VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

prosím o pomoc -havěť v počítači

https://forum.viry.cz:443/viewtopic.php?t=156975

Stránka 1 z 1

prosím o pomoc -havěť v počítači

Napsal: 25 bře 2020 14:20
od tepan
Dobrý den,prosím o pomoc dostal jsem si do počítače havěť a nevím si s ní rady.Každých 10 sekund se mi otevírá prohlížeč ..Nainstaloval se mi tam nějaký autorun.Pomúžete prosím?

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-03-2020
Ran by Petr (administrator) on TEPAN (25-03-2020 14:12:53)
Running from C:\Users\Petr\OneDrive\Plocha
Loaded Profiles: Petr (Available Profiles: Petr)
Platform: Windows 10 Home Version 1903 18362.720 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

( ) [File not signed] C:\Users\Petr\AppData\Roaming\0sgrpnh1jka\2poblpnade1.exe
( ) [File not signed] C:\Users\Petr\AppData\Roaming\0sgrpnh1jka\2poblpnade1.exe
( ) [File not signed] C:\Users\Petr\AppData\Roaming\1xvxk5oaxjc\ijfrls1205p.exe
( ) [File not signed] C:\Users\Petr\AppData\Roaming\bgzm4iwskkw\duipaerzdk4.exe
( ) [File not signed] C:\Users\Petr\AppData\Roaming\fkjz0clqzd0\k4ewvio1ixn.exe
( ) [File not signed] C:\Users\Petr\AppData\Roaming\guhnjsasnop\df1gvhfwcmb.exe
( ) [File not signed] C:\Users\Petr\AppData\Roaming\hua3g5jspqp\fbdttxo2ony.exe
( ) [File not signed] C:\Users\Petr\AppData\Roaming\kp2sppnsn4e\okces2xgmwo.exe
( ) [File not signed] C:\Users\Petr\AppData\Roaming\roebq2yo44e\1ujsu5sdkee.exe
( ) [File not signed] C:\Users\Petr\AppData\Roaming\slazzf0hwyy\5uq5c153eks.exe
( ) [File not signed] C:\Users\Petr\AppData\Roaming\svgtrae1lyo\enyxwrbpjqe.exe
( ) [File not signed] C:\Users\Petr\AppData\Roaming\u5kjpwx4uem\lij21d3baiw.exe
( ) [File not signed] C:\Users\Petr\AppData\Roaming\wazc02ljnje\xnocnwjrdtv.exe
( ) [File not signed] C:\Users\Petr\AppData\Roaming\zex0ayqozlp\ugojacugeij.exe
( ) [File not signed] C:\Users\Petr\AppData\Roaming\zhkzsmjhuhk\y2njd0vwy5i.exe
( ) [File not signed] C:\Users\Petr\AppData\Roaming\zrh5rve4epc\p2jjiklwdrb.exe
( ) [File not signed] C:\Users\Petr\AppData\Roaming\zzzitmxt0tz\ind1s4alfbl.exe
() [File not signed] C:\crtsession\savesinto.exe
() [File not signed] C:\Program Files (x86)\Toptes\756411398.exe
() [File not signed] C:\Users\Petr\AppData\Local\Temp\is-0FO7D.tmp\ind1s4alfbl.tmp
() [File not signed] C:\Users\Petr\AppData\Local\Temp\is-1V0SF.tmp\2poblpnade1.tmp
() [File not signed] C:\Users\Petr\AppData\Local\Temp\is-3NL71.tmp\ugojacugeij.tmp
() [File not signed] C:\Users\Petr\AppData\Local\Temp\is-3VMVM.tmp\enyxwrbpjqe.tmp
() [File not signed] C:\Users\Petr\AppData\Local\Temp\is-53BVL.tmp\fbdttxo2ony.tmp
() [File not signed] C:\Users\Petr\AppData\Local\Temp\is-6H997.tmp\2poblpnade1.tmp
() [File not signed] C:\Users\Petr\AppData\Local\Temp\is-79OGO.tmp\1ujsu5sdkee.tmp
() [File not signed] C:\Users\Petr\AppData\Local\Temp\is-8DM9J.tmp\df1gvhfwcmb.tmp
() [File not signed] C:\Users\Petr\AppData\Local\Temp\is-C3T1G.tmp\lij21d3baiw.tmp
() [File not signed] C:\Users\Petr\AppData\Local\Temp\is-DOF2J.tmp\duipaerzdk4.tmp
() [File not signed] C:\Users\Petr\AppData\Local\Temp\is-EP229.tmp\ijfrls1205p.tmp
() [File not signed] C:\Users\Petr\AppData\Local\Temp\is-J71C6.tmp\y2njd0vwy5i.tmp
() [File not signed] C:\Users\Petr\AppData\Local\Temp\is-OJ0CU.tmp\okces2xgmwo.tmp
() [File not signed] C:\Users\Petr\AppData\Local\Temp\is-PQ64L.tmp\xnocnwjrdtv.tmp
() [File not signed] C:\Users\Petr\AppData\Local\Temp\is-QSTLO.tmp\5uq5c153eks.tmp
() [File not signed] C:\Users\Petr\AppData\Local\Temp\is-UUMU1.tmp\p2jjiklwdrb.tmp
() [File not signed] C:\Users\Petr\AppData\Local\Temp\is-VPTP1.tmp\k4ewvio1ixn.tmp
(Adobe Systems, Inc.) [File not signed] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Adobe Systems, Inc.) [File not signed] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Adobe Systems, Inc.) [File not signed] C:\ProgramData\FlexGridService\FlexGridService.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0346830.inf_amd64_35731e557194973d\B345901\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0346830.inf_amd64_35731e557194973d\B345901\atiesrxx.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(bookingDesktopApp.) [File not signed] C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe
(Comodo Security Solutions -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Comodo Security Solutions -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Comodo Security Solutions -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\Comodo\COMODO Secure Shopping\csssrv64.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\isesrv.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\vkise.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12003.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.20022.11011.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13036496 2019-07-31] (Comodo Security Solutions -> COMODO)
HKLM-x32\...\Run: [vdcss] => C:\Program Files (x86)\COMODO\COMODO Secure Shopping\vdcss.exe [8516280 2019-02-15] (Comodo Security Solutions, Inc. -> COMODO)
HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [4187856 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
HKLM\...\RunOnce: [xrwypnqjirp] => C:\Program Files (x86)\Toptes\756411398.exe [449024 2020-03-24] () [File not signed]
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [371304 2019-10-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3365840 2020-02-11] (Valve -> Valve Corporation)
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\Run: [BingSvc] => C:\Users\Petr\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2017-12-26] (Microsoft Corporation -> © 2015 Microsoft Corporation)
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\Run: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe [1579368 2020-03-22] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\Run: [8379390] => C:\Users\Petr\AppData\Roaming\zex0ayqozlp\ugojacugeij.exe [530961 2020-03-24] ( ) [File not signed]
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\Run: [74006] => C:\Users\Petr\AppData\Roaming\wazc02ljnje\xnocnwjrdtv.exe [530961 2020-03-24] ( ) [File not signed]
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\Run: [6464745] => C:\Users\Petr\AppData\Roaming\zrh5rve4epc\p2jjiklwdrb.exe [672144 2020-03-25] ( ) [File not signed]
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\Run: [755346] => C:\Users\Petr\AppData\Roaming\hua3g5jspqp\fbdttxo2ony.exe [672144 2020-03-25] ( ) [File not signed]
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\Run: [7776513] => C:\Users\Petr\AppData\Roaming\u5kjpwx4uem\lij21d3baiw.exe [672144 2020-03-25] ( ) [File not signed]
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\Run: [5834772] => C:\Users\Petr\AppData\Roaming\1xvxk5oaxjc\ijfrls1205p.exe [672144 2020-03-25] ( ) [File not signed]
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\Run: [7972482] => C:\Users\Petr\AppData\Roaming\svgtrae1lyo\enyxwrbpjqe.exe [672144 2020-03-25] ( ) [File not signed]
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\Run: [9752404] => C:\Users\Petr\AppData\Roaming\kp2sppnsn4e\okces2xgmwo.exe [672144 2020-03-25] ( ) [File not signed]
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\Run: [7042694] => C:\Users\Petr\AppData\Roaming\roebq2yo44e\1ujsu5sdkee.exe [672144 2020-03-25] ( ) [File not signed]
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\Run: [2747811] => C:\Users\Petr\AppData\Roaming\slazzf0hwyy\5uq5c153eks.exe [672144 2020-03-25] ( ) [File not signed]
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\Run: [7074566] => C:\Users\Petr\AppData\Roaming\bgzm4iwskkw\duipaerzdk4.exe [672144 2020-03-25] ( ) [File not signed]
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\Run: [7357905] => C:\Users\Petr\AppData\Roaming\zzzitmxt0tz\ind1s4alfbl.exe [672144 2020-03-25] ( ) [File not signed]
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\Run: [8586506] => C:\Users\Petr\AppData\Roaming\zhkzsmjhuhk\y2njd0vwy5i.exe [672144 2020-03-25] ( ) [File not signed]
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\Run: [9529549] => C:\Users\Petr\AppData\Roaming\guhnjsasnop\df1gvhfwcmb.exe [672144 2020-03-25] ( ) [File not signed]
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\Run: [3727460] => C:\Users\Petr\AppData\Roaming\0sgrpnh1jka\2poblpnade1.exe [672144 2020-03-25] ( ) [File not signed]
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\Run: [3646570] => C:\Users\Petr\AppData\Roaming\fkjz0clqzd0\k4ewvio1ixn.exe [672144 2020-03-25] ( ) [File not signed]
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\MountPoints2: {34a2c2d5-ec5c-11e9-9cc8-40b0765e7062} - "D:\Launch.exe"
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\MountPoints2: {ce33b9ab-f281-11e9-9cd2-40b0765e7062} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\MountPoints2: {ce33b9de-f281-11e9-9cd2-40b0765e7062} - "E:\HiSuiteDownLoader.exe"
Startup: C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\System.lnk [2020-03-25]
ShortcutTarget: System.lnk -> C:\crtsession\System.vbe () [File not signed]

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0A48237D-5E77-4636-AD1B-5AC395A5068F} - System32\Tasks\AMD ThankingURL => C:\Program Files\AMD\CIM\Bin64\Setup.exe [890248 2019-03-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {1DDF55E8-F84E-4572-8628-BCFA063554C1} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13036496 2019-07-31] (Comodo Security Solutions -> COMODO)
Task: {21763369-161B-49CD-81F8-B2E43D79D759} - System32\Tasks\bookingDesktopAppUpdateTaskMachineUA => C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-03-22] (bookingDesktopApp.) [File not signed]
Task: {4A3A2684-2E70-4DE4-B3E3-E6466EAE01C8} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [468992 2019-03-12] (Advanced Micro Devices, Inc.) [File not signed]
Task: {4C2E0DD0-DADA-45C6-B5DA-7DFF60120505} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files (x86)\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [2729320 2020-03-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {5344B390-8DA8-41BD-A8A0-7B0B0E791834} - System32\Tasks\NvNgxUpdateCheckDaily_{DB187D40-7D40-7D40-7D40-DB187D407D40} => C:\Users\Petr\AppData\Roaming\efwchvd [868864 2019-10-11] (Josh Close) [File not signed]
Task: {53AB23AC-8EEC-4957-B2C6-6922771EE91E} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5714384 2019-07-31] (Comodo Security Solutions -> COMODO)
Task: {5F8532E9-B6DB-4976-9F61-AB72C34BFB8E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [1177088 2020-03-24] (Adobe Systems, Inc.) [File not signed]
Task: {6D49B5FD-D5BE-4F3A-93B4-1E8817D4E3D0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {7D36C007-FD0B-49FB-B8C6-81096FE42E9B} - System32\Tasks\NvNgxUpdateCheckDaily_{A6B397E0-97E0-97E0-97E0-A6B397E097E0} => C:\Users\Petr\AppData\Roaming\adwchvd [199168 2019-10-11] () [File not signed]
Task: {8175F048-B512-4171-B833-01861426B0B0} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13036496 2019-07-31] (Comodo Security Solutions -> COMODO)
Task: {845A50C8-E190-4BC4-B5B4-F3A76E8E71CA} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [58760 2019-03-12] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {91F34A0A-249B-4C20-BCCB-ABEC18A46B47} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5714384 2019-07-31] (Comodo Security Solutions -> COMODO)
Task: {A2AA7524-DF4A-4357-BE67-57B1A0BDE138} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5714384 2019-07-31] (Comodo Security Solutions -> COMODO)
Task: {B1B3B30D-8C23-418A-A810-20CCB68319C3} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [468992 2019-03-12] (Advanced Micro Devices, Inc.) [File not signed]
Task: {B695A409-BD6D-40A9-8076-508876FF7D25} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {B9106207-91A2-4DBA-8371-92AA36B4642F} - System32\Tasks\280241a538c4771c0c8776554f606e0e => pcalua.exe -a "C:\crtsession\savesinto.exe"
Task: {B9D31198-191E-4DE0-B685-7AF8AB97AD88} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [1177088 2020-03-24] (Adobe Systems, Inc.) [File not signed]
Task: {C7A5E144-6B33-4359-9749-05586ED3E7B0} - System32\Tasks\bookingDesktopAppUpdateTaskMachineCore => C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-03-22] (bookingDesktopApp.) [File not signed]
Task: {CBBD7F97-B775-4CE2-A51E-A648A6175335} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe
Task: {F4857843-CF0C-4823-8375-4FA58F81EB4B} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5714384 2019-07-31] (Comodo Security Solutions -> COMODO)
Task: {F536AB63-7C72-46E8-813F-796450474217} - System32\Tasks\AdwCleaner_onReboot => C:\Users\Petr\OneDrive\Plocha\AdwCleaner.exe [8199856 2020-03-25] (Malwarebytes Inc -> Malwarebytes)
Task: {F6CE90AF-CC8B-4A19-A317-AF7789E78BBE} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5714384 2019-07-31] (Comodo Security Solutions -> COMODO)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{9fddadb7-d77f-4285-9596-3a6f1ddef74d}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{a448b503-55ba-485e-a542-6bf1fd832d5e}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{a448b503-55ba-485e-a542-6bf1fd832d5e}: [DhcpNameServer] 213.46.172.37 213.46.172.36

Internet Explorer:
==================
BHO: IeUrlFilter Class -> {2DD257A3-5028-41AE-A1E7-A12F76A08893} -> C:\Program Files (x86)\COMODO\COMODO Secure Shopping\cssbho64.dll [2019-02-15] (Comodo Security Solutions, Inc. -> COMODO)
BHO-x32: IeUrlFilter Class -> {2DD257A3-5028-41AE-A1E7-A12F76A08893} -> C:\Program Files (x86)\COMODO\COMODO Secure Shopping\cssbho32.dll [2019-02-15] (Comodo Security Solutions, Inc. -> COMODO)

Edge:
======
DownloadDir: D:\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-4148571483-3592684963-3718319802-1001 -> hxxp://seznam.cz/
Edge Notifications: HKU\S-1-5-21-4148571483-3592684963-3718319802-1001 -> hxxps://www.tipsport.cz; hxxps://www.facebook.com
Edge Extension: (uBlock Origin) -> EdgeExtension_37833NikRollsuBlockOrigin_f8jsg5mm64m62 => C:\Program Files\WindowsApps\37833NikRolls.uBlockOrigin_1.15.24.0_neutral__f8jsg5mm64m62 [2019-12-09]

FireFox:
========
FF Plugin-x32: @bookingdesktopapp.com/bookingDesktopApp Update;version=3 -> C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll [2020-03-22] (bookingDesktopApp.) [File not signed]
FF Plugin-x32: @bookingdesktopapp.com/bookingDesktopApp Update;version=9 -> C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll [2020-03-22] (bookingDesktopApp.) [File not signed]
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default [2020-03-25]
CHR StartupUrls: Default -> "hxxp://seznam.cz/"
CHR Extension: (Prezentace) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-11-24]
CHR Extension: (Dokumenty) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-11-24]
CHR Extension: (Disk Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-11-24]
CHR Extension: (YouTube) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-11-24]
CHR Extension: (uBlock Origin) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-03-11]
CHR Extension: (Tabulky) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-11-24]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-24]
CHR Extension: (Gmail) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-11-24]
CHR Extension: (Chrome Media Router) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-03-24]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\Windows\System32\DriverStore\FileRepository\u0346830.inf_amd64_35731e557194973d\B345901\atiesrxx.exe [508000 2019-09-18] (Advanced Micro Devices, Inc. -> AMD)
S2 bookingdesktopapp; C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-03-22] (bookingDesktopApp.) [File not signed]
S3 bookingdesktopappm; C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-03-22] (bookingDesktopApp.) [File not signed]
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11307792 2019-07-31] (Comodo Security Solutions, Inc. -> COMODO)
R2 CmdAgentProt; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11307792 2019-07-31] (Comodo Security Solutions, Inc. -> COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2649040 2019-07-31] (Comodo Security Solutions -> COMODO)
R2 csssrv; C:\Program Files (x86)\COMODO\COMODO Secure Shopping\csssrv64.exe [4202680 2019-02-15] (Comodo Security Solutions, Inc. -> COMODO)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4452456 2019-10-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 FileSyncHelper; C:\Program Files (x86)\Microsoft OneDrive\FileSyncHelper.exe [2141544 2020-03-22] (Microsoft Corporation -> Microsoft Corporation)
R2 FlexGridService; C:\ProgramData\FlexGridService\FlexGridService.exe [1177088 2020-03-24] (Adobe Systems, Inc.) [File not signed] <==== ATTENTION
R2 gupdate; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [1177088 2020-03-24] (Adobe Systems, Inc.) [File not signed]
S3 gupdatem; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [1177088 2020-03-24] (Adobe Systems, Inc.) [File not signed]
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [1044176 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
S3 OneDrive Updater Service; C:\Program Files (x86)\Microsoft OneDrive\OneDriveUpdaterService.exe [2498920 2020-03-22] (Microsoft Corporation -> Microsoft Corporation)
S2 remotesys; C:\Windows\remotesys.exe [1162240 2020-03-25] () [File not signed]
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1314448 2020-03-25] (Rockstar Games, Inc. -> Rockstar Games)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\NisSrv.exe [3284840 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MsMpEng.exe [103168 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdgpio2; C:\Windows\System32\drivers\amdgpio2.sys [45832 2019-10-01] (Advanced Micro Devices INC. -> Advanced Micro Devices, Inc)
R3 amdgpio3; C:\Windows\System32\drivers\amdgpio3.sys [24424 2016-08-12] (AMD PMP-PE CB Code Signer v20160415 -> Advanced Micro Devices, Inc)
S3 amdkmcsp; C:\Windows\system32\DRIVERS\amdkmcsp.sys [101232 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 amdkmdag; C:\Windows\System32\DriverStore\FileRepository\u0346830.inf_amd64_35731e557194973d\B345901\atikmdag.sys [55249504 2019-09-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DriverStore\FileRepository\u0346830.inf_amd64_35731e557194973d\B345901\atikmpag.sys [595040 2019-09-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [102832 2019-09-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AMDPCIDev; C:\Windows\System32\drivers\AMDPCIDev.sys [31592 2018-04-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R0 amdpsp; C:\Windows\System32\DRIVERS\amdpsp.sys [243048 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [107400 2018-10-03] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S0 cmdboot; C:\Windows\System32\DRIVERS\cmdboot.sys [17872 2019-03-18] (Microsoft Windows Early Launch Anti-malware Publisher -> COMODO)
R1 cmdcss; C:\Windows\system32\drivers\cmdcss.sys [125000 2018-02-28] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [39600 2019-07-31] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [842160 2019-07-31] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdhlp; C:\Windows\system32\DRIVERS\cmdhlp.sys [47824 2019-07-31] (Comodo Security Solutions, Inc. -> COMODO)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-18] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-18] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
S3 dot4usb; C:\Windows\system32\DRIVERS\dot4usb.sys [49056 2012-10-18] (Hewlett-Packard Company -> Microsoft Corporation)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [42256 2019-10-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [59360 2019-10-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 inspect; C:\Windows\system32\DRIVERS\inspect.sys [131520 2019-07-31] (Comodo Security Solutions, Inc. -> COMODO)
R1 isedrv; C:\Windows\system32\drivers\isedrv.sys [63256 2018-08-29] (Comodo Security Solutions, Inc. -> COMODO)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [662528 2019-03-19] (Microsoft Windows -> Realtek )
S3 RtlWlanu; C:\Windows\System32\drivers\rtwlanu.sys [8206848 2019-03-19] (Microsoft Windows -> Realtek Semiconductor Corporation )
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [45960 2020-02-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [376032 2020-02-04] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [53984 2020-02-04] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-03-25 14:12 - 2020-03-25 14:13 - 000000000 ____D C:\FRST
2020-03-25 14:11 - 2020-03-25 14:11 - 000000000 ____D C:\Users\Petr\AppData\Roaming\fkjz0clqzd0
2020-03-25 14:03 - 2020-03-25 14:03 - 000003304 _____ C:\Windows\system32\Tasks\280241a538c4771c0c8776554f606e0e
2020-03-25 14:03 - 2020-03-25 14:03 - 000000028 _____ C:\Windows\tmp_lkdj23df2
2020-03-25 14:01 - 2020-03-25 14:01 - 000012023 _____ C:\Windows\SysWOW64\list.dll
2020-03-25 14:01 - 2020-03-25 14:01 - 000000000 ____D C:\Users\Petr\AppData\Roaming\0sgrpnh1jka
2020-03-25 14:01 - 2020-03-25 14:01 - 000000000 ____D C:\crtsession
2020-03-25 14:00 - 2020-03-25 14:00 - 000003172 _____ C:\Windows\system32\Tasks\AdwCleaner_onReboot
2020-03-25 13:58 - 2020-03-25 14:00 - 000000000 ____D C:\AdwCleaner
2020-03-25 13:56 - 2020-03-25 13:56 - 000000000 ____D C:\Users\Petr\AppData\Roaming\guhnjsasnop
2020-03-25 13:46 - 2020-03-25 13:46 - 000000000 ____D C:\Users\Petr\AppData\Roaming\zhkzsmjhuhk
2020-03-25 13:36 - 2020-03-25 13:36 - 000000000 ____D C:\Users\Petr\AppData\Roaming\zzzitmxt0tz
2020-03-25 13:26 - 2020-03-25 13:26 - 000000000 ____D C:\Users\Petr\AppData\Roaming\bgzm4iwskkw
2020-03-25 13:16 - 2020-03-25 13:16 - 000000000 ____D C:\Users\Petr\AppData\Roaming\slazzf0hwyy
2020-03-25 13:06 - 2020-03-25 13:06 - 000000000 ____D C:\Users\Petr\AppData\Roaming\roebq2yo44e
2020-03-25 12:56 - 2020-03-25 12:56 - 000000000 ____D C:\Users\Petr\AppData\Roaming\kp2sppnsn4e
2020-03-25 12:46 - 2020-03-25 12:46 - 000000000 ____D C:\Users\Petr\AppData\Roaming\svgtrae1lyo
2020-03-25 12:36 - 2020-03-25 12:36 - 000000000 ____D C:\Users\Petr\AppData\Roaming\1xvxk5oaxjc
2020-03-25 12:26 - 2020-03-25 12:26 - 000000000 ____D C:\Users\Petr\AppData\Roaming\u5kjpwx4uem
2020-03-25 12:16 - 2020-03-25 12:16 - 000000000 ____D C:\Users\Petr\AppData\Roaming\hua3g5jspqp
2020-03-25 12:06 - 2020-03-25 12:06 - 000000000 ____D C:\Users\Petr\AppData\Roaming\zrh5rve4epc
2020-03-25 08:05 - 2020-03-25 08:05 - 001162240 _____ C:\Windows\remotesys.exe
2020-03-25 06:41 - 2020-03-25 06:41 - 005190656 _____ C:\Users\Petr\OneDrive\Dokumenty\22Red Dead Redemption 2 CODEXtorrent.exe
2020-03-25 06:39 - 2020-03-25 14:15 - 000000004 _____ C:\ProgramData\rc.dat
2020-03-25 06:32 - 2020-03-25 14:10 - 000003728 _____ C:\Windows\system32\Tasks\NvNgxUpdateCheckDaily_{DB187D40-7D40-7D40-7D40-DB187D407D40}
2020-03-25 06:27 - 2020-03-25 14:04 - 000000028 _____ C:\ProgramData\irw.atsd
2020-03-25 06:27 - 2020-03-25 14:02 - 000000004 _____ C:\ProgramData\lock.dat
2020-03-25 06:27 - 2020-03-25 06:27 - 000000008 _____ C:\ProgramData\ts.dat
2020-03-25 06:23 - 2020-03-25 06:23 - 000000000 ____D C:\ProgramData\FlexGridService
2020-03-24 16:03 - 2020-03-24 16:03 - 000000000 ____D C:\Users\Petr\AppData\Roaming\wazc02ljnje
2020-03-24 16:03 - 2020-03-24 16:03 - 000000000 ____D C:\Users\Petr\AppData\Roaming\SearchNewTab
2020-03-24 15:54 - 2020-03-25 14:01 - 000003728 _____ C:\Windows\system32\Tasks\NvNgxUpdateCheckDaily_{A6B397E0-97E0-97E0-97E0-A6B397E097E0}
2020-03-24 15:54 - 2020-03-24 15:54 - 000000000 ____D C:\Users\Petr\AppData\Roaming\booking-nativefier-9f4f54
2020-03-24 15:54 - 2020-03-24 15:54 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Booking
2020-03-24 15:53 - 2020-03-25 08:05 - 000000000 ____D C:\Program Files (x86)\Toptes
2020-03-24 15:53 - 2020-03-24 15:53 - 000000000 ____D C:\Users\Petr\AppData\Roaming\zex0ayqozlp
2020-03-24 15:53 - 2020-03-24 15:53 - 000000000 ____D C:\Program Files (x86)\wotsuper
2020-03-24 15:43 - 2020-03-25 06:41 - 000000000 ____D C:\Users\Petr\AppData\Local\MediaHuman
2020-03-24 15:43 - 2020-03-24 15:53 - 004127744 _____ C:\Users\Petr\OneDrive\Dokumenty\RDR 2 CODEX.torrent.exe
2020-03-24 15:43 - 2020-03-24 15:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaHuman
2020-03-24 15:43 - 2020-03-24 15:43 - 000000000 ____D C:\Program Files (x86)\MediaHuman
2020-03-24 15:43 - 2020-03-24 15:43 - 000000000 ____D C:\Program Files (x86)\Genie-Soft
2020-03-22 22:47 - 2020-03-22 22:47 - 000003548 _____ C:\Windows\system32\Tasks\bookingDesktopAppUpdateTaskMachineUA
2020-03-22 22:47 - 2020-03-22 22:47 - 000003424 _____ C:\Windows\system32\Tasks\bookingDesktopAppUpdateTaskMachineCore
2020-03-22 22:47 - 2020-03-22 22:47 - 000003268 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Booking.lnk
2020-03-22 22:47 - 2020-03-22 22:47 - 000003256 _____ C:\ProgramData\Plocha\Booking.lnk
2020-03-22 22:47 - 2020-03-22 22:47 - 000000000 ____D C:\Program Files (x86)\bookingDesktopApp
2020-03-22 22:47 - 2020-03-22 22:47 - 000000000 ____D C:\Program Files (x86)\Booking
2020-03-22 22:43 - 2020-03-22 22:43 - 001185968 _____ (Igor Pavlov) C:\Users\Petr\Downloads\SevenZip-setup.exe
2020-03-22 22:43 - 2020-03-22 22:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2020-03-22 22:43 - 2020-03-22 22:43 - 000000000 ____D C:\Program Files (x86)\7-Zip
2020-03-19 13:29 - 2020-03-19 13:29 - 000000000 ____D C:\Users\Petr\AppData\Local\NVIDIA Corporation
2020-03-19 13:11 - 2020-03-19 13:11 - 000001160 _____ C:\ProgramData\Plocha\Kingdom Come - Deliverance.lnk
2020-03-19 13:11 - 2020-03-19 13:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kingdom Come - Deliverance [GOG.com]
2020-03-19 13:10 - 2020-03-19 13:10 - 000000000 ____D C:\ProgramData\GOG.com
2020-03-13 17:13 - 2020-03-13 17:13 - 025444352 _____ (Microsoft Corporation) C:\Windows\system32\Hydrogen.dll
2020-03-13 17:13 - 2020-03-13 17:13 - 009930552 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2020-03-13 17:13 - 2020-03-13 17:13 - 007604584 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2020-03-13 17:13 - 2020-03-13 17:13 - 006520776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-03-13 17:13 - 2020-03-13 17:13 - 004563416 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2020-03-13 17:13 - 2020-03-13 17:13 - 001610240 _____ (Microsoft Corporation) C:\Windows\system32\HologramCompositor.dll
2020-03-13 17:13 - 2020-03-13 17:13 - 001398584 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2020-03-13 17:13 - 2020-03-13 17:13 - 001077048 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2020-03-13 17:13 - 2020-03-13 17:13 - 000772096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2020-03-13 17:13 - 2020-03-13 17:13 - 000689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2020-03-13 17:13 - 2020-03-13 17:13 - 000561464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2020-03-11 17:11 - 2020-03-11 17:11 - 025900544 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 022635008 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 019850240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 019812352 _____ (Microsoft Corporation) C:\Windows\system32\HologramWorld.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 018027008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 011607552 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 009711616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 007755776 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 007259648 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 006285312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 006084344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 005911040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 005764664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 005112832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 004855808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 004580352 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 004538880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 004348408 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Mirage.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 004129648 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 003971808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2020-03-11 17:11 - 2020-03-11 17:11 - 003860832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtmpltfm.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 003819520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 003488768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 003243296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Mirage.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 002956688 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 002875904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 002800640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2020-03-11 17:11 - 2020-03-11 17:11 - 002755584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2020-03-11 17:11 - 2020-03-11 17:11 - 002755584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2020-03-11 17:11 - 2020-03-11 17:11 - 002740736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\directml.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 002584008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 002561536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 002494744 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 002315680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 002307584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 002305536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 002259872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 002224952 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngine.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 002180408 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 002072664 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 002031104 _____ C:\Windows\system32\rdpnano.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 002021888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001985104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001867816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001835128 _____ (Microsoft Corporation) C:\Windows\system32\mfsrcsnk.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001770552 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001729024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallService.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001688064 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001684992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001665416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001664896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001555904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001540096 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001490640 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001484600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001458688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001417976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001413632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001412096 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001319936 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001284096 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001283600 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2020-03-11 17:11 - 2020-03-11 17:11 - 001282944 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001273856 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001264128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Speech.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001260544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpsharercom.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001218632 _____ (Microsoft Corporation) C:\Windows\system32\ClipUp.exe
2020-03-11 17:11 - 2020-03-11 17:11 - 001214976 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001190912 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001108040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001098720 _____ (Microsoft Corporation) C:\Windows\system32\DolbyDecMFT.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001088000 _____ (Microsoft Corporation) C:\Windows\system32\MCRecvSrc.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001054376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001031680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001012792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001007672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001000960 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Mirage.Internal.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000980320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtmpal.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000952416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DolbyDecMFT.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000935040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Taskmgr.exe
2020-03-11 17:11 - 2020-03-11 17:11 - 000923136 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000915296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtmcodecs.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000895488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000892696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000883712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MCRecvSrc.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000868864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windowsperformancerecordercontrol.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000843776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000836608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TpmCoreProvisioning.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000835584 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000783480 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2020-03-11 17:11 - 2020-03-11 17:11 - 000776488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000769552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000757632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000748032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000732000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ortcengine.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\odbc32.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000705536 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Mirage.Internal.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000691712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000680448 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000680184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000670720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2020-03-11 17:11 - 2020-03-11 17:11 - 000669496 _____ (Microsoft Corporation) C:\Windows\system32\computecore.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000668672 _____ (Microsoft Corporation) C:\Windows\system32\wsecedit.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000668296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000667136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000654336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uReFS.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000646656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000627216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicensingWinRT.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000613888 _____ (Microsoft Corporation) C:\Windows\system32\netprofmsvc.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbc32.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000599552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActivationManager.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000595968 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000562688 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000562176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000551824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sxs.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000532480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000526848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidprov.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000525312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsecedit.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000518656 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000516096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtrmgr.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000510768 _____ (Microsoft Corporation) C:\Windows\system32\systemreset.exe
2020-03-11 17:11 - 2020-03-11 17:11 - 000500224 _____ (Microsoft Corporation) C:\Windows\system32\mprdim.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000478792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000469504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000455168 _____ (Microsoft Corporation) C:\Windows\system32\upnphost.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000444416 _____ (Microsoft Corporation) C:\Windows\system32\MSFlacDecoder.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2020-03-11 17:11 - 2020-03-11 17:11 - 000403456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprdim.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000382976 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000380416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSFlacDecoder.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000358912 _____ (Microsoft Corporation) C:\Windows\system32\dusmsvc.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000355840 _____ (Microsoft Corporation) C:\Windows\system32\XpsDocumentTargetPrint.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000336384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2020-03-11 17:11 - 2020-03-11 17:11 - 000328192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnphost.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000327680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgeIso.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32k.sys
2020-03-11 17:11 - 2020-03-11 17:11 - 000307712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000299520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000287744 _____ (Microsoft Corporation) C:\Windows\system32\MSFlacEncoder.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000287232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcomapi.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000283136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000277504 _____ (Microsoft Corporation) C:\Windows\system32\scecli.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000251904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsDocumentTargetPrint.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSFlacEncoder.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000235520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000227840 _____ (Microsoft Corporation) C:\Windows\system32\IndexedDbLegacy.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000226816 _____ (Microsoft Corporation) C:\Windows\system32\netprofm.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000225792 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scecli.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000213984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EditionUpgradeManagerObj.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000211968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2020-03-11 17:11 - 2020-03-11 17:11 - 000210744 _____ (Microsoft Corporation) C:\Windows\system32\tcbloader.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000206336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys
2020-03-11 17:11 - 2020-03-11 17:11 - 000199480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2020-03-11 17:11 - 2020-03-11 17:11 - 000193592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\weretw.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000183808 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngOnline.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000181248 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2020-03-11 17:11 - 2020-03-11 17:11 - 000181248 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2020-03-11 17:11 - 2020-03-11 17:11 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallServiceTasks.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000179200 _____ (Microsoft Corporation) C:\Windows\system32\rtm.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IndexedDbLegacy.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000168448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EditionUpgradeHelper.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000166400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MicrosoftAccountTokenProvider.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtm.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000160768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2020-03-11 17:11 - 2020-03-11 17:11 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000148992 _____ (Microsoft Corporation) C:\Windows\system32\MDMAppInstaller.exe
2020-03-11 17:11 - 2020-03-11 17:11 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\DeviceUpdateAgent.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000139776 _____ (Microsoft Corporation) C:\Windows\system32\Chakrathunk.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000137216 _____ (Microsoft Corporation) C:\Windows\system32\pnpclean.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000136328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\omadmapi.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000135168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NdisImPlatform.sys
2020-03-11 17:11 - 2020-03-11 17:11 - 000133944 _____ (Microsoft Corporation) C:\Windows\system32\ImplatSetup.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000130112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmcmnutils.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000120560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\profext.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000114176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys
2020-03-11 17:11 - 2020-03-11 17:11 - 000113152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000107520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GraphicsCapture.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000105832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OpenWith.exe
2020-03-11 17:11 - 2020-03-11 17:11 - 000105472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakrathunk.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000105472 _____ (Microsoft Corporation) C:\Windows\system32\WorkFolders.exe
2020-03-11 17:11 - 2020-03-11 17:11 - 000102760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\profapi.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000097080 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000093184 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseDesktopAppMgmtCSP.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000089568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32u.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000089088 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000087552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3api.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3msm.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000078848 _____ (Microsoft Corporation) C:\Windows\system32\ProvSysprep.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000068408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceReactivation.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000068096 _____ (Microsoft Corporation) C:\Windows\system32\udhisapi.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\enterpriseresourcemanager.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\iemigplugin.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iemigplugin.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmRes.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\udhisapi.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000055376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtmmvrortc.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\dusmapi.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000045568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\npmproxy.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000042336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbs.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000042296 _____ (Microsoft Corporation) C:\Windows\system32\SysResetErr.exe
2020-03-11 17:11 - 2020-03-11 17:11 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\upnpcont.exe
2020-03-11 17:11 - 2020-03-11 17:11 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afunix.sys
2020-03-11 17:11 - 2020-03-11 17:11 - 000038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\dusmtask.exe
2020-03-11 17:11 - 2020-03-11 17:11 - 000037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmprovhost.exe
2020-03-11 17:11 - 2020-03-11 17:11 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2020-03-11 17:11 - 2020-03-11 17:11 - 000035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnpcont.exe
2020-03-11 17:11 - 2020-03-11 17:11 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LaunchWinApp.exe
2020-03-11 17:11 - 2020-03-11 17:11 - 000032056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2020-03-11 17:11 - 2020-03-11 17:11 - 000029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sxstrace.exe
2020-03-11 17:11 - 2020-03-11 17:11 - 000029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Drivers\afunix.sys
2020-03-11 17:11 - 2020-03-11 17:11 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\nlmproxy.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAgent.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000019768 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngine.exe
2020-03-11 17:11 - 2020-03-11 17:11 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msauserext.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\nlmsprep.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmplpxy.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\iprtprio.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LaunchTM.exe
2020-03-11 17:11 - 2020-03-11 17:11 - 000009216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtprio.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DMAlertListener.ProxyStub.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TpmCertResources.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000000315 _____ C:\Windows\system32\DrtmAuth9.bin
2020-03-11 17:11 - 2020-03-11 17:11 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2020-03-11 17:11 - 2020-03-11 17:11 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2020-03-11 17:11 - 2020-03-11 17:11 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2020-03-11 17:11 - 2020-03-11 17:11 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2020-03-11 17:11 - 2020-03-11 17:11 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2020-03-11 17:11 - 2020-03-11 17:11 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2020-03-11 17:11 - 2020-03-11 17:11 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2020-03-11 17:11 - 2020-03-11 17:11 - 000000315 _____ C:\Windows\system32\DrtmAuth12.bin
2020-03-11 17:11 - 2020-03-11 17:11 - 000000315 _____ C:\Windows\system32\DrtmAuth11.bin
2020-03-11 17:11 - 2020-03-11 17:11 - 000000315 _____ C:\Windows\system32\DrtmAuth10.bin
2020-03-11 17:11 - 2020-03-11 17:11 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
2020-03-11 17:10 - 2020-03-11 17:10 - 007905784 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 007263992 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 006436352 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 006168064 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 005040640 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 004898144 _____ (Microsoft Corporation) C:\Windows\system32\rtmpltfm.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 004622280 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 004471296 _____ (Microsoft Corporation) C:\Windows\system32\InputService.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 004140544 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsThresholdAdminFlowUI.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 004048896 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 003799552 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 003728896 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 003708928 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 003587896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 003552768 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 003371720 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 003263488 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 003260928 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 003143168 _____ (Microsoft Corporation) C:\Windows\system32\directml.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 002986808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 002870272 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 002808832 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 002773568 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 002768440 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 002715648 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 002698040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 002522112 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 002474496 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 002453504 _____ (Microsoft Corporation) C:\Windows\system32\InstallService.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 002289152 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 002157056 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 002087376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 001999952 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 001972536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 001885184 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 001854976 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 001835008 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 001823232 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Speech.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 001764336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 001762304 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 001757304 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2020-03-11 17:10 - 2020-03-11 17:10 - 001751040 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 001743888 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 001697792 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 001657120 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 001647072 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 001609216 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 001581056 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 001513040 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 001482040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 001481216 _____ (Microsoft Corporation) C:\Windows\system32\rdpsharercom.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 001480192 _____ (Microsoft Corporation) C:\Windows\system32\usocoreworker.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 001428992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 001396152 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 001394168 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 001366128 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2020-03-11 17:10 - 2020-03-11 17:10 - 001354080 _____ (Microsoft Corporation) C:\Windows\system32\rtmpal.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 001260480 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 001182448 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 001180160 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 001153024 _____ (Microsoft Corporation) C:\Windows\system32\windowsperformancerecordercontrol.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 001149712 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 001097728 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 001092096 _____ (Microsoft Corporation) C:\Windows\system32\TpmCoreProvisioning.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 001091936 _____ (Microsoft Corporation) C:\Windows\system32\rtmcodecs.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 001083904 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 001071184 _____ (Microsoft Corporation) C:\Windows\system32\Taskmgr.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 001057792 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 001032544 _____ (Microsoft Corporation) C:\Windows\system32\ortcengine.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 001027000 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000988160 _____ (Microsoft Corporation) C:\Windows\system32\refsutil.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 000983896 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000974848 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000945384 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000929144 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthService.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 000921088 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000916480 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Core.TextInput.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000914944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000908504 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000898048 _____ (Microsoft Corporation) C:\Windows\system32\MdmDiagnostics.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000878080 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.Service.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000877232 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000874296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000863232 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000851968 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 000845312 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 000838144 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Language.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000833616 _____ (Microsoft Corporation) C:\Windows\system32\pkeyhelper.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000802304 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000796904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000782848 _____ (Microsoft Corporation) C:\Windows\system32\wifinetworkmanager.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000765440 _____ (Microsoft Corporation) C:\Windows\system32\uReFS.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\ActivationManager.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000741392 _____ (Microsoft Corporation) C:\Windows\system32\LicensingWinRT.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000734720 _____ (Microsoft Corporation) C:\Windows\system32\lpksetup.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 000678912 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000661816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000649728 _____ (Microsoft Corporation) C:\Windows\system32\wlidprov.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000642216 _____ (Microsoft Corporation) C:\Windows\system32\TextInputFramework.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000638464 _____ (Microsoft Corporation) C:\Windows\system32\MBMediaManager.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000637240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000636848 _____ (Microsoft Corporation) C:\Windows\system32\sxs.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000605896 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000605184 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 000578560 _____ (Microsoft Corporation) C:\Windows\system32\SppExtComObj.Exe
2020-03-11 17:10 - 2020-03-11 17:10 - 000568832 _____ (Microsoft Corporation) C:\Windows\system32\wpnprv.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000568832 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Speech.UXRes.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000550400 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000540672 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2020-03-11 17:10 - 2020-03-11 17:10 - 000535552 _____ (Microsoft Corporation) C:\Windows\system32\usosvc.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000531768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2020-03-11 17:10 - 2020-03-11 17:10 - 000522384 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000477496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2020-03-11 17:10 - 2020-03-11 17:10 - 000460800 _____ (Microsoft Corporation) C:\Windows\system32\slui.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 000459688 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 000457216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cldflt.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000457016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000448000 _____ (Microsoft Corporation) C:\Windows\system32\SettingsEnvironment.Desktop.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000443904 _____ (Microsoft Corporation) C:\Windows\system32\edgeIso.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000441144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000435200 _____ (Microsoft Corporation) C:\Windows\system32\wincorlib.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000433152 _____ (Microsoft Corporation) C:\Windows\system32\MicrosoftAccountExtension.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000429880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000401408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 000392192 _____ (Microsoft Corporation) C:\Windows\system32\Search.ProtocolHandler.MAPI2.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000379904 _____ (Microsoft Corporation) C:\Windows\system32\provengine.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000368128 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000355000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000353960 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000337920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Acx01000.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000330240 _____ (Microsoft Corporation) C:\Windows\system32\omadmclient.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 000329216 _____ (Microsoft Corporation) C:\Windows\system32\DiagnosticLogCSP.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000320312 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthAgent.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000309248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000308736 _____ (Microsoft Corporation) C:\Windows\system32\msIso.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000307712 _____ (Microsoft Corporation) C:\Windows\system32\sppcomapi.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000294400 _____ (Microsoft Corporation) C:\Windows\system32\provops.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000291840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\DeviceDirectoryClient.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000285184 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000282112 _____ (Microsoft Corporation) C:\Windows\system32\ngcpopkeysrv.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000273408 _____ (Microsoft Corporation) C:\Windows\system32\MicrosoftAccountCloudAP.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000271872 _____ (Microsoft Corporation) C:\Windows\system32\provhandlers.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000268288 _____ (Microsoft Corporation) C:\Windows\system32\dot3svc.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000265216 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000263168 _____ (Microsoft Corporation) C:\Windows\system32\wpnservice.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\netman.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000260920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000259584 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000258048 _____ (Microsoft Corporation) C:\Windows\system32\VPNv2CSP.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000250896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000250880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winnat.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000248064 _____ (Microsoft Corporation) C:\Windows\system32\weretw.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000240640 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 000239104 _____ (Microsoft Corporation) C:\Windows\system32\vdsbas.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000234984 _____ (Microsoft Corporation) C:\Windows\system32\EditionUpgradeManagerObj.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000233472 _____ (Microsoft Corporation) C:\Windows\system32\KnobsCore.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000232960 _____ (Microsoft Corporation) C:\Windows\system32\provisioningcsp.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000231936 _____ (Microsoft Corporation) C:\Windows\system32\TetheringMgr.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000231936 _____ (Microsoft Corporation) C:\Windows\system32\InstallServiceTasks.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000228864 _____ (Microsoft Corporation) C:\Windows\system32\MicrosoftAccountTokenProvider.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000224056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000222520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000221200 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 000208696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000204800 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000201744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wcifs.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000201728 _____ (Microsoft Corporation) C:\Windows\system32\AppXApplicabilityBlob.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000201528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000199992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000183608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000182272 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000180232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\LanguageComponentsInstaller.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000177152 _____ (Microsoft Corporation) C:\Windows\system32\EditionUpgradeHelper.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000174592 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000174392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storahci.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000165504 _____ (Microsoft Corporation) C:\Windows\system32\dmcmnutils.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000164776 _____ (Microsoft Corporation) C:\Windows\system32\omadmapi.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000151568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbus.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000147456 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000146712 _____ (Microsoft Corporation) C:\Windows\system32\profext.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\GraphicsCapture.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000141840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\provpackageapidll.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000138752 _____ (Microsoft Corporation) C:\Windows\system32\InputLocaleManager.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000138752 _____ (Microsoft Corporation) C:\Windows\system32\DeviceMetadataRetrievalClient.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000138240 _____ (Microsoft Corporation) C:\Windows\system32\TelephonyInteractiveUser.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000133256 _____ (Microsoft Corporation) C:\Windows\system32\profapi.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000131896 _____ (Microsoft Corporation) C:\Windows\system32\DTUHandler.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000128312 _____ (Microsoft Corporation) C:\Windows\system32\wifitask.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 000127064 _____ (Microsoft Corporation) C:\Windows\system32\win32u.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000120320 _____ (Microsoft Corporation) C:\Windows\system32\KnobsCsp.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000120048 _____ (Microsoft Corporation) C:\Windows\system32\OpenWith.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 000118784 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Taskbar.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000112128 _____ (Microsoft Corporation) C:\Windows\system32\AxInstSv.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000108032 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000107832 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthProxyStub.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000105984 _____ (Microsoft Corporation) C:\Windows\system32\utcutil.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000103936 _____ (Microsoft Corporation) C:\Windows\system32\dot3msm.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000102912 _____ (Microsoft Corporation) C:\Windows\system32\NFCProvisioningPlugin.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000099328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2020-03-11 17:10 - 2020-03-11 17:10 - 000098104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\provdatastore.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\dot3api.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\ProvPluginEng.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000089616 _____ (Microsoft Corporation) C:\Windows\system32\DeviceReactivation.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000089088 _____ (Microsoft Corporation) C:\Windows\system32\BarcodeProvisioningPlugin.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000087040 _____ (Microsoft Corporation) C:\Windows\system32\EditBufferTestHook.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\provtool.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\enterpriseresourcemanager.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\CustomInstallExec.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\autopilot.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000071680 _____ (Microsoft Corporation) C:\Windows\system32\lpremove.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\monitor.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000067112 _____ (Microsoft Corporation) C:\Windows\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\RemovableMediaProvisioningPlugin.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000066336 _____ (Microsoft Corporation) C:\Windows\system32\wlrmdr.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 000063288 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthHost.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\AxInstUI.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 000056672 _____ (Microsoft Corporation) C:\Windows\system32\rtmmvrortc.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000056632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciidex.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\MSAProfileNotificationHandler.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000052736 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000048256 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\cellulardatacapabilityhandler.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\LaunchWinApp.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\WiredNetworkCSP.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000041984 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\WordBreakers.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthMini.SYS
2020-03-11 17:10 - 2020-03-11 17:10 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\sxstrace.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000032256 _____ (Microsoft Corporation) C:\Windows\system32\WsmAgent.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000031232 _____ (Microsoft Corporation) C:\Windows\system32\FaxPrinterInstaller.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\KNetPwrDepBroker.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000030008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\atapi.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000029712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tbs.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000028936 _____ (Microsoft Corporation) C:\Windows\system32\vmbuspipe.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\autopilotdiag.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\wci.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000023040 _____ (Microsoft Corporation) C:\Windows\system32\msauserext.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000019984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelide.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000019456 _____ (Microsoft Corporation) C:\Windows\system32\mpnotify.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 000016912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciide.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\MUILanguageCleanup.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\LangCleanupSysprepAction.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\pacjsworker.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\LaunchTM.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\DMAlertListener.ProxyStub.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\lpksetupproxyserv.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000003584 _____ (Microsoft Corporation) C:\Windows\system32\TpmCertResources.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\tier2punctuations.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\TelephonyInteractiveUserRes.dll
2020-03-11 17:04 - 2020-02-11 05:48 - 000390656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2020-03-11 17:04 - 2020-02-11 05:37 - 000492544 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2020-03-11 10:50 - 2020-03-11 10:50 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Macromedia

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-03-25 14:10 - 2019-10-15 17:02 - 000000000 ____D C:\Users\Petr\AppData\Local\CrashDumps
2020-03-25 14:10 - 2019-10-15 16:00 - 001474832 _____ C:\Windows\system32\Drivers\sfi.dat
2020-03-25 14:06 - 2019-10-11 20:22 - 001693640 _____ C:\Windows\system32\PerfStringBackup.INI
2020-03-25 14:06 - 2019-03-19 12:55 - 000716944 _____ C:\Windows\system32\perfh005.dat
2020-03-25 14:06 - 2019-03-19 12:55 - 000145024 _____ C:\Windows\system32\perfc005.dat
2020-03-25 14:06 - 2019-03-19 05:50 - 000000000 ____D C:\Windows\INF
2020-03-25 14:01 - 2019-10-15 17:15 - 000000000 ____D C:\Program Files (x86)\Steam
2020-03-25 14:01 - 2019-10-11 20:29 - 000003090 _____ C:\Windows\system32\Tasks\AMDLinkUpdate
2020-03-25 14:01 - 2019-10-11 20:17 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-03-25 14:01 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-03-25 14:00 - 2020-02-06 06:42 - 000000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2020-03-25 14:00 - 2019-10-11 20:29 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2020-03-25 14:00 - 2019-03-19 05:37 - 000524288 _____ C:\Windows\system32\config\BBI
2020-03-25 13:39 - 2019-10-15 10:45 - 000000000 ____D C:\Users\Petr\AppData\Roaming\uTorrent
2020-03-25 13:37 - 2019-10-15 09:44 - 000000000 ____D C:\Users\Petr\AppData\Roaming\vlc
2020-03-25 13:35 - 2019-10-11 20:17 - 000000000 ____D C:\Windows\system32\SleepStudy
2020-03-25 11:44 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\AppReadiness
2020-03-25 07:11 - 2019-10-15 09:32 - 000000000 ____D C:\Program Files (x86)\Google
2020-03-25 06:58 - 2019-10-15 12:25 - 000000000 ____D C:\Program Files\Rockstar Games
2020-03-25 06:58 - 2019-10-15 12:01 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2020-03-25 06:58 - 2019-10-11 20:30 - 000000000 ____D C:\Users\Petr\AppData\Local\D3DSCache
2020-03-25 06:39 - 2019-10-15 10:10 - 000000000 ____D C:\Users\Petr\AppData\Roaming\DAEMON Tools Lite
2020-03-24 11:33 - 2019-10-15 11:04 - 000000000 ____D C:\Users\Petr\AppData\Local\PlaceholderTileLogoFolder
2020-03-24 11:33 - 2019-10-11 20:31 - 000000000 ____D C:\ProgramData\Packages
2020-03-24 11:33 - 2019-10-11 20:23 - 000000000 ____D C:\Users\Petr\AppData\Local\Packages
2020-03-24 11:33 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-03-22 20:16 - 2019-10-11 20:28 - 000000000 ____D C:\ProgramData\Package Cache
2020-03-22 14:01 - 2020-02-06 06:42 - 000003206 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2020-03-22 14:01 - 2020-02-06 06:42 - 000002172 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-03-22 14:01 - 2019-10-11 20:25 - 000000000 ___RD C:\Users\Petr\OneDrive
2020-03-21 20:38 - 2019-10-11 20:28 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2020-03-20 22:32 - 2019-11-24 03:08 - 000003474 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-03-20 22:32 - 2019-11-24 03:08 - 000003350 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-03-17 17:06 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\ShellExperiences
2020-03-17 17:06 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\bcastdvr
2020-03-17 12:37 - 2019-03-19 05:37 - 000000000 ____D C:\Windows\CbsTemp
2020-03-12 00:30 - 2019-10-11 20:23 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-03-12 00:30 - 2019-10-11 20:23 - 000000000 ___RD C:\Users\Petr\3D Objects
2020-03-12 00:30 - 2019-10-11 20:17 - 000258256 _____ C:\Windows\system32\FNTCACHE.DAT
2020-03-12 00:28 - 2019-03-19 05:52 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2020-03-12 00:28 - 2019-03-19 05:52 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2020-03-12 00:28 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\SysWOW64\setup
2020-03-12 00:28 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\SysWOW64\Dism
2020-03-12 00:28 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\SystemResources
2020-03-12 00:28 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2020-03-12 00:28 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\setup
2020-03-12 00:28 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\oobe
2020-03-12 00:28 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\Dism
2020-03-12 00:28 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Windows Defender
2020-03-12 00:28 - 2019-03-19 05:37 - 000000000 ____D C:\Windows\servicing
2020-03-11 17:16 - 2019-10-11 20:35 - 000000000 ____D C:\Windows\system32\MRT
2020-03-11 17:14 - 2019-10-11 20:35 - 121542864 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Files in the root of some directories ========

2020-03-25 06:27 - 2020-03-25 14:02 - 000000004 _____ () C:\ProgramData\lock.dat
2020-03-25 06:39 - 2020-03-25 14:15 - 000000004 _____ () C:\ProgramData\rc.dat
2020-03-25 06:27 - 2020-03-25 06:27 - 000000008 _____ () C:\ProgramData\ts.dat
2019-10-11 20:42 - 2019-10-11 20:42 - 000199168 ___SH () C:\Users\Petr\AppData\Roaming\adwchvd
2019-10-11 20:42 - 2019-10-11 20:42 - 000263244 ___SH () C:\Users\Petr\AppData\Roaming\brhesbb
2019-10-11 20:42 - 2019-10-11 20:42 - 000868864 ___SH (Josh Close) C:\Users\Petr\AppData\Roaming\efwchvd
2019-10-11 20:42 - 2019-10-11 20:42 - 000263244 ___SH () C:\Users\Petr\AppData\Roaming\twhbagu
2019-10-11 20:56 - 2019-10-11 20:56 - 000000017 _____ () C:\Users\Petr\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Re: prosím o pomoc -havěť v počítači

Napsal: 25 bře 2020 14:51
od Rudy
Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Re: prosím o pomoc -havěť v počítači

Napsal: 25 bře 2020 16:48
od tepan
Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 25.03.20
Čas skenování: 14:59
Logovací soubor: da55ea94-6ea0-11ea-b4ca-40b0765e7062.json

-Informace o softwaru-
Verze: 4.1.0.56
Verze komponentů: 1.0.859
Aktualizovat verzi balíku komponent: 1.0.21346
Licence: Zkušební

-Systémová informace-
OS: Windows 10 (Build 18362.720)
CPU: x64
Systém souborů: NTFS
Uživatel: TEPAN\Petr

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 276894
Zjištěné hrozby: 193
Hrozby umístěné do karantény: 193
Uplynulý čas: 2 min, 8 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 27
Adware.Tuto4PC.Generic, C:\PROGRAM FILES (X86)\TOPTES\756411398.EXE, V karanténě, 3716, 730662, , , ,
Adware.Tuto4PC.Generic, C:\USERS\PETR\APPDATA\ROAMING\ZEX0AYQOZLP\UGOJACUGEIJ.EXE, V karanténě, 3716, 521959, , , ,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\ROAMING\0SGRPNH1JKA\2POBLPNADE1.EXE, V karanténě, 0, 392686, , , ,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\ROAMING\0SGRPNH1JKA\2POBLPNADE1.EXE, V karanténě, 0, 392686, , , ,
Adware.Tuto4PC, C:\USERS\PETR\APPDATA\ROAMING\WAZC02LJNJE\XNOCNWJRDTV.EXE, V karanténě, 2861, 641820, , , ,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\ROAMING\ZRH5RVE4EPC\P2JJIKLWDRB.EXE, V karanténě, 0, 392686, , , ,
Adware.Tuto4PC.Generic, C:\USERS\PETR\APPDATA\ROAMING\HUA3G5JSPQP\FBDTTXO2ONY.EXE, V karanténě, 3716, 447063, , , ,
Adware.Tuto4PC.Generic, C:\USERS\PETR\APPDATA\ROAMING\U5KJPWX4UEM\LIJ21D3BAIW.EXE, V karanténě, 3716, 521959, , , ,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\ROAMING\1XVXK5OAXJC\IJFRLS1205P.EXE, V karanténě, 0, 392686, , , ,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\ROAMING\SVGTRAE1LYO\ENYXWRBPJQE.EXE, V karanténě, 0, 392686, , , ,
Adware.Tuto4PC.Generic, C:\USERS\PETR\APPDATA\ROAMING\KP2SPPNSN4E\OKCES2XGMWO.EXE, V karanténě, 3716, 521959, , , ,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\ROAMING\ROEBQ2YO44E\1UJSU5SDKEE.EXE, V karanténě, 0, 392686, , , ,
Adware.Tuto4PC.Generic, C:\USERS\PETR\APPDATA\ROAMING\SLAZZF0HWYY\5UQ5C153EKS.EXE, V karanténě, 3716, 521959, , , ,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\ROAMING\FKJZ0CLQZD0\K4EWVIO1IXN.EXE, V karanténě, 0, 392686, , , ,
Adware.Tuto4PC.Generic, C:\USERS\PETR\APPDATA\ROAMING\BGZM4IWSKKW\DUIPAERZDK4.EXE, V karanténě, 3716, 521959, , , ,
Adware.Tuto4PC.Generic, C:\USERS\PETR\APPDATA\ROAMING\ZZZITMXT0TZ\IND1S4ALFBL.EXE, V karanténě, 3716, 521959, , , ,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\ROAMING\ZHKZSMJHUHK\Y2NJD0VWY5I.EXE, V karanténě, 0, 392686, , , ,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\ROAMING\GUHNJSASNOP\DF1GVHFWCMB.EXE, V karanténě, 0, 392686, , , ,
Adware.Tuto4PC.Generic, C:\USERS\PETR\APPDATA\ROAMING\W3BH2PF2BRF\U5112OEO0MN.EXE, V karanténě, 3716, 521959, , , ,
Adware.Tuto4PC.Generic, C:\USERS\PETR\APPDATA\ROAMING\MBSDKI1ZBTD\FRVMDJTM55U.EXE, V karanténě, 3716, 521959, , , ,
Adware.Tuto4PC.Generic, C:\USERS\PETR\APPDATA\ROAMING\YOJQWJPNY4C\QCPN4X3VWHS.EXE, V karanténě, 3716, 521959, , , ,
Adware.Tuto4PC.Generic, C:\USERS\PETR\APPDATA\ROAMING\2UGDNPZDXDT\BR45ZDRHCQC.EXE, V karanténě, 3716, 521959, , , ,
Adware.DownloadAssistant, C:\PROGRAMDATA\FLEXGRIDSERVICE\FLEXGRIDSERVICE.EXE, V karanténě, 7519, 791161, , , ,
Adware.DownloadAssistant, C:\PROGRAM FILES (X86)\GOOGLE\UPDATE\GOOGLEUPDATE.EXE, V karanténě, 7519, 791161, , , ,
Adware.DownloadAssistant, C:\PROGRAM FILES (X86)\GOOGLE\UPDATE\GOOGLEUPDATE.EXE, V karanténě, 7519, 791161, , , ,
Adware.DownloadAssistant, C:\PROGRAM FILES (X86)\GOOGLE\UPDATE\GOOGLEUPDATE.EXE, V karanténě, 7519, 791161, , , ,
Trojan.MalPack, C:\CRTSESSION\SAVESINTO.EXE, V karanténě, 549, 792864, , , ,

Modul: 27
Adware.Tuto4PC.Generic, C:\PROGRAM FILES (X86)\TOPTES\756411398.EXE, V karanténě, 3716, 730662, , , ,
Adware.Tuto4PC.Generic, C:\USERS\PETR\APPDATA\ROAMING\ZEX0AYQOZLP\UGOJACUGEIJ.EXE, V karanténě, 3716, 521959, , , ,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\ROAMING\0SGRPNH1JKA\2POBLPNADE1.EXE, V karanténě, 0, 392686, , , ,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\ROAMING\0SGRPNH1JKA\2POBLPNADE1.EXE, V karanténě, 0, 392686, , , ,
Adware.Tuto4PC, C:\USERS\PETR\APPDATA\ROAMING\WAZC02LJNJE\XNOCNWJRDTV.EXE, V karanténě, 2861, 641820, , , ,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\ROAMING\ZRH5RVE4EPC\P2JJIKLWDRB.EXE, V karanténě, 0, 392686, , , ,
Adware.Tuto4PC.Generic, C:\USERS\PETR\APPDATA\ROAMING\HUA3G5JSPQP\FBDTTXO2ONY.EXE, V karanténě, 3716, 447063, , , ,
Adware.Tuto4PC.Generic, C:\USERS\PETR\APPDATA\ROAMING\U5KJPWX4UEM\LIJ21D3BAIW.EXE, V karanténě, 3716, 521959, , , ,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\ROAMING\1XVXK5OAXJC\IJFRLS1205P.EXE, V karanténě, 0, 392686, , , ,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\ROAMING\SVGTRAE1LYO\ENYXWRBPJQE.EXE, V karanténě, 0, 392686, , , ,
Adware.Tuto4PC.Generic, C:\USERS\PETR\APPDATA\ROAMING\KP2SPPNSN4E\OKCES2XGMWO.EXE, V karanténě, 3716, 521959, , , ,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\ROAMING\ROEBQ2YO44E\1UJSU5SDKEE.EXE, V karanténě, 0, 392686, , , ,
Adware.Tuto4PC.Generic, C:\USERS\PETR\APPDATA\ROAMING\SLAZZF0HWYY\5UQ5C153EKS.EXE, V karanténě, 3716, 521959, , , ,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\ROAMING\FKJZ0CLQZD0\K4EWVIO1IXN.EXE, V karanténě, 0, 392686, , , ,
Adware.Tuto4PC.Generic, C:\USERS\PETR\APPDATA\ROAMING\BGZM4IWSKKW\DUIPAERZDK4.EXE, V karanténě, 3716, 521959, , , ,
Adware.Tuto4PC.Generic, C:\USERS\PETR\APPDATA\ROAMING\ZZZITMXT0TZ\IND1S4ALFBL.EXE, V karanténě, 3716, 521959, , , ,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\ROAMING\ZHKZSMJHUHK\Y2NJD0VWY5I.EXE, V karanténě, 0, 392686, , , ,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\ROAMING\GUHNJSASNOP\DF1GVHFWCMB.EXE, V karanténě, 0, 392686, , , ,
Adware.Tuto4PC.Generic, C:\USERS\PETR\APPDATA\ROAMING\W3BH2PF2BRF\U5112OEO0MN.EXE, V karanténě, 3716, 521959, , , ,
Adware.Tuto4PC.Generic, C:\USERS\PETR\APPDATA\ROAMING\MBSDKI1ZBTD\FRVMDJTM55U.EXE, V karanténě, 3716, 521959, , , ,
Adware.Tuto4PC.Generic, C:\USERS\PETR\APPDATA\ROAMING\YOJQWJPNY4C\QCPN4X3VWHS.EXE, V karanténě, 3716, 521959, , , ,
Adware.Tuto4PC.Generic, C:\USERS\PETR\APPDATA\ROAMING\2UGDNPZDXDT\BR45ZDRHCQC.EXE, V karanténě, 3716, 521959, , , ,
Adware.DownloadAssistant, C:\PROGRAMDATA\FLEXGRIDSERVICE\FLEXGRIDSERVICE.EXE, V karanténě, 7519, 791161, , , ,
Adware.DownloadAssistant, C:\PROGRAM FILES (X86)\GOOGLE\UPDATE\GOOGLEUPDATE.EXE, V karanténě, 7519, 791161, , , ,
Adware.DownloadAssistant, C:\PROGRAM FILES (X86)\GOOGLE\UPDATE\GOOGLEUPDATE.EXE, V karanténě, 7519, 791161, , , ,
Adware.DownloadAssistant, C:\PROGRAM FILES (X86)\GOOGLE\UPDATE\GOOGLEUPDATE.EXE, V karanténě, 7519, 791161, , , ,
Trojan.MalPack, C:\CRTSESSION\SAVESINTO.EXE, V karanténě, 549, 792864, , , ,

Klíč registru: 20
Trojan.WotSuper, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\wotsuper 2.1, V karanténě, 3491, 782990, , , ,
Trojan.CrthRazy, HKLM\SOFTWARE\WOW6432NODE\Machiner, V karanténě, 3170, 676882, 1.0.21346, , ame,
Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\bestavicampaign563, V karanténě, 520, 584322, 1.0.21346, , ame,
Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\campaign9961, V karanténě, 520, 518478, 1.0.21346, , ame,
Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\multitimercampaign84170, V karanténě, 520, 518476, 1.0.21346, , ame,
Adware.DownloadAssistant, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\FlexGridService, V karanténě, 7519, 791161, , , ,
Adware.DownloadAssistant, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\gupdate, V karanténě, 7519, 791161, , , ,
Adware.DownloadAssistant, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\gupdatem, V karanténě, 7519, 791161, , , ,
Adware.DownloadAssistant, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, V karanténě, 7519, 791161, , , ,
Adware.DownloadAssistant, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, V karanténě, 7519, 791161, , , ,
Adware.DownloadAssistant, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\GoogleUpdateTaskMachineCore, V karanténě, 7519, 791161, , , ,
Adware.DownloadAssistant, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{5F8532E9-B6DB-4976-9F61-AB72C34BFB8E}, V karanténě, 7519, 791161, , , ,
Adware.DownloadAssistant, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{5F8532E9-B6DB-4976-9F61-AB72C34BFB8E}, V karanténě, 7519, 791161, , , ,
Adware.DownloadAssistant, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\GoogleUpdateTaskMachineUA, V karanténě, 7519, 791161, , , ,
Adware.DownloadAssistant, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{B9D31198-191E-4DE0-B685-7AF8AB97AD88}, V karanténě, 7519, 791161, , , ,
Adware.DownloadAssistant, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{B9D31198-191E-4DE0-B685-7AF8AB97AD88}, V karanténě, 7519, 791161, , , ,
Trojan.MalPack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\280241a538c4771c0c8776554f606e0e, V karanténě, 549, 792864, , , ,
Trojan.MalPack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{B9106207-91A2-4DBA-8371-92AA36B4642F}, V karanténě, 549, 792864, , , ,
Trojan.MalPack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\BOOT\{B9106207-91A2-4DBA-8371-92AA36B4642F}, V karanténě, 549, 792864, , , ,
Spyware.PasswordStealer, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\remotesys, V karanténě, 547, 798508, , , ,

Hodnota v registru: 21
Adware.Tuto4PC.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|XRWYPNQJIRP, V karanténě, 3716, 730662, 1.0.21346, , ame,
Adware.Tuto4PC.Generic, HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|8379390, V karanténě, 3716, 521959, 1.0.21346, , ame,
Generic.Malware/Suspicious, HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|3727460, V karanténě, 0, 392686, , , ,
Adware.Tuto4PC, HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|74006, V karanténě, 2861, 641820, 1.0.21346, , ame,
Generic.Malware/Suspicious, HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|6464745, V karanténě, 0, 392686, , , ,
Adware.Tuto4PC.Generic, HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|755346, V karanténě, 3716, 447063, 1.0.21346, , ame,
Adware.Tuto4PC.Generic, HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|7776513, V karanténě, 3716, 521959, 1.0.21346, , ame,
Generic.Malware/Suspicious, HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|5834772, V karanténě, 0, 392686, , , ,
Generic.Malware/Suspicious, HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|7972482, V karanténě, 0, 392686, , , ,
Adware.Tuto4PC.Generic, HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|9752404, V karanténě, 3716, 521959, 1.0.21346, , ame,
Generic.Malware/Suspicious, HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|7042694, V karanténě, 0, 392686, , , ,
Adware.Tuto4PC.Generic, HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|2747811, V karanténě, 3716, 521959, 1.0.21346, , ame,
Generic.Malware/Suspicious, HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|3646570, V karanténě, 0, 392686, , , ,
Adware.Tuto4PC.Generic, HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|7074566, V karanténě, 3716, 521959, 1.0.21346, , ame,
Adware.Tuto4PC.Generic, HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|7357905, V karanténě, 3716, 521959, 1.0.21346, , ame,
Generic.Malware/Suspicious, HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|8586506, V karanténě, 0, 392686, , , ,
Generic.Malware/Suspicious, HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|9529549, V karanténě, 0, 392686, , , ,
Adware.Tuto4PC.Generic, HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|5305110, V karanténě, 3716, 521959, 1.0.21346, , ame,
Adware.Tuto4PC.Generic, HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|2552725, V karanténě, 3716, 521959, 1.0.21346, , ame,
Adware.Tuto4PC.Generic, HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|4893925, V karanténě, 3716, 521959, 1.0.21346, , ame,
Adware.Tuto4PC.Generic, HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|6864220, V karanténě, 3716, 521959, 1.0.21346, , ame,

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 5
PUP.Optional.SearchNewTab, C:\USERS\PETR\APPDATA\ROAMING\SEARCHNEWTAB, V karanténě, 144, 173193, 1.0.21346, , ame,
Trojan.WotSuper, C:\Program Files (x86)\wotsuper\wotsuper, V karanténě, 3491, 782990, , , ,
Trojan.WotSuper, C:\PROGRAM FILES (X86)\WOTSUPER, V karanténě, 3491, 782990, 1.0.21346, , ame,
Trojan.WotSuper, C:\USERS\PETR\APPDATA\LOCAL\TEMP\5o4uul5bjbc, V karanténě, 3491, 782991, 1.0.21346, , ame,
Trojan.WotSuper, C:\USERS\PETR\APPDATA\LOCAL\TEMP\emnyaq1tolc, V karanténě, 3491, 782991, 1.0.21346, , ame,

Soubor: 93
PUP.Optional.SearchNewTab, C:\Users\Petr\AppData\Roaming\SearchNewTab\gffphgpcblfoaknmcaldoggadmomcgmm.crx, V karanténě, 144, 173193, , , ,
PUP.Optional.SearchNewTab, C:\Users\Petr\AppData\Roaming\SearchNewTab\load.bin, V karanténě, 144, 173193, , , ,
Adware.Tuto4PC.Generic, C:\PROGRAM FILES (X86)\TOPTES\756411398.EXE, V karanténě, 3716, 730662, , , ,
RiskWare.Agent.LNKTrace, C:\USERS\PETR\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\STARTUP\SYSTEM.LNK, V karanténě, 5687, 464902, 1.0.21346, , ame,
Trojan.WotSuper, C:\WINDOWS\WOTSUPER.REG, V karanténě, 3491, 782992, 1.0.21346, , ame,
Adware.Tuto4PC.Generic, C:\USERS\PETR\APPDATA\ROAMING\ZEX0AYQOZLP\UGOJACUGEIJ.EXE, V karanténě, 3716, 521959, , , ,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\ROAMING\0SGRPNH1JKA\2POBLPNADE1.EXE, V karanténě, 0, 392686, 1.0.21346, , shuriken,
Adware.Tuto4PC, C:\USERS\PETR\APPDATA\ROAMING\WAZC02LJNJE\XNOCNWJRDTV.EXE, V karanténě, 2861, 641820, , , ,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\ROAMING\ZRH5RVE4EPC\P2JJIKLWDRB.EXE, V karanténě, 0, 392686, 1.0.21346, , shuriken,
Adware.Tuto4PC.Generic, C:\USERS\PETR\APPDATA\ROAMING\HUA3G5JSPQP\FBDTTXO2ONY.EXE, V karanténě, 3716, 447063, , , ,
Adware.Tuto4PC.Generic, C:\USERS\PETR\APPDATA\ROAMING\U5KJPWX4UEM\LIJ21D3BAIW.EXE, V karanténě, 3716, 521959, , , ,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\ROAMING\1XVXK5OAXJC\IJFRLS1205P.EXE, V karanténě, 0, 392686, 1.0.21346, , shuriken,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\ROAMING\SVGTRAE1LYO\ENYXWRBPJQE.EXE, V karanténě, 0, 392686, 1.0.21346, , shuriken,
Adware.Tuto4PC.Generic, C:\USERS\PETR\APPDATA\ROAMING\KP2SPPNSN4E\OKCES2XGMWO.EXE, V karanténě, 3716, 521959, , , ,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\ROAMING\ROEBQ2YO44E\1UJSU5SDKEE.EXE, V karanténě, 0, 392686, 1.0.21346, , shuriken,
Adware.Tuto4PC.Generic, C:\USERS\PETR\APPDATA\ROAMING\SLAZZF0HWYY\5UQ5C153EKS.EXE, V karanténě, 3716, 521959, , , ,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\ROAMING\FKJZ0CLQZD0\K4EWVIO1IXN.EXE, V karanténě, 0, 392686, 1.0.21346, , shuriken,
Adware.Tuto4PC.Generic, C:\USERS\PETR\APPDATA\ROAMING\BGZM4IWSKKW\DUIPAERZDK4.EXE, V karanténě, 3716, 521959, , , ,
Adware.Tuto4PC.Generic, C:\USERS\PETR\APPDATA\ROAMING\ZZZITMXT0TZ\IND1S4ALFBL.EXE, V karanténě, 3716, 521959, , , ,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\ROAMING\ZHKZSMJHUHK\Y2NJD0VWY5I.EXE, V karanténě, 0, 392686, 1.0.21346, , shuriken,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\ROAMING\GUHNJSASNOP\DF1GVHFWCMB.EXE, V karanténě, 0, 392686, 1.0.21346, , shuriken,
Adware.Tuto4PC.Generic, C:\USERS\PETR\APPDATA\ROAMING\W3BH2PF2BRF\U5112OEO0MN.EXE, V karanténě, 3716, 521959, , , ,
Adware.Tuto4PC.Generic, C:\USERS\PETR\APPDATA\ROAMING\MBSDKI1ZBTD\FRVMDJTM55U.EXE, V karanténě, 3716, 521959, , , ,
Adware.Tuto4PC.Generic, C:\USERS\PETR\APPDATA\ROAMING\YOJQWJPNY4C\QCPN4X3VWHS.EXE, V karanténě, 3716, 521959, , , ,
Adware.Tuto4PC.Generic, C:\USERS\PETR\APPDATA\ROAMING\2UGDNPZDXDT\BR45ZDRHCQC.EXE, V karanténě, 3716, 521959, , , ,
Trojan.WotSuper, C:\Program Files (x86)\wotsuper\wotsuper\Uninstall.exe, V karanténě, 3491, 782990, , , ,
Trojan.WotSuper, C:\Program Files (x86)\wotsuper\wotsuper\Uninstall.ini, V karanténě, 3491, 782990, , , ,
Trojan.WotSuper, C:\USERS\PETR\APPDATA\LOCAL\TEMP\5o4uul5bjbc\wotsuper3.exe, V karanténě, 3491, 782991, 1.0.21346, , ame,
Trojan.WotSuper, C:\USERS\PETR\APPDATA\LOCAL\TEMP\emnyaq1tolc\wotsuper3.exe, V karanténě, 3491, 782991, 1.0.21346, , ame,
Adware.DownloadAssistant, C:\PROGRAMDATA\FLEXGRIDSERVICE\FLEXGRIDSERVICE.EXE, V karanténě, 7519, 791161, 1.0.21346, 5AF657825B745D03EF2FA88F, dds, 00647303
Adware.DownloadAssistant, C:\WINDOWS\SYSTEM32\TASKS\GoogleUpdateTaskMachineCore, V karanténě, 7519, 791161, , , ,
Adware.DownloadAssistant, C:\WINDOWS\SYSTEM32\TASKS\GoogleUpdateTaskMachineUA, V karanténě, 7519, 791161, , , ,
Adware.DownloadAssistant, C:\PROGRAM FILES (X86)\GOOGLE\UPDATE\GOOGLEUPDATE.EXE, V karanténě, 7519, 791161, 1.0.21346, 5AF657825B745D03EF2FA88F, dds, 00647303
Trojan.MalPack, C:\WINDOWS\SYSTEM32\TASKS\280241a538c4771c0c8776554f606e0e, V karanténě, 549, 792864, , , ,
Trojan.MalPack, C:\CRTSESSION\SAVESINTO.EXE, V karanténě, 549, 792864, 1.0.21346, 811D05AE8CDC84966C813484, dds, 00647303
Spyware.PasswordStealer, C:\WINDOWS\REMOTESYS.EXE, V karanténě, 547, 798508, 1.0.21346, , ame,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\LOCAL\TEMP\3CM5IEGKYRU\3I2YSSM2LKP.EXE, Smazání při restartu, 0, 392686, 1.0.21346, , shuriken,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\LOCAL\TEMP\EOD3TABY1UB\BFHKT2ACWWQ.EXE, Smazání při restartu, 0, 392686, 1.0.21346, , shuriken,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\LOCAL\TEMP\400NNRS4FDY\PDF112.EXE, V karanténě, 0, 392686, 1.0.21346, , shuriken,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\LOCAL\TEMP\2OJGBZZ2UGC\YEONGLJSFXD.EXE, Smazání při restartu, 0, 392686, 1.0.21346, , shuriken,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\LOCAL\TEMP\3JDE4LXAEBC\LC13RRHNJ13.EXE, Smazání při restartu, 0, 392686, 1.0.21346, , shuriken,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\LOCAL\TEMP\4ZLZKSPNEGG\PDF112.EXE, V karanténě, 0, 392686, 1.0.21346, , shuriken,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\LOCAL\TEMP\5XG5324OJLS\PDF112.EXE, V karanténě, 0, 392686, 1.0.21346, , shuriken,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\LOCAL\TEMP\ARYUP3KZ23C\3NH4TEQ4IH3.EXE, Smazání při restartu, 0, 392686, 1.0.21346, , shuriken,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\LOCAL\TEMP\3GQA4VYJRQJ\XWBWQTSJER1.EXE, Smazání při restartu, 0, 392686, 1.0.21346, , shuriken,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\LOCAL\TEMP\BXB41FDEYSC\PDF112.EXE, V karanténě, 0, 392686, 1.0.21346, , shuriken,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\LOCAL\TEMP\4OIZ5PY21OV\JHWQ4P2AJ0V.EXE, Smazání při restartu, 0, 392686, 1.0.21346, , shuriken,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\LOCAL\TEMP\EIPRNDLAFSH\FE5JZSZ1TAD.EXE, Smazání při restartu, 0, 392686, 1.0.21346, , shuriken,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\LOCAL\TEMP\FW2VJEWTBWB\NFXXXGVCDJJ.EXE, Smazání při restartu, 0, 392686, 1.0.21346, , shuriken,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\LOCAL\TEMP\BUOLNGX5ZUD\PDF112.EXE, V karanténě, 0, 392686, 1.0.21346, , shuriken,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\LOCAL\TEMP\EFITAB5ETCF\LO1422Z2VHL.EXE, Smazání při restartu, 0, 392686, 1.0.21346, , shuriken,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\LOCAL\TEMP\IDZZXQ1CODM\MWWIXORLC1M.EXE, Smazání při restartu, 0, 392686, 1.0.21346, , shuriken,
Spyware.PasswordStealer, C:\USERS\PETR\APPDATA\LOCAL\TEMP\1RCT4NKUTTS\REMOTESYS.EXE, V karanténě, 547, 798508, 1.0.21346, , ame,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\LOCAL\TEMP\55CIVUB5YFE\PDF112.EXE, V karanténě, 0, 392686, 1.0.21346, , shuriken,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\LOCAL\TEMP\DB0TWKGB14Y\L4N4NH3ZZ13.EXE, Smazání při restartu, 0, 392686, 1.0.21346, , shuriken,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\LOCAL\TEMP\OQXTUCBUXXZ\5EY2WTOVA1T.EXE, Smazání při restartu, 0, 392686, 1.0.21346, , shuriken,
Adware.DLAssistant.Generic, C:\USERS\PETR\APPDATA\LOCAL\TEMP\IS-3V5QE.TMP\ESSE.EXE, V karanténě, 10002, 701093, 1.0.21346, CC1D76BBEFB5EFA4E4671655, dds, 00647303
Spyware.Socelars, C:\USERS\PETR\APPDATA\LOCAL\TEMP\0YAIMZDSY1G\VIDEOSOURCE.EXE, V karanténě, 758, 798603, 1.0.21346, , ame,
Adware.DownloadAssistant, C:\USERS\PETR\APPDATA\LOCAL\TEMP\IS-GN70V.TMP\QUIA.EXE, V karanténě, 7519, 779638, 1.0.21346, 000000000000000000000003, dds, 00647303
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\LOCAL\TEMP\U1WXHFIXNJJ\33R42YJTNOS.EXE, Smazání při restartu, 0, 392686, 1.0.21346, , shuriken,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\LOCAL\TEMP\W0H1RDTI1NR\PDF112.EXE, V karanténě, 0, 392686, 1.0.21346, , shuriken,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\LOCAL\TEMP\CYC1GGMMRHE\J3WKYZAXF2K.EXE, Smazání při restartu, 0, 392686, 1.0.21346, , shuriken,
Spyware.Socelars, C:\USERS\PETR\APPDATA\LOCAL\TEMP\QOLUN3UP4MH\VIDEOSOURCE.EXE, V karanténě, 758, 798603, 1.0.21346, , ame,
Trojan.AdLoad, C:\USERS\PETR\APPDATA\LOCAL\TEMP\SUTWLRCLTHQ\XO5LEC0NHVI.EXE, V karanténě, 659, 803675, 1.0.21346, , ame,
Adware.DownloadAssistant, C:\USERS\PETR\APPDATA\LOCAL\TEMP\VB02YKADD\0A23BMFGRM7.EXE, V karanténě, 7519, 780196, 1.0.21346, , ame,
Adware.Csdimonetize, C:\USERS\PETR\APPDATA\LOCAL\TEMP\IS-V9MS6.TMP\CASADEL.EXE, V karanténě, 2946, 803575, 1.0.21346, 56B52D84717E9D9837697FD1, dds, 00647303
Spyware.Socelars, C:\USERS\PETR\APPDATA\LOCAL\TEMP\5YY5EZA2ZRL\VIDEOSOURCE.EXE, V karanténě, 758, 798603, 1.0.21346, , ame,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\LOCAL\TEMP\EJ1HGYPMDSC\VWWHSOS4XEL.EXE, Smazání při restartu, 0, 392686, 1.0.21346, , shuriken,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\LOCAL\TEMP\NBLKP1DIELX\AMVCU0QB2FX.EXE, Smazání při restartu, 0, 392686, 1.0.21346, , shuriken,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\LOCAL\TEMP\IVFX3B3SU0Z\KXQRBAZKBMC.EXE, Smazání při restartu, 0, 392686, 1.0.21346, , shuriken,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\LOCAL\TEMP\R1UWOHJCYNU\PDF112.EXE, V karanténě, 0, 392686, 1.0.21346, , shuriken,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\LOCAL\TEMP\KRE5XSQ3ENC\PDF112.EXE, V karanténě, 0, 392686, 1.0.21346, , shuriken,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\LOCAL\TEMP\WESU0MOQV0E\SK2VQ4CFWX5.EXE, Smazání při restartu, 0, 392686, 1.0.21346, , shuriken,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\LOCAL\TEMP\LV3HY2V14ES\PDF112.EXE, V karanténě, 0, 392686, 1.0.21346, , shuriken,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\LOCAL\TEMP\QX4UQ10SNZ1\WX22MJ52OBJ.EXE, Smazání při restartu, 0, 392686, 1.0.21346, , shuriken,
Trojan.AdLoad, C:\USERS\PETR\APPDATA\LOCAL\TEMP\L4Q4SYHWTXS\LGGKZD1OP2J.EXE, V karanténě, 659, 803675, 1.0.21346, , ame,
Trojan.Dropper, C:\USERS\PETR\APPDATA\LOCAL\TEMP\C64D.TMP.EXE, V karanténě, 832, 678097, 1.0.21346, 000000000000000000000001, dds, 00647303
Adware.DownloadAssistant, C:\USERS\PETR\APPDATA\LOCAL\TEMP\IS-RHMJE.TMP\NUMQUAM.EXE, V karanténě, 7519, 779638, 1.0.21346, 000000000000000000000003, dds, 00647303
Spyware.PasswordStealer, C:\USERS\PETR\APPDATA\LOCAL\TEMP\V2XAWO2H22D\REMOTESYS.EXE, V karanténě, 547, 798508, 1.0.21346, , ame,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\LOCAL\TEMP\TFLPII4MXSN\H52N0ELX3SN.EXE, Smazání při restartu, 0, 392686, 1.0.21346, , shuriken,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\LOCAL\TEMP\VD0FMPNYM1S\WYXYSLMMZT2.EXE, Smazání při restartu, 0, 392686, 1.0.21346, , shuriken,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\LOCAL\TEMP\KIM0FG2BSY2\B00FSEZOFKV.EXE, Smazání při restartu, 0, 392686, 1.0.21346, , shuriken,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\LOCAL\TEMP\L5TYUPVFN4G\IKV213ES2IL.EXE, Smazání při restartu, 0, 392686, 1.0.21346, , shuriken,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\LOCAL\TEMP\JYI3QEBJKI2\3BEQ1STRRGE.EXE, Smazání při restartu, 0, 392686, 1.0.21346, , shuriken,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\LOCAL\TEMP\XALYTX0FAZM\VEORM0GECAF.EXE, Smazání při restartu, 0, 392686, 1.0.21346, , shuriken,
Trojan.Crypt, C:\USERS\PETR\APPDATA\LOCAL\TEMP\CBAD.TMP.EXE, V karanténě, 4118, 803498, 1.0.21346, CABA751CA3AD299E7C1E40B6, dds, 00647303
Spyware.PasswordStealer, C:\USERS\PETR\APPDATA\LOCAL\TEMP\NJBPIE0FJJV\REMOTESYS.EXE, V karanténě, 547, 798508, 1.0.21346, , ame,
Spyware.Socelars, C:\USERS\PETR\APPDATA\LOCAL\TEMP\SNPPH4F3AXI\VIDEOSOURCE.EXE, V karanténě, 758, 798603, 1.0.21346, , ame,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\LOCAL\TEMP\OENYFHGK45A\PDF112.EXE, V karanténě, 0, 392686, 1.0.21346, , shuriken,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\LOCAL\TEMP\TIE4SQCFYDB\NLLC2P01Z4W.EXE, Smazání při restartu, 0, 392686, 1.0.21346, , shuriken,
Generic.Malware/Suspicious, C:\USERS\PETR\APPDATA\LOCAL\TEMP\VPQ3AY4SOLM\NE5E1FQIUWB.EXE, Smazání při restartu, 0, 392686, 1.0.21346, , shuriken,
Trojan.MalPack.GS, C:\USERS\PETR\APPDATA\LOCAL\TEMP\XY5BDF3NKF4\DSZ01OEO25I.EXE, V karanténě, 8197, 803497, 1.0.21346, , ame,
Trojan.Crypt, C:\USERS\PETR\APPDATA\LOCAL\TEMP\6C63.TMP.EXE, V karanténě, 4118, 803498, 1.0.21346, CABA751CA3AD299E7C1E40B6, dds, 00647303

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

WMI: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)

Re: prosím o pomoc -havěť v počítači

Napsal: 25 bře 2020 17:16
od Rudy
Chtěl jsem log z ADWCleaneru: https://www.bleepingcomputer.com/download/adwcleaner/. Ne z MBAM. To jsou rozdílné nástroje. No nevadí. Dejte nové logy FRST+Addition.

Re: prosím o pomoc -havěť v počítači

Napsal: 27 bře 2020 13:10
od tepan
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-03-2020
Ran by Petr (administrator) on TEPAN (27-03-2020 13:07:35)
Running from C:\Users\Petr\OneDrive\Plocha
Loaded Profiles: Petr (Available Profiles: Petr)
Platform: Windows 10 Home Version 1903 18362.720 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0346830.inf_amd64_35731e557194973d\B345901\atiesrxx.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(bookingDesktopApp.) [File not signed] C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe
(bookingDesktopApp.) [File not signed] C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe
(Comodo Security Solutions -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Comodo Security Solutions -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\Comodo\COMODO Secure Shopping\csssrv64.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\isesrv.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Ghisler Software GmbH -> Ghisler Software GmbH) C:\totalcmd\TOTALCMD64.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2020.19081.28230.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12003.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20022.81.0_x64__8wekyb3d8bbwe\YourPhoneServer\YourPhoneServer.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.20022.11011.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\usocoreworker.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13036496 2019-07-31] (Comodo Security Solutions -> COMODO)
HKLM-x32\...\Run: [vdcss] => C:\Program Files (x86)\COMODO\COMODO Secure Shopping\vdcss.exe [8516280 2019-02-15] (Comodo Security Solutions, Inc. -> COMODO)
HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [4187856 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [371304 2019-10-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3365840 2020-02-11] (Valve -> Valve Corporation)
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\Run: [BingSvc] => C:\Users\Petr\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2017-12-26] (Microsoft Corporation -> © 2015 Microsoft Corporation)
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\Run: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe [1579368 2020-03-22] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\MountPoints2: {34a2c2d5-ec5c-11e9-9cc8-40b0765e7062} - "D:\Launch.exe"
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\MountPoints2: {ce33b9ab-f281-11e9-9cd2-40b0765e7062} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\MountPoints2: {ce33b9de-f281-11e9-9cd2-40b0765e7062} - "E:\HiSuiteDownLoader.exe"

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0A48237D-5E77-4636-AD1B-5AC395A5068F} - System32\Tasks\AMD ThankingURL => C:\Program Files\AMD\CIM\Bin64\Setup.exe [890248 2019-03-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {1DDF55E8-F84E-4572-8628-BCFA063554C1} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13036496 2019-07-31] (Comodo Security Solutions -> COMODO)
Task: {21763369-161B-49CD-81F8-B2E43D79D759} - System32\Tasks\bookingDesktopAppUpdateTaskMachineUA => C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-03-22] (bookingDesktopApp.) [File not signed]
Task: {4C2E0DD0-DADA-45C6-B5DA-7DFF60120505} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files (x86)\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [2729320 2020-03-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {5344B390-8DA8-41BD-A8A0-7B0B0E791834} - System32\Tasks\NvNgxUpdateCheckDaily_{DB187D40-7D40-7D40-7D40-DB187D407D40} => C:\Users\Petr\AppData\Roaming\efwchvd.exe <==== ATTENTION
Task: {53AB23AC-8EEC-4957-B2C6-6922771EE91E} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5714384 2019-07-31] (Comodo Security Solutions -> COMODO)
Task: {6D49B5FD-D5BE-4F3A-93B4-1E8817D4E3D0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {7D36C007-FD0B-49FB-B8C6-81096FE42E9B} - System32\Tasks\NvNgxUpdateCheckDaily_{A6B397E0-97E0-97E0-97E0-A6B397E097E0} => C:\Users\Petr\AppData\Roaming\adwchvd.exe <==== ATTENTION
Task: {8175F048-B512-4171-B833-01861426B0B0} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13036496 2019-07-31] (Comodo Security Solutions -> COMODO)
Task: {845A50C8-E190-4BC4-B5B4-F3A76E8E71CA} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [58760 2019-03-12] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {91F34A0A-249B-4C20-BCCB-ABEC18A46B47} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5714384 2019-07-31] (Comodo Security Solutions -> COMODO)
Task: {A2AA7524-DF4A-4357-BE67-57B1A0BDE138} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5714384 2019-07-31] (Comodo Security Solutions -> COMODO)
Task: {B1B3B30D-8C23-418A-A810-20CCB68319C3} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [468992 2019-03-12] (Advanced Micro Devices, Inc.) [File not signed]
Task: {B695A409-BD6D-40A9-8076-508876FF7D25} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {C7A5E144-6B33-4359-9749-05586ED3E7B0} - System32\Tasks\bookingDesktopAppUpdateTaskMachineCore => C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-03-22] (bookingDesktopApp.) [File not signed]
Task: {CBBD7F97-B775-4CE2-A51E-A648A6175335} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe
Task: {F4857843-CF0C-4823-8375-4FA58F81EB4B} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5714384 2019-07-31] (Comodo Security Solutions -> COMODO)
Task: {F536AB63-7C72-46E8-813F-796450474217} - System32\Tasks\AdwCleaner_onReboot => C:\Users\Petr\OneDrive\Plocha\AdwCleaner.exe [8199856 2020-03-25] (Malwarebytes Inc -> Malwarebytes)
Task: {F5BA556F-6CF3-4B42-A6E5-14D3C6ABAF59} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [468992 2019-03-12] (Advanced Micro Devices, Inc.) [File not signed]
Task: {F6CE90AF-CC8B-4A19-A317-AF7789E78BBE} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5714384 2019-07-31] (Comodo Security Solutions -> COMODO)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{9fddadb7-d77f-4285-9596-3a6f1ddef74d}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{a448b503-55ba-485e-a542-6bf1fd832d5e}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{a448b503-55ba-485e-a542-6bf1fd832d5e}: [DhcpNameServer] 213.46.172.37 213.46.172.36

Internet Explorer:
==================
BHO: IeUrlFilter Class -> {2DD257A3-5028-41AE-A1E7-A12F76A08893} -> C:\Program Files (x86)\COMODO\COMODO Secure Shopping\cssbho64.dll [2019-02-15] (Comodo Security Solutions, Inc. -> COMODO)
BHO-x32: IeUrlFilter Class -> {2DD257A3-5028-41AE-A1E7-A12F76A08893} -> C:\Program Files (x86)\COMODO\COMODO Secure Shopping\cssbho32.dll [2019-02-15] (Comodo Security Solutions, Inc. -> COMODO)

Edge:
======
DownloadDir: D:\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-4148571483-3592684963-3718319802-1001 -> hxxp://seznam.cz/
Edge Notifications: HKU\S-1-5-21-4148571483-3592684963-3718319802-1001 -> hxxps://www.tipsport.cz; hxxps://www.facebook.com
Edge Extension: (uBlock Origin) -> EdgeExtension_37833NikRollsuBlockOrigin_f8jsg5mm64m62 => C:\Program Files\WindowsApps\37833NikRolls.uBlockOrigin_1.15.24.0_neutral__f8jsg5mm64m62 [2019-12-09]

FireFox:
========
FF Plugin-x32: @bookingdesktopapp.com/bookingDesktopApp Update;version=3 -> C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll [2020-03-22] (bookingDesktopApp.) [File not signed]
FF Plugin-x32: @bookingdesktopapp.com/bookingDesktopApp Update;version=9 -> C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll [2020-03-22] (bookingDesktopApp.) [File not signed]
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default [2020-03-25]
CHR StartupUrls: Default -> "hxxp://seznam.cz/"
CHR Extension: (Prezentace) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-11-24]
CHR Extension: (Dokumenty) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-11-24]
CHR Extension: (Disk Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-11-24]
CHR Extension: (YouTube) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-11-24]
CHR Extension: (uBlock Origin) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-03-11]
CHR Extension: (Tabulky) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-11-24]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-24]
CHR Extension: (Gmail) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-11-24]
CHR Extension: (Chrome Media Router) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-03-24]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\Windows\System32\DriverStore\FileRepository\u0346830.inf_amd64_35731e557194973d\B345901\atiesrxx.exe [508000 2019-09-18] (Advanced Micro Devices, Inc. -> AMD)
S2 bookingdesktopapp; C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-03-22] (bookingDesktopApp.) [File not signed]
S3 bookingdesktopappm; C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-03-22] (bookingDesktopApp.) [File not signed]
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11307792 2019-07-31] (Comodo Security Solutions, Inc. -> COMODO)
R2 CmdAgentProt; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11307792 2019-07-31] (Comodo Security Solutions, Inc. -> COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2649040 2019-07-31] (Comodo Security Solutions -> COMODO)
R2 csssrv; C:\Program Files (x86)\COMODO\COMODO Secure Shopping\csssrv64.exe [4202680 2019-02-15] (Comodo Security Solutions, Inc. -> COMODO)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4452456 2019-10-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 FileSyncHelper; C:\Program Files (x86)\Microsoft OneDrive\FileSyncHelper.exe [2141544 2020-03-22] (Microsoft Corporation -> Microsoft Corporation)
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [1044176 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-03-25] (Malwarebytes Inc -> Malwarebytes)
S3 OneDrive Updater Service; C:\Program Files (x86)\Microsoft OneDrive\OneDriveUpdaterService.exe [2498920 2020-03-22] (Microsoft Corporation -> Microsoft Corporation)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1314448 2020-03-25] (Rockstar Games, Inc. -> Rockstar Games)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\NisSrv.exe [3284840 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MsMpEng.exe [103168 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdgpio2; C:\Windows\System32\drivers\amdgpio2.sys [45832 2019-10-01] (Advanced Micro Devices INC. -> Advanced Micro Devices, Inc)
R3 amdgpio3; C:\Windows\System32\drivers\amdgpio3.sys [24424 2016-08-12] (AMD PMP-PE CB Code Signer v20160415 -> Advanced Micro Devices, Inc)
S3 amdkmcsp; C:\Windows\system32\DRIVERS\amdkmcsp.sys [101232 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 amdkmdag; C:\Windows\System32\DriverStore\FileRepository\u0346830.inf_amd64_35731e557194973d\B345901\atikmdag.sys [55249504 2019-09-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DriverStore\FileRepository\u0346830.inf_amd64_35731e557194973d\B345901\atikmpag.sys [595040 2019-09-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [102832 2019-09-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AMDPCIDev; C:\Windows\System32\drivers\AMDPCIDev.sys [31592 2018-04-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R0 amdpsp; C:\Windows\System32\DRIVERS\amdpsp.sys [243048 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [107400 2018-10-03] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S0 cmdboot; C:\Windows\System32\DRIVERS\cmdboot.sys [17872 2019-03-18] (Microsoft Windows Early Launch Anti-malware Publisher -> COMODO)
R1 cmdcss; C:\Windows\system32\drivers\cmdcss.sys [125000 2018-02-28] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [39600 2019-07-31] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [842160 2019-07-31] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdhlp; C:\Windows\system32\DRIVERS\cmdhlp.sys [47824 2019-07-31] (Comodo Security Solutions, Inc. -> COMODO)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-18] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-18] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
S3 dot4usb; C:\Windows\system32\DRIVERS\dot4usb.sys [49056 2012-10-18] (Hewlett-Packard Company -> Microsoft Corporation)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [42256 2019-10-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [59360 2019-10-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 inspect; C:\Windows\system32\DRIVERS\inspect.sys [131520 2019-07-31] (Comodo Security Solutions, Inc. -> COMODO)
R1 isedrv; C:\Windows\system32\drivers\isedrv.sys [63256 2018-08-29] (Comodo Security Solutions, Inc. -> COMODO)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [20936 2020-03-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [662528 2019-03-19] (Microsoft Windows -> Realtek )
S3 RtlWlanu; C:\Windows\System32\drivers\rtwlanu.sys [8206848 2019-03-19] (Microsoft Windows -> Realtek Semiconductor Corporation )
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [45960 2020-02-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [376032 2020-02-04] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [53984 2020-02-04] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-03-25 15:11 - 2020-03-25 15:11 - 000000000 ____D C:\Users\Petr\AppData\Roaming\xbkb1rjd2ih
2020-03-25 15:01 - 2020-03-25 15:01 - 000000000 ____D C:\Users\Petr\AppData\Roaming\qgsglg3uq2i
2020-03-25 14:59 - 2020-03-25 14:59 - 000000000 ____D C:\Users\Petr\AppData\Local\mbam
2020-03-25 14:59 - 2020-03-25 14:59 - 000000000 ____D C:\Users\Petr\AppData\Local\cache
2020-03-25 14:58 - 2020-03-25 14:58 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-03-25 14:58 - 2020-03-25 14:58 - 000020936 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2020-03-25 14:58 - 2020-03-25 14:58 - 000002021 _____ C:\ProgramData\Plocha\Malwarebytes.lnk
2020-03-25 14:58 - 2020-03-25 14:58 - 000000000 ____D C:\Users\Petr\AppData\Local\mbamtray
2020-03-25 14:58 - 2020-03-25 14:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2020-03-25 14:58 - 2020-03-25 14:58 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-03-25 14:58 - 2020-03-25 14:58 - 000000000 ____D C:\Program Files\Malwarebytes
2020-03-25 14:51 - 2020-03-25 16:47 - 000000000 ____D C:\Users\Petr\AppData\Roaming\2ugdnpzdxdt
2020-03-25 14:41 - 2020-03-25 16:47 - 000000000 ____D C:\Users\Petr\AppData\Roaming\yojqwjpny4c
2020-03-25 14:31 - 2020-03-25 16:47 - 000000000 ____D C:\Users\Petr\AppData\Roaming\mbsdki1zbtd
2020-03-25 14:21 - 2020-03-25 16:47 - 000000000 ____D C:\Users\Petr\AppData\Roaming\w3bh2pf2brf
2020-03-25 14:12 - 2020-03-27 13:07 - 000000000 ____D C:\FRST
2020-03-25 14:11 - 2020-03-25 16:47 - 000000000 ____D C:\Users\Petr\AppData\Roaming\fkjz0clqzd0
2020-03-25 14:03 - 2020-03-25 14:03 - 000000028 _____ C:\Windows\tmp_lkdj23df2
2020-03-25 14:01 - 2020-03-25 16:47 - 000000000 ____D C:\Users\Petr\AppData\Roaming\0sgrpnh1jka
2020-03-25 14:01 - 2020-03-25 16:47 - 000000000 ____D C:\crtsession
2020-03-25 14:01 - 2020-03-25 14:01 - 000012023 _____ C:\Windows\SysWOW64\list.dll
2020-03-25 14:00 - 2020-03-25 14:00 - 000003172 _____ C:\Windows\system32\Tasks\AdwCleaner_onReboot
2020-03-25 13:58 - 2020-03-25 14:00 - 000000000 ____D C:\AdwCleaner
2020-03-25 13:56 - 2020-03-25 16:47 - 000000000 ____D C:\Users\Petr\AppData\Roaming\guhnjsasnop
2020-03-25 13:46 - 2020-03-25 16:47 - 000000000 ____D C:\Users\Petr\AppData\Roaming\zhkzsmjhuhk
2020-03-25 13:36 - 2020-03-25 16:47 - 000000000 ____D C:\Users\Petr\AppData\Roaming\zzzitmxt0tz
2020-03-25 13:26 - 2020-03-25 16:47 - 000000000 ____D C:\Users\Petr\AppData\Roaming\bgzm4iwskkw
2020-03-25 13:16 - 2020-03-25 16:47 - 000000000 ____D C:\Users\Petr\AppData\Roaming\slazzf0hwyy
2020-03-25 13:06 - 2020-03-25 16:47 - 000000000 ____D C:\Users\Petr\AppData\Roaming\roebq2yo44e
2020-03-25 12:56 - 2020-03-25 16:47 - 000000000 ____D C:\Users\Petr\AppData\Roaming\kp2sppnsn4e
2020-03-25 12:46 - 2020-03-25 16:47 - 000000000 ____D C:\Users\Petr\AppData\Roaming\svgtrae1lyo
2020-03-25 12:36 - 2020-03-25 16:47 - 000000000 ____D C:\Users\Petr\AppData\Roaming\1xvxk5oaxjc
2020-03-25 12:26 - 2020-03-25 16:47 - 000000000 ____D C:\Users\Petr\AppData\Roaming\u5kjpwx4uem
2020-03-25 12:16 - 2020-03-25 16:47 - 000000000 ____D C:\Users\Petr\AppData\Roaming\hua3g5jspqp
2020-03-25 12:06 - 2020-03-25 16:47 - 000000000 ____D C:\Users\Petr\AppData\Roaming\zrh5rve4epc
2020-03-25 06:39 - 2020-03-25 16:46 - 000000004 _____ C:\ProgramData\rc.dat
2020-03-25 06:32 - 2020-03-25 14:10 - 000003728 _____ C:\Windows\system32\Tasks\NvNgxUpdateCheckDaily_{DB187D40-7D40-7D40-7D40-DB187D407D40}
2020-03-25 06:27 - 2020-03-25 16:43 - 000000004 _____ C:\ProgramData\lock.dat
2020-03-25 06:27 - 2020-03-25 14:38 - 000000032 _____ C:\ProgramData\irw.atsd
2020-03-25 06:27 - 2020-03-25 06:27 - 000000008 _____ C:\ProgramData\ts.dat
2020-03-25 06:23 - 2020-03-25 16:47 - 000000000 ____D C:\ProgramData\FlexGridService
2020-03-24 16:03 - 2020-03-25 16:47 - 000000000 ____D C:\Users\Petr\AppData\Roaming\wazc02ljnje
2020-03-24 15:54 - 2020-03-25 14:01 - 000003728 _____ C:\Windows\system32\Tasks\NvNgxUpdateCheckDaily_{A6B397E0-97E0-97E0-97E0-A6B397E097E0}
2020-03-24 15:54 - 2020-03-24 15:54 - 000000000 ____D C:\Users\Petr\AppData\Roaming\booking-nativefier-9f4f54
2020-03-24 15:54 - 2020-03-24 15:54 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Booking
2020-03-24 15:53 - 2020-03-25 16:47 - 000000000 ____D C:\Users\Petr\AppData\Roaming\zex0ayqozlp
2020-03-24 15:53 - 2020-03-25 08:05 - 000000000 ____D C:\Program Files (x86)\Toptes
2020-03-24 15:43 - 2020-03-25 06:41 - 000000000 ____D C:\Users\Petr\AppData\Local\MediaHuman
2020-03-24 15:43 - 2020-03-24 15:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaHuman
2020-03-24 15:43 - 2020-03-24 15:43 - 000000000 ____D C:\Program Files (x86)\MediaHuman
2020-03-24 15:43 - 2020-03-24 15:43 - 000000000 ____D C:\Program Files (x86)\Genie-Soft
2020-03-22 22:47 - 2020-03-22 22:47 - 000003548 _____ C:\Windows\system32\Tasks\bookingDesktopAppUpdateTaskMachineUA
2020-03-22 22:47 - 2020-03-22 22:47 - 000003424 _____ C:\Windows\system32\Tasks\bookingDesktopAppUpdateTaskMachineCore
2020-03-22 22:47 - 2020-03-22 22:47 - 000003268 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Booking.lnk
2020-03-22 22:47 - 2020-03-22 22:47 - 000003256 _____ C:\ProgramData\Plocha\Booking.lnk
2020-03-22 22:47 - 2020-03-22 22:47 - 000000000 ____D C:\Program Files (x86)\bookingDesktopApp
2020-03-22 22:47 - 2020-03-22 22:47 - 000000000 ____D C:\Program Files (x86)\Booking
2020-03-22 22:43 - 2020-03-22 22:43 - 001185968 _____ (Igor Pavlov) C:\Users\Petr\Downloads\SevenZip-setup.exe
2020-03-22 22:43 - 2020-03-22 22:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2020-03-22 22:43 - 2020-03-22 22:43 - 000000000 ____D C:\Program Files (x86)\7-Zip
2020-03-19 13:29 - 2020-03-19 13:29 - 000000000 ____D C:\Users\Petr\AppData\Local\NVIDIA Corporation
2020-03-19 13:11 - 2020-03-19 13:11 - 000001160 _____ C:\ProgramData\Plocha\Kingdom Come - Deliverance.lnk
2020-03-19 13:11 - 2020-03-19 13:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kingdom Come - Deliverance [GOG.com]
2020-03-19 13:10 - 2020-03-19 13:10 - 000000000 ____D C:\ProgramData\GOG.com
2020-03-13 17:13 - 2020-03-13 17:13 - 025444352 _____ (Microsoft Corporation) C:\Windows\system32\Hydrogen.dll
2020-03-13 17:13 - 2020-03-13 17:13 - 009930552 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2020-03-13 17:13 - 2020-03-13 17:13 - 007604584 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2020-03-13 17:13 - 2020-03-13 17:13 - 006520776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-03-13 17:13 - 2020-03-13 17:13 - 004563416 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2020-03-13 17:13 - 2020-03-13 17:13 - 001610240 _____ (Microsoft Corporation) C:\Windows\system32\HologramCompositor.dll
2020-03-13 17:13 - 2020-03-13 17:13 - 001398584 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2020-03-13 17:13 - 2020-03-13 17:13 - 001077048 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2020-03-13 17:13 - 2020-03-13 17:13 - 000772096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2020-03-13 17:13 - 2020-03-13 17:13 - 000689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2020-03-13 17:13 - 2020-03-13 17:13 - 000561464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2020-03-11 17:11 - 2020-03-11 17:11 - 025900544 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 022635008 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 019850240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 019812352 _____ (Microsoft Corporation) C:\Windows\system32\HologramWorld.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 018027008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 011607552 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 009711616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 007755776 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 007259648 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 006285312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 006084344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 005911040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 005764664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 005112832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 004855808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 004580352 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 004538880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 004348408 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Mirage.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 004129648 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 003971808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2020-03-11 17:11 - 2020-03-11 17:11 - 003860832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtmpltfm.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 003819520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 003488768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 003243296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Mirage.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 002956688 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 002875904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 002800640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2020-03-11 17:11 - 2020-03-11 17:11 - 002755584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2020-03-11 17:11 - 2020-03-11 17:11 - 002755584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2020-03-11 17:11 - 2020-03-11 17:11 - 002740736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\directml.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 002584008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 002561536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 002494744 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 002315680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 002307584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 002305536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 002259872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 002224952 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngine.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 002180408 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 002072664 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 002031104 _____ C:\Windows\system32\rdpnano.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 002021888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001985104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001867816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001835128 _____ (Microsoft Corporation) C:\Windows\system32\mfsrcsnk.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001770552 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001729024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallService.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001688064 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001684992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001665416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001664896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001555904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001540096 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001490640 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001484600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001458688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001417976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001413632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001412096 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001319936 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001284096 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001283600 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2020-03-11 17:11 - 2020-03-11 17:11 - 001282944 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001273856 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001264128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Speech.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001260544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpsharercom.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001218632 _____ (Microsoft Corporation) C:\Windows\system32\ClipUp.exe
2020-03-11 17:11 - 2020-03-11 17:11 - 001214976 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001190912 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001108040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001098720 _____ (Microsoft Corporation) C:\Windows\system32\DolbyDecMFT.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001088000 _____ (Microsoft Corporation) C:\Windows\system32\MCRecvSrc.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001054376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001031680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001012792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001007672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 001000960 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Mirage.Internal.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000980320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtmpal.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000952416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DolbyDecMFT.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000935040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Taskmgr.exe
2020-03-11 17:11 - 2020-03-11 17:11 - 000923136 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000915296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtmcodecs.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000895488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000892696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000883712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MCRecvSrc.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000868864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windowsperformancerecordercontrol.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000843776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000836608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TpmCoreProvisioning.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000835584 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000783480 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2020-03-11 17:11 - 2020-03-11 17:11 - 000776488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000769552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000757632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000748032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000732000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ortcengine.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\odbc32.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000705536 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Mirage.Internal.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000691712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000680448 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000680184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000670720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2020-03-11 17:11 - 2020-03-11 17:11 - 000669496 _____ (Microsoft Corporation) C:\Windows\system32\computecore.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000668672 _____ (Microsoft Corporation) C:\Windows\system32\wsecedit.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000668296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000667136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000654336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uReFS.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000646656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000627216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicensingWinRT.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000613888 _____ (Microsoft Corporation) C:\Windows\system32\netprofmsvc.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbc32.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000599552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActivationManager.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000595968 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000562688 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000562176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000551824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sxs.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000532480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000526848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidprov.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000525312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsecedit.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000518656 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000516096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtrmgr.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000510768 _____ (Microsoft Corporation) C:\Windows\system32\systemreset.exe
2020-03-11 17:11 - 2020-03-11 17:11 - 000500224 _____ (Microsoft Corporation) C:\Windows\system32\mprdim.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000478792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000469504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000455168 _____ (Microsoft Corporation) C:\Windows\system32\upnphost.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000444416 _____ (Microsoft Corporation) C:\Windows\system32\MSFlacDecoder.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2020-03-11 17:11 - 2020-03-11 17:11 - 000403456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprdim.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000382976 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000380416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSFlacDecoder.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000358912 _____ (Microsoft Corporation) C:\Windows\system32\dusmsvc.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000355840 _____ (Microsoft Corporation) C:\Windows\system32\XpsDocumentTargetPrint.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000336384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2020-03-11 17:11 - 2020-03-11 17:11 - 000328192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnphost.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000327680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgeIso.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32k.sys
2020-03-11 17:11 - 2020-03-11 17:11 - 000307712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000299520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000287744 _____ (Microsoft Corporation) C:\Windows\system32\MSFlacEncoder.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000287232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcomapi.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000283136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000277504 _____ (Microsoft Corporation) C:\Windows\system32\scecli.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000251904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsDocumentTargetPrint.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSFlacEncoder.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000235520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000227840 _____ (Microsoft Corporation) C:\Windows\system32\IndexedDbLegacy.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000226816 _____ (Microsoft Corporation) C:\Windows\system32\netprofm.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000225792 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scecli.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000213984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EditionUpgradeManagerObj.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000211968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2020-03-11 17:11 - 2020-03-11 17:11 - 000210744 _____ (Microsoft Corporation) C:\Windows\system32\tcbloader.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000206336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys
2020-03-11 17:11 - 2020-03-11 17:11 - 000199480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2020-03-11 17:11 - 2020-03-11 17:11 - 000193592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\weretw.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000183808 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngOnline.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000181248 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2020-03-11 17:11 - 2020-03-11 17:11 - 000181248 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2020-03-11 17:11 - 2020-03-11 17:11 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallServiceTasks.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000179200 _____ (Microsoft Corporation) C:\Windows\system32\rtm.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IndexedDbLegacy.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000168448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EditionUpgradeHelper.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000166400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MicrosoftAccountTokenProvider.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtm.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000160768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2020-03-11 17:11 - 2020-03-11 17:11 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000148992 _____ (Microsoft Corporation) C:\Windows\system32\MDMAppInstaller.exe
2020-03-11 17:11 - 2020-03-11 17:11 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\DeviceUpdateAgent.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000139776 _____ (Microsoft Corporation) C:\Windows\system32\Chakrathunk.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000137216 _____ (Microsoft Corporation) C:\Windows\system32\pnpclean.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000136328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\omadmapi.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000135168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NdisImPlatform.sys
2020-03-11 17:11 - 2020-03-11 17:11 - 000133944 _____ (Microsoft Corporation) C:\Windows\system32\ImplatSetup.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000130112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmcmnutils.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000120560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\profext.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000114176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys
2020-03-11 17:11 - 2020-03-11 17:11 - 000113152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000107520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GraphicsCapture.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000105832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OpenWith.exe
2020-03-11 17:11 - 2020-03-11 17:11 - 000105472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakrathunk.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000105472 _____ (Microsoft Corporation) C:\Windows\system32\WorkFolders.exe
2020-03-11 17:11 - 2020-03-11 17:11 - 000102760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\profapi.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000097080 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000093184 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseDesktopAppMgmtCSP.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000089568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32u.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000089088 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000087552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3api.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3msm.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000078848 _____ (Microsoft Corporation) C:\Windows\system32\ProvSysprep.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000068408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceReactivation.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000068096 _____ (Microsoft Corporation) C:\Windows\system32\udhisapi.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\enterpriseresourcemanager.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\iemigplugin.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iemigplugin.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmRes.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\udhisapi.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000055376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtmmvrortc.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\dusmapi.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000045568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\npmproxy.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000042336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbs.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000042296 _____ (Microsoft Corporation) C:\Windows\system32\SysResetErr.exe
2020-03-11 17:11 - 2020-03-11 17:11 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\upnpcont.exe
2020-03-11 17:11 - 2020-03-11 17:11 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afunix.sys
2020-03-11 17:11 - 2020-03-11 17:11 - 000038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\dusmtask.exe
2020-03-11 17:11 - 2020-03-11 17:11 - 000037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmprovhost.exe
2020-03-11 17:11 - 2020-03-11 17:11 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2020-03-11 17:11 - 2020-03-11 17:11 - 000035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnpcont.exe
2020-03-11 17:11 - 2020-03-11 17:11 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LaunchWinApp.exe
2020-03-11 17:11 - 2020-03-11 17:11 - 000032056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2020-03-11 17:11 - 2020-03-11 17:11 - 000029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sxstrace.exe
2020-03-11 17:11 - 2020-03-11 17:11 - 000029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Drivers\afunix.sys
2020-03-11 17:11 - 2020-03-11 17:11 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\nlmproxy.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAgent.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000019768 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngine.exe
2020-03-11 17:11 - 2020-03-11 17:11 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msauserext.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\nlmsprep.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmplpxy.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\iprtprio.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LaunchTM.exe
2020-03-11 17:11 - 2020-03-11 17:11 - 000009216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtprio.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DMAlertListener.ProxyStub.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TpmCertResources.dll
2020-03-11 17:11 - 2020-03-11 17:11 - 000000315 _____ C:\Windows\system32\DrtmAuth9.bin
2020-03-11 17:11 - 2020-03-11 17:11 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2020-03-11 17:11 - 2020-03-11 17:11 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2020-03-11 17:11 - 2020-03-11 17:11 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2020-03-11 17:11 - 2020-03-11 17:11 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2020-03-11 17:11 - 2020-03-11 17:11 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2020-03-11 17:11 - 2020-03-11 17:11 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2020-03-11 17:11 - 2020-03-11 17:11 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2020-03-11 17:11 - 2020-03-11 17:11 - 000000315 _____ C:\Windows\system32\DrtmAuth12.bin
2020-03-11 17:11 - 2020-03-11 17:11 - 000000315 _____ C:\Windows\system32\DrtmAuth11.bin
2020-03-11 17:11 - 2020-03-11 17:11 - 000000315 _____ C:\Windows\system32\DrtmAuth10.bin
2020-03-11 17:11 - 2020-03-11 17:11 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
2020-03-11 17:10 - 2020-03-11 17:10 - 007905784 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 007263992 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 006436352 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 006168064 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 005040640 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 004898144 _____ (Microsoft Corporation) C:\Windows\system32\rtmpltfm.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 004622280 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 004471296 _____ (Microsoft Corporation) C:\Windows\system32\InputService.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 004140544 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsThresholdAdminFlowUI.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 004048896 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 003799552 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 003728896 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 003708928 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 003587896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 003552768 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 003371720 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 003263488 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 003260928 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 003143168 _____ (Microsoft Corporation) C:\Windows\system32\directml.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 002986808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 002870272 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 002808832 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 002773568 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 002768440 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 002715648 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 002698040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 002522112 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 002474496 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 002453504 _____ (Microsoft Corporation) C:\Windows\system32\InstallService.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 002289152 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 002157056 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 002087376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 001999952 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 001972536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 001885184 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 001854976 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 001835008 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 001823232 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Speech.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 001764336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 001762304 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 001757304 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2020-03-11 17:10 - 2020-03-11 17:10 - 001751040 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 001743888 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 001697792 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 001657120 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 001647072 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 001609216 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 001581056 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 001513040 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 001482040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 001481216 _____ (Microsoft Corporation) C:\Windows\system32\rdpsharercom.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 001480192 _____ (Microsoft Corporation) C:\Windows\system32\usocoreworker.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 001428992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 001396152 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 001394168 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 001366128 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2020-03-11 17:10 - 2020-03-11 17:10 - 001354080 _____ (Microsoft Corporation) C:\Windows\system32\rtmpal.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 001260480 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 001182448 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 001180160 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 001153024 _____ (Microsoft Corporation) C:\Windows\system32\windowsperformancerecordercontrol.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 001149712 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 001097728 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 001092096 _____ (Microsoft Corporation) C:\Windows\system32\TpmCoreProvisioning.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 001091936 _____ (Microsoft Corporation) C:\Windows\system32\rtmcodecs.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 001083904 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 001071184 _____ (Microsoft Corporation) C:\Windows\system32\Taskmgr.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 001057792 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 001032544 _____ (Microsoft Corporation) C:\Windows\system32\ortcengine.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 001027000 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000988160 _____ (Microsoft Corporation) C:\Windows\system32\refsutil.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 000983896 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000974848 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000945384 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000929144 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthService.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 000921088 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000916480 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Core.TextInput.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000914944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000908504 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000898048 _____ (Microsoft Corporation) C:\Windows\system32\MdmDiagnostics.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000878080 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.Service.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000877232 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000874296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000863232 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000851968 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 000845312 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 000838144 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Language.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000833616 _____ (Microsoft Corporation) C:\Windows\system32\pkeyhelper.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000802304 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000796904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000782848 _____ (Microsoft Corporation) C:\Windows\system32\wifinetworkmanager.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000765440 _____ (Microsoft Corporation) C:\Windows\system32\uReFS.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\ActivationManager.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000741392 _____ (Microsoft Corporation) C:\Windows\system32\LicensingWinRT.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000734720 _____ (Microsoft Corporation) C:\Windows\system32\lpksetup.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 000678912 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000661816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000649728 _____ (Microsoft Corporation) C:\Windows\system32\wlidprov.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000642216 _____ (Microsoft Corporation) C:\Windows\system32\TextInputFramework.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000638464 _____ (Microsoft Corporation) C:\Windows\system32\MBMediaManager.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000637240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000636848 _____ (Microsoft Corporation) C:\Windows\system32\sxs.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000605896 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000605184 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 000578560 _____ (Microsoft Corporation) C:\Windows\system32\SppExtComObj.Exe
2020-03-11 17:10 - 2020-03-11 17:10 - 000568832 _____ (Microsoft Corporation) C:\Windows\system32\wpnprv.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000568832 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Speech.UXRes.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000550400 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000540672 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2020-03-11 17:10 - 2020-03-11 17:10 - 000535552 _____ (Microsoft Corporation) C:\Windows\system32\usosvc.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000531768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2020-03-11 17:10 - 2020-03-11 17:10 - 000522384 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000477496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2020-03-11 17:10 - 2020-03-11 17:10 - 000460800 _____ (Microsoft Corporation) C:\Windows\system32\slui.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 000459688 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 000457216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cldflt.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000457016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000448000 _____ (Microsoft Corporation) C:\Windows\system32\SettingsEnvironment.Desktop.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000443904 _____ (Microsoft Corporation) C:\Windows\system32\edgeIso.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000441144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000435200 _____ (Microsoft Corporation) C:\Windows\system32\wincorlib.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000433152 _____ (Microsoft Corporation) C:\Windows\system32\MicrosoftAccountExtension.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000429880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000401408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 000392192 _____ (Microsoft Corporation) C:\Windows\system32\Search.ProtocolHandler.MAPI2.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000379904 _____ (Microsoft Corporation) C:\Windows\system32\provengine.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000368128 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000355000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000353960 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000337920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Acx01000.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000330240 _____ (Microsoft Corporation) C:\Windows\system32\omadmclient.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 000329216 _____ (Microsoft Corporation) C:\Windows\system32\DiagnosticLogCSP.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000320312 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthAgent.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000309248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000308736 _____ (Microsoft Corporation) C:\Windows\system32\msIso.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000307712 _____ (Microsoft Corporation) C:\Windows\system32\sppcomapi.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000294400 _____ (Microsoft Corporation) C:\Windows\system32\provops.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000291840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\DeviceDirectoryClient.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000285184 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000282112 _____ (Microsoft Corporation) C:\Windows\system32\ngcpopkeysrv.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000273408 _____ (Microsoft Corporation) C:\Windows\system32\MicrosoftAccountCloudAP.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000271872 _____ (Microsoft Corporation) C:\Windows\system32\provhandlers.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000268288 _____ (Microsoft Corporation) C:\Windows\system32\dot3svc.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000265216 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000263168 _____ (Microsoft Corporation) C:\Windows\system32\wpnservice.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\netman.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000260920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000259584 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000258048 _____ (Microsoft Corporation) C:\Windows\system32\VPNv2CSP.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000250896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000250880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winnat.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000248064 _____ (Microsoft Corporation) C:\Windows\system32\weretw.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000240640 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 000239104 _____ (Microsoft Corporation) C:\Windows\system32\vdsbas.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000234984 _____ (Microsoft Corporation) C:\Windows\system32\EditionUpgradeManagerObj.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000233472 _____ (Microsoft Corporation) C:\Windows\system32\KnobsCore.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000232960 _____ (Microsoft Corporation) C:\Windows\system32\provisioningcsp.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000231936 _____ (Microsoft Corporation) C:\Windows\system32\TetheringMgr.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000231936 _____ (Microsoft Corporation) C:\Windows\system32\InstallServiceTasks.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000228864 _____ (Microsoft Corporation) C:\Windows\system32\MicrosoftAccountTokenProvider.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000224056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000222520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000221200 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 000208696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000204800 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000201744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wcifs.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000201728 _____ (Microsoft Corporation) C:\Windows\system32\AppXApplicabilityBlob.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000201528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000199992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000183608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000182272 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000180232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\LanguageComponentsInstaller.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000177152 _____ (Microsoft Corporation) C:\Windows\system32\EditionUpgradeHelper.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000174592 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000174392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storahci.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000165504 _____ (Microsoft Corporation) C:\Windows\system32\dmcmnutils.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000164776 _____ (Microsoft Corporation) C:\Windows\system32\omadmapi.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000151568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbus.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000147456 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000146712 _____ (Microsoft Corporation) C:\Windows\system32\profext.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\GraphicsCapture.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000141840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\provpackageapidll.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000138752 _____ (Microsoft Corporation) C:\Windows\system32\InputLocaleManager.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000138752 _____ (Microsoft Corporation) C:\Windows\system32\DeviceMetadataRetrievalClient.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000138240 _____ (Microsoft Corporation) C:\Windows\system32\TelephonyInteractiveUser.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000133256 _____ (Microsoft Corporation) C:\Windows\system32\profapi.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000131896 _____ (Microsoft Corporation) C:\Windows\system32\DTUHandler.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000128312 _____ (Microsoft Corporation) C:\Windows\system32\wifitask.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 000127064 _____ (Microsoft Corporation) C:\Windows\system32\win32u.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000120320 _____ (Microsoft Corporation) C:\Windows\system32\KnobsCsp.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000120048 _____ (Microsoft Corporation) C:\Windows\system32\OpenWith.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 000118784 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Taskbar.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000112128 _____ (Microsoft Corporation) C:\Windows\system32\AxInstSv.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000108032 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000107832 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthProxyStub.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000105984 _____ (Microsoft Corporation) C:\Windows\system32\utcutil.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000103936 _____ (Microsoft Corporation) C:\Windows\system32\dot3msm.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000102912 _____ (Microsoft Corporation) C:\Windows\system32\NFCProvisioningPlugin.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000099328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2020-03-11 17:10 - 2020-03-11 17:10 - 000098104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\provdatastore.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\dot3api.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\ProvPluginEng.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000089616 _____ (Microsoft Corporation) C:\Windows\system32\DeviceReactivation.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000089088 _____ (Microsoft Corporation) C:\Windows\system32\BarcodeProvisioningPlugin.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000087040 _____ (Microsoft Corporation) C:\Windows\system32\EditBufferTestHook.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\provtool.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\enterpriseresourcemanager.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\CustomInstallExec.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\autopilot.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000071680 _____ (Microsoft Corporation) C:\Windows\system32\lpremove.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\monitor.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000067112 _____ (Microsoft Corporation) C:\Windows\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\RemovableMediaProvisioningPlugin.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000066336 _____ (Microsoft Corporation) C:\Windows\system32\wlrmdr.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 000063288 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthHost.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\AxInstUI.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 000056672 _____ (Microsoft Corporation) C:\Windows\system32\rtmmvrortc.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000056632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciidex.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\MSAProfileNotificationHandler.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000052736 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000048256 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\cellulardatacapabilityhandler.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\LaunchWinApp.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\WiredNetworkCSP.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000041984 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\WordBreakers.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthMini.SYS
2020-03-11 17:10 - 2020-03-11 17:10 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\sxstrace.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000032256 _____ (Microsoft Corporation) C:\Windows\system32\WsmAgent.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000031232 _____ (Microsoft Corporation) C:\Windows\system32\FaxPrinterInstaller.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\KNetPwrDepBroker.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000030008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\atapi.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000029712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tbs.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000028936 _____ (Microsoft Corporation) C:\Windows\system32\vmbuspipe.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\autopilotdiag.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\wci.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000023040 _____ (Microsoft Corporation) C:\Windows\system32\msauserext.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000019984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelide.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000019456 _____ (Microsoft Corporation) C:\Windows\system32\mpnotify.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 000016912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciide.sys
2020-03-11 17:10 - 2020-03-11 17:10 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\MUILanguageCleanup.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\LangCleanupSysprepAction.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\pacjsworker.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\LaunchTM.exe
2020-03-11 17:10 - 2020-03-11 17:10 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\DMAlertListener.ProxyStub.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\lpksetupproxyserv.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000003584 _____ (Microsoft Corporation) C:\Windows\system32\TpmCertResources.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\tier2punctuations.dll
2020-03-11 17:10 - 2020-03-11 17:10 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\TelephonyInteractiveUserRes.dll
2020-03-11 17:04 - 2020-02-11 05:48 - 000390656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2020-03-11 17:04 - 2020-02-11 05:37 - 000492544 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2020-03-11 10:50 - 2020-03-11 10:50 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Macromedia

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-03-27 13:08 - 2019-10-15 16:00 - 001474832 _____ C:\Windows\system32\Drivers\sfi.dat
2020-03-27 13:07 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\AppReadiness
2020-03-27 13:04 - 2019-10-11 20:17 - 000000000 ____D C:\Windows\system32\SleepStudy
2020-03-25 17:17 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-03-25 17:04 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-03-25 16:58 - 2019-10-11 20:30 - 000000000 ____D C:\Users\Petr\AppData\Local\D3DSCache
2020-03-25 16:51 - 2019-10-11 20:22 - 001693640 _____ C:\Windows\system32\PerfStringBackup.INI
2020-03-25 16:51 - 2019-03-19 12:55 - 000716944 _____ C:\Windows\system32\perfh005.dat
2020-03-25 16:51 - 2019-03-19 12:55 - 000145024 _____ C:\Windows\system32\perfc005.dat
2020-03-25 16:51 - 2019-03-19 05:50 - 000000000 ____D C:\Windows\INF
2020-03-25 16:47 - 2019-10-15 17:15 - 000000000 ____D C:\Program Files (x86)\Steam
2020-03-25 16:47 - 2019-10-11 20:29 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2020-03-25 16:47 - 2019-10-11 20:29 - 000003090 _____ C:\Windows\system32\Tasks\AMDLinkUpdate
2020-03-25 16:47 - 2019-10-11 20:17 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-03-25 16:47 - 2019-03-19 05:37 - 000524288 _____ C:\Windows\system32\config\BBI
2020-03-25 14:58 - 2019-03-19 05:52 - 000000000 ___HD C:\Windows\ELAMBKUP
2020-03-25 14:50 - 2019-10-15 17:02 - 000000000 ____D C:\Users\Petr\AppData\Local\CrashDumps
2020-03-25 14:00 - 2020-02-06 06:42 - 000000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2020-03-25 13:39 - 2019-10-15 10:45 - 000000000 ____D C:\Users\Petr\AppData\Roaming\uTorrent
2020-03-25 13:37 - 2019-10-15 09:44 - 000000000 ____D C:\Users\Petr\AppData\Roaming\vlc
2020-03-25 07:11 - 2019-10-15 09:32 - 000000000 ____D C:\Program Files (x86)\Google
2020-03-25 06:58 - 2019-10-15 12:25 - 000000000 ____D C:\Program Files\Rockstar Games
2020-03-25 06:58 - 2019-10-15 12:01 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2020-03-25 06:39 - 2019-10-15 10:10 - 000000000 ____D C:\Users\Petr\AppData\Roaming\DAEMON Tools Lite
2020-03-24 11:33 - 2019-10-15 11:04 - 000000000 ____D C:\Users\Petr\AppData\Local\PlaceholderTileLogoFolder
2020-03-24 11:33 - 2019-10-11 20:31 - 000000000 ____D C:\ProgramData\Packages
2020-03-24 11:33 - 2019-10-11 20:23 - 000000000 ____D C:\Users\Petr\AppData\Local\Packages
2020-03-22 20:16 - 2019-10-11 20:28 - 000000000 ____D C:\ProgramData\Package Cache
2020-03-22 14:01 - 2020-02-06 06:42 - 000003206 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2020-03-22 14:01 - 2020-02-06 06:42 - 000002172 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-03-22 14:01 - 2019-10-11 20:25 - 000000000 ___RD C:\Users\Petr\OneDrive
2020-03-21 20:38 - 2019-10-11 20:28 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2020-03-17 17:06 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\ShellExperiences
2020-03-17 17:06 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\bcastdvr
2020-03-17 12:37 - 2019-03-19 05:37 - 000000000 ____D C:\Windows\CbsTemp
2020-03-12 00:30 - 2019-10-11 20:23 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-03-12 00:30 - 2019-10-11 20:23 - 000000000 ___RD C:\Users\Petr\3D Objects
2020-03-12 00:30 - 2019-10-11 20:17 - 000258256 _____ C:\Windows\system32\FNTCACHE.DAT
2020-03-12 00:28 - 2019-03-19 05:52 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2020-03-12 00:28 - 2019-03-19 05:52 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2020-03-12 00:28 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\SysWOW64\setup
2020-03-12 00:28 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\SysWOW64\Dism
2020-03-12 00:28 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\SystemResources
2020-03-12 00:28 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2020-03-12 00:28 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\setup
2020-03-12 00:28 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\oobe
2020-03-12 00:28 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\Dism
2020-03-12 00:28 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Windows Defender
2020-03-12 00:28 - 2019-03-19 05:37 - 000000000 ____D C:\Windows\servicing
2020-03-11 17:16 - 2019-10-11 20:35 - 000000000 ____D C:\Windows\system32\MRT
2020-03-11 17:14 - 2019-10-11 20:35 - 121542864 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Files in the root of some directories ========

2020-03-25 06:27 - 2020-03-25 16:43 - 000000004 _____ () C:\ProgramData\lock.dat
2020-03-25 06:39 - 2020-03-25 16:46 - 000000004 _____ () C:\ProgramData\rc.dat
2020-03-25 06:27 - 2020-03-25 06:27 - 000000008 _____ () C:\ProgramData\ts.dat
2019-10-11 20:42 - 2019-10-11 20:42 - 000263244 ___SH () C:\Users\Petr\AppData\Roaming\brhesbb
2019-10-11 20:42 - 2019-10-11 20:42 - 000263244 ___SH () C:\Users\Petr\AppData\Roaming\twhbagu
2019-10-11 20:56 - 2019-10-11 20:56 - 000000017 _____ () C:\Users\Petr\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Re: prosím o pomoc -havěť v počítači

Napsal: 27 bře 2020 13:11
od tepan
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-03-2020
Ran by Petr (27-03-2020 13:09:56)
Running from C:\Users\Petr\OneDrive\Plocha
Windows 10 Home Version 1903 18362.720 (X64) (2019-10-11 19:18:45)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4148571483-3592684963-3718319802-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4148571483-3592684963-3718319802-503 - Limited - Disabled)
Guest (S-1-5-21-4148571483-3592684963-3718319802-501 - Limited - Disabled)
Petr (S-1-5-21-4148571483-3592684963-3718319802-1001 - Administrator - Enabled) => C:\Users\Petr
WDAGUtilityAccount (S-1-5-21-4148571483-3592684963-3718319802-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: COMODO Antivirus (Enabled - Up to date) {05AFA9EE-1ABD-A226-D250-B41671D7635C}
FW: COMODO Firewall (Enabled) {3D9428CB-50D2-A37E-F90F-1D238F042427}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 19.00 (HKLM-x32\...\7-Zip) (Version: 19.00 - Igor Pavlov)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.3.2 - Advanced Micro Devices, Inc.)
Booking (HKLM-x32\...\{13D4CD54-EA09-4FDB-B979-8B2BC0F020CA}_is1) (Version: 2.0.701 - Booking)
Branding64 (HKLM\...\{EE2AFCE4-0238-4DE0-A140-1647021627C1}) (Version: 1.00.0001 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
COMODO Internet Security Premium (HKLM\...\{C7126FFC-A751-471B-93B4-19439D6AA992}) (Version: 12.0.0.6882 - COMODO Security Solutions Inc.) Hidden
COMODO Internet Security Premium (HKLM\...\COMODO Internet Security) (Version: 12.0.0.6882 - COMODO Security Solutions Inc.)
COMODO Secure Shopping (HKLM-x32\...\{D15DF9B0-3A98-4BEF-B7D5-FC3AEA473628}) (Version: 1.3.151.0 - COMODO) Hidden
COMODO Secure Shopping (HKLM-x32\...\Comodo Secure_Shopping_list_uninstall) (Version: 1.3.473628.151 - Comodo)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.11.0.0948 - Disc Soft Ltd)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
Grand Theft Auto V Update v1.36 (HKLM-x32\...\R3JhbmRUaGVmdEF1dG9W_is1) (Version: 1 - )
Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.6.472587.185 - Comodo)
Kingdom Come: Deliverance (HKLM-x32\...\1719198803_is1) (Version: 1.9.2.404S - GOG.com)
L.A. Noire verzia 1.3.2617 (HKLM-x32\...\L.A. Noire_is1) (Version: 1.3.2617 - CzTorrent.net)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
MediaHuman Audio Converter version 1.9.7.13 (HKLM-x32\...\MHAudioConverter_is1) (Version: 1.9.7.13 - MediaHuman)
Microsoft OneDrive (HKLM-x32\...\OneDriveSetup.exe) (Version: 19.232.1124.0010 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Outlook Express Backup V6.5 (HKLM-x32\...\Outlook Express Backup_is1) (Version: - Genie-Soft)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.19.234 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.5.2 - Rockstar Games)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22 - Ghisler Software GmbH)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
ybtickets version 1.5 (HKLM-x32\...\{2E10F320-572D-47D9-A4D6-4C82A2B06D96}_is1) (Version: 1.5 - ybtickets)

Packages:
=========
7-Zip File Manager (Unofficial) -> C:\Program Files\WindowsApps\HaukeGtze.7-ZipFileManagerUnofficial_1.1900.2.0_x86__6bk20wvc8rfx2 [2020-03-24] (Hauke Hasselberg)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.5.9.0_x86__kgqvnymyfvs32 [2020-02-11] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.33.4.0_x86__kgqvnymyfvs32 [2020-03-17] (king.com)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-10-23] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_110.1.671.0_x64__v10z8vjag6ke6 [2020-02-06] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-10-15] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-10-15] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.6.1224.0_x64__8wekyb3d8bbwe [2020-02-28] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.128.721.0_x86__zpdnekdrzrea0 [2020-03-13] (Spotify AB) [Startup Task]
uBlock Origin -> C:\Program Files\WindowsApps\37833NikRolls.uBlockOrigin_1.15.24.0_neutral__f8jsg5mm64m62 [2019-12-09] (Nik Rolls)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4148571483-3592684963-3718319802-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Petr\AppData\Local\Microsoft\OneDrive\19.222.1110.0006\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-4148571483-3592684963-3718319802-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Petr\AppData\Local\Microsoft\OneDrive\19.222.1110.0006\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-4148571483-3592684963-3718319802-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Petr\AppData\Local\Microsoft\OneDrive\19.222.1110.0006\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\19.232.1124.0010\amd64\FileSyncShell64.dll [2020-03-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\19.232.1124.0010\amd64\FileSyncShell64.dll [2020-03-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\19.232.1124.0010\amd64\FileSyncShell64.dll [2020-03-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\19.232.1124.0010\amd64\FileSyncShell64.dll [2020-03-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\19.232.1124.0010\amd64\FileSyncShell64.dll [2020-03-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\19.232.1124.0010\amd64\FileSyncShell64.dll [2020-03-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\19.232.1124.0010\amd64\FileSyncShell64.dll [2020-03-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\19.232.1124.0010\amd64\FileSyncShell64.dll [2020-03-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\19.232.1124.0010\amd64\FileSyncShell64.dll [2020-03-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\19.232.1124.0010\amd64\FileSyncShell64.dll [2020-03-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\19.232.1124.0010\amd64\FileSyncShell64.dll [2020-03-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\19.232.1124.0010\amd64\FileSyncShell64.dll [2020-03-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\19.232.1124.0010\amd64\FileSyncShell64.dll [2020-03-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\19.232.1124.0010\amd64\FileSyncShell64.dll [2020-03-22] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\19.232.1124.0010\amd64\FileSyncShell64.dll [2020-03-22] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2019-07-31] (Comodo Security Solutions -> COMODO)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2019-07-31] (Comodo Security Solutions -> COMODO)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-10-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-10-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-03-25] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\19.232.1124.0010\amd64\FileSyncShell64.dll [2020-03-22] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\19.232.1124.0010\amd64\FileSyncShell64.dll [2020-03-22] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2019-03-12] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2019-07-31] (Comodo Security Solutions -> COMODO)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-03-25] (Malwarebytes Corporation -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-03-22 22:47 - 2020-03-22 22:47 - 001743360 ____T (bookingDesktopApp.) [File not signed] C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\bookingDesktopApppdate.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\Control Panel\Desktop\\Wallpaper -> D:\Downloads\Pozadí na plochu\19480_en_1.jpg
DNS Servers: 156.154.70.25 - 156.154.71.25
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.

Network Binding:
=============
Ethernet: COMODO Internet Security Firewall Driver -> inspect (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\StartupApproved\Run: => "BingSvc"
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{19CA3564-3BC3-4629-A1D3-EFAF5725B15A}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{948DAE0A-DE11-477B-AD8A-4CE8D715144C}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [TCP Query User{842A5EBD-0D7E-4770-85B4-E5CBB3337753}C:\users\petr\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\petr\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{08A99968-2A6E-4B84-B659-7411C3A1C900}C:\users\petr\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\petr\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{D9C80A34-3CBE-4117-900B-CB5014D06C90}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{D307BFC6-D5B6-459A-AC98-001E72CEF587}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{07EBAADB-1BD7-4B87-A8BF-C1B9C9918340}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{070527AA-7BEB-4FAA-9D79-34D9DF8E8AEF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{3B137891-2F41-42A0-B533-AF3C080D443A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{4ECB833D-7688-4C50-86B9-304A513C72C7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{7F0F6CCE-2A7F-4E3E-88A2-252897C7950E}D:\grand theft auto v\gta5.exe] => (Allow) D:\grand theft auto v\gta5.exe (Rockstar Games) [File not signed]
FirewallRules: [UDP Query User{2E972568-9EEF-4E7B-B441-39DD47462AA8}D:\grand theft auto v\gta5.exe] => (Allow) D:\grand theft auto v\gta5.exe (Rockstar Games) [File not signed]
FirewallRules: [{06D9EF97-79A6-447A-A989-67B59841A499}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.128.721.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0E22C8DB-825E-43BA-A509-B0BF61100DA0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.128.721.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E39FB9E5-7FE1-41F7-8DC8-A8823B2161E1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.128.721.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8F9D2147-C91D-4180-BB0C-7128858763D2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.128.721.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BCDDFA5B-64A6-4742-9419-5B9E41DD105F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.128.721.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{06867040-631A-4493-BE05-115411D32EB0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.128.721.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BF94BA59-C5C4-459C-AD0C-BFB5BDD48EBC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.128.721.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FD3C271D-4671-4D59-B821-222F7E92A13B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.128.721.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{A16E3C1E-24B7-4A70-93A2-12A9F0E0B10B}D:\instalované hry\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Allow) D:\instalované hry\kingdom come deliverance\bin\win64\kingdomcome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [UDP Query User{B951E544-442B-4BFD-9243-3FB6841351CA}D:\instalované hry\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Allow) D:\instalované hry\kingdom come deliverance\bin\win64\kingdomcome.exe (Warhorse Studios sro) [File not signed]

==================== Restore Points =========================

11-03-2020 17:03:45 Windows Update
17-03-2020 12:34:48 Windows Update
19-03-2020 13:10:06 Nainstalováno rozhraní DirectX
22-03-2020 20:15:55 Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820
25-03-2020 06:58:07 Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/25/2020 02:50:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: efwchvd, verze: 4.7.6.5, časové razítko: 0x5e6f496f
Název chybujícího modulu: efwchvd, verze: 4.7.6.5, časové razítko: 0x5e6f496f
Kód výjimky: 0xc000041d
Posun chyby: 0x00001725
ID chybujícího procesu: 0x424c
Čas spuštění chybující aplikace: 0x01d602ac46d88d0a
Cesta k chybující aplikaci: C:\Users\Petr\AppData\Roaming\efwchvd
Cesta k chybujícímu modulu: C:\Users\Petr\AppData\Roaming\efwchvd
ID zprávy: 3317784a-3b92-46d4-8466-be2947f39e97
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/25/2020 02:50:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: efwchvd, verze: 4.7.6.5, časové razítko: 0x5e6f496f
Název chybujícího modulu: efwchvd, verze: 4.7.6.5, časové razítko: 0x5e6f496f
Kód výjimky: 0xc0000005
Posun chyby: 0x00001725
ID chybujícího procesu: 0x424c
Čas spuštění chybující aplikace: 0x01d602ac46d88d0a
Cesta k chybující aplikaci: C:\Users\Petr\AppData\Roaming\efwchvd
Cesta k chybujícímu modulu: C:\Users\Petr\AppData\Roaming\efwchvd
ID zprávy: c966feb1-1dcd-4aa1-8543-72dc1a2fd3aa
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/25/2020 02:50:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: adwchvd, verze: 0.0.0.0, časové razítko: 0x5e6f3cde
Název chybujícího modulu: adwchvd, verze: 0.0.0.0, časové razítko: 0x5e6f3cde
Kód výjimky: 0xc0000005
Posun chyby: 0x00001823
ID chybujícího procesu: 0x3a08
Čas spuštění chybující aplikace: 0x01d602ac4767d5bb
Cesta k chybující aplikaci: C:\Users\Petr\AppData\Roaming\adwchvd
Cesta k chybujícímu modulu: C:\Users\Petr\AppData\Roaming\adwchvd
ID zprávy: b2704dfe-9797-454c-a484-1d79b6622b24
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/25/2020 02:40:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: efwchvd, verze: 4.7.6.5, časové razítko: 0x5e6f496f
Název chybujícího modulu: efwchvd, verze: 4.7.6.5, časové razítko: 0x5e6f496f
Kód výjimky: 0xc000041d
Posun chyby: 0x00001725
ID chybujícího procesu: 0xd88
Čas spuštění chybující aplikace: 0x01d602aae17fd4c3
Cesta k chybující aplikaci: C:\Users\Petr\AppData\Roaming\efwchvd
Cesta k chybujícímu modulu: C:\Users\Petr\AppData\Roaming\efwchvd
ID zprávy: e765efbc-27f7-4cd1-8090-aa5f7c5f3031
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/25/2020 02:40:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: efwchvd, verze: 4.7.6.5, časové razítko: 0x5e6f496f
Název chybujícího modulu: efwchvd, verze: 4.7.6.5, časové razítko: 0x5e6f496f
Kód výjimky: 0xc0000005
Posun chyby: 0x00001725
ID chybujícího procesu: 0xd88
Čas spuštění chybující aplikace: 0x01d602aae17fd4c3
Cesta k chybující aplikaci: C:\Users\Petr\AppData\Roaming\efwchvd
Cesta k chybujícímu modulu: C:\Users\Petr\AppData\Roaming\efwchvd
ID zprávy: 2ea7dc32-56cc-4165-8654-eee02f9f6dc0
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/25/2020 02:40:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: adwchvd, verze: 0.0.0.0, časové razítko: 0x5e6f3cde
Název chybujícího modulu: adwchvd, verze: 0.0.0.0, časové razítko: 0x5e6f3cde
Kód výjimky: 0xc0000005
Posun chyby: 0x00001823
ID chybujícího procesu: 0x2580
Čas spuštění chybující aplikace: 0x01d602aae1d98734
Cesta k chybující aplikaci: C:\Users\Petr\AppData\Roaming\adwchvd
Cesta k chybujícímu modulu: C:\Users\Petr\AppData\Roaming\adwchvd
ID zprávy: f64f9378-28a7-4b3e-84d5-c7fc969be29b
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/25/2020 02:30:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: efwchvd, verze: 4.7.6.5, časové razítko: 0x5e6f496f
Název chybujícího modulu: efwchvd, verze: 4.7.6.5, časové razítko: 0x5e6f496f
Kód výjimky: 0xc000041d
Posun chyby: 0x00001725
ID chybujícího procesu: 0x13ec
Čas spuštění chybující aplikace: 0x01d602a97b9587c6
Cesta k chybující aplikaci: C:\Users\Petr\AppData\Roaming\efwchvd
Cesta k chybujícímu modulu: C:\Users\Petr\AppData\Roaming\efwchvd
ID zprávy: d4640d10-ad1c-48f8-ad13-322f0f151820
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/25/2020 02:30:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: efwchvd, verze: 4.7.6.5, časové razítko: 0x5e6f496f
Název chybujícího modulu: efwchvd, verze: 4.7.6.5, časové razítko: 0x5e6f496f
Kód výjimky: 0xc0000005
Posun chyby: 0x00001725
ID chybujícího procesu: 0x13ec
Čas spuštění chybující aplikace: 0x01d602a97b9587c6
Cesta k chybující aplikaci: C:\Users\Petr\AppData\Roaming\efwchvd
Cesta k chybujícímu modulu: C:\Users\Petr\AppData\Roaming\efwchvd
ID zprávy: d298646a-e7e6-4ce1-ad13-60b310b58e9b
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (03/27/2020 01:07:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba bookingDesktopApp Update Service (bookingdesktopapp) byla neočekávaně ukončena. Tento stav nastal již 5krát.

Error: (03/27/2020 01:04:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba bookingDesktopApp Update Service (bookingdesktopapp) byla neočekávaně ukončena. Tento stav nastal již 4krát.

Error: (03/25/2020 05:07:23 PM) (Source: DCOM) (EventID: 10010) (User: TEPAN)
Description: Server Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe!App.AppXydmptpzm8pts0mhzrytvzy52ye9x3ttq.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/25/2020 05:07:23 PM) (Source: DCOM) (EventID: 10010) (User: TEPAN)
Description: Server Microsoft.OneConnect_5.2002.431.0_x64__8wekyb3d8bbwe!App.AppXe8pdgw5syxe8pgccbk3mcn5hanwamr0e.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/25/2020 05:00:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba bookingDesktopApp Update Service (bookingdesktopapp) byla neočekávaně ukončena. Tento stav nastal již 3krát.

Error: (03/25/2020 04:53:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba bookingDesktopApp Update Service (bookingdesktopapp) byla neočekávaně ukončena. Tento stav nastal již 2krát.

Error: (03/25/2020 04:47:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba bookingDesktopApp Update Service (bookingdesktopapp) byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/25/2020 04:46:57 PM) (Source: DCOM) (EventID: 10010) (User: TEPAN)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
===================================
Date: 2020-03-25 07:55:30.880
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:MSIL/Kryptik.MJ!ibt
ID: 2147744485
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Petr\AppData\Local\Temp\lm3rsytbdas\i4og1o43yp2.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-7I5MUS8\Petr
Název procesu: C:\Program Files (x86)\Toptes\756411398.exe
Verze bezpečnostních informací: AV: 1.311.1886.0, AS: 1.311.1886.0, NIS: 1.311.1886.0
Verze modulu: AM: 1.1.16900.4, NIS: 1.1.16900.4

Date: 2020-03-25 07:45:29.593
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:MSIL/Kryptik.MJ!ibt
ID: 2147744485
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Petr\AppData\Local\Temp\kg55ug5tug3\mbuxs2ue2mz.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-7I5MUS8\Petr
Název procesu: C:\Program Files (x86)\Toptes\756411398.exe
Verze bezpečnostních informací: AV: 1.311.1886.0, AS: 1.311.1886.0, NIS: 1.311.1886.0
Verze modulu: AM: 1.1.16900.4, NIS: 1.1.16900.4

Date: 2020-03-25 07:35:28.217
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:MSIL/Kryptik.MJ!ibt
ID: 2147744485
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Petr\AppData\Local\Temp\gaouz4c1z43\kebsyc0yt21.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-7I5MUS8\Petr
Název procesu: C:\Program Files (x86)\Toptes\756411398.exe
Verze bezpečnostních informací: AV: 1.311.1886.0, AS: 1.311.1886.0, NIS: 1.311.1886.0
Verze modulu: AM: 1.1.16900.4, NIS: 1.1.16900.4

Date: 2020-03-25 07:25:27.406
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:MSIL/Kryptik.MJ!ibt
ID: 2147744485
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Petr\AppData\Local\Temp\4tbfzr4orun\vskono4vsb2.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-7I5MUS8\Petr
Název procesu: C:\Program Files (x86)\Toptes\756411398.exe
Verze bezpečnostních informací: AV: 1.311.1886.0, AS: 1.311.1886.0, NIS: 1.311.1886.0
Verze modulu: AM: 1.1.16900.4, NIS: 1.1.16900.4

Date: 2020-03-25 07:15:26.073
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:MSIL/Kryptik.MJ!ibt
ID: 2147744485
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Petr\AppData\Local\Temp\r4okzkylobk\tsc0qa4baqh.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-7I5MUS8\Petr
Název procesu: C:\Program Files (x86)\Toptes\756411398.exe
Verze bezpečnostních informací: AV: 1.311.1886.0, AS: 1.311.1886.0, NIS: 1.311.1886.0
Verze modulu: AM: 1.1.16900.4, NIS: 1.1.16900.4

CodeIntegrity:
===================================

Date: 2020-03-27 13:09:31.265
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\cssguard64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-03-27 13:09:31.261
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-03-27 13:09:04.635
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\cssguard64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-03-27 13:09:04.630
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-03-27 13:09:04.458
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\MicrosoftEdgeSH.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\cssguard64.dll that did not meet the Store signing level requirements.

Date: 2020-03-27 13:09:04.454
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-03-27 13:08:59.085
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\MicrosoftEdgeSH.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\cssguard64.dll that did not meet the Store signing level requirements.

Date: 2020-03-27 13:08:59.082
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 1804 07/29/2019
Motherboard: ASUSTeK COMPUTER INC. TUF B450M-PLUS GAMING
Processor: AMD Ryzen 5 2600 Six-Core Processor
Percentage of memory in use: 57%
Total physical RAM: 8128.81 MB
Available physical RAM: 3488.46 MB
Total Virtual: 19065 MB
Available Virtual: 11590.07 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:237.91 GB) (Free:31.66 GB) NTFS
Drive d: () (Fixed) (Total:447.13 GB) (Free:38.62 GB) NTFS

\\?\Volume{06f3911c-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.57 GB) (Free:0.17 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 447.1 GB) (Disk ID: 06F39101)
Partition 1: (Not Active) - (Size=447.1 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 238.5 GB) (Disk ID: 06F3911C)
Partition 1: (Active) - (Size=579 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=237.9 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Re: prosím o pomoc -havěť v počítači

Napsal: 27 bře 2020 14:58
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
CustomCLSID: HKU\S-1-5-21-4148571483-3592684963-3718319802-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Petr\AppData\Local\Microsoft\OneDrive\19.222.1110.0006\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-4148571483-3592684963-3718319802-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Petr\AppData\Local\Microsoft\OneDrive\19.222.1110.0006\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-4148571483-3592684963-3718319802-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Petr\AppData\Local\Microsoft\OneDrive\19.222.1110.0006\amd64\FileSyncShell64.dll => No File
FirewallRules: [{07EBAADB-1BD7-4B87-A8BF-C1B9C9918340}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{070527AA-7BEB-4FAA-9D79-34D9DF8E8AEF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
C:\Users\Petr\AppData\Local\Temp
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\Run: [BingSvc] => C:\Users\Petr\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2017-12-26] (Microsoft Corporation -> © 2015 Microsoft Corporation)
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\MountPoints2: {34a2c2d5-ec5c-11e9-9cc8-40b0765e7062} - "D:\Launch.exe"
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\MountPoints2: {ce33b9ab-f281-11e9-9cd2-40b0765e7062} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\MountPoints2: {ce33b9de-f281-11e9-9cd2-40b0765e7062} - "E:\HiSuiteDownLoader.exe"
C:\ProgramData\lock.dat
C:\ProgramData\rc.dat
C:\ProgramData\ts.dat
C:\Users\Petr\AppData\Roaming\brhesbb
C:\Users\Petr\AppData\Roaming\twhbagu

EmptyTemp:
End
Uložte do C:\Users\Petr\OneDrive\Plocha jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: prosím o pomoc -havěť v počítači

Napsal: 28 bře 2020 06:02
od tepan
Fix result of Farbar Recovery Scan Tool (x64) Version: 26-03-2020
Ran by Petr (28-03-2020 05:59:27) Run:1
Running from C:\Users\Petr\OneDrive\Plocha
Loaded Profiles: Petr (Available Profiles: Petr)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
CustomCLSID: HKU\S-1-5-21-4148571483-3592684963-3718319802-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Petr\AppData\Local\Microsoft\OneDrive\19.222.1110.0006\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-4148571483-3592684963-3718319802-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Petr\AppData\Local\Microsoft\OneDrive\19.222.1110.0006\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-4148571483-3592684963-3718319802-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Petr\AppData\Local\Microsoft\OneDrive\19.222.1110.0006\amd64\FileSyncShell64.dll => No File
FirewallRules: [{07EBAADB-1BD7-4B87-A8BF-C1B9C9918340}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{070527AA-7BEB-4FAA-9D79-34D9DF8E8AEF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
C:\Users\Petr\AppData\Local\Temp
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\Run: [BingSvc] => C:\Users\Petr\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2017-12-26] (Microsoft Corporation -> © 2015 Microsoft Corporation)
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\MountPoints2: {34a2c2d5-ec5c-11e9-9cc8-40b0765e7062} - "D:\Launch.exe"
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\MountPoints2: {ce33b9ab-f281-11e9-9cd2-40b0765e7062} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\...\MountPoints2: {ce33b9de-f281-11e9-9cd2-40b0765e7062} - "E:\HiSuiteDownLoader.exe"
C:\ProgramData\lock.dat
C:\ProgramData\rc.dat
C:\ProgramData\ts.dat
C:\Users\Petr\AppData\Roaming\brhesbb
C:\Users\Petr\AppData\Roaming\twhbagu

EmptyTemp:
End
*****************

Processes closed successfully.
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E} => removed successfully
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C} => removed successfully
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E} => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{07EBAADB-1BD7-4B87-A8BF-C1B9C9918340}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{070527AA-7BEB-4FAA-9D79-34D9DF8E8AEF}" => removed successfully

"C:\Users\Petr\AppData\Local\Temp" folder move:

Could not move "C:\Users\Petr\AppData\Local\Temp" => Scheduled to move on reboot.

"HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\Software\Microsoft\Windows\CurrentVersion\Run\\BingSvc" => removed successfully
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{34a2c2d5-ec5c-11e9-9cc8-40b0765e7062} => removed successfully
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ce33b9ab-f281-11e9-9cd2-40b0765e7062} => removed successfully
HKU\S-1-5-21-4148571483-3592684963-3718319802-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ce33b9de-f281-11e9-9cd2-40b0765e7062} => removed successfully
C:\ProgramData\lock.dat => moved successfully
C:\ProgramData\rc.dat => moved successfully
C:\ProgramData\ts.dat => moved successfully
C:\Users\Petr\AppData\Roaming\brhesbb => moved successfully
C:\Users\Petr\AppData\Roaming\twhbagu => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 131274133 B
Java, Flash, Steam htmlcache => 175297621 B
Windows/system/drivers => 191989 B
Edge => 315307688 B
Chrome => 400305511 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 89124 B
NetworkService => 209096 B
Petr => 306679130 B

RecycleBin => 14646 B
EmptyTemp: => 1.2 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 28-03-2020 06:01:06)

C:\Users\Petr\AppData\Local\Temp => moved successfully

==== End of Fixlog 06:01:06 ====

Re: prosím o pomoc -havěť v počítači

Napsal: 28 bře 2020 11:09
od Rudy
Smazáno. Nastala nějaká změna?

Re: prosím o pomoc -havěť v počítači

Napsal: 30 bře 2020 18:12
od tepan
Zatím pop-upy nevyskakují,tak snad bude klid.Zatím moc děkuji.

Re: prosím o pomoc -havěť v počítači

Napsal: 30 bře 2020 18:54
od Rudy
Zatím nemáte zač! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz