Stránka 1 z 2

Prosím o kontrolu, předem děkuji.

Napsal: 26 bře 2020 21:16
od MiniPufi
Ahoj, prosím o kontrolu. Nepozoruju žádné problémy, ale GridinSoft Anti-Malware našel dva trojské koně (mám pouze demo, takže mi to neumožní žádnou možnost řešení). Zkoušela jsem scan přes HitmanPro a Malwarebytes, ty nenašly nic, a Zabezpečení Windows též tvrdí, že nikde nic, ale chtěla bych mít jistotu, že je vše v pořádku. Moc vám děkuju.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-03-2020
Ran by dotro (26-03-2020 20:03:47)
Running from C:\Users\dotro\Downloads
Windows 10 Home Version 1903 18362.720 (X64) (2019-07-28 21:23:35)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1756291422-3896979012-1980332954-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1756291422-3896979012-1980332954-503 - Limited - Disabled)
dotro (S-1-5-21-1756291422-3896979012-1980332954-1001 - Administrator - Enabled) => C:\Users\dotro
Guest (S-1-5-21-1756291422-3896979012-1980332954-501 - Limited - Disabled)
mufmu (S-1-5-21-1756291422-3896979012-1980332954-1003 - Limited - Disabled) => C:\Users\mufmu
WDAGUtilityAccount (S-1-5-21-1756291422-3896979012-1980332954-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1756291422-3896979012-1980332954-1001\...\uTorrent) (Version: 3.5.5.45341 - BitTorrent Inc.)
7-Zip 18.06 (x64) (HKLM\...\7-Zip) (Version: 18.06 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.344 - Adobe)
Aktualizace NVIDIA 36.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 36.0.0.0 - NVIDIA Corporation) Hidden
ASUS Device Activation (HKLM-x32\...\{9C4B0706-9F9A-47BF-B417-0A111FC52B04}) (Version: 1.0.4.0 - ASUSTeK COMPUTER INC.)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.6.8 - ASUSTeK COMPUTER INC.)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.9 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.13.0004 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.6 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0040 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.99 - ICEpower a/s)
Balíček ovladače systému Windows - ASUS (ATP) Mouse (10/21/2015 6.0.0.66) (HKLM\...\BC69268D29996F70FD79F32A561263B8537AAF34) (Version: 10/21/2015 6.0.0.66 - ASUS)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.71.1081 - AB Team, d.o.o.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.16.55 - Conexant)
CyberLink PhotoDirector 5 (HKLM\...\{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.5.6515 - CyberLink Corp.) Hidden
CyberLink PhotoDirector 5 (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.5.6515 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM\...\{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.4010.0 - CyberLink Corp.) Hidden
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.4010.0 - CyberLink Corp.)
Daphne_x64 (HKLM\...\{D615E111-28D9-4D6D-97CB-78A64CF9D368}) (Version: 2.03.2 - DRK)
Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.0.2 - ASUSTek Computer Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 419.67 - NVIDIA Corporation) Hidden
Epic Games Launcher (HKLM-x32\...\{818FF838-5FCD-4FCB-AE39-4F725EBCE2A1}) (Version: 1.1.128.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ExpressVPN (HKLM-x32\...\{E5B9C3E5-889C-4F22-A959-F4B8461D908F}) (Version: 7.5.1.10334 - ExpressVPN) Hidden
ExpressVPN (HKLM-x32\...\{e629f10b-0739-4b42-b774-fe4f4f975ad6}) (Version: 7.5.1.10334 - ExpressVPN)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.5.0.6.1001 - Genesys Logic)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
GridinSoft Anti-Malware (HKLM\...\GridinSoft Anti-Malware) (Version: 4.1.36 - Gridinsoft LLC)
HitmanPro 3.8 (HKLM\...\HitmanPro38) (Version: 3.8.18.312 - SurfRight B.V.)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10603.192 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{a2d9fda8-65eb-4c06-81ef-31e0a4daa335}) (Version: 10.1.1.11 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1167 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4550 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{C7CD6D54-26AF-4D93-B06F-D81ACE8624CB}) (Version: 6.0.40.0 - Intel Corporation)
Intel(R) WiDi Software Asset Manager (HKLM-x32\...\{5B5CD20C-29F0-4857-A4FA-A4F4C716B019}) (Version: 1.1.347 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{64FD4757-7186-4F12-9AA8-5EE809CAB282}) (Version: 17.1.1532.1814 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{4c8b7360-62a2-4339-b745-41323055d0bb}) (Version: 18.20.0 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.2.1.4 - PandoraTV)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\{4D78B137-434D-466E-A4D8-98E7EA3F73E5}) (Version: 4.2.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft Office 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.12527.20278 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1756291422-3896979012-1980332954-1003\...\OneDriveSetup.exe) (Version: 17.3.7074.1023 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1756291422-3896979012-1980332954-1005\...\OneDriveSetup.exe) (Version: 17.3.7131.1115 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 74.0 (x64 cs) (HKLM\...\Mozilla Firefox 74.0 (x64 cs)) (Version: 74.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.2 - Mozilla)
Nox APP Player (HKLM-x32\...\Nox) (Version: 6.2.7.0 - Duodian Technology Co. Ltd.)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.18.0.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.18.0.94 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Oblivion mod manager 1.1.12 (HKLM-x32\...\Oblivion mod manager_is1) (Version: - Timeslip)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12527.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12527.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12527.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.12527.20278 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.40.26928 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{1dccdcdc-b7df-41e7-8f9f-1a6bc24ba749}) (Version: latest - ppy Pty Ltd)
Ovládací panel NVIDIA 419.67 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 419.67 - NVIDIA Corporation) Hidden
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22243 - Microsoft Corporation)
Popcorn-Time (HKU\S-1-5-21-1756291422-3896979012-1980332954-1001\...\Popcorn-Time) (Version: 0.3.10 - Popcorn Time)
Rainlendar2 (remove only) (HKLM-x32\...\Rainlendar2) (Version: - )
Realtek USB Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{04201224-2B34-4EE7-862B-B7BBF89DB3AB}) (Version: 10.34.603.2019 - Realtek)
Sid Meier's Civilization V (HKLM-x32\...\steam app 8930) (Version: - 2K Games, Inc.)
Spotify (HKU\S-1-5-21-1756291422-3896979012-1980332954-1001\...\Spotify) (Version: 1.1.20.510.g7d28aaaa - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM-x32\...\{61B90E2F-2DD9-4581-8856-C2441B61571A}) (Version: 1.7.0.0 - Microsoft Corporation) Hidden
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS)
WPS Office for ASUS (HKLM-x32\...\Kingsoft Office) (Version: 9.1.0.4947 - Kingsoft Corp.)

Packages:
=========
Flipboard -> C:\Program Files\WindowsApps\Flipboard.Flipboard_2.1.3.0_neutral__3f5azkryzdbc4 [2017-08-25] (Flipboard)
Gameloft Games -> C:\Program Files\WindowsApps\A278AB0D.GameloftGames_1.0.2.6_x86__h6adky7gbf63m [2017-08-25] (Gameloft.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-27] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-27] (Microsoft Corporation) [MS Ad]
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.36.20583.0_x64__8wekyb3d8bbwe [2020-03-15] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-18] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20503.0_x64__8wekyb3d8bbwe [2020-03-16] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-19] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1756291422-3896979012-1980332954-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\dotro\AppData\Local\Microsoft\OneDrive\17.3.6943.0625_1\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1756291422-3896979012-1980332954-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\dotro\AppData\Local\Microsoft\OneDrive\17.3.6943.0625_1\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1756291422-3896979012-1980332954-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\dotro\AppData\Local\Microsoft\OneDrive\17.3.6943.0625_1\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\dotro\AppData\Local\MEGAsync\ShellExtX64.dll [2020-03-25] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\dotro\AppData\Local\MEGAsync\ShellExtX64.dll [2020-03-25] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\dotro\AppData\Local\MEGAsync\ShellExtX64.dll [2020-03-25] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\dotro\AppData\Local\MEGAsync\ShellExtX64.dll [2020-03-25] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\dotro\AppData\Local\MEGAsync\ShellExtX64.dll [2020-03-25] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\dotro\AppData\Local\MEGAsync\ShellExtX64.dll [2020-03-25] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-12-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [DRKShell] -> {E18C8C1B-FD35-455E-BB21-4BA26B1E751D} => -> No File
ContextMenuHandlers1: [GridinSoft Anti-Malware] -> {F77F27A6-89F3-471A-AFA8-3B280940A10C} => C:\Program Files\GridinSoft Anti-Malware\shellext.dll [2020-03-26] (GridinSoft, LLC -> Gridinsoft LLC)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\dotro\AppData\Local\MEGAsync\ShellExtX64.dll [2020-03-25] (Mega Limited -> )
ContextMenuHandlers2: [GridinSoft Anti-Malware] -> {F77F27A6-89F3-471A-AFA8-3B280940A10C} => C:\Program Files\GridinSoft Anti-Malware\shellext.dll [2020-03-26] (GridinSoft, LLC -> Gridinsoft LLC)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\dotro\AppData\Local\MEGAsync\ShellExtX64.dll [2020-03-25] (Mega Limited -> )
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-03-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\dotro\AppData\Local\MEGAsync\ShellExtX64.dll [2020-03-25] (Mega Limited -> )
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-12-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [GridinSoft Anti-Malware] -> {F77F27A6-89F3-471A-AFA8-3B280940A10C} => C:\Program Files\GridinSoft Anti-Malware\shellext.dll [2020-03-26] (GridinSoft, LLC -> Gridinsoft LLC)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\dotro\AppData\Local\MEGAsync\ShellExtX64.dll [2020-03-25] (Mega Limited -> )
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxDTCM.dll [2017-08-24] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-03-17] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-12-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [DRKShell] -> {E18C8C1B-FD35-455E-BB21-4BA26B1E751D} => -> No File
ContextMenuHandlers6: [GridinSoft Anti-Malware] -> {F77F27A6-89F3-471A-AFA8-3B280940A10C} => C:\Program Files\GridinSoft Anti-Malware\shellext.dll [2020-03-26] (GridinSoft, LLC -> Gridinsoft LLC)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-03-26] (Malwarebytes Corporation -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\dotro\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\76f9e4d33b60b312\Popcorn-Time.lnk -> C:\Users\dotro\AppData\Local\Popcorn-Time\Popcorn-Time.exe (The NWJS Community) -> --user-data-dir="C:\Users\dotro\AppData\Local\Popcorn-Time\User Data" --profile-directory=Default --app-id=hecfofbbdfadifpemejbbdcjmfmboohj

==================== Loaded Modules (Whitelisted) =============

2020-03-18 13:49 - 2020-03-18 13:49 - 000349184 _____ ( ) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.CxHef9fb4ae#\530c362724b1556132710f2af59bb795\Interop.CxHDAudioAPILib.ni.dll
2015-08-25 10:40 - 2015-08-25 10:40 - 000124928 _____ () [File not signed] C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2015-08-25 10:40 - 2015-08-25 10:40 - 000027648 _____ () [File not signed] C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2015-08-25 10:40 - 2015-08-25 10:40 - 001680384 _____ (ASUS TeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\Splendid\ApplyLUT.dll
2015-08-25 10:40 - 2015-08-25 10:40 - 000178688 _____ (ASUS TeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\Splendid\GenLUT.dll
2015-08-25 10:40 - 2015-08-25 10:40 - 000164864 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\Splendid\ColorU.dll
2017-11-29 20:26 - 2017-11-29 20:23 - 001132032 _____ (Conexant Systems, Inc.) [File not signed] C:\Program Files\Conexant\SAII\CxHDAudioAPI.dll
2019-01-15 20:56 - 2018-12-30 08:00 - 000077824 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2019-05-22 17:26 - 2019-05-22 17:26 - 001548288 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2019-05-22 17:26 - 2019-05-22 17:26 - 000395776 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2019-05-22 17:26 - 2019-05-25 08:55 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2019-05-22 17:26 - 2019-05-25 08:56 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2019-05-22 17:26 - 2019-05-25 08:56 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2019-05-22 17:26 - 2019-05-25 08:56 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2019-05-22 17:26 - 2019-05-25 08:56 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2019-05-22 17:26 - 2019-05-25 08:56 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1756291422-3896979012-1980332954-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1756291422-3896979012-1980332954-1001\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 12:04 - 2015-07-10 12:02 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2020-01-22 20:38 - 2020-02-25 21:13 - 000000566 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1756291422-3896979012-1980332954-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\dotro\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\w9.jpg
HKU\S-1-5-21-1756291422-3896979012-1980332954-1003\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-1756291422-3896979012-1980332954-1005\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-1756291422-3896979012-1980332954-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-1756291422-3896979012-1980332954-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1756291422-3896979012-1980332954-1001\...\StartupApproved\Run: => "Rainlendar2"
HKU\S-1-5-21-1756291422-3896979012-1980332954-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1756291422-3896979012-1980332954-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1756291422-3896979012-1980332954-1001\...\StartupApproved\Run: => "Steam"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{10B8D559-3C94-41C7-AAC0-E9C6F67F9B9A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Resident Evil 6\BH6.exe (QLOC S.A. -> CAPCOM U.S.A, INC.)
FirewallRules: [{886D7CF1-0C8D-4C96-80DE-96756458C170}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Resident Evil 6\BH6.exe (QLOC S.A. -> CAPCOM U.S.A, INC.)
FirewallRules: [UDP Query User{FBF468D0-B89C-4F81-80B5-AEE0CC044208}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{C568AE91-B044-4BD1-B429-1A66FA908AB8}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{A4FA8F69-7C67-4D9C-9A36-9330148B1E29}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{1F1A63F1-D404-411E-BF76-C7FBD712E7BC}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{B55D516D-1CF6-444D-946E-26013135DB4A}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{9534F77C-AD80-415A-B945-8C6D771A422F}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{0E6BF920-A253-4AD5-AC77-B0F48B1A0CF4}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{D68A1C0A-D559-4776-ABAF-0DF21A39E816}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{602A5A5A-C463-4F34-A7FF-FFE5E3200424}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{F6BDE84C-54AE-4652-8D87-8FEE006A7991}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe No File
FirewallRules: [{22A08468-4DA8-4920-A80C-37E93876232C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0E519729-B0AA-420F-A20E-E6A627798588}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{08CABD94-2E9E-461C-8EC5-EB7932ABC100}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{77450043-FF7E-4FAA-B60F-FB1267F9E3AB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5D14D78D-EAA0-4C26-AF49-888415371A6A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E811AF7D-F4B4-42F6-B7F8-023BD5505D48}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{CE75EFAC-FE7A-482C-8285-3BC64A30710B}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{30BB7BDA-D449-4CFE-AC63-33555047963E}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{C3376E6E-6903-42C3-90AC-B70F4E75830B}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{146FB848-8E51-4484-BA26-EFB6D72518FA}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe No File
FirewallRules: [{7FD87513-9F2A-41E3-B41A-E3235C1DA527}] => (Allow) C:\Program Files (x86)\\Bignox\\BigNoxVM\\RT\NoxVMHandle.exe (Nox Limited -> BigNox Corporation)
FirewallRules: [{CD290337-BC76-4B15-A903-3901B5AB1088}] => (Allow) C:\Program Files (x86)\Nox\bin\Nox.exe (Nox Limited -> Duodian Technology Co. Ltd.)
FirewallRules: [UDP Query User{12F1D1E2-52E0-4261-8DE7-9C8C0D81A943}C:\users\dotro\appdata\local\popcorn-time\popcorn-time.exe] => (Block) C:\users\dotro\appdata\local\popcorn-time\popcorn-time.exe (The NWJS Community) [File not signed]
FirewallRules: [TCP Query User{076E4CC6-2C7B-412E-9EE5-7253780CAAAE}C:\users\dotro\appdata\local\popcorn-time\popcorn-time.exe] => (Block) C:\users\dotro\appdata\local\popcorn-time\popcorn-time.exe (The NWJS Community) [File not signed]
FirewallRules: [UDP Query User{9771C1EE-E93F-4920-BDB0-4C9782C52CA1}C:\users\dotro\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dotro\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{8EB31EB5-085A-4C5C-ACC1-F1972154E81B}C:\users\dotro\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dotro\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{6FC22692-569E-4245-B8B8-FFEB5789E5EC}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{80C28DE1-5B69-45C4-ABE3-11799457400F}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{976518B6-1BBE-4CAE-81BE-0AFF974ECD34}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{652398FE-3311-47B2-90EA-EB7CE7210960}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{48776565-E6D8-48F8-9DD9-36F37A2B64D1}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{DBDF2E35-C0E3-45EC-856A-A5446241F760}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{82F9545D-F4A9-4868-8536-C1274AB5F93E}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{9EAAADA4-75F4-4B69-9F4E-1B660A36BA8F}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{78DE6CC1-B5F1-4295-BF72-2D3409C84254}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{6C99BFA4-2EAA-4B2A-A1CF-A2E9AB7639D1}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{67BAAE03-A35E-4A13-BBF0-3AF451AA8F19}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{CD50837A-BEBC-48CD-AC88-F6F43FD75AB6}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{B4C62CF0-7925-409C-966E-617241DFCC41}C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe No File
FirewallRules: [TCP Query User{4652710E-E9DA-4A9E-9759-8200C74870F7}C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe No File
FirewallRules: [{1D658475-241C-41B6-A21D-265CF76A01AF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{A3E30868-2119-44A0-AA94-09A106390250}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{494FFA83-8AB5-4C8A-A389-44122599B6A9}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{15BBB86E-2531-4571-8927-BA6DEBAE4B74}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{BCFC64A4-F1B0-409D-96CE-098298E8FE9C}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{A38DE541-47DC-4CB9-955D-F9BF8C3D7D63}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{999FB491-E30C-4B8F-93EE-81D7087CD74E}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{8667FEB5-B207-490E-94A7-D488A0BD7532}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{C2987230-A821-48CC-96E5-C417CCEF3D0B}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.157\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.157\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{05F45A18-5783-4DD9-A6A8-F33AC235FF9B}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.157\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.157\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{3C3FC762-FF11-43DA-AE41-A99739D87FF6}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{BBC6B195-D4E5-438E-BA38-4E5CD3EDBB0F}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{35AEE9C0-4509-48FB-B225-B726746EDB3B}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{12802B58-5E92-4D8D-B682-B43091876544}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{996DFE4A-3D0F-457F-ACF4-066D75C71AF8}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.153\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.153\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{F19A8C55-28AE-41F8-92B7-6BE6AFD821FC}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.153\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.153\deploy\leagueclient.exe No File
FirewallRules: [{890A9211-8E31-42F0-8703-754F057F737B}] => (Allow) C:\Users\dotro\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{AA18058B-7DBA-473E-8D0A-5C5457F9E429}] => (Allow) C:\Users\dotro\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{C36F5E95-6434-465F-90CC-A22864DB96D8}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{79D6F840-4AB9-44C8-8A82-8C93A9888D39}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe No File
FirewallRules: [{3F8605C0-47AA-4DA4-BB60-DA5C0D0FA0A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe No File
FirewallRules: [{F0F75797-0BB2-46D1-BF38-63240816EB23}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe No File
FirewallRules: [{F502C942-87A1-435B-BA2B-93C011971CB9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RollerCoaster Tycoon Deluxe\RCT.EXE () [File not signed]
FirewallRules: [{0D672FD9-214E-41E2-818C-50F53227F9F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RollerCoaster Tycoon Deluxe\RCT.EXE () [File not signed]
FirewallRules: [UDP Query User{A3800C39-5C70-4A9B-A131-5C99431D2F29}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{0D59D5D1-3E6F-4A39-971D-97EFD8BEBECC}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{D62B8A63-7108-44D5-B784-2147CF909797}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{55A52BC3-7919-4C14-9346-EC02CEBF5A7F}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{199EEC89-3B7E-4D98-90CD-02ECBEC5381A}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{0A993BE5-E1B8-45C5-9D28-DBA4D6A95847}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{17C64131-1E47-4FDA-8C68-4ADAF5298F31}] => (Allow) C:\Users\dotro\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{488C3482-9A6A-4ED4-9B9C-5513DC1BE0BA}] => (Allow) C:\Users\dotro\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{76BA2FDC-2DC1-4A5A-AEEF-8A4D831E0195}] => (Allow) C:\Users\dotro\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{552C6BB1-1BE4-4464-B891-C6C55A603C0B}] => (Allow) C:\Users\dotro\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{BB83D69B-33CE-4C55-91AB-40F166C72DD4}] => (Allow) C:\Users\dotro\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{6149EC2E-74FE-4D8C-B013-9F7798A925DD}] => (Allow) C:\Users\dotro\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{DFE668C7-AEC2-4717-AD9F-6EA0F0864F50}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ibbandobb\ibbobb.exe () [File not signed]
FirewallRules: [{D41572ED-FAE3-4F4D-82BC-D34E58748ED6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ibbandobb\ibbobb.exe () [File not signed]
FirewallRules: [{20D4A563-8172-4721-AC99-793746FD8164}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Wireless Connectivity Solutions -> )
FirewallRules: [{2C53C74A-BCE5-4B10-9256-9AC069B8A6F2}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe No File
FirewallRules: [{2A6CFEF3-E5D5-42E4-AE0E-2D152EBFA756}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiAppOld.exe (Intel(R) Wireless Display -> Intel Corporation)
FirewallRules: [{ED6088E4-D000-4491-A1E2-658410D5739B}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\Next\WirelessDisplay.exe No File
FirewallRules: [{5D1F062E-1B25-452A-A238-50C09FD24197}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\SmartAgentTest.exe (Intel(R) Wireless Display -> )
FirewallRules: [{7C9A7CAA-5E37-4073-86B1-5EB2413C72C3}] => (Allow) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe (Intel(R) Wireless Display -> Intel)
FirewallRules: [{E4A606F9-3F90-4118-A15B-935CA4A37CF1}] => (Allow) c:\Program Files\CyberLink\PowerDirector12\PDR10.EXE No File
FirewallRules: [{C363D7A1-E528-46AF-91FA-8D2ECCE4666F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{2EAE9BA0-A877-40D3-AAE0-5A66571601D4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{37D6BB17-0271-4995-9B88-E032A30B2776}C:\users\dotro\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dotro\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{5090D129-9818-41F5-906F-3F506AE9B52A}C:\users\dotro\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dotro\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FCE6C1E7-1F62-4621-B5FC-353FA87B3AFE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{80CBCA5D-446D-47A4-8A2D-82D7F336F0ED}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{ADC1E5C3-3E44-4A91-B18C-44335D6967D6}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{05A7031D-90D0-47A2-8259-68DD90BBD48F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{322E8357-1FBF-405C-822C-4474BBFA407C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ultimate Chicken Horse\UltimateChickenHorse.exe () [File not signed]
FirewallRules: [{E496342C-AEEF-442F-B644-D47FA937E833}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ultimate Chicken Horse\UltimateChickenHorse.exe () [File not signed]
FirewallRules: [TCP Query User{4EA0A876-892A-44B0-9C71-2FFEBEAED667}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{45776CBD-2D29-41FD-8627-8470B3B6248D}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BF9F46A6-0028-4CD4-95D2-7F179EDCEA4C}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe (Popcorn Time) [File not signed]
FirewallRules: [{363F573C-BB1A-4B1E-A13B-4B1537B9D3A1}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe (Popcorn Time) [File not signed]
FirewallRules: [TCP Query User{8B64122B-771D-4693-8188-9002119BE0A6}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{DFD35B70-C076-4262-9420-7EAC4BDEB917}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{6128AAC6-DEC7-4978-86FC-42E871E7F6F9}C:\users\dotro\appdata\local\popcorn-time\popcorn-time.exe] => (Allow) C:\users\dotro\appdata\local\popcorn-time\popcorn-time.exe (The NWJS Community) [File not signed]
FirewallRules: [UDP Query User{D0078398-E1AC-4835-8775-FC8BF394D083}C:\users\dotro\appdata\local\popcorn-time\popcorn-time.exe] => (Allow) C:\users\dotro\appdata\local\popcorn-time\popcorn-time.exe (The NWJS Community) [File not signed]
FirewallRules: [TCP Query User{92DA1E15-D1A7-4E26-9A74-741B003E5A0A}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{39583EC6-8939-4E61-B051-01B2BCD2D583}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{F088AC4B-F213-49B6-8559-E165B3B3B347}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.148\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.148\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{33424736-31A7-4A78-8587-E296A401FBB1}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.148\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.148\deploy\leagueclient.exe No File
FirewallRules: [{F44B3DE2-ABEA-4482-B58C-E219AA87559C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe () [File not signed]
FirewallRules: [{62C8011D-25A2-461A-8DC5-D72E723C29DD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe () [File not signed]
FirewallRules: [TCP Query User{0616DC55-9A42-4A08-91AF-82E77D545517}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> )
FirewallRules: [UDP Query User{66040B4F-67EB-4770-8551-EB108F6232E6}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> )
FirewallRules: [{CA42F039-E082-4861-A97A-8A62D13753CC}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{86BED0AE-A106-494F-8139-1C927D5F200C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ori\ori.exe () [File not signed]
FirewallRules: [{2A01B94C-D405-48D4-830A-EB346C26EB53}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ori\ori.exe () [File not signed]
FirewallRules: [{E743611C-782C-405A-8955-7621CC2C2A84}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Overcooked! 2\Overcooked2.exe () [File not signed]
FirewallRules: [{A31204B0-906F-41E7-857D-14E10B787618}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Overcooked! 2\Overcooked2.exe () [File not signed]
FirewallRules: [{DF69D8DD-AAC9-40E9-8F17-EE816CCD9345}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{B24A23AB-BCD5-4027-97C7-98C9B58D9ECC}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{F323F4C7-4632-4878-B36E-61E701991B8B}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{AAD0D9EE-4E1D-4A4B-844F-C90CE20F237F}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{DCF69512-2861-44B6-83AC-12CD61AE2971}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{ED763667-0746-43DE-A45F-D631311FEA41}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{B1678D3A-4EEA-4B9B-B864-F220623802F2}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{0AAA1AEB-5512-474B-9644-33C6B59F31F6}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{B6FF0C31-107D-4522-9B07-27B41BBFADB0}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{FF880051-594D-4B18-8C2B-3691DC7F5669}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{DD525BD0-8C2D-41CA-BF1E-DEDADAD49753}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe () [File not signed]
FirewallRules: [{7DF5BFAB-F5E9-4139-AA0A-C96554CE50DB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe () [File not signed]
FirewallRules: [{0FD80381-2A5D-49B5-A4AD-89AA67F3638C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{251FC6D0-3718-489B-A019-DFBA21FD71F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [TCP Query User{E95BC4FA-1AE8-4367-ACD6-062CCE720E36}C:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe] => (Allow) C:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe No File
FirewallRules: [UDP Query User{4AEAEEF0-6764-4B83-BF1D-B74E6340AAA7}C:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe] => (Allow) C:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe No File
FirewallRules: [{89AD1AB8-95DB-43FF-880C-006097039398}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{210C142F-4366-484F-8AD1-079D3E23FEA1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]

==================== Restore Points =========================

Check "VSS" service


==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/26/2020 07:53:14 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10676,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/26/2020 07:27:19 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (12304,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/26/2020 07:16:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SecHealthUI.exe verze 10.0.18362.628 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 2084

Čas spuštění: 01d60397fb76ebdc

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe

ID hlášení: 84ae121c-352d-4b62-8776-f155d5885fb8

Úplný název balíčku s chybou: Microsoft.Windows.SecHealthUI_10.0.18362.449_neutral__cw5n1h2txyewy

ID aplikace relativní podle balíčku s chybou: SecHealthUI

Typ zablokování: Cross-process

Error: (03/26/2020 07:09:45 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9784,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/26/2020 07:07:02 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny RegSetValueExW(0x00000308,SYSTEM\CurrentControlSet\Services\VSS\Diag\SwProvider_{b5946137-7b9f-4925-af80-51abd60b20d5},0,REG_BINARY,000000114517E0A0.72) došlo k neočekávané chybě. hr= 0x80070005, Přístup byl odepřen.
.


Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: DoSnapshotSet

Error: (03/26/2020 07:07:02 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny RegSetValueExW(0x00000308,SYSTEM\CurrentControlSet\Services\VSS\Diag\SwProvider_{b5946137-7b9f-4925-af80-51abd60b20d5},0,REG_BINARY,000000114517E0A0.72) došlo k neočekávané chybě. hr= 0x80070005, Přístup byl odepřen.
.


Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: DoSnapshotSet

Error: (03/26/2020 07:07:02 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny RegSetValueExW(0x00000308,SYSTEM\CurrentControlSet\Services\VSS\Diag\SwProvider_{b5946137-7b9f-4925-af80-51abd60b20d5},0,REG_BINARY,000000114517E0A0.72) došlo k neočekávané chybě. hr= 0x80070005, Přístup byl odepřen.
.


Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: DoSnapshotSet

Error: (03/26/2020 07:07:01 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny RegSetValueExW(0x00000308,SYSTEM\CurrentControlSet\Services\VSS\Diag\SwProvider_{b5946137-7b9f-4925-af80-51abd60b20d5},0,REG_BINARY,000000114517E0A0.72) došlo k neočekávané chybě. hr= 0x80070005, Přístup byl odepřen.
.


Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: DoSnapshotSet


System errors:
=============
Error: (03/26/2020 06:10:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Kingsoft_WPS_UpdateService neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (03/26/2020 06:10:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Kingsoft_WPS_UpdateService bylo dosaženo časového limitu (45000 ms).

Error: (03/26/2020 05:29:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Kingsoft_WPS_UpdateService neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (03/26/2020 05:29:37 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Kingsoft_WPS_UpdateService bylo dosaženo časového limitu (45000 ms).

Error: (03/26/2020 12:35:19 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NMPJ99VJBWV-Microsoft.YourPhone.

Error: (03/24/2020 08:13:45 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-RSIJ9SI)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/24/2020 08:13:45 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-RSIJ9SI)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/24/2020 08:13:45 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-RSIJ9SI)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
===================================
Date: 2020-03-26 16:45:04.077
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/CryptInject!MSR
ID: 2147742967
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_D:\setup.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-RSIJ9SI\dotro
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.313.42.0, AS: 1.313.42.0, NIS: 1.313.42.0
Verze modulu: AM: 1.1.16900.4, NIS: 1.1.16900.4

Date: 2020-03-26 16:41:02.299
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/CryptInject!MSR
ID: 2147742967
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_D:\setup.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-RSIJ9SI\dotro
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.313.42.0, AS: 1.313.42.0, NIS: 1.313.42.0
Verze modulu: AM: 1.1.16900.4, NIS: 1.1.16900.4

Date: 2020-03-26 16:40:47.245
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/CryptInject!MSR
ID: 2147742967
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_D:\setup.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-RSIJ9SI\dotro
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.313.42.0, AS: 1.313.42.0, NIS: 1.313.42.0
Verze modulu: AM: 1.1.16900.4, NIS: 1.1.16900.4

Date: 2020-03-26 16:40:28.006
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/CryptInject!MSR
ID: 2147742967
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_D:\setup.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-RSIJ9SI\dotro
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.313.42.0, AS: 1.313.42.0, NIS: 1.313.42.0
Verze modulu: AM: 1.1.16900.4, NIS: 1.1.16900.4

Date: 2020-03-26 13:26:04.181
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {EB63B39F-2240-4482-B9FD-80170A887FA1}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-03-12 19:46:08.424
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.311.1057.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16800.2
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2020-02-07 21:03:52.544
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.309.445.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16700.3
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2020-01-31 19:49:26.049
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.309.102.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16700.3
Kód chyby: 0x80240438
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===================================

Date: 2020-02-07 20:48:57.712
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2020-02-07 20:48:57.705
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2020-02-07 20:48:57.600
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2020-02-07 20:48:57.592
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2020-02-07 20:48:57.582
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.

Date: 2020-02-07 20:48:57.571
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.

Date: 2020-02-07 20:48:57.250
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

Date: 2020-02-07 20:48:57.224
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

BIOS: American Megatrends Inc. UX303UB.202 08/27/2015
Motherboard: ASUSTeK COMPUTER INC. UX303UB
Processor: Intel(R) Core(TM) i5-6200U CPU @ 2.30GHz
Percentage of memory in use: 56%
Total physical RAM: 8090.91 MB
Available physical RAM: 3510.76 MB
Total Virtual: 12698.91 MB
Available Virtual: 6762.8 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:237.32 GB) (Free:47.32 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{7954d40f-b5ed-48c2-b5f9-cd66c678da1e}\ () (Fixed) (Total:0.88 GB) (Free:0.41 GB) NTFS
\\?\Volume{eb380256-291a-4ac7-91cf-a79771fc0825}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: F2CB76F2)

Partition: GPT.

==================== End of Addition.txt =======================

Re: Prosím o kontrolu, předem děkuji.

Napsal: 26 bře 2020 21:55
od Rudy
Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Re: Prosím o kontrolu, předem děkuji.

Napsal: 27 bře 2020 09:47
od MiniPufi
Díky za rychlou odpověď. Pokyny byly naprosto polopatické, netuším, co dělám špatně - po spuštění programu z prvního odkazu jako správce mám možnost Spustit testování, po dokončení se ale neukáže možnost čištění. Mám Výsledky skenování 1/2, kde můžu dát Následující, a Výsledky skenování 2/2, kde můžu označit nalezené věci a dát je do karantény (zatím radši nedělám nic). Vytvořil se pouze Soubor protokolu z testování:

# -------------------------------
# Malwarebytes AdwCleaner 8.0.3.0
# -------------------------------
# Build: 03-03-2020
# Database: 2020-03-23.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 03-27-2020
# Duration: 00:00:23
# OS: Windows 10 Home
# Scanned: 32067
# Detected: 31


***** [ Services ] *****

PUP.Optional.Legacy Update service

***** [ Folders ] *****

PUP.Optional.WebCompanion C:\ProgramData\Application Data\Lavasoft\Web Companion

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Legacy HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{363F573C-BB1A-4B1E-A13B-4B1537B9D3A1}
PUP.Optional.Legacy HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{BF9F46A6-0028-4CD4-95D2-7F179EDCEA4C}
PUP.Optional.WebCompanion HKCU\Software\Lavasoft\Web Companion
PUP.Optional.WebCompanion HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
PUP.Optional.WebCompanion HKLM\Software\Wow6432Node\Lavasoft\Web Companion

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.ASUSDeviceActivation Folder C:\Program Files (x86)\ASUS\ASUS DEVICE ACTIVATION
Preinstalled.ASUSDeviceActivation Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{9C4B0706-9F9A-47BF-B417-0A111FC52B04}
Preinstalled.ASUSGiftBox Folder C:\ProgramData\ASUS\ASUS GIFTBOX DESKTOP
Preinstalled.ASUSLiveUpdate Folder C:\Program Files (x86)\ASUS\ASUS LIVE UPDATE
Preinstalled.ASUSLiveUpdate Folder C:\ProgramData\ASUS\ASUS LIVE UPDATE
Preinstalled.ASUSLiveUpdate Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A232DC0B-E779-43C7-8363-3A58780FE28E}
Preinstalled.ASUSLiveUpdate Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Update Checker
Preinstalled.ASUSLiveUpdate Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}
Preinstalled.ASUSLiveUpdate Task C:\Windows\System32\Tasks\UPDATE CHECKER
Preinstalled.ASUSProductRegistration Folder C:\Program Files (x86)\ASUS\APRP
Preinstalled.ASUSProductRegistration Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{8D6B05E0-F457-408C-9D13-549334D8FAE1}
Preinstalled.ASUSSmartGesture Folder C:\Program Files (x86)\ASUS\ASUS SMART GESTURE
Preinstalled.ASUSSmartGesture Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D50A4775-352E-4985-99D9-2D6583476C91}
Preinstalled.ASUSSmartGesture Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS Smart Gesture Launcher
Preinstalled.ASUSSmartGesture Registry HKLM\Software\Classes\CLSID\{F31B5912-07D6-4895-B4BA-5486CF3B18B1}
Preinstalled.ASUSSmartGesture Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}
Preinstalled.ASUSSmartGesture Task C:\Windows\System32\Tasks\ASUS SMART GESTURE LAUNCHER
Preinstalled.ASUSSplendid Folder C:\Program Files (x86)\ASUS\SPLENDID
Preinstalled.ASUSSplendid Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DB5520AC-2DBE-40D7-9F12-A0F49C3AA33E}
Preinstalled.ASUSSplendid Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS Splendid ACMON
Preinstalled.ASUSSplendid Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{0969AF05-4FF6-4C00-9406-43599238DE0D}
Preinstalled.ASUSSplendid Task C:\Windows\System32\Tasks\ASUS SPLENDID ACMON
Preinstalled.ASUSWebStorage Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|WebStorage
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangent wildgames Master Uninstall



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

Re: Prosím o kontrolu, předem děkuji.

Napsal: 27 bře 2020 10:52
od Rudy
Ještě klikněte na smazání a pak dejte nové logy FRST+Addition.

Re: Prosím o kontrolu, předem děkuji.

Napsal: 27 bře 2020 11:03
od MiniPufi
Pokračovala jsem v procesu, zde Soubor protokolu Clean, níže FRST, v příloze Addition.


# -------------------------------
# Malwarebytes AdwCleaner 8.0.3.0
# -------------------------------
# Build: 03-03-2020
# Database: 2020-03-23.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-27-2020
# Duration: 00:00:01
# OS: Windows 10 Home
# Cleaned: 7
# Failed: 0


***** [ Services ] *****

Deleted Update service

***** [ Folders ] *****

Deleted C:\ProgramData\Application Data\Lavasoft\Web Companion

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{363F573C-BB1A-4B1E-A13B-4B1537B9D3A1}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{BF9F46A6-0028-4CD4-95D2-7F179EDCEA4C}
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [4939 octets] - [27/03/2020 09:38:21]
AdwCleaner[S01].txt - [5000 octets] - [27/03/2020 09:42:19]
AdwCleaner[S02].txt - [5061 octets] - [27/03/2020 10:55:01]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########





Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-03-2020
Ran by dotro (administrator) on DESKTOP-RSIJ9SI (ASUSTeK COMPUTER INC. UX303UB) (27-03-2020 10:58:56)
Running from C:\Users\dotro\Downloads
Loaded Profiles: dotro (Available Profiles: dotro & mufmu)
Platform: Windows 10 Home Version 1903 18362.720 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ASUS) [File not signed] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer INC.) C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\System32\SASrv.exe
(CyberLink Corp. -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe
(Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpnd\expressvpnd.exe
(Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPN.exe
(Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationService.exe
(GridinSoft, LLC -> Gridinsoft LLC) C:\Program Files\GridinSoft Anti-Malware\gsam.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxEM.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel(R) Wireless Display -> Intel) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [599896 2015-06-10] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2017-11-29] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM-x32\...\Run: [ExpressVPNNotificationService] => C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationServiceStarter.exe [465288 2019-09-26] (Express Vpn LLC -> ExpressVPN)
HKU\S-1-5-21-1756291422-3896979012-1980332954-1001\...\Run: [Rainlendar2] => C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe [2739240 2015-11-13] (Rainy -> )
HKU\S-1-5-21-1756291422-3896979012-1980332954-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3365840 2020-02-11] (Valve -> Valve Corporation)
HKU\S-1-5-21-1756291422-3896979012-1980332954-1001\...\Run: [Spotify] => C:\Users\dotro\AppData\Roaming\Spotify\Spotify.exe [21141408 2019-11-25] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-1756291422-3896979012-1980332954-1001\...\Run: [ExpressVPN4] => C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPN.exe [804744 2019-09-26] (Express Vpn LLC -> ExpressVPN)
HKU\S-1-5-21-1756291422-3896979012-1980332954-1001\...\MountPoints2: {678fa282-84b4-11e9-9c1b-185e0f67fa1f} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1756291422-3896979012-1980332954-1001\...\MountPoints2: {7181e9fe-d252-11e9-9c2c-185e0f67fa1f} - "D:\OnePlus_setup.exe" /s
Startup: C:\Users\dotro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2019-03-14]
ShortcutTarget: MEGAsync.lnk -> C:\Users\dotro\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {09280696-C37E-4A29-B63A-C9138CD2F161} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877552 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0C966CC9-6915-4019-B211-B37829E256E3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1511A147-D16C-4360-A13E-6BFF9C134363} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [1698000 2015-06-05] (Intel(R) Software -> Intel Corporation)
Task: {2064EC72-F4B8-4662-BB89-A5CA4A99D20F} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {29C152E5-CA88-42EE-A692-B2A06857E6FD} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782320 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {35F0FE16-ACC2-4A54-AC88-153CB994A156} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1443424 2020-03-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {46EA84E5-1EE8-4DA0-935B-44C9ACDB069D} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19782224 2015-05-25] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {472E8F8E-AA01-462A-B00C-4DDFF9DFE14B} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [591344 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {61638E6D-73B1-4A9E-9B43-D509A5A92406} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-03-12] (Adobe Inc. -> Adobe)
Task: {65532C97-D637-4AA3-8027-F7E4E23009F3} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1756291422-3896979012-1980332954-1003 => C:\Users\dotro\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {71DB1D4B-45FA-4346-8776-53F39E4B0C78} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [849904 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {73442A46-7475-4392-91AB-ADE7D31D3963} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7530B553-33CB-4BE5-B652-0F96F83CACB2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {7DBC72BE-8960-4A81-9336-BCD106F25989} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-16] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {7E9E9DF6-183C-4CB5-8521-DD635AC07DED} - System32\Tasks\ASUS Patch for Touch Panel => C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe [179856 2015-05-29] (ASUSTeK Computer Inc. -> ASUSTek Computer INC.)
Task: {7F7930BD-E22A-4CBB-BC10-A4E3FCFC6C94} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24600440 2020-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {82EBDE07-87B5-4CA9-9618-346D578D8A3F} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_344_Plugin.exe [1458232 2020-03-12] (Adobe Inc. -> Adobe)
Task: {8D01E7CF-C597-4CDC-825F-ED78A376DF2C} - System32\Tasks\GridinSoft Anti-Malware => C:\Program Files\GridinSoft Anti-Malware\gsam.exe [23133096 2020-03-26] (GridinSoft, LLC -> Gridinsoft LLC)
Task: {92CE0D27-3046-408A-B3A8-C8502A2800BC} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122168 2015-03-10] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {99A658D1-DE74-4EB8-8EFF-9213B9D2A644} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9A05F3E6-4AFA-49D4-AE73-1F91E4EFFA6A} - System32\Tasks\WpsUpdateTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe [427880 2015-08-15] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {9E5C0D86-1938-4EB8-B9EC-CBBBF22BE499} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115032 2020-03-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {A232DC0B-E779-43C7-8363-3A58780FE28E} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [143160 2019-03-12] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
Task: {A62623E7-56A0-4C86-A85D-1AFED87A4C32} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877552 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {ADEDF141-0BF8-4261-807F-020056E8AFDE} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [849904 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AF7E7051-3CE0-41A5-B41C-4932AF0F5638} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [1618080 2015-05-14] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [File not signed]
Task: {B4B86387-ED34-4583-BE47-89EE7AF92466} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782320 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BC205016-6013-40CC-9903-C60D5A44B08D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24600440 2020-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {C6C01FC1-7D6F-43A3-A135-78D8E71065C8} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877552 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C7314CE9-97B0-43D5-A227-ED0B87DBE5E3} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877552 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C9224DBA-2C75-40BD-95C0-651D32782EB4} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115032 2020-03-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {D50A4775-352E-4985-99D9-2D6583476C91} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [18416 2015-12-14] (ASUSTeK Computer Inc. -> AsusTek)
Task: {D56890AD-140C-4D0E-AD53-63141C580A8F} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-16] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {D780628D-6E15-4232-A4D1-3CB1B910F0E9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D92F37D9-A853-40F1-AAE1-55C34B67563D} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1756291422-3896979012-1980332954-1005 => C:\Users\dotro\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {DB5520AC-2DBE-40D7-9F12-A0F49C3AA33E} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [55296 2015-08-25] (ASUS) [File not signed]
Task: {EF6AC5CA-8666-414A-AD2D-5AB7E196CD86} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122168 2015-03-10] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {F3F4D75D-27FA-451C-9E4B-79D3C17396D3} - System32\Tasks\WpsNotifyTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe [461160 2015-08-15] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {FFC99FEA-5C58-44F1-B7BE-185D854E721A} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3729392 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FFEE47BF-278F-4471-AFF9-6C89AF620CAC} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [648688 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\WpsNotifyTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{0cdf720a-4a69-49d2-8af6-043b67ba764b}: [DhcpNameServer] 10.126.0.1
Tcpip\..\Interfaces\{17943fd1-64cb-4665-acc3-bd5d0ee81d9e}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{215defe6-c7d1-4b97-b767-6ab8ac16fb4f}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{8696dbb3-a3d4-41de-9e84-1dec9aceff8c}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\S-1-5-21-1756291422-3896979012-1980332954-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10420__180608__yaie
HKU\S-1-5-21-1756291422-3896979012-1980332954-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
SearchScopes: HKU\S-1-5-21-1756291422-3896979012-1980332954-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1756291422-3896979012-1980332954-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1756291422-3896979012-1980332954-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10420__180608__yaie&p={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-11] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: piqv66ox.default
FF ProfilePath: C:\Users\dotro\AppData\Roaming\Mozilla\Firefox\Profiles\piqv66ox.default [2020-03-27]
FF Homepage: Mozilla\Firefox\Profiles\piqv66ox.default -> seznam.cz/
FF NewTab: Mozilla\Firefox\Profiles\piqv66ox.default -> hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10420__180608__yaff
FF NetworkProxy: Mozilla\Firefox\Profiles\piqv66ox.default -> backup.ftp", ""
FF Extension: (EPUBReader) - C:\Users\dotro\AppData\Roaming\Mozilla\Firefox\Profiles\piqv66ox.default\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}.xpi [2019-11-01]
FF Extension: (No Name) - C:\Users\dotro\AppData\Roaming\Mozilla\Firefox\Profiles\piqv66ox.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-03-26]
FF SearchPlugin: C:\Users\dotro\AppData\Roaming\Mozilla\Firefox\Profiles\piqv66ox.default\searchplugins\yahoo-lavasoft-ff59.xml [2018-06-08]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_344.dll [2020-03-12] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_344.dll [2020-03-12] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-03-05] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\dotro\AppData\Local\Google\Chrome\User Data\Default [2020-03-26]
CHR Extension: (Prezentace) - C:\Users\dotro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-03-16]
CHR Extension: (Dokumenty) - C:\Users\dotro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-03-16]
CHR Extension: (Disk Google) - C:\Users\dotro\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-03-16]
CHR Extension: (YouTube) - C:\Users\dotro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-03-16]
CHR Extension: (Tabulky) - C:\Users\dotro\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-03-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\dotro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\dotro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-03-16]
CHR Extension: (Gmail) - C:\Users\dotro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-03-16]
CHR Extension: (Chrome Media Router) - C:\Users\dotro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-03-16]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1547200 2017-10-22] (Epic Games Inc. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11091224 2020-03-05] (Microsoft Corporation -> Microsoft Corporation)
S3 DevActSvc; C:\Program Files (x86)\ASUS\ASUS Device Activation\DevActSvc.exe [326032 2018-06-05] (ASUSTeK Computer Inc. -> )
R2 esifsvc; C:\WINDOWS\SysWOW64\esif_uf.exe [1385640 2015-08-17] (Intel(R) Software -> Intel Corporation)
R2 ExpressVPNService; C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe [438664 2019-09-26] (Express Vpn LLC -> ExpressVPN)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [529984 2017-08-27] (GOG Limited -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [8242752 2017-08-27] (GOG Limited -> GOG.com)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [190216 2017-08-26] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Trusted Connect Service -> Intel(R) Corporation)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S3 Intel(R) WiDi SAM; C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-16] (Intel(R) Software Asset Manager -> Intel Corporation)
R2 IntelUSBoverIP; C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe [396992 2015-07-06] (Intel(R) Wireless Display -> Intel)
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-09-04] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdatesvr.exe [133480 2015-08-15] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-08-13] (Intel Corporation-Wireless Connectivity Solutions -> )
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782320 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782320 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2303792 2019-05-31] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3175728 2019-05-31] (Electronic Arts, Inc. -> Electronic Arts)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] (CyberLink Corp. -> )
R2 SAService; C:\WINDOWS\system32\SAsrv.exe [427224 2017-11-29] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\NisSrv.exe [3294680 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MsMpEng.exe [103168 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831712 2015-08-13] (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASMMAP64; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [18048 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUS)
R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [98296 2015-12-14] (ASUSTeK Computer Inc. -> ASUS Corporation)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [55816 2015-08-17] (Intel(R) Software -> Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [53752 2015-08-17] (Intel(R) Software -> Intel Corporation)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [261624 2015-08-17] (Intel(R) Software -> Intel Corporation)
S3 expressvpnsplittunnel; C:\Program Files (x86)\ExpressVPN\splittunnel\expressvpnsplittunnel.sys [28440 2019-09-26] (ExprsVPN LLC -> ExpressVPN)
S3 GridinSoftInetSecurityDriver; C:\WINDOWS\system32\DRIVERS\gsInetSecurity.sys [107784 2020-01-16] (GridinSoft, LLC -> GridinSoft LLC)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32680 2019-08-07] (ASUSTek Computer Inc. -> ASUS)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [250624 2017-08-26] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7708160 2019-03-19] (Microsoft Windows -> Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_87707a61a7faf7b5\nvlddmkm.sys [20746632 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-02-26] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [66792 2018-10-03] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rtux64w10; C:\WINDOWS\System32\drivers\rtux64w10.sys [593488 2020-02-02] (Realtek Semiconductor Corp. -> Realtek Corporation )
R3 SensorsAlsDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [297984 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R3 tapexpressvpn; C:\WINDOWS\System32\drivers\tapexpressvpn.sys [44304 2019-09-26] (ExprsVPN LLC -> The OpenVPN Project)
S3 TrojanKillerDriver; C:\WINDOWS\System32\DRIVERS\gtkdrv.sys [38216 2020-01-16] (GridinSoft, LLC -> GridinSoft LLC)
R3 usb3Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [212056 2015-07-06] (Intel(R) Wireless Display -> Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45960 2020-03-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [391392 2020-03-25] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [59104 2020-03-25] (Microsoft Windows -> Microsoft Corporation)
R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [310536 2019-02-16] (Beijing Duodian Online Science and Technology Co.,Ltd -> BigNox Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-03-27 09:37 - 2020-03-27 10:55 - 000000000 ____D C:\AdwCleaner
2020-03-27 09:35 - 2020-03-27 09:35 - 008199856 _____ (Malwarebytes) C:\Users\dotro\Downloads\adwcleaner_8.0.3.exe
2020-03-26 19:06 - 2020-03-27 10:59 - 000033107 _____ C:\Users\dotro\Downloads\FRST.txt
2020-03-26 19:06 - 2020-03-27 10:59 - 000000000 ____D C:\FRST
2020-03-26 19:05 - 2020-03-26 19:05 - 002279936 _____ (Farbar) C:\Users\dotro\Downloads\FRST64.exe
2020-03-26 18:51 - 2020-03-26 21:29 - 000057728 _____ C:\WINDOWS\system32\Drivers\hitmanpro37.sys
2020-03-26 18:51 - 2020-03-26 21:28 - 000000000 ____D C:\Program Files\HitmanPro
2020-03-26 18:50 - 2020-03-26 18:55 - 000000000 ____D C:\ProgramData\HitmanPro
2020-03-26 18:43 - 2020-03-26 18:43 - 000000000 ____D C:\Users\dotro\AppData\Local\mbamtray
2020-03-26 18:43 - 2020-03-26 18:43 - 000000000 ____D C:\Users\dotro\AppData\Local\mbam
2020-03-26 18:16 - 2020-03-27 10:56 - 000003324 _____ C:\WINDOWS\system32\Tasks\GridinSoft Anti-Malware
2020-03-26 18:16 - 2020-03-27 09:32 - 000000000 ____D C:\Program Files\GridinSoft Anti-Malware
2020-03-26 18:16 - 2020-03-26 18:16 - 000001123 _____ C:\Users\Public\Desktop\GridinSoft Anti-Malware.lnk
2020-03-26 18:16 - 2020-03-26 18:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GridinSoft Anti-Malware
2020-03-26 18:16 - 2020-03-26 18:16 - 000000000 ____D C:\ProgramData\GridinSoft
2020-03-26 18:15 - 2020-03-26 18:15 - 000989584 _____ (GridinSoft LLC) C:\Users\dotro\Downloads\install-antimalware-fix.exe
2020-03-23 15:33 - 2020-03-23 15:37 - 079833422 _____ C:\Users\dotro\Desktop\Zaklínač VI - Věž vlaštovky.pdf
2020-03-23 13:14 - 2020-03-25 15:53 - 000000000 ____D C:\Users\dotro\AppData\Roaming\Crash Bandicoot(TM) N. Sane Trilogy
2020-03-21 14:47 - 2019-03-18 15:20 - 005739008 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2020-03-21 14:47 - 2019-03-18 15:19 - 002629120 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2020-03-21 14:47 - 2019-03-18 15:07 - 006359552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2020-03-21 14:47 - 2019-03-18 15:01 - 005496832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll
2020-03-16 21:37 - 2020-03-16 21:46 - 000000000 ____D C:\Program Files (x86)\Google
2020-03-16 21:37 - 2020-03-16 21:44 - 000000000 ____D C:\Users\dotro\AppData\Local\Google
2020-03-14 19:58 - 2020-03-14 19:58 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-03-14 19:58 - 2020-03-14 19:58 - 009930552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-03-14 19:58 - 2020-03-14 19:58 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-03-14 19:58 - 2020-03-14 19:58 - 006520776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-03-14 19:58 - 2020-03-14 19:58 - 004563416 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-03-14 19:58 - 2020-03-14 19:58 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-03-14 19:58 - 2020-03-14 19:58 - 001398584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-03-14 19:58 - 2020-03-14 19:58 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-03-14 19:58 - 2020-03-14 19:58 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2020-03-14 19:58 - 2020-03-14 19:58 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-03-14 19:58 - 2020-03-14 19:58 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-03-13 09:53 - 2020-03-14 14:30 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-03-12 16:28 - 2020-03-12 16:28 - 000000000 ____D C:\Users\dotro\Desktop\Otázka č. 18
2020-03-12 10:48 - 2020-03-12 10:48 - 025900544 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 022635008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 019850240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 019812352 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 018027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 011607552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 009711616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 007905784 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 007755776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 007259648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 006436352 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 006285312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 006168064 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 006084344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 005911040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 005112832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 005040640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 004855808 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 004622280 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-03-12 10:48 - 2020-03-12 10:48 - 004580352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 004471296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 004348408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 004140544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 004129648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 004048896 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 003971808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-03-12 10:48 - 2020-03-12 10:48 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 003819520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 003799552 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 003728896 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-03-12 10:48 - 2020-03-12 10:48 - 003708928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 003587896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-03-12 10:48 - 2020-03-12 10:48 - 003552768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 003488768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 003371720 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 003260928 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 003243296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 003143168 _____ (Microsoft Corporation) C:\WINDOWS\system32\directml.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-03-12 10:48 - 2020-03-12 10:48 - 002956688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 002875904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 002870272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 002808832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-03-12 10:48 - 2020-03-12 10:48 - 002773568 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 002768440 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-03-12 10:48 - 2020-03-12 10:48 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-03-12 10:48 - 2020-03-12 10:48 - 002740736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directml.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 002715648 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-03-12 10:48 - 2020-03-12 10:48 - 002698040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-03-12 10:48 - 2020-03-12 10:48 - 002584008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 002522112 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 002474496 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 002453504 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 002315680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 002307584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 002289152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 002259872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 002224952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 002180408 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 002157056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 002087376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 002072664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 002031104 _____ C:\WINDOWS\system32\rdpnano.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 002021888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 001999952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 001985104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 001972536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2020-03-12 10:48 - 2020-03-12 10:48 - 001885184 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 001867816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 001835128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 001823232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 001770552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 001764336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 001762304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 001757304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-03-12 10:48 - 2020-03-12 10:48 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 001743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 001729024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 001688064 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 001684992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 001665416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 001657120 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 001647072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 001609216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 001581056 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 001555904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 001513040 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-03-12 10:48 - 2020-03-12 10:48 - 001490640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 001484600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 001482040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-03-12 10:48 - 2020-03-12 10:48 - 001481216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 001480192 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-03-12 10:48 - 2020-03-12 10:48 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 001428992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2020-03-12 10:48 - 2020-03-12 10:48 - 001417976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 001413632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 001412096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 001396152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 001394168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-03-12 10:48 - 2020-03-12 10:48 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 001284096 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 001283600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2020-03-12 10:48 - 2020-03-12 10:48 - 001282944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 001273856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 001264128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 001260480 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 001218632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2020-03-12 10:48 - 2020-03-12 10:48 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 001190912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2020-03-12 10:48 - 2020-03-12 10:48 - 001180160 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 001153024 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-03-12 10:48 - 2020-03-12 10:48 - 001108040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 001097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 001092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 001088000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 001083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 001080832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 001071184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2020-03-12 10:48 - 2020-03-12 10:48 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 001054376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 001031680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 001027000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 001012792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 001007672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 001000960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\refsutil.exe
2020-03-12 10:48 - 2020-03-12 10:48 - 000983896 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000945384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000935040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2020-03-12 10:48 - 2020-03-12 10:48 - 000929144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-03-12 10:48 - 2020-03-12 10:48 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000908504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000892696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000877232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-03-12 10:48 - 2020-03-12 10:48 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowsperformancerecordercontrol.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-03-12 10:48 - 2020-03-12 10:48 - 000845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2020-03-12 10:48 - 2020-03-12 10:48 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000833616 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000802304 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000796904 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-03-12 10:48 - 2020-03-12 10:48 - 000782848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000776488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000769552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000757632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000748032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000741392 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000734720 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetup.exe
2020-03-12 10:48 - 2020-03-12 10:48 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbc32.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-03-12 10:48 - 2020-03-12 10:48 - 000669496 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000668296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000661816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-03-12 10:48 - 2020-03-12 10:48 - 000654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000642216 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000637240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2020-03-12 10:48 - 2020-03-12 10:48 - 000636848 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxs.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000627216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000605896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-03-12 10:48 - 2020-03-12 10:48 - 000604160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbc32.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2020-03-12 10:48 - 2020-03-12 10:48 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000551824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxs.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-03-12 10:48 - 2020-03-12 10:48 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2020-03-12 10:48 - 2020-03-12 10:48 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000531768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2020-03-12 10:48 - 2020-03-12 10:48 - 000526848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000522384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2020-03-12 10:48 - 2020-03-12 10:48 - 000518656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000510768 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2020-03-12 10:48 - 2020-03-12 10:48 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000478792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-03-12 10:48 - 2020-03-12 10:48 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2020-03-12 10:48 - 2020-03-12 10:48 - 000459688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-03-12 10:48 - 2020-03-12 10:48 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2020-03-12 10:48 - 2020-03-12 10:48 - 000457016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2020-03-12 10:48 - 2020-03-12 10:48 - 000455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-03-12 10:48 - 2020-03-12 10:48 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountExtension.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000429880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2020-03-12 10:48 - 2020-03-12 10:48 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2020-03-12 10:48 - 2020-03-12 10:48 - 000403456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-03-12 10:48 - 2020-03-12 10:48 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000382976 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000355000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2020-03-12 10:48 - 2020-03-12 10:48 - 000353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Acx01000.sys
2020-03-12 10:48 - 2020-03-12 10:48 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-03-12 10:48 - 2020-03-12 10:48 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-03-12 10:48 - 2020-03-12 10:48 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-03-12 10:48 - 2020-03-12 10:48 - 000320312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2020-03-12 10:48 - 2020-03-12 10:48 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000306696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2020-03-12 10:48 - 2020-03-12 10:48 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2020-03-12 10:48 - 2020-03-12 10:48 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacEncoder.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcomapi.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountCloudAP.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000260920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2020-03-12 10:48 - 2020-03-12 10:48 - 000259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000250896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2020-03-12 10:48 - 2020-03-12 10:48 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-03-12 10:48 - 2020-03-12 10:48 - 000248064 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-03-12 10:48 - 2020-03-12 10:48 - 000239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacEncoder.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000234984 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\TetheringMgr.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000224056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2020-03-12 10:48 - 2020-03-12 10:48 - 000222520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ataport.sys
2020-03-12 10:48 - 2020-03-12 10:48 - 000221200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-03-12 10:48 - 2020-03-12 10:48 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000213984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-03-12 10:48 - 2020-03-12 10:48 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000208696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2020-03-12 10:48 - 2020-03-12 10:48 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiswan.sys
2020-03-12 10:48 - 2020-03-12 10:48 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000201744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2020-03-12 10:48 - 2020-03-12 10:48 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000201528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2020-03-12 10:48 - 2020-03-12 10:48 - 000199992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2020-03-12 10:48 - 2020-03-12 10:48 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-03-12 10:48 - 2020-03-12 10:48 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000183608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2020-03-12 10:48 - 2020-03-12 10:48 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2020-03-12 10:48 - 2020-03-12 10:48 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2020-03-12 10:48 - 2020-03-12 10:48 - 000180232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2020-03-12 10:48 - 2020-03-12 10:48 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtm.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000174392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2020-03-12 10:48 - 2020-03-12 10:48 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeHelper.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000165504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000164776 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtm.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2020-03-12 10:48 - 2020-03-12 10:48 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000151568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2020-03-12 10:48 - 2020-03-12 10:48 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-03-12 10:48 - 2020-03-12 10:48 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000146712 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\GraphicsCapture.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAuto.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000141840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2020-03-12 10:48 - 2020-03-12 10:48 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceMetadataRetrievalClient.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUser.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnpclean.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000136328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\omadmapi.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys
2020-03-12 10:48 - 2020-03-12 10:48 - 000133944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\profapi.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000131896 _____ (Microsoft Corporation) C:\WINDOWS\system32\DTUHandler.exe
2020-03-12 10:48 - 2020-03-12 10:48 - 000130112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000128312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2020-03-12 10:48 - 2020-03-12 10:48 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000120560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000120048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2020-03-12 10:48 - 2020-03-12 10:48 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Taskbar.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2020-03-12 10:48 - 2020-03-12 10:48 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2020-03-12 10:48 - 2020-03-12 10:48 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2020-03-12 10:48 - 2020-03-12 10:48 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000107832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GraphicsCapture.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000105832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2020-03-12 10:48 - 2020-03-12 10:48 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2020-03-12 10:48 - 2020-03-12 10:48 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000102760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profapi.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2020-03-12 10:48 - 2020-03-12 10:48 - 000098104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2020-03-12 10:48 - 2020-03-12 10:48 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000089616 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000089568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3api.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3msm.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-03-12 10:48 - 2020-03-12 10:48 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-03-12 10:48 - 2020-03-12 10:48 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe
2020-03-12 10:48 - 2020-03-12 10:48 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\monitor.sys
2020-03-12 10:48 - 2020-03-12 10:48 - 000068408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceReactivation.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000067112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000066336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlrmdr.exe
2020-03-12 10:48 - 2020-03-12 10:48 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManMigrationPlugin.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000063288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-03-12 10:48 - 2020-03-12 10:48 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmRes.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmRes.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstUI.exe
2020-03-12 10:48 - 2020-03-12 10:48 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000056632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciidex.sys
2020-03-12 10:48 - 2020-03-12 10:48 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAProfileNotificationHandler.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmapi.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000048256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbs.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmprovhost.exe
2020-03-12 10:48 - 2020-03-12 10:48 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-03-12 10:48 - 2020-03-12 10:48 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000042336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbs.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000042296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2020-03-12 10:48 - 2020-03-12 10:48 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2020-03-12 10:48 - 2020-03-12 10:48 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2020-03-12 10:48 - 2020-03-12 10:48 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afunix.sys
2020-03-12 10:48 - 2020-03-12 10:48 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmtask.exe
2020-03-12 10:48 - 2020-03-12 10:48 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmprovhost.exe
2020-03-12 10:48 - 2020-03-12 10:48 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthMini.SYS
2020-03-12 10:48 - 2020-03-12 10:48 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2020-03-12 10:48 - 2020-03-12 10:48 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxstrace.exe
2020-03-12 10:48 - 2020-03-12 10:48 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
2020-03-12 10:48 - 2020-03-12 10:48 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-03-12 10:48 - 2020-03-12 10:48 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2020-03-12 10:48 - 2020-03-12 10:48 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-03-12 10:48 - 2020-03-12 10:48 - 000030008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\atapi.sys
2020-03-12 10:48 - 2020-03-12 10:48 - 000029712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tbs.sys
2020-03-12 10:48 - 2020-03-12 10:48 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxstrace.exe
2020-03-12 10:48 - 2020-03-12 10:48 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Drivers\afunix.sys
2020-03-12 10:48 - 2020-03-12 10:48 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000028936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspipe.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAgent.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wci.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msauserext.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000019984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelide.sys
2020-03-12 10:48 - 2020-03-12 10:48 - 000019768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2020-03-12 10:48 - 2020-03-12 10:48 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpnotify.exe
2020-03-12 10:48 - 2020-03-12 10:48 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msauserext.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000016912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciide.sys
2020-03-12 10:48 - 2020-03-12 10:48 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\MUILanguageCleanup.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmplpxy.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\LangCleanupSysprepAction.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2020-03-12 10:48 - 2020-03-12 10:48 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmplpxy.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchTM.exe
2020-03-12 10:48 - 2020-03-12 10:48 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtprio.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchTM.exe
2020-03-12 10:48 - 2020-03-12 10:48 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetupproxyserv.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtprio.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCertResources.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCertResources.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUserRes.dll
2020-03-12 10:48 - 2020-03-12 10:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-03-12 10:48 - 2020-03-12 10:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-03-12 10:48 - 2020-03-12 10:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-03-12 10:48 - 2020-03-12 10:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-03-12 10:48 - 2020-03-12 10:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-03-12 10:48 - 2020-03-12 10:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-03-12 10:48 - 2020-03-12 10:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-03-12 10:48 - 2020-03-12 10:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-03-12 10:48 - 2020-03-12 10:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-03-12 10:48 - 2020-03-12 10:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-03-12 10:48 - 2020-03-12 10:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-03-12 10:48 - 2020-03-12 10:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-03-12 10:42 - 2020-02-11 05:48 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-03-12 10:42 - 2020-02-11 05:37 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-03-11 15:04 - 2020-03-12 22:25 - 000000000 ___RD C:\Users\dotro\Desktop\FSV

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-03-27 10:58 - 2017-08-26 20:30 - 000000000 ____D C:\ProgramData\NVIDIA
2020-03-27 10:56 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-03-27 10:56 - 2017-08-24 19:27 - 000000000 ____D C:\Users\dotro\AppData\LocalLow\Mozilla
2020-03-27 10:56 - 2017-08-24 19:25 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture
2020-03-27 10:56 - 2017-08-24 19:10 - 000000000 __SHD C:\Users\dotro\IntelGraphicsProfiles
2020-03-27 10:55 - 2019-07-28 22:23 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-03-27 10:55 - 2019-03-19 05:37 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2020-03-26 22:09 - 2019-07-28 22:13 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-03-26 21:35 - 2019-07-28 22:26 - 001693640 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-03-26 21:35 - 2019-03-19 12:55 - 000719670 _____ C:\WINDOWS\system32\perfh005.dat
2020-03-26 21:35 - 2019-03-19 12:55 - 000145698 _____ C:\WINDOWS\system32\perfc005.dat
2020-03-26 21:35 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-03-26 21:29 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-03-26 21:29 - 2019-03-19 05:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2020-03-26 18:43 - 2019-05-04 10:50 - 000000000 ____D C:\Users\dotro\AppData\Local\cache
2020-03-26 17:30 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-03-26 17:30 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-03-26 17:17 - 2017-08-24 20:41 - 000000000 ____D C:\Program Files (x86)\Steam
2020-03-26 16:05 - 2017-12-03 08:16 - 000000000 ____D C:\Users\dotro\AppData\Local\Packages
2020-03-26 09:38 - 2017-08-25 15:52 - 000000000 ____D C:\KMPlayer
2020-03-25 19:01 - 2019-03-14 20:13 - 000000000 ____D C:\Users\dotro\AppData\Local\MEGAsync
2020-03-25 17:29 - 2017-08-24 20:36 - 000000000 ____D C:\Users\dotro\AppData\Local\Spotify
2020-03-25 17:26 - 2017-08-24 20:36 - 000000000 ____D C:\Users\dotro\AppData\Roaming\Spotify
2020-03-25 16:01 - 2017-10-22 19:19 - 000000000 ___RD C:\Users\dotro\Desktop\Hry
2020-03-25 12:58 - 2018-03-01 18:12 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-03-24 17:01 - 2020-02-04 22:42 - 000000000 ____D C:\Users\dotro\Downloads\HUDBA
2020-03-22 10:53 - 2018-06-03 18:55 - 000000000 ____D C:\Users\dotro\AppData\Local\PlaceholderTileLogoFolder
2020-03-21 14:52 - 2019-03-19 12:58 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2020-03-21 14:52 - 2019-03-19 12:58 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2020-03-21 14:52 - 2019-03-19 12:55 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2020-03-21 14:52 - 2019-03-19 12:55 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2020-03-21 14:52 - 2019-03-19 12:55 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2020-03-21 14:52 - 2019-03-19 12:55 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2020-03-21 14:52 - 2019-03-19 12:55 - 000000000 ____D C:\WINDOWS\system32\winrm
2020-03-21 14:52 - 2019-03-19 12:55 - 000000000 ____D C:\WINDOWS\system32\WCN
2020-03-21 14:52 - 2019-03-19 12:55 - 000000000 ____D C:\WINDOWS\system32\slmgr
2020-03-21 14:52 - 2019-03-19 12:55 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2020-03-21 14:52 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2020-03-21 14:52 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2020-03-21 14:52 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\F12
2020-03-21 14:52 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-03-21 14:52 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-03-21 14:52 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2020-03-21 14:52 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2020-03-21 14:52 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-03-21 14:52 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Windows Defender
2020-03-21 14:52 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-03-21 14:52 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\servicing
2020-03-21 14:52 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-03-21 14:47 - 2019-03-19 12:57 - 000000000 ____D C:\WINDOWS\OCR
2020-03-20 20:18 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ServiceState
2020-03-18 14:35 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-03-17 17:59 - 2019-07-28 22:23 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-03-17 17:59 - 2017-08-24 20:34 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-03-17 09:47 - 2015-08-15 06:30 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-03-15 11:08 - 2017-08-24 19:46 - 000000000 ___RD C:\Users\dotro\Desktop\Práce
2020-03-14 23:17 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-03-14 23:17 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-03-14 14:30 - 2017-08-24 19:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-03-13 10:18 - 2017-08-24 19:27 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-03-12 19:35 - 2019-07-28 22:13 - 000448064 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-03-12 19:35 - 2017-10-26 19:18 - 000000000 ___RD C:\Users\dotro\3D Objects
2020-03-12 19:35 - 2015-12-18 09:11 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-03-12 19:34 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-03-12 19:34 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-03-12 19:34 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-03-12 19:34 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\setup
2020-03-12 19:34 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-03-12 19:34 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-03-12 15:07 - 2019-07-28 22:23 - 000004654 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-03-12 15:07 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-03-12 15:07 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-03-12 10:53 - 2017-08-26 11:43 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-03-12 10:51 - 2017-08-26 11:42 - 121542864 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-02-29 13:06 - 2017-09-09 20:06 - 000000000 ____D C:\Users\dotro\AppData\Roaming\uTorrent
2020-02-29 13:05 - 2019-04-06 17:09 - 000000000 ____D C:\Users\dotro\AppData\Local\BitTorrentHelper

==================== Files in the root of some directories ========

2017-08-24 19:10 - 2019-07-28 20:46 - 000000165 _____ () C:\Users\dotro\AppData\Roaming\sp_data.sys

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Re: Prosím o kontrolu, předem děkuji.

Napsal: 27 bře 2020 14:45
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKU\S-1-5-21-1756291422-3896979012-1980332954-1001\...\MountPoints2: {678fa282-84b4-11e9-9c1b-185e0f67fa1f} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1756291422-3896979012-1980332954-1001\...\MountPoints2: {7181e9fe-d252-11e9-9c2c-185e0f67fa1f} - "D:\OnePlus_setup.exe" /s
SearchScopes: HKU\S-1-5-21-1756291422-3896979012-1980332954-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1756291422-3896979012-1980332954-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [DRKShell] -> {E18C8C1B-FD35-455E-BB21-4BA26B1E751D} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [DRKShell] -> {E18C8C1B-FD35-455E-BB21-4BA26B1E751D} => -> No File
FirewallRules: [UDP Query User{FBF468D0-B89C-4F81-80B5-AEE0CC044208}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{C568AE91-B044-4BD1-B429-1A66FA908AB8}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{A4FA8F69-7C67-4D9C-9A36-9330148B1E29}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{1F1A63F1-D404-411E-BF76-C7FBD712E7BC}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{B55D516D-1CF6-444D-946E-26013135DB4A}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{9534F77C-AD80-415A-B945-8C6D771A422F}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{0E6BF920-A253-4AD5-AC77-B0F48B1A0CF4}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{D68A1C0A-D559-4776-ABAF-0DF21A39E816}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{602A5A5A-C463-4F34-A7FF-FFE5E3200424}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{F6BDE84C-54AE-4652-8D87-8FEE006A7991}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{CE75EFAC-FE7A-482C-8285-3BC64A30710B}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{30BB7BDA-D449-4CFE-AC63-33555047963E}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{C3376E6E-6903-42C3-90AC-B70F4E75830B}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{146FB848-8E51-4484-BA26-EFB6D72518FA}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{6FC22692-569E-4245-B8B8-FFEB5789E5EC}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{80C28DE1-5B69-45C4-ABE3-11799457400F}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{976518B6-1BBE-4CAE-81BE-0AFF974ECD34}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{652398FE-3311-47B2-90EA-EB7CE7210960}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{48776565-E6D8-48F8-9DD9-36F37A2B64D1}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{DBDF2E35-C0E3-45EC-856A-A5446241F760}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{82F9545D-F4A9-4868-8536-C1274AB5F93E}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{9EAAADA4-75F4-4B69-9F4E-1B660A36BA8F}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{78DE6CC1-B5F1-4295-BF72-2D3409C84254}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{6C99BFA4-2EAA-4B2A-A1CF-A2E9AB7639D1}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{67BAAE03-A35E-4A13-BBF0-3AF451AA8F19}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{CD50837A-BEBC-48CD-AC88-F6F43FD75AB6}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{B4C62CF0-7925-409C-966E-617241DFCC41}C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe No File
FirewallRules: [TCP Query User{4652710E-E9DA-4A9E-9759-8200C74870F7}C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe No File
FirewallRules: [UDP Query User{494FFA83-8AB5-4C8A-A389-44122599B6A9}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{15BBB86E-2531-4571-8927-BA6DEBAE4B74}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{BCFC64A4-F1B0-409D-96CE-098298E8FE9C}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{A38DE541-47DC-4CB9-955D-F9BF8C3D7D63}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{999FB491-E30C-4B8F-93EE-81D7087CD74E}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{8667FEB5-B207-490E-94A7-D488A0BD7532}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{C2987230-A821-48CC-96E5-C417CCEF3D0B}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.157\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.157\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{05F45A18-5783-4DD9-A6A8-F33AC235FF9B}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.157\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.157\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{3C3FC762-FF11-43DA-AE41-A99739D87FF6}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{BBC6B195-D4E5-438E-BA38-4E5CD3EDBB0F}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{35AEE9C0-4509-48FB-B225-B726746EDB3B}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{12802B58-5E92-4D8D-B682-B43091876544}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{996DFE4A-3D0F-457F-ACF4-066D75C71AF8}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.153\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.153\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{F19A8C55-28AE-41F8-92B7-6BE6AFD821FC}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.153\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.153\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{C36F5E95-6434-465F-90CC-A22864DB96D8}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{79D6F840-4AB9-44C8-8A82-8C93A9888D39}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe No File
FirewallRules: [{3F8605C0-47AA-4DA4-BB60-DA5C0D0FA0A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe No File
FirewallRules: [{F0F75797-0BB2-46D1-BF38-63240816EB23}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe No File
FirewallRules: [{2C53C74A-BCE5-4B10-9256-9AC069B8A6F2}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe No File
FirewallRules: [{E4A606F9-3F90-4118-A15B-935CA4A37CF1}] => (Allow) c:\Program Files\CyberLink\PowerDirector12\PDR10.EXE No File
FirewallRules: [{ADC1E5C3-3E44-4A91-B18C-44335D6967D6}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{05A7031D-90D0-47A2-8259-68DD90BBD48F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [TCP Query User{8B64122B-771D-4693-8188-9002119BE0A6}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{DFD35B70-C076-4262-9420-7EAC4BDEB917}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{6128AAC6-DEC7-4978-86FC-42E871E7F6F9}C:\users\dotro\appdata\local\popcorn-time\popcorn-time.exe] => (Allow) C:\users\dotro\appdata\local\popcorn-time\popcorn-time.exe (The NWJS Community) [File not signed]
FirewallRules: [UDP Query User{D0078398-E1AC-4835-8775-FC8BF394D083}C:\users\dotro\appdata\local\popcorn-time\popcorn-time.exe] => (Allow) C:\users\dotro\appdata\local\popcorn-time\popcorn-time.exe (The NWJS Community) [File not signed]
FirewallRules: [TCP Query User{92DA1E15-D1A7-4E26-9A74-741B003E5A0A}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{39583EC6-8939-4E61-B051-01B2BCD2D583}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{F088AC4B-F213-49B6-8559-E165B3B3B347}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.148\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.148\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{33424736-31A7-4A78-8587-E296A401FBB1}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.148\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.148\deploy\leagueclient.exe No File
FirewallRules: [{DF69D8DD-AAC9-40E9-8F17-EE816CCD9345}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{B24A23AB-BCD5-4027-97C7-98C9B58D9ECC}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{F323F4C7-4632-4878-B36E-61E701991B8B}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{AAD0D9EE-4E1D-4A4B-844F-C90CE20F237F}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{DCF69512-2861-44B6-83AC-12CD61AE2971}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{ED763667-0746-43DE-A45F-D631311FEA41}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{B1678D3A-4EEA-4B9B-B864-F220623802F2}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{0AAA1AEB-5512-474B-9644-33C6B59F31F6}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{B6FF0C31-107D-4522-9B07-27B41BBFADB0}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{FF880051-594D-4B18-8C2B-3691DC7F5669}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [TCP Query User{E95BC4FA-1AE8-4367-ACD6-062CCE720E36}C:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe] => (Allow) C:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe No File
FirewallRules: [UDP Query User{4AEAEEF0-6764-4B83-BF1D-B74E6340AAA7}C:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe] => (Allow) C:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe No File
D:\setup.exe

EmptyTemp:
End
Uložte do C:\Users\dotro\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Prosím o kontrolu, předem děkuji.

Napsal: 27 bře 2020 14:57
od MiniPufi
Fix result of Farbar Recovery Scan Tool (x64) Version: 26-03-2020
Ran by dotro (27-03-2020 14:53:43) Run:1
Running from C:\Users\dotro\Downloads
Loaded Profiles: dotro (Available Profiles: dotro & mufmu)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKU\S-1-5-21-1756291422-3896979012-1980332954-1001\...\MountPoints2: {678fa282-84b4-11e9-9c1b-185e0f67fa1f} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1756291422-3896979012-1980332954-1001\...\MountPoints2: {7181e9fe-d252-11e9-9c2c-185e0f67fa1f} - "D:\OnePlus_setup.exe" /s
SearchScopes: HKU\S-1-5-21-1756291422-3896979012-1980332954-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1756291422-3896979012-1980332954-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [DRKShell] -> {E18C8C1B-FD35-455E-BB21-4BA26B1E751D} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [DRKShell] -> {E18C8C1B-FD35-455E-BB21-4BA26B1E751D} => -> No File
FirewallRules: [UDP Query User{FBF468D0-B89C-4F81-80B5-AEE0CC044208}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{C568AE91-B044-4BD1-B429-1A66FA908AB8}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{A4FA8F69-7C67-4D9C-9A36-9330148B1E29}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{1F1A63F1-D404-411E-BF76-C7FBD712E7BC}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{B55D516D-1CF6-444D-946E-26013135DB4A}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{9534F77C-AD80-415A-B945-8C6D771A422F}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{0E6BF920-A253-4AD5-AC77-B0F48B1A0CF4}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{D68A1C0A-D559-4776-ABAF-0DF21A39E816}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{602A5A5A-C463-4F34-A7FF-FFE5E3200424}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{F6BDE84C-54AE-4652-8D87-8FEE006A7991}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{CE75EFAC-FE7A-482C-8285-3BC64A30710B}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{30BB7BDA-D449-4CFE-AC63-33555047963E}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{C3376E6E-6903-42C3-90AC-B70F4E75830B}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{146FB848-8E51-4484-BA26-EFB6D72518FA}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{6FC22692-569E-4245-B8B8-FFEB5789E5EC}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{80C28DE1-5B69-45C4-ABE3-11799457400F}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{976518B6-1BBE-4CAE-81BE-0AFF974ECD34}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{652398FE-3311-47B2-90EA-EB7CE7210960}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{48776565-E6D8-48F8-9DD9-36F37A2B64D1}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{DBDF2E35-C0E3-45EC-856A-A5446241F760}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{82F9545D-F4A9-4868-8536-C1274AB5F93E}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{9EAAADA4-75F4-4B69-9F4E-1B660A36BA8F}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{78DE6CC1-B5F1-4295-BF72-2D3409C84254}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{6C99BFA4-2EAA-4B2A-A1CF-A2E9AB7639D1}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{67BAAE03-A35E-4A13-BBF0-3AF451AA8F19}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{CD50837A-BEBC-48CD-AC88-F6F43FD75AB6}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{B4C62CF0-7925-409C-966E-617241DFCC41}C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe No File
FirewallRules: [TCP Query User{4652710E-E9DA-4A9E-9759-8200C74870F7}C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe No File
FirewallRules: [UDP Query User{494FFA83-8AB5-4C8A-A389-44122599B6A9}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{15BBB86E-2531-4571-8927-BA6DEBAE4B74}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{BCFC64A4-F1B0-409D-96CE-098298E8FE9C}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{A38DE541-47DC-4CB9-955D-F9BF8C3D7D63}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{999FB491-E30C-4B8F-93EE-81D7087CD74E}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{8667FEB5-B207-490E-94A7-D488A0BD7532}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{C2987230-A821-48CC-96E5-C417CCEF3D0B}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.157\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.157\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{05F45A18-5783-4DD9-A6A8-F33AC235FF9B}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.157\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.157\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{3C3FC762-FF11-43DA-AE41-A99739D87FF6}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{BBC6B195-D4E5-438E-BA38-4E5CD3EDBB0F}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{35AEE9C0-4509-48FB-B225-B726746EDB3B}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{12802B58-5E92-4D8D-B682-B43091876544}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{996DFE4A-3D0F-457F-ACF4-066D75C71AF8}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.153\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.153\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{F19A8C55-28AE-41F8-92B7-6BE6AFD821FC}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.153\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.153\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{C36F5E95-6434-465F-90CC-A22864DB96D8}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{79D6F840-4AB9-44C8-8A82-8C93A9888D39}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe No File
FirewallRules: [{3F8605C0-47AA-4DA4-BB60-DA5C0D0FA0A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe No File
FirewallRules: [{F0F75797-0BB2-46D1-BF38-63240816EB23}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe No File
FirewallRules: [{2C53C74A-BCE5-4B10-9256-9AC069B8A6F2}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe No File
FirewallRules: [{E4A606F9-3F90-4118-A15B-935CA4A37CF1}] => (Allow) c:\Program Files\CyberLink\PowerDirector12\PDR10.EXE No File
FirewallRules: [{ADC1E5C3-3E44-4A91-B18C-44335D6967D6}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{05A7031D-90D0-47A2-8259-68DD90BBD48F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [TCP Query User{8B64122B-771D-4693-8188-9002119BE0A6}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{DFD35B70-C076-4262-9420-7EAC4BDEB917}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{6128AAC6-DEC7-4978-86FC-42E871E7F6F9}C:\users\dotro\appdata\local\popcorn-time\popcorn-time.exe] => (Allow) C:\users\dotro\appdata\local\popcorn-time\popcorn-time.exe (The NWJS Community) [File not signed]
FirewallRules: [UDP Query User{D0078398-E1AC-4835-8775-FC8BF394D083}C:\users\dotro\appdata\local\popcorn-time\popcorn-time.exe] => (Allow) C:\users\dotro\appdata\local\popcorn-time\popcorn-time.exe (The NWJS Community) [File not signed]
FirewallRules: [TCP Query User{92DA1E15-D1A7-4E26-9A74-741B003E5A0A}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{39583EC6-8939-4E61-B051-01B2BCD2D583}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{F088AC4B-F213-49B6-8559-E165B3B3B347}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.148\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.148\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{33424736-31A7-4A78-8587-E296A401FBB1}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.148\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.148\deploy\leagueclient.exe No File
FirewallRules: [{DF69D8DD-AAC9-40E9-8F17-EE816CCD9345}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{B24A23AB-BCD5-4027-97C7-98C9B58D9ECC}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{F323F4C7-4632-4878-B36E-61E701991B8B}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{AAD0D9EE-4E1D-4A4B-844F-C90CE20F237F}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{DCF69512-2861-44B6-83AC-12CD61AE2971}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{ED763667-0746-43DE-A45F-D631311FEA41}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{B1678D3A-4EEA-4B9B-B864-F220623802F2}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{0AAA1AEB-5512-474B-9644-33C6B59F31F6}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{B6FF0C31-107D-4522-9B07-27B41BBFADB0}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{FF880051-594D-4B18-8C2B-3691DC7F5669}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [TCP Query User{E95BC4FA-1AE8-4367-ACD6-062CCE720E36}C:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe] => (Allow) C:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe No File
FirewallRules: [UDP Query User{4AEAEEF0-6764-4B83-BF1D-B74E6340AAA7}C:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe] => (Allow) C:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe No File
D:\setup.exe

EmptyTemp:
End
*****************

Processes closed successfully.
HKU\S-1-5-21-1756291422-3896979012-1980332954-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{678fa282-84b4-11e9-9c1b-185e0f67fa1f} => removed successfully
HKU\S-1-5-21-1756291422-3896979012-1980332954-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7181e9fe-d252-11e9-9c2c-185e0f67fa1f} => removed successfully
"HKU\S-1-5-21-1756291422-3896979012-1980332954-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-1756291422-3896979012-1980332954-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\DRKShell => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\DRKShell => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{FBF468D0-B89C-4F81-80B5-AEE0CC044208}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C568AE91-B044-4BD1-B429-1A66FA908AB8}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A4FA8F69-7C67-4D9C-9A36-9330148B1E29}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{1F1A63F1-D404-411E-BF76-C7FBD712E7BC}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B55D516D-1CF6-444D-946E-26013135DB4A}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9534F77C-AD80-415A-B945-8C6D771A422F}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0E6BF920-A253-4AD5-AC77-B0F48B1A0CF4}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D68A1C0A-D559-4776-ABAF-0DF21A39E816}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{602A5A5A-C463-4F34-A7FF-FFE5E3200424}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{F6BDE84C-54AE-4652-8D87-8FEE006A7991}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{CE75EFAC-FE7A-482C-8285-3BC64A30710B}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{30BB7BDA-D449-4CFE-AC63-33555047963E}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C3376E6E-6903-42C3-90AC-B70F4E75830B}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{146FB848-8E51-4484-BA26-EFB6D72518FA}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{6FC22692-569E-4245-B8B8-FFEB5789E5EC}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{80C28DE1-5B69-45C4-ABE3-11799457400F}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{976518B6-1BBE-4CAE-81BE-0AFF974ECD34}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{652398FE-3311-47B2-90EA-EB7CE7210960}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{48776565-E6D8-48F8-9DD9-36F37A2B64D1}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{DBDF2E35-C0E3-45EC-856A-A5446241F760}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{82F9545D-F4A9-4868-8536-C1274AB5F93E}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9EAAADA4-75F4-4B69-9F4E-1B660A36BA8F}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{78DE6CC1-B5F1-4295-BF72-2D3409C84254}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{6C99BFA4-2EAA-4B2A-A1CF-A2E9AB7639D1}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{67BAAE03-A35E-4A13-BBF0-3AF451AA8F19}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{CD50837A-BEBC-48CD-AC88-F6F43FD75AB6}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B4C62CF0-7925-409C-966E-617241DFCC41}C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4652710E-E9DA-4A9E-9759-8200C74870F7}C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{494FFA83-8AB5-4C8A-A389-44122599B6A9}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{15BBB86E-2531-4571-8927-BA6DEBAE4B74}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BCFC64A4-F1B0-409D-96CE-098298E8FE9C}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A38DE541-47DC-4CB9-955D-F9BF8C3D7D63}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{999FB491-E30C-4B8F-93EE-81D7087CD74E}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8667FEB5-B207-490E-94A7-D488A0BD7532}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C2987230-A821-48CC-96E5-C417CCEF3D0B}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.157\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{05F45A18-5783-4DD9-A6A8-F33AC235FF9B}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.157\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{3C3FC762-FF11-43DA-AE41-A99739D87FF6}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{BBC6B195-D4E5-438E-BA38-4E5CD3EDBB0F}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{35AEE9C0-4509-48FB-B225-B726746EDB3B}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{12802B58-5E92-4D8D-B682-B43091876544}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{996DFE4A-3D0F-457F-ACF4-066D75C71AF8}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.153\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{F19A8C55-28AE-41F8-92B7-6BE6AFD821FC}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.153\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C36F5E95-6434-465F-90CC-A22864DB96D8}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{79D6F840-4AB9-44C8-8A82-8C93A9888D39}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3F8605C0-47AA-4DA4-BB60-DA5C0D0FA0A1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F0F75797-0BB2-46D1-BF38-63240816EB23}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2C53C74A-BCE5-4B10-9256-9AC069B8A6F2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E4A606F9-3F90-4118-A15B-935CA4A37CF1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{ADC1E5C3-3E44-4A91-B18C-44335D6967D6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{05A7031D-90D0-47A2-8259-68DD90BBD48F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8B64122B-771D-4693-8188-9002119BE0A6}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{DFD35B70-C076-4262-9420-7EAC4BDEB917}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{6128AAC6-DEC7-4978-86FC-42E871E7F6F9}C:\users\dotro\appdata\local\popcorn-time\popcorn-time.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D0078398-E1AC-4835-8775-FC8BF394D083}C:\users\dotro\appdata\local\popcorn-time\popcorn-time.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{92DA1E15-D1A7-4E26-9A74-741B003E5A0A}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{39583EC6-8939-4E61-B051-01B2BCD2D583}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{F088AC4B-F213-49B6-8559-E165B3B3B347}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.148\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{33424736-31A7-4A78-8587-E296A401FBB1}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.148\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DF69D8DD-AAC9-40E9-8F17-EE816CCD9345}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B24A23AB-BCD5-4027-97C7-98C9B58D9ECC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F323F4C7-4632-4878-B36E-61E701991B8B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AAD0D9EE-4E1D-4A4B-844F-C90CE20F237F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DCF69512-2861-44B6-83AC-12CD61AE2971}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{ED763667-0746-43DE-A45F-D631311FEA41}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B1678D3A-4EEA-4B9B-B864-F220623802F2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0AAA1AEB-5512-474B-9644-33C6B59F31F6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B6FF0C31-107D-4522-9B07-27B41BBFADB0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FF880051-594D-4B18-8C2B-3691DC7F5669}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E95BC4FA-1AE8-4367-ACD6-062CCE720E36}C:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{4AEAEEF0-6764-4B83-BF1D-B74E6340AAA7}C:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe" => removed successfully
"D:\setup.exe" => not found

=========== EmptyTemp: ==========

BITS transfer queue => 9461760 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 129757527 B
Java, Flash, Steam htmlcache => 381772110 B
Windows/system/drivers => 14924547 B
Edge => 2901953 B
Chrome => 34310492 B
Firefox => 1267055798 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 11720 B
NetworkService => 380326 B
dotro => 31171353 B
mufmu => 31209892 B
mufmu_dzfdo8n => 31245428 B

RecycleBin => 189890 B
EmptyTemp: => 1.8 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 14:55:12 ====

Re: Prosím o kontrolu, předem děkuji.

Napsal: 27 bře 2020 14:59
od Rudy
Smazáno, log by již měl být OK.

Re: Prosím o kontrolu, předem děkuji.

Napsal: 27 bře 2020 16:08
od MiniPufi
Moc díky :) GridinSoft Anti-Malware toho teď ukazuje míň, ale na těch dvou trojských koních si trvá (Trojan.U.CoinMiner) - snaží se mě donutit koupit si plnou verzi, nebo je tu ještě něco, co můžu udělat?

Re: Prosím o kontrolu, předem děkuji.

Napsal: 27 bře 2020 16:57
od Rudy
Které jsou to soubory? Gridin AV není zrovna důvěryhodný soft.

Re: Prosím o kontrolu, předem děkuji.

Napsal: 27 bře 2020 17:22
od MiniPufi
Rovnou říkám že o tom antiviru nic nevím, narazila jsem na něj tak, že jsem hledala informace o trojském koni a na tenhle antivir mi vyběhlo nejvíc doporučení, tak jsem ho zkusila (ale jak jsem psala, žádný jiný nic nenašel).

Po dokončení procesu zde na Fóru mi Scan ukazuje tři "červené" věci:

Re: Prosím o kontrolu, předem děkuji.

Napsal: 27 bře 2020 18:00
od Rudy
1. 2 položky jsou instalační od windows. Poslední je klíč vyhledávače internet exploreru. Myslím, že není co řešit, antivir asi bude poněkud paranoidní. Můžete soubory otestoavat online na www.virustotal.com .

Re: Prosím o kontrolu, předem děkuji.

Napsal: 27 bře 2020 18:17
od MiniPufi
U první i druhé položky vidí problém ESET a Rising, ESET - A Variant Of Win32/NSSM.D Potentially Unsafe, Rising - Worm.Win32.FTP/BitCoinMiner-Botnet!1.ACDC (CLASSIC).

Re: Prosím o kontrolu, předem děkuji.

Napsal: 27 bře 2020 18:52
od Rudy
Pak se tedy maskují za něco microsoftího. I pro mne nový poznatek. Soubory smažte.

Re: Prosím o kontrolu, předem děkuji.

Napsal: 27 bře 2020 19:14
od MiniPufi
Odstraněno :) Ještě jednou moc děkuju za pomoc a za rychlé reakce :)