:\ProgramData\{1CF0E151-B66B-48BD-13AB-3EC4134C6795}
2020-02-10 13:29 - 2019-11-01 20:34 - 000000000 ____D C:\Users\Patrik
2020-02-10 12:43 - 2019-02-17 13:32 - 000000000 ___RD C:\Users\Patrik\OneDrive
2020-02-09 20:55 - 2019-02-18 19:18 - 000000000 ____D C:\Users\Patrik\AppData\Roaming\TS3Client
2020-02-08 23:51 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-02-05 15:31 - 2019-02-23 12:35 - 000000000 ____D C:\Users\Patrik\AppData\Local\PlaceholderTileLogoFolder
2020-02-05 15:19 - 2019-02-17 14:28 - 000000219 _____ C:\Users\Patrik\Desktop\Dota 2.url
2020-02-05 13:07 - 2019-09-26 16:46 - 000000000 ____D C:\Users\Patrik\AppData\Local\Discord
2020-02-05 13:05 - 2019-07-24 18:49 - 000000000 ____D C:\Program Files (x86)\Naruto Shippuden Ultimate Ninja Storm Revolution
2020-01-29 13:49 - 2019-11-01 19:02 - 000000000 ___DC C:\WINDOWS\Panther
2020-01-29 13:49 - 2019-03-17 11:51 - 000000000 ____D C:\Users\Patrik\AppData\Local\CrashDumps
2020-01-21 10:57 - 2019-06-17 21:33 - 000002521 _____ C:\Users\Public\Desktop\Smart View.lnk

==================== Files in the root of some directories ========

2020-02-17 13:54 - 2020-02-17 13:54 - 000000043 _____ () C:\Users\Patrik\AppData\Roaming\WB.CFG

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Addition :


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-02-2020
Ran by Patrik (17-02-2020 14:32:21)
Running from C:\Users\Patrik\Desktop
Windows 10 Pro Version 1903 18362.657 (X64) (2019-11-01 19:59:37)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3089515713-514659430-4046908927-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3089515713-514659430-4046908927-503 - Limited - Disabled)
Guest (S-1-5-21-3089515713-514659430-4046908927-501 - Limited - Disabled)
Patrik (S-1-5-21-3089515713-514659430-4046908927-1001 - Administrator - Enabled) => C:\Users\Patrik
WDAGUtilityAccount (S-1-5-21-3089515713-514659430-4046908927-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1.25534 - emc, uTorrent.CZ)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.330 - Adobe)
Aktualizace NVIDIA 37.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 37.0.0.0 - NVIDIA Corporation) Hidden
Apple Mobile Device Support (HKLM\...\{6CECF0FB-EE71-4FE5-8AE0-FA007408934A}) (Version: 13.0.0.38 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Booking (HKLM-x32\...\{13D4CD54-EA09-4FDB-B979-8B2BC0F020CA}_is1) (Version: 2.0.701 - Booking)
Boom 3D (HKLM\...\{482C5E31-E1D9-4069-9B76-30BEE9FB63B4}) (Version: 1.0.7 - Global Delight)
CPUID CPU-Z 1.91 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.91 - CPUID, Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 391.35 - NVIDIA Corporation) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
iTunes (HKLM\...\{A39EE3D3-411E-472C-AF73-9D751E37A7EE}) (Version: 12.10.0.7 - Apple Inc.)
Java 8 Update 231 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180231F0}) (Version: 8.0.2310.11 - Oracle Corporation)
Malwarebytes verze 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Microsoft OneDrive (HKU\S-1-5-21-3089515713-514659430-4046908927-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0005 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
NativeDesktopMediaService (HKLM-x32\...\{4A91D8B3-712F-4815-B29B-E610008C4704}) (Version: 3.6.1 - Jetmedia) <==== ATTENTION
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.19.0.107 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.19.0.107 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Opera Stable 66.0.3515.72 (HKU\S-1-5-21-3089515713-514659430-4046908927-1001\...\Opera 66.0.3515.72) (Version: 66.0.3515.72 - Opera Software)
Ovládací panel NVIDIA 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 391.35 - NVIDIA Corporation) Hidden
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{2DB9CC90-24C4-4260-935D-511973B75707}) (Version: 7.6 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{DC327764-A1B1-4EF3-A07C-38741E3557E7}) (Version: 7.6 - Apple Inc.)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22899 - Microsoft Corporation)
Smart View (HKLM-x32\...\{1800D8A5-F7B2-4C20-868E-1CF55CBBDF21}) (Version: 1.0.0.0 - Samsung )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.2.3 - TeamSpeak Systems GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Worms World Party Remastered (HKLM-x32\...\1433238834_is1) (Version: 2.1.0.2 - GOG.com)

Packages:
=========
Cooking Fever -> C:\Program Files\WindowsApps\NORDCURRENT.COOKINGFEVER_7.0.0.2_x86__m9bz608c1b9ra [2019-12-09] (Nordcurrent)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-10-24] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-10-24] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-11] (Microsoft Studios) [MS Ad]
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.35.20273.0_x64__8wekyb3d8bbwe [2020-02-08] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-15] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-20] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-17] (Microsoft Corporation) [MS Ad]
OfficeSuite Personal Free -> C:\Program Files\WindowsApps\MobiSystems.OfficeSuitePersonalFree_3.90.29002.0_x86__8m57vzdwnbybp [2020-01-26] (Mobisystems)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [ixcShellExt] -> {A7047D3E-09F3-11D4-8F6D-1081AD87DD41} => C:\Program Files (x86)\TACHYON\T5\ixShellExt6.dll -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [ixcShellExt] -> {A7047D3E-09F3-11D4-8F6D-1081AD87DD41} => C:\Program Files (x86)\TACHYON\T5\ixShellExt6.dll -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-02-11 15:58 - 2020-02-11 15:58 - 001743360 ____T (bookingDesktopApp.) [File not signed] C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\bookingDesktopApppdate.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TKFsAvM => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TKFsFtM => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TKPcFt => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TKRgAc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TKRgFt => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TKFsAvM => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TKFsFtM => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TKPcFt => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TKRgAc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TKRgFt => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 12:04 - 2020-02-17 14:04 - 000001116 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 space1.adminpressure.space
127.0.0.1 trackpressure.website
127.0.0.1 htagzdownload.pw
127.0.0.1 360devtraking.website
127.0.0.1 room1.360dev.info
127.0.0.1 djapp.info
127.0.0.1 sharefolder.online
127.0.0.1 telechargini.com
127.0.0.1 fffffk.xyz
127.0.0.1 smarttrackk.xyz

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-3089515713-514659430-4046908927-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Patrik\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\wlppr2.jpg
DNS Servers: 46.174.32.250 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "RazerCortex"
HKU\S-1-5-21-3089515713-514659430-4046908927-1001\...\StartupApproved\StartupFolder: => "Boom3D.lnk"
HKU\S-1-5-21-3089515713-514659430-4046908927-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3089515713-514659430-4046908927-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3089515713-514659430-4046908927-1001\...\StartupApproved\Run: => "Discord"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{372EE203-37DB-4969-8811-2247AD136432}] => (Allow) C:\WINDOWS\SysWOW64\TCPSVCS.EXE (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{6A209924-5D90-4588-A536-76C91E4E7D56}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1BF1F89F-EF19-40EA-8356-246F2DD8D392}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{790A34BD-B986-4BA8-AF9C-4439B0A7C98B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5C181A32-5458-46D8-8C88-6C0A3E96137D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{62455529-4700-445D-8EC1-9C8022D9E964}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7748BFBA-1F78-4BD1-BFC2-057B4CB07122}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [UDP Query User{4C8A11CD-38B7-45E7-AC0B-8B1BD69905CE}C:\gog games\pro evolution soccer 2016\pes2016.exe] => (Allow) C:\gog games\pro evolution soccer 2016\pes2016.exe No File
FirewallRules: [TCP Query User{D50BEBBE-3025-4A79-9C40-8A231743FD1A}C:\gog games\pro evolution soccer 2016\pes2016.exe] => (Allow) C:\gog games\pro evolution soccer 2016\pes2016.exe No File
FirewallRules: [{34320ACD-8914-4FF2-857F-BCA68C69E065}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{012A637B-60AE-4819-9554-6BD2F7E566BE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{527446E5-99C5-4F0A-8A4B-C02D588E9D33}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A95515FE-127D-425A-B206-D724BDE39D3C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{6955D432-C093-4381-BADA-23611DFF9907}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe () [File not signed]
FirewallRules: [TCP Query User{A8573588-9CBE-4956-85AF-794757E7F898}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe () [File not signed]
FirewallRules: [UDP Query User{8B440AD2-C942-4580-9262-F27395DC578A}C:\users\patrik\appdata\local\temp\rarsfx4\utorrent.exe] => (Allow) C:\users\patrik\appdata\local\temp\rarsfx4\utorrent.exe No File
FirewallRules: [TCP Query User{B628C867-DCA1-44FA-96C5-F5C43F65ED67}C:\users\patrik\appdata\local\temp\rarsfx4\utorrent.exe] => (Allow) C:\users\patrik\appdata\local\temp\rarsfx4\utorrent.exe No File
FirewallRules: [UDP Query User{5667E49F-104D-423F-B57E-429AC398F0C9}C:\gog games\wrc\wrc 4 fia world rally championship\wrc4.exe] => (Allow) C:\gog games\wrc\wrc 4 fia world rally championship\wrc4.exe No File
FirewallRules: [TCP Query User{5813190D-039C-4DF3-BE8D-38B5ADC772BE}C:\gog games\wrc\wrc 4 fia world rally championship\wrc4.exe] => (Allow) C:\gog games\wrc\wrc 4 fia world rally championship\wrc4.exe No File
FirewallRules: [UDP Query User{B7D31E18-C0A4-4B93-9766-DEBFA016074E}C:\users\patrik\appdata\local\temp\rarsfx3\utorrent.exe] => (Block) C:\users\patrik\appdata\local\temp\rarsfx3\utorrent.exe No File
FirewallRules: [TCP Query User{CAC060E7-CE25-47DA-92C7-DA0E07C21DCF}C:\users\patrik\appdata\local\temp\rarsfx3\utorrent.exe] => (Block) C:\users\patrik\appdata\local\temp\rarsfx3\utorrent.exe No File
FirewallRules: [UDP Query User{E2ACB458-2E79-48DF-9064-704584C1EF64}C:\users\patrik\appdata\local\temp\rarsfx2\utorrent.exe] => (Allow) C:\users\patrik\appdata\local\temp\rarsfx2\utorrent.exe No File
FirewallRules: [TCP Query User{35F1CE31-8657-4688-AFE4-65CE4776DEFF}C:\users\patrik\appdata\local\temp\rarsfx2\utorrent.exe] => (Allow) C:\users\patrik\appdata\local\temp\rarsfx2\utorrent.exe No File
FirewallRules: [UDP Query User{8A21F819-8D0A-400D-8825-5B3246C03C30}C:\users\patrik\appdata\local\temp\rarsfx1\utorrent.exe] => (Allow) C:\users\patrik\appdata\local\temp\rarsfx1\utorrent.exe No File
FirewallRules: [TCP Query User{A63702CB-D6C4-4103-B587-11E262568C6C}C:\users\patrik\appdata\local\temp\rarsfx1\utorrent.exe] => (Allow) C:\users\patrik\appdata\local\temp\rarsfx1\utorrent.exe No File
FirewallRules: [{12AA969A-9F95-416B-8BC6-606DF2ECE74E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{55F17D57-D075-48BA-988B-C1714296979D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BF4706E8-440D-4B5A-A752-0B7B84E7A6D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{F8715682-C6CC-4AB5-8D44-380855C87128}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{F5E0AE8F-1D55-47EA-8AB5-2A48094CD692}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{46D18E46-978C-467E-BCFD-00FC1301A712}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{30CCDDF1-E773-431D-BD58-045CD938E127}] => (Allow) C:\Program Files (x86)\Torrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{6330FCE6-39E2-4281-9551-2D854D7F9C7E}] => (Allow) C:\Program Files (x86)\Torrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{26D4BF2C-ECA6-4A6A-B9D8-E68A952C26D5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{6CBBF4E5-23AF-4D4A-A3E2-8A72C4D10803}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [TCP Query User{8216CBC6-E994-4218-AFE3-DE1AF60EAB3F}C:\users\patrik\appdata\local\temp\rarsfx0\utorrent.exe] => (Allow) C:\users\patrik\appdata\local\temp\rarsfx0\utorrent.exe No File
FirewallRules: [UDP Query User{BF35A70D-665D-4A11-94D2-3770672CD304}C:\users\patrik\appdata\local\temp\rarsfx0\utorrent.exe] => (Allow) C:\users\patrik\appdata\local\temp\rarsfx0\utorrent.exe No File
FirewallRules: [{820ED433-FD8B-427F-99ED-0D050F1D20D4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{264671C0-B881-4AB6-9E7D-191AB8840D61}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{7345CF12-59BD-4EE5-9282-C9994A972252}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{681CDCB4-C07A-4BE5-A845-9A6166D3DD85}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{7D8A5B1E-7B6C-45DC-875C-7562075CCF61}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DiRT Rally\drt.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{C6FA9C2A-5C31-40F0-8C59-535E51A96B9E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DiRT Rally\drt.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [TCP Query User{762636F5-0F13-4A8A-B157-D32F8A3053D4}C:\program files (x86)\steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe (Valve -> )
FirewallRules: [UDP Query User{C67A41BB-9199-42DB-8ED8-DEC6C3608F93}C:\program files (x86)\steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe (Valve -> )
FirewallRules: [TCP Query User{A71AC93B-26C1-4913-B716-444F48B9A68F}C:\users\patrik\appdata\local\programs\opera\65.0.3467.48\opera.exe] => (Allow) C:\users\patrik\appdata\local\programs\opera\65.0.3467.48\opera.exe No File
FirewallRules: [UDP Query User{65F800F5-A6E5-46B6-9054-997E5CDF1A47}C:\users\patrik\appdata\local\programs\opera\65.0.3467.48\opera.exe] => (Allow) C:\users\patrik\appdata\local\programs\opera\65.0.3467.48\opera.exe No File
FirewallRules: [TCP Query User{FD8FB62E-6484-4064-8515-043C25246087}C:\program files (x86)\java\jre1.8.0_231\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_231\bin\java.exe
FirewallRules: [UDP Query User{437E8DE9-D678-4E95-A46F-2E199FD5C53B}C:\program files (x86)\java\jre1.8.0_231\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_231\bin\java.exe
FirewallRules: [{F33F5BB3-BB04-42C9-ACC9-09506489E3BD}] => (Allow) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe (TeamSpeak Systems GmbH -> TeamSpeak Systems GmbH)
FirewallRules: [{FC4463D6-10BF-4896-A8B3-443B792597C3}] => (Allow) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe (TeamSpeak Systems GmbH -> TeamSpeak Systems GmbH)
FirewallRules: [{043DA641-D1C2-4B0D-8BA2-7D361D23B041}] => (Allow) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe (TeamSpeak Systems GmbH -> TeamSpeak Systems GmbH)
FirewallRules: [{E7FCBF7A-F1E2-42EF-8CA2-9604A16FC3C2}] => (Allow) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe (TeamSpeak Systems GmbH -> TeamSpeak Systems GmbH)
FirewallRules: [TCP Query User{2B744F00-67EB-42AA-B7C2-26DAD590EFF2}C:\users\patrik\appdata\local\programs\opera\65.0.3467.78\opera.exe] => (Block) C:\users\patrik\appdata\local\programs\opera\65.0.3467.78\opera.exe No File
FirewallRules: [UDP Query User{03AA8A95-F880-486C-BDD7-3C01E364EED4}C:\users\patrik\appdata\local\programs\opera\65.0.3467.78\opera.exe] => (Block) C:\users\patrik\appdata\local\programs\opera\65.0.3467.78\opera.exe No File
FirewallRules: [TCP Query User{FA7CF62A-9EF4-4BC9-81F0-49E9FE6A6520}C:\users\patrik\appdata\local\programs\opera\66.0.3515.36\opera.exe] => (Allow) C:\users\patrik\appdata\local\programs\opera\66.0.3515.36\opera.exe No File
FirewallRules: [UDP Query User{F364EC6F-1DDC-4EBC-B702-6631D4A6C6D6}C:\users\patrik\appdata\local\programs\opera\66.0.3515.36\opera.exe] => (Allow) C:\users\patrik\appdata\local\programs\opera\66.0.3515.36\opera.exe No File
FirewallRules: [TCP Query User{70F7D91C-B186-438B-B6A3-C0ECF1A62A86}C:\users\patrik\appdata\local\programs\opera\66.0.3515.72\opera.exe] => (Allow) C:\users\patrik\appdata\local\programs\opera\66.0.3515.72\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{B13DC488-A2AD-457D-9ED2-306617815B04}C:\users\patrik\appdata\local\programs\opera\66.0.3515.72\opera.exe] => (Allow) C:\users\patrik\appdata\local\programs\opera\66.0.3515.72\opera.exe (Opera Software AS -> Opera Software)

==================== Restore Points =========================

09-02-2020 00:37:20 Naplánovaný kontrolní bod
17-02-2020 13:20:29 Windows Update

==================== Faulty Device Manager Devices ============

Name: Sériový port sběrnice PCI
Description: Sériový port sběrnice PCI
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Řadič jednoduché komunikace pro sběrnici PCI
Description: Řadič jednoduché komunikace pro sběrnici PCI
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Síťový adaptér Ethernet
Description: Síťový adaptér Ethernet
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (02/17/2020 02:29:57 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4368,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (02/17/2020 02:20:33 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Users\Patrik\AppData\Local\chromium\Application\chrome.exe se nezdařilo.
Závislé sestavení 63.0.3237.0,language="&#x2a;",type="win32",version="63.0.3237.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (02/17/2020 02:15:30 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (02/17/2020 02:15:30 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (02/17/2020 02:02:05 PM) (Source: bookingDesktopApp Update) (EventID: 1) (User: NT AUTHORITY)
Description: Event-ID 1

Error: (02/17/2020 01:11:16 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3908,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (02/17/2020 01:08:36 PM) (Source: bookingDesktopApp Update) (EventID: 1) (User: NT AUTHORITY)
Description: Event-ID 1

Error: (02/17/2020 01:03:51 PM) (Source: bookingDesktopApp Update) (EventID: 1) (User: NT AUTHORITY)
Description: Event-ID 1


System errors:
=============
Error: (02/17/2020 02:28:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba bookingDesktopApp Update Service (bookingdesktopapp) byla neočekávaně ukončena. Tento stav nastal již 2krát.

Error: (02/17/2020 02:21:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba bookingDesktopApp Update Service (bookingdesktopapp) byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (02/17/2020 02:13:34 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (02/17/2020 02:13:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Apple Mobile Device Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (02/17/2020 02:13:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Bonjour Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (02/17/2020 02:13:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Telemetry Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.

Error: (02/17/2020 02:13:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.

Error: (02/17/2020 02:04:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba bookingDesktopApp Update Service (bookingdesktopapp) byla neočekávaně ukončena. Tento stav nastal již 8krát.


CodeIntegrity:
===================================

Date: 2019-12-18 14:20:52.572
Description:
Windows blocked file \Device\HarddiskVolume1\Windows\System32\scrobj.dll which has been disallowed for protected processes.

==================== Memory info ===========================

BIOS: Dell Inc. A20 10/06/2011
Motherboard: Dell Inc. 0GM819
Processor: Intel(R) Core(TM)2 Duo CPU E4500 @ 2.20GHz
Percentage of memory in use: 41%
Total physical RAM: 6013.61 MB
Available physical RAM: 3508.5 MB
Total Virtual: 6063.61 MB
Available Virtual: 3124.05 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.37 GB) (Free:78.08 GB) NTFS ==>[drive with boot components (obtained from BCD)]


==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.8 GB) (Disk ID: C871D419)
Partition 1: (Active) - (Size=232.4 GB) - (Type=42)
Partition 2: (Not Active) - (Size=469 MB) - (Type=42)

==================== End of Addition.txt =======================

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
  File: C:\WINDOWS\system32\TKCtrl2k64.sys
  File: C:\WINDOWS\system32\TKFsAv64.sys
  File: C:\WINDOWS\system32\TKFsFt64.sys
  File: C:\WINDOWS\system32\TKPcFtCb64.sys
  File: C:\WINDOWS\system32\TKRgAc2k64.sys
  File: C:\WINDOWS\system32\TKRgFtXp64.sys
  File: C:\WINDOWS\system32\TKSPxp64.sys
  Folder: C:\WINDOWS\system32\Tasks\Kilitadah
  Folder: C:\ProgramData\{C24EFE72-EA66-860A-B23E-AE225AD676FA}
  Folder: C:\ProgramData\{CA4E25F3-72C9-9E03-B16F-8012B188D943}
  Folder: C:\ProgramData\{E384B785-E0BF-B7C9-C7FD-4A3BC71A136A}
  
  CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
  CHR HKU\S-1-5-21-3089515713-514659430-4046908927-1001\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
  S3 cpuz149; \??\C:\WINDOWS\temp\cpuz149\cpuz149_x64.sys [X]
  U4 napagent; no ImagePath
  2020-02-11 16:08 - 2020-02-11 16:08 - 000000000 ____D C:\ProgramData\ByteFence
  2020-02-11 15:54 - 2020-02-17 14:09 - 000000000 ____D C:\WINDOWS\system32\Tasks\Kilitadah
  ContextMenuHandlers1: [ixcShellExt] -> {A7047D3E-09F3-11D4-8F6D-1081AD87DD41} => C:\Program Files (x86)\TACHYON\T5\ixShellExt6.dll -> No File
  ContextMenuHandlers6: [ixcShellExt] -> {A7047D3E-09F3-11D4-8F6D-1081AD87DD41} => C:\Program Files (x86)\TACHYON\T5\ixShellExt6.dll -> No File
  FirewallRules: [UDP Query User{8B440AD2-C942-4580-9262-F27395DC578A}C:\users\patrik\appdata\local\temp\rarsfx4\utorrent.exe] => (Allow) C:\users\patrik\appdata\local\temp\rarsfx4\utorrent.exe No File
  FirewallRules: [TCP Query User{B628C867-DCA1-44FA-96C5-F5C43F65ED67}C:\users\patrik\appdata\local\temp\rarsfx4\utorrent.exe] => (Allow) C:\users\patrik\appdata\local\temp\rarsfx4\utorrent.exe No File
  FirewallRules: [UDP Query User{B7D31E18-C0A4-4B93-9766-DEBFA016074E}C:\users\patrik\appdata\local\temp\rarsfx3\utorrent.exe] => (Block) C:\users\patrik\appdata\local\temp\rarsfx3\utorrent.exe No File
  FirewallRules: [TCP Query User{CAC060E7-CE25-47DA-92C7-DA0E07C21DCF}C:\users\patrik\appdata\local\temp\rarsfx3\utorrent.exe] => (Block) C:\users\patrik\appdata\local\temp\rarsfx3\utorrent.exe No File
  FirewallRules: [UDP Query User{E2ACB458-2E79-48DF-9064-704584C1EF64}C:\users\patrik\appdata\local\temp\rarsfx2\utorrent.exe] => (Allow) C:\users\patrik\appdata\local\temp\rarsfx2\utorrent.exe No File
  FirewallRules: [TCP Query User{35F1CE31-8657-4688-AFE4-65CE4776DEFF}C:\users\patrik\appdata\local\temp\rarsfx2\utorrent.exe] => (Allow) C:\users\patrik\appdata\local\temp\rarsfx2\utorrent.exe No File
  FirewallRules: [UDP Query User{8A21F819-8D0A-400D-8825-5B3246C03C30}C:\users\patrik\appdata\local\temp\rarsfx1\utorrent.exe] => (Allow) C:\users\patrik\appdata\local\temp\rarsfx1\utorrent.exe No File
  FirewallRules: [TCP Query User{A63702CB-D6C4-4103-B587-11E262568C6C}C:\users\patrik\appdata\local\temp\rarsfx1\utorrent.exe] => (Allow) C:\users\patrik\appdata\local\temp\rarsfx1\utorrent.exe No File
  FirewallRules: [TCP Query User{8216CBC6-E994-4218-AFE3-DE1AF60EAB3F}C:\users\patrik\appdata\local\temp\rarsfx0\utorrent.exe] => (Allow) C:\users\patrik\appdata\local\temp\rarsfx0\utorrent.exe No File
  FirewallRules: [UDP Query User{BF35A70D-665D-4A11-94D2-3770672CD304}C:\users\patrik\appdata\local\temp\rarsfx0\utorrent.exe] => (Allow) C:\users\patrik\appdata\local\temp\rarsfx0\utorrent.exe No File
  
  Hosts:
  EmptyTemp:
  End

• Uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
• Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

Přikládám Fixlog :

Fix result of Farbar Recovery Scan Tool (x64) Version: 16-02-2020
Ran by Patrik (18-02-2020 11:37:52) Run:1
Running from C:\Users\Patrik\Desktop
Loaded Profiles: Patrik (Available Profiles: Patrik)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\WINDOWS\system32\TKCtrl2k64.sys
File: C:\WINDOWS\system32\TKFsAv64.sys
File: C:\WINDOWS\system32\TKFsFt64.sys
File: C:\WINDOWS\system32\TKPcFtCb64.sys
File: C:\WINDOWS\system32\TKRgAc2k64.sys
File: C:\WINDOWS\system32\TKRgFtXp64.sys
File: C:\WINDOWS\system32\TKSPxp64.sys
Folder: C:\WINDOWS\system32\Tasks\Kilitadah
Folder: C:\ProgramData\{C24EFE72-EA66-860A-B23E-AE225AD676FA}
Folder: C:\ProgramData\{CA4E25F3-72C9-9E03-B16F-8012B188D943}
Folder: C:\ProgramData\{E384B785-E0BF-B7C9-C7FD-4A3BC71A136A}

CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
CHR HKU\S-1-5-21-3089515713-514659430-4046908927-1001\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
S3 cpuz149; \??\C:\WINDOWS\temp\cpuz149\cpuz149_x64.sys [X]
U4 napagent; no ImagePath
2020-02-11 16:08 - 2020-02-11 16:08 - 000000000 ____D C:\ProgramData\ByteFence
2020-02-11 15:54 - 2020-02-17 14:09 - 000000000 ____D C:\WINDOWS\system32\Tasks\Kilitadah
ContextMenuHandlers1: [ixcShellExt] -> {A7047D3E-09F3-11D4-8F6D-1081AD87DD41} => C:\Program Files (x86)\TACHYON\T5\ixShellExt6.dll -> No File
ContextMenuHandlers6: [ixcShellExt] -> {A7047D3E-09F3-11D4-8F6D-1081AD87DD41} => C:\Program Files (x86)\TACHYON\T5\ixShellExt6.dll -> No File
FirewallRules: [UDP Query User{8B440AD2-C942-4580-9262-F27395DC578A}C:\users\patrik\appdata\local\temp\rarsfx4\utorrent.exe] => (Allow) C:\users\patrik\appdata\local\temp\rarsfx4\utorrent.exe No File
FirewallRules: [TCP Query User{B628C867-DCA1-44FA-96C5-F5C43F65ED67}C:\users\patrik\appdata\local\temp\rarsfx4\utorrent.exe] => (Allow) C:\users\patrik\appdata\local\temp\rarsfx4\utorrent.exe No File
FirewallRules: [UDP Query User{B7D31E18-C0A4-4B93-9766-DEBFA016074E}C:\users\patrik\appdata\local\temp\rarsfx3\utorrent.exe] => (Block) C:\users\patrik\appdata\local\temp\rarsfx3\utorrent.exe No File
FirewallRules: [TCP Query User{CAC060E7-CE25-47DA-92C7-DA0E07C21DCF}C:\users\patrik\appdata\local\temp\rarsfx3\utorrent.exe] => (Block) C:\users\patrik\appdata\local\temp\rarsfx3\utorrent.exe No File
FirewallRules: [UDP Query User{E2ACB458-2E79-48DF-9064-704584C1EF64}C:\users\patrik\appdata\local\temp\rarsfx2\utorrent.exe] => (Allow) C:\users\patrik\appdata\local\temp\rarsfx2\utorrent.exe No File
FirewallRules: [TCP Query User{35F1CE31-8657-4688-AFE4-65CE4776DEFF}C:\users\patrik\appdata\local\temp\rarsfx2\utorrent.exe] => (Allow) C:\users\patrik\appdata\local\temp\rarsfx2\utorrent.exe No File
FirewallRules: [UDP Query User{8A21F819-8D0A-400D-8825-5B3246C03C30}C:\users\patrik\appdata\local\temp\rarsfx1\utorrent.exe] => (Allow) C:\users\patrik\appdata\local\temp\rarsfx1\utorrent.exe No File
FirewallRules: [TCP Query User{A63702CB-D6C4-4103-B587-11E262568C6C}C:\users\patrik\appdata\local\temp\rarsfx1\utorrent.exe] => (Allow) C:\users\patrik\appdata\local\temp\rarsfx1\utorrent.exe No File
FirewallRules: [TCP Query User{8216CBC6-E994-4218-AFE3-DE1AF60EAB3F}C:\users\patrik\appdata\local\temp\rarsfx0\utorrent.exe] => (Allow) C:\users\patrik\appdata\local\temp\rarsfx0\utorrent.exe No File
FirewallRules: [UDP Query User{BF35A70D-665D-4A11-94D2-3770672CD304}C:\users\patrik\appdata\local\temp\rarsfx0\utorrent.exe] => (Allow) C:\users\patrik\appdata\local\temp\rarsfx0\utorrent.exe No File

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 35
Average :
Sum : 878483196
Maximum :
Minimum :
Property : Length




========= End of Powershell: =========


========================= File: C:\WINDOWS\system32\TKCtrl2k64.sys ========================

C:\WINDOWS\system32\TKCtrl2k64.sys
File is digitally signed
MD5: B76D55A00D95C8B4C5A4A141F8B0133F
Creation and modification date: 2018-01-29 11:40 - 2018-01-29 11:40
Size: 000147240
Attributes: ----A
Company Name: INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.
Internal Name: TKCtrl.sys
Original Name: TKCtrl.sys
Product: Tachyon Kernel Control Driver 1.0
Description: Tachyon Kernel Control Driver 1.0
File Version: 2016, 1, 27, 1
Product Version: 2016, 1, 27, 1
Copyright: Copyright (C) INCA Internet. 2000-2016
VirusTotal: https://www.virustotal.com/file/3b8de44 ... 573641317/

====== End of File: ======


========================= File: C:\WINDOWS\system32\TKFsAv64.sys ========================

C:\WINDOWS\system32\TKFsAv64.sys
File is digitally signed
MD5: F222681D5FCB98100826BA2A16DC5489
Creation and modification date: 2018-03-07 08:59 - 2018-03-07 08:59
Size: 000198808
Attributes: ----A
Company Name: INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.
Internal Name: TKFsAv
Original Name: TKFsAv.sys
Product: Tachyon Anti-Virus Driver 2.0
Description: Tachyon Anti-Virus Driver 2.0
File Version: 2017, 8, 2, 1
Product Version: 2017, 8, 2, 1
Copyright: Copyright (C) INCA Internet. 2000-2016
VirusTotal: https://www.virustotal.com/file/dbe23cb ... 581495093/

====== End of File: ======


========================= File: C:\WINDOWS\system32\TKFsFt64.sys ========================

C:\WINDOWS\system32\TKFsFt64.sys
File is digitally signed
MD5: 50EA573555A02CF3FD2DDA56DF907D89
Creation and modification date: 2018-03-07 08:59 - 2018-03-07 08:59
Size: 000028824
Attributes: ----A
Company Name: INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.
Internal Name: TKFsFt
Original Name: TKFsFt.sys
Product: Tachyon File System MiniFilter Driver 2.0
Description: Tachyon File System MiniFilter Driver 2.0
File Version: 2014, 7, 1, 1
Product Version: 2014, 7, 1, 1
Copyright: Copyright (C) INCA Internet. 2000-2014
VirusTotal: https://www.virustotal.com/file/d88c26d ... 562848244/

====== End of File: ======


========================= File: C:\WINDOWS\system32\TKPcFtCb64.sys ========================

C:\WINDOWS\system32\TKPcFtCb64.sys
File is digitally signed
MD5: FCE5766FF34AEE062F3B307A5BE5DC44
Creation and modification date: 2018-01-30 04:41 - 2018-01-30 04:41
Size: 000054504
Attributes: ----A
Company Name: INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.
Internal Name: TKPcFtCb
Original Name: TKPcFtCb.sys
Product: Tachyon Process Control Filter Driver 1.0
Description: Tachyon Process Control Filter Driver 1.0
File Version: 2017, 4, 12, 1
Product Version: 2017, 4, 12, 1
Copyright: Copyright (C) INCA Internet. 2000-2015
VirusTotal: https://www.virustotal.com/file/26bfb34 ... 544407764/

====== End of File: ======


========================= File: C:\WINDOWS\system32\TKRgAc2k64.sys ========================

C:\WINDOWS\system32\TKRgAc2k64.sys
File is digitally signed
MD5: 03BC4F28136DF99296D0D443573D5BA8
Creation and modification date: 2018-01-29 21:47 - 2018-01-29 21:47
Size: 000115760
Attributes: ----A
Company Name: INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.
Internal Name: TKRgAc2k.sys
Original Name: TKRgAc2k.sys
Product: Tachyon Registry Access Control Driver
Description: Tachyon Registry Access Control Driver
File Version: 2017, 4, 25, 1
Product Version: 2017, 4, 25, 1
Copyright: Copyright (C) INCA Internet. 2000-2015
VirusTotal: 0

====== End of File: ======


========================= File: C:\WINDOWS\system32\TKRgFtXp64.sys ========================

C:\WINDOWS\system32\TKRgFtXp64.sys
File is digitally signed
MD5: E3F72AA54D1BCF550925B4536FE0A0C3
Creation and modification date: 2018-02-04 15:50 - 2018-02-04 15:50
Size: 000068848
Attributes: ----A
Company Name: INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.
Internal Name: TKRgFtXp.sys
Original Name: TKRgFtXp.sys
Product: Tachyon Registry Filter Driver(XP Later)
Description: Tachyon Registry Filter Driver(XP Later)
File Version: 2018, 2, 5, 1
Product Version: 2018, 2, 5, 1
Copyright: Copyright (C) INCA Internet. 2000-2015
VirusTotal: 0

====== End of File: ======


========================= File: C:\WINDOWS\system32\TKSPxp64.sys ========================

C:\WINDOWS\system32\TKSPxp64.sys
File is digitally signed
MD5: 152651C32949B3515A13A6D4CF08218B
Creation and modification date: 2018-01-29 11:40 - 2018-01-29 11:40
Size: 000080824
Attributes: ----A
Company Name: INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.
Internal Name: tksp
Original Name: tkspxp.sys
Product: Tachyon Self-Protection Driver 1.0
Description: Tachyon Self-Protection Driver 1.0
File Version: 2015, 4, 23, 99
Product Version: 2015, 4, 23, 99
Copyright: Copyright (C) INCA Internet. 2000-2014
VirusTotal: 0

====== End of File: ======


========================= Folder: C:\WINDOWS\system32\Tasks\Kilitadah ========================


====== End of Folder: ======


========================= Folder: C:\ProgramData\{C24EFE72-EA66-860A-B23E-AE225AD676FA} ========================


====== End of Folder: ======


========================= Folder: C:\ProgramData\{CA4E25F3-72C9-9E03-B16F-8012B188D943} ========================

2020-02-01 12:28 - 2020-02-01 12:28 - 000000000 ___AH [D41D8CD98F00B204E9800998ECF8427E] () C:\ProgramData\{CA4E25F3-72C9-9E03-B16F-8012B188D943}\BIT4E5.tmp

====== End of Folder: ======


========================= Folder: C:\ProgramData\{E384B785-E0BF-B7C9-C7FD-4A3BC71A136A} ========================


====== End of Folder: ======

HKLM\SOFTWARE\Policies\Google => removed successfully
HKU\S-1-5-21-3089515713-514659430-4046908927-1001\SOFTWARE\Policies\Google => removed successfully
HKLM\System\CurrentControlSet\Services\cpuz149 => removed successfully
cpuz149 => service removed successfully
"HKLM\System\CurrentControlSet\Services\napagent" => removed successfully
napagent => service removed successfully
C:\ProgramData\ByteFence => moved successfully
C:\WINDOWS\system32\Tasks\Kilitadah => moved successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ixcShellExt => removed successfully
HKLM\Software\Classes\CLSID\{A7047D3E-09F3-11D4-8F6D-1081AD87DD41} => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\ixcShellExt => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{8B440AD2-C942-4580-9262-F27395DC578A}C:\users\patrik\appdata\local\temp\rarsfx4\utorrent.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B628C867-DCA1-44FA-96C5-F5C43F65ED67}C:\users\patrik\appdata\local\temp\rarsfx4\utorrent.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B7D31E18-C0A4-4B93-9766-DEBFA016074E}C:\users\patrik\appdata\local\temp\rarsfx3\utorrent.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{CAC060E7-CE25-47DA-92C7-DA0E07C21DCF}C:\users\patrik\appdata\local\temp\rarsfx3\utorrent.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E2ACB458-2E79-48DF-9064-704584C1EF64}C:\users\patrik\appdata\local\temp\rarsfx2\utorrent.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{35F1CE31-8657-4688-AFE4-65CE4776DEFF}C:\users\patrik\appdata\local\temp\rarsfx2\utorrent.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{8A21F819-8D0A-400D-8825-5B3246C03C30}C:\users\patrik\appdata\local\temp\rarsfx1\utorrent.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A63702CB-D6C4-4103-B587-11E262568C6C}C:\users\patrik\appdata\local\temp\rarsfx1\utorrent.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8216CBC6-E994-4218-AFE3-DE1AF60EAB3F}C:\users\patrik\appdata\local\temp\rarsfx0\utorrent.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BF35A70D-665D-4A11-94D2-3770672CD304}C:\users\patrik\appdata\local\temp\rarsfx0\utorrent.exe" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 12607488 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 134043096 B
Java, Flash, Steam htmlcache => 253737479 B
Windows/system/drivers => 123254 B
Edge => 1678481 B
Chrome => 0 B
Firefox => 0 B
Opera => 419207355 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 11972 B
NetworkService => 11972 B
Patrik => 28198649 B

RecycleBin => 1029103 B
EmptyTemp: => 811.2 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 11:39:47 ====

No paráda teď mi ten fix odstranil všechny zapamatované hesla a já už se nedostanu na svuj icloud jelikož tento pc byl jediné důvěryhodné zařízení po ztrátě telefonu..

Cez FRST sa v prehliadacoch mazali iba cookies (teda aj aktivne prihlasenia), docasne subory, a podobne, co je bezna sucast cistenia (cookies maju obmedzenu platnost a skor ci neskor by vyprsali). Nemazali sa vsak ulozene hesla v prehliadaci. Ak teda spravne chapem, tak problem je v odhlaseni z iCloud alebo v niecom inom?

No problém je v tom, že mi ten fix odstranil muj PC z důvěryhodných zařízení pro můj icloud učet, tim pádem se už nedostanu na svuj Icloud učet protože mobil jsem ztratil a jiné přirazené zařízení jsem neměl ale to je už můj problém nějak to vyřeším .. jinak díky za kontroly

OK, nie je zaco. Situaciu bude potrebne vyriesit zrejme cez iforgot.apple.com alebo s technickou podporou Apple.