VIRY.CZ

Pomalé PC, prosím o kontrolu. Děkuji

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Zdravím.
Já mám asi jinou verzi programu, protože takové možnosti jaké píšete bohužel nemám...
(stahoval jsem z přiloženého odkazu)

To není on. Jde o ADWCleaner: https://toolslib.net/downloads/viewdown ... dwcleaner/ .

# -------------------------------
# Malwarebytes AdwCleaner 8.0.3.0
# -------------------------------
# Build: 03-03-2020
# Database: 2020-03-23.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-01-2020
# Duration: 00:00:03
# OS: Windows 10 Pro
# Cleaned: 9
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Seznam.cz
Deleted C:\Users\Michael7\AppData\Roaming\Seznam.cz
Deleted C:\Users\Michael7\AppData\Roaming\Tencent

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.autoupdate
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\RegisteredApplications|AceStream
Deleted HKCU\Software\Seznam.cz

***** [ Chromium (and derivatives) ] *****

Deleted Seznam Lištička - Email - bgjpfhpjcgdppjbgnpnjllokbmcdllig
Deleted Seznam Lištička - Rychlá volba - olfeabkoenfaoljndfecamgilllcpiak

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2124 octets] - [01/04/2020 20:59:17]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Dejte nové logy FRST+Addition.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-03-2020
Ran by Michael7 (administrator) on MICHAEL (01-04-2020 21:59:37)
Running from E:\Users\Michael7\Downloads
Loaded Profiles: Michael7 (Available Profiles: Michael7)
Platform: Windows 10 Pro Version 1903 18362.720 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Google Inc -> Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google Inc -> Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Michael7\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2020.19081.28230.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1910.0.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20022.82.0_x64__8wekyb3d8bbwe\YourPhoneServer\YourPhoneServer.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.20022.11011.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\NisSrv.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\assistant\browser_assistant.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\assistant\browser_assistant.exe
(Qualcomm Atheros) [File not signed] C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Shenzhen Thinksky Technology Co.,Ltd -> ) C:\Program Files (x86)\ThinkSky\iTools 3\iToolsDaemon.exe
(Syntek Ltd.) [File not signed] C:\Windows\STK03N\STK03NM.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TEFINCOM S.A. -> ) C:\Program Files (x86)\NordVPN\nordvpn-service.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-03-28] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1570672 2015-03-28] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\ecmds.exe [324216 2017-10-10] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-07-19] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16174328 2015-10-06] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files (x86)\Opera\assistant\browser_assistant.exe [3024920 2020-03-27] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-2070481859-1754916886-4248104055-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [25638872 2018-04-23] (Google Inc -> Google)
HKU\S-1-5-21-2070481859-1754916886-4248104055-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-2070481859-1754916886-4248104055-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832264 2017-10-10] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-2070481859-1754916886-4248104055-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4836032 2017-08-14] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-2070481859-1754916886-4248104055-1001\...\Run: [GoogleChromeAutoLaunch_AE53FDA411D0266EA70E241AE3C1E3F0] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-2070481859-1754916886-4248104055-1001\...\MountPoints2: {43aec703-b36a-11e7-bf17-bc5ff4e5f1bb} - "H:\setup.exe"
HKLM\Software\...\AppCompatFlags\Custom\chrome.exe: [{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb] ->
HKLM\Software\...\AppCompatFlags\Custom\explorer.zza: [{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb] ->
HKLM\Software\...\AppCompatFlags\Custom\iexplore.exe: [{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb] ->
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.149\Installer\chrmstp.exe [2020-03-20] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2014-10-29]
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{401FADAA-1C16-4721-9F02-19067E1A1CA8}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Qualcomm Atheros, Inc. -> Flexera Software LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\STK03N PNP Monitor.lnk [2016-03-23]
ShortcutTarget: STK03N PNP Monitor.lnk -> C:\Windows\STK03N\STK03NM.exe (Syntek Ltd.) [File not signed]
Startup: C:\Users\Michael7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Jarvee.lnk [2019-02-05]
ShortcutTarget: Jarvee.lnk -> C:\Users\Michael7\AppData\Roaming\Jarvee\Jarvee.exe (No File)
Startup: C:\Users\Michael7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MassPlanner2.lnk [2018-10-08]
ShortcutTarget: MassPlanner2.lnk -> C:\Users\Michael7\AppData\Roaming\MP\MassPlannerNew.exe (No File)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02E56B97-E54F-4328-AE33-57842EF34373} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {0793FA58-93D1-48A3-9234-A5B1CB3D076B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {083A6183-4AEF-40C6-8424-1484BF42890F} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {0ABC4259-E5DC-4176-9364-1AC436CC9179} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0CC7FA05-BB6B-4B21-ABC1-EE68F074F957} - System32\Tasks\Opera scheduled Autoupdate 1415209820 => C:\Program Files (x86)\Opera\launcher.exe [1355800 2020-03-27] (Opera Software AS -> Opera Software)
Task: {119E7BA2-556A-489D-8CFF-C5C3CCC18174} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {18287286-AAF2-41A1-ACB5-A708BE9FC0E6} - System32\Tasks\GoogleUpdateTaskMachineUA1d091af68ba3b5c => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {25D8A49F-82BF-4540-9D56-437E119C7A02} - System32\Tasks\GoogleUpdateTaskMachineUA1d0043cc925955d => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {27851C77-6E13-4960-A275-A77F9C7661C0} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {283EE469-555D-4272-9B72-DA03A500212F} - System32\Tasks\iToolsDaemon => C:\Program Files (x86)\ThinkSky\iTools 3\iToolsDaemon.exe [494480 2016-09-19] (Shenzhen Thinksky Technology Co.,Ltd -> )
Task: {2C3F72C5-D267-42E9-93B4-300744EED1DF} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115032 2020-03-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {30CE4E4A-60EC-4C5F-A85B-BB593176A20D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3C05C208-DF53-4559-898B-8D2A461E5AEA} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {4162F9D2-40C7-4883-A7F5-B85B83E32409} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24600440 2020-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {41EB1A5B-C29A-47AC-B28A-654DD9754588} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {437B98BA-C5CA-4998-8960-08E1D7E39B63} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24600440 2020-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {5A3FB241-0B11-4EA5-BC66-0D9F1B406040} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM => {C8367320-6F85-11E0-A1F0-0800200C9A66} C:\WINDOWS\System32\BthTelemetry.dll [32256 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Task: {5DB1BE62-6153-49EA-AB91-B81B5072976E} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {692BBEC2-1C5C-49CE-B356-FD4DC0DD04E4} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {69D35737-732D-442C-B17E-19FC2A2C35F6} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {6B9961F6-FE17-4974-BF13-98990921CE8C} - System32\Tasks\NvNotifier_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\GFExperience.Deployer\NvNotifier.exe [1920976 2019-10-04] (NVIDIA Corporation -> )
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {7C9507C5-3627-4C91-9F7F-C5A9D4D8F76E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {89A047F4-9747-4D5D-B9AA-DC5426339934} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4369824 2020-03-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {8E46183F-7104-4975-A18E-8FFD98CE1F61} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {91FD8631-C6DB-456F-BA4C-1BCCB67FC444} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {9384B6BC-4BA8-485E-BED3-D72D9A0DC906} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {9C4C0686-9371-4BB2-8E49-7D0D07BE0B3A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A7C85853-8EBF-49A9-8A72-3C312BEB6DE7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [7175384 2016-12-06] (Piriform Ltd -> Piriform Ltd)
Task: {A96717C2-2668-486E-96F2-BD8E23055081} - \WPD\SqmUpload_S-1-5-21-2070481859-1754916886-4248104055-1001 -> No File <==== ATTENTION
Task: {AF394DBC-344B-4AF1-AF7F-16DD64D9B3F8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {B15355A9-42B5-47CB-B12F-0744BCD743D0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CBA63924-CDD5-440C-B1CF-E82245FBBB4B} - System32\Tasks\Opera scheduled assistant Autoupdate 1547550793 => C:\Program Files (x86)\Opera\launcher.exe [1355800 2020-03-27] (Opera Software AS -> Opera Software)
Task: {CE29326B-B158-4844-9F94-A98BB968FBE2} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115032 2020-03-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {CF37A8FD-E0D4-4E62-B288-E7C6F2874F75} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {D48C535D-3ECB-4580-9C63-0B6C3448198B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D9335A1C-9788-4545-9A3A-118112B149C5} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {DCC5C076-C7BE-421F-A869-8C6F6819F020} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_344_pepper.exe [1453624 2020-03-12] (Adobe Inc. -> Adobe)
Task: {E3418366-4CC6-448A-B222-3ABCBA8AC4A0} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {E341C7C3-7E71-4183-A13B-B941AAAED726} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {E396BF4A-BF40-49B0-8663-6E5A5677A19A} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {EAECCE9C-36DB-4983-870A-683F6830FA27} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {EF211BAD-0FD6-4834-81A4-1D2EDA53F83C} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {F4174FF1-9E54-4EE7-BFD1-0465BE37D8A2} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {F4DDAF5D-5FDD-4177-9D81-63F703449307} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {FACD702F-4ADB-4B31-A0A3-C8348106F845} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-03-12] (Adobe Inc. -> Adobe)
Task: {FCC6284B-2792-441E-BFA3-D56D13B90389} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4369824 2020-03-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {FEB0C740-E649-449A-84A9-834DB90D47E0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-2070481859-1754916886-4248104055-1001] => 181.113.135.214:57101
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{7fd68ebf-20d5-4ba0-a76d-b546b94d2d2c}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{de679985-e305-4b64-8545-973e0e027a11}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\S-1-5-21-2070481859-1754916886-4248104055-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://centrum.cz/
SearchScopes: HKU\S-1-5-21-2070481859-1754916886-4248104055-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2070481859-1754916886-4248104055-1001 -> {71C1365D-0A6C-43B5-9AE8-D975CEB0D455} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13554
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
BHO: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> No File
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-27] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-27] (Oracle America, Inc. -> Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-07] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF Plugin: @itools.hk/npiTools, version=1.0.0 -> C:\Program Files (x86)\ThinkSky\iTools 3\Extensions\npiTools.dll [2016-08-25] (Shenzhen Thinksky Technology Co.,Ltd -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @itools.hk/npiTools, version=1.0.0 -> C:\Program Files (x86)\ThinkSky\iTools 3\Extensions\npiTools.dll [2016-08-25] (Shenzhen Thinksky Technology Co.,Ltd -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2070481859-1754916886-4248104055-1001: @acestream.net/acestreamplugin,version=3.1.11 -> C:\Users\Michael7\AppData\Roaming\ACEStream\player\npace_plugin.dll [No File]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Michael7\AppData\Local\Google\Chrome\User Data\Default [2020-04-01]
CHR Notifications: Default -> hxxps://0.bigstream.online; hxxps://gcx.aliexpress.com; hxxps://mpsocial.com; hxxps://pushnote.top; hxxps://www.aliznacky.cz; hxxps://www.facebook.com; hxxps://www.reddit.com; hxxps://www.slevydnes.cz; hxxps://xkeezmovies.com
CHR HomePage: Default -> hxxp://www.centrum.cz/
CHR StartupUrls: Default -> "hxxp://www.centrum.cz/"
CHR Extension: (Překladač Google) - C:\Users\Michael7\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-03-18]
CHR Extension: (Prezentace) - C:\Users\Michael7\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-16]
CHR Extension: (Dokumenty) - C:\Users\Michael7\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-16]
CHR Extension: (Disk Google) - C:\Users\Michael7\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-04]
CHR Extension: (Pop up blocker for Chrome™ - Poper Blocker) - C:\Users\Michael7\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2020-02-18]
CHR Extension: (YouTube) - C:\Users\Michael7\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-04]
CHR Extension: (Adobe Acrobat) - C:\Users\Michael7\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-03-04]
CHR Extension: (Tabulky) - C:\Users\Michael7\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\Michael7\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-09]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Michael7\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-03-18]
CHR Extension: (InstaG Downloader) - C:\Users\Michael7\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnkdcmgmnegofdddphijckfagibepdlb [2018-07-10]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Michael7\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-01-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Michael7\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\Michael7\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\Michael7\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-03-20]
CHR Extension: (Batch Media Saver from Instagram™) - C:\Users\Michael7\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmnmnpijgncjompjiccojbccinacefh [2019-08-04]
CHR Profile: C:\Users\Michael7\AppData\Local\Google\Chrome\User Data\System Profile [2019-05-09]
CHR HKU\S-1-5-21-2070481859-1754916886-4248104055-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKU\S-1-5-21-2070481859-1754916886-4248104055-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

Opera:
=======
OPR Extension: (AdBlock) - C:\Users\Michael7\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2016-09-26]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-04-29] (Apple Inc. -> Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11091224 2020-03-05] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291904 2017-08-14] (Disc Soft Ltd -> Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2648184 2017-10-10] (ESET, spol. s r.o. -> ESET)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [614624 2014-09-02] (FUTUREMARK INC -> Futuremark)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-28] (NVIDIA Corporation -> NVIDIA Corporation)
R2 nordvpn-service; C:\Program Files (x86)\NordVPN\nordvpn-service.exe [234528 2020-02-28] (TEFINCOM S.A. -> )
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-28] (NVIDIA Corporation -> NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-28] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2177296 2020-04-01] (Electronic Arts, Inc. -> Electronic Arts)
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [343040 2013-08-08] (Qualcomm Atheros) [File not signed]
R2 RzWizardService; C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe [376272 2016-03-23] (Razer USA Ltd. -> Razer Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5929920 2020-03-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13206544 2020-03-09] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\NisSrv.exe [3294680 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MsMpEng.exe [103168 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S1 BfLwf; C:\WINDOWS\system32\DRIVERS\bwcW8x64.sys [75056 2013-02-13] (Qualcomm Atheros, Inc. -> Qualcomm Atheros, Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-09-13] (Microsoft Corporation) [File not signed]
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-10-17] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-10-17] (Disc Soft Ltd -> Disc Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [132848 2017-09-25] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [107344 2017-04-07] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15392 2017-10-11] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [180088 2017-10-11] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [50752 2017-04-07] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [78192 2017-04-07] (ESET, spol. s r.o. -> ESET)
S1 EpfwLWF; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [53360 2015-07-14] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [102160 2017-09-25] (ESET, spol. s r.o. -> ESET)
R3 KillerEth; C:\WINDOWS\System32\drivers\e2xw10x64.sys [145920 2019-03-19] (Microsoft Windows -> Qualcomm Atheros, Inc.)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2013-07-25] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_db678424d2641c3d\nvlddmkm.sys [22094728 2019-10-04] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-28] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation -> NVIDIA Corporation)
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45960 2020-03-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [391392 2020-03-25] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [59104 2020-03-25] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-04-01 19:55 - 2020-04-01 19:55 - 000000000 ____D C:\Users\Michael7\AppData\Local\mbam
2020-04-01 19:54 - 2020-04-01 19:54 - 000000000 ____D C:\Users\Michael7\AppData\Local\mbamtray
2020-04-01 17:36 - 2020-04-01 17:36 - 000017736 ____C C:\Users\Michael7\Desktop\FRST.rar
2020-04-01 15:07 - 2020-04-01 15:07 - 000000000 ____C C:\Users\Michael7\Desktop\zalozky chrome.txt
2020-04-01 13:19 - 2020-04-01 13:19 - 000000607 _____ C:\Users\Public\Desktop\Mafia.lnk
2020-04-01 13:19 - 2020-04-01 13:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mafia
2020-04-01 09:38 - 2020-04-01 09:38 - 000000000 ___HD C:\OneDriveTemp
2020-03-31 15:57 - 2020-03-31 15:57 - 000000113 ____C C:\Users\Michael7\Desktop\WindowsKeyInfo.txt
2020-03-31 12:34 - 2020-03-31 12:50 - 000000340 ____C C:\Users\Michael7\Desktop\my pc.txt
2020-03-31 12:32 - 2020-03-31 12:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2020-03-31 12:32 - 2020-03-31 12:32 - 000000000 ____D C:\Program Files\CPUID
2020-03-25 16:20 - 2020-03-25 16:20 - 001442896 _____ C:\Users\Michael7\Downloads\Edited.txt
2020-03-25 15:50 - 2020-03-25 15:50 - 003969695 _____ C:\Users\Michael7\Downloads\Tigerheart's Shadow.mobi
2020-03-25 15:44 - 2020-03-25 16:18 - 000064744 _____ C:\Users\Michael7\Downloads\1900HIT MEGA.NZ by OneNude.txt
2020-03-23 23:40 - 2020-03-24 00:09 - 119609507 _____ C:\Users\Michael7\Downloads\Jarvee_1.8.7.2.rar
2020-03-22 18:03 - 2020-03-30 19:59 - 000000000 ____D C:\Users\Michael7\AppData\Local\NordVPN
2020-03-22 18:03 - 2020-03-22 18:08 - 000000000 ____D C:\Program Files (x86)\NordVPN
2020-03-22 18:03 - 2020-03-22 18:03 - 000002039 _____ C:\Users\Public\Desktop\NordVPN.lnk
2020-03-22 18:03 - 2020-03-22 18:03 - 000000000 ____D C:\ProgramData\NordVPN
2020-03-22 18:03 - 2020-03-22 18:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NordVPN
2020-03-22 18:03 - 2020-03-22 18:03 - 000000000 ____D C:\Program Files (x86)\NordVPN network TAP
2020-03-14 00:45 - 2020-03-14 00:45 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-03-14 00:45 - 2020-03-14 00:45 - 009930552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-03-14 00:45 - 2020-03-14 00:45 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-03-14 00:45 - 2020-03-14 00:45 - 006520776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-03-14 00:45 - 2020-03-14 00:45 - 004563416 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-03-14 00:45 - 2020-03-14 00:45 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-03-14 00:45 - 2020-03-14 00:45 - 001398584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-03-14 00:45 - 2020-03-14 00:45 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-03-14 00:45 - 2020-03-14 00:45 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2020-03-14 00:45 - 2020-03-14 00:45 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-03-14 00:45 - 2020-03-14 00:45 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-03-13 23:46 - 2020-03-13 23:46 - 000002559 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2020-03-13 23:46 - 2020-03-13 23:46 - 000002553 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2020-03-13 23:46 - 2020-03-13 23:46 - 000002530 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2020-03-13 23:46 - 2020-03-13 23:46 - 000002525 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2020-03-13 23:46 - 2020-03-13 23:46 - 000002518 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype pro firmy.lnk
2020-03-13 23:46 - 2020-03-13 23:46 - 000002486 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2020-03-13 23:46 - 2020-03-13 23:46 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2020-03-13 23:46 - 2020-03-13 23:46 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2020-03-13 23:46 - 2020-03-13 23:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2020-03-11 01:34 - 2020-03-11 01:34 - 019812352 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-03-11 01:34 - 2020-03-11 01:34 - 018027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-03-11 01:34 - 2020-03-11 01:34 - 011607552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2020-03-11 01:34 - 2020-03-11 01:34 - 009711616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2020-03-11 01:34 - 2020-03-11 01:34 - 006285312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-03-11 01:34 - 2020-03-11 01:34 - 005911040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-03-11 01:34 - 2020-03-11 01:34 - 004129648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-03-11 01:34 - 2020-03-11 01:34 - 003819520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-03-11 01:34 - 2020-03-11 01:34 - 003488768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-03-11 01:34 - 2020-03-11 01:34 - 003243296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2020-03-11 01:34 - 2020-03-11 01:34 - 002956688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-03-11 01:34 - 2020-03-11 01:34 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-03-11 01:34 - 2020-03-11 01:34 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-03-11 01:34 - 2020-03-11 01:34 - 002315680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2020-03-11 01:34 - 2020-03-11 01:34 - 002072664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2020-03-11 01:34 - 2020-03-11 01:34 - 001867816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-03-11 01:34 - 2020-03-11 01:34 - 001835128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2020-03-11 01:34 - 2020-03-11 01:34 - 001770552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2020-03-11 01:34 - 2020-03-11 01:34 - 001555904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2020-03-11 01:34 - 2020-03-11 01:34 - 001490640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2020-03-11 01:34 - 2020-03-11 01:34 - 001417976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2020-03-11 01:34 - 2020-03-11 01:34 - 001282944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2020-03-11 01:34 - 2020-03-11 01:34 - 001108040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2020-03-11 01:34 - 2020-03-11 01:34 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-03-11 01:34 - 2020-03-11 01:34 - 001080832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2020-03-11 01:34 - 2020-03-11 01:34 - 001012792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-03-11 01:34 - 2020-03-11 01:34 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2020-03-11 01:34 - 2020-03-11 01:34 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-03-11 01:34 - 2020-03-11 01:34 - 000757632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2020-03-11 01:34 - 2020-03-11 01:34 - 000739328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscsvc.dll
2020-03-11 01:34 - 2020-03-11 01:34 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-03-11 01:34 - 2020-03-11 01:34 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-03-11 01:34 - 2020-03-11 01:34 - 000604160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbc32.dll
2020-03-11 01:34 - 2020-03-11 01:34 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\csc.sys
2020-03-11 01:34 - 2020-03-11 01:34 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-03-11 01:34 - 2020-03-11 01:34 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2020-03-11 01:34 - 2020-03-11 01:34 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2020-03-11 01:34 - 2020-03-11 01:34 - 000287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacEncoder.dll
2020-03-11 01:34 - 2020-03-11 01:34 - 000239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacEncoder.dll
2020-03-11 01:34 - 2020-03-11 01:34 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddpchunk.dll
2020-03-11 01:34 - 2020-03-11 01:34 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-03-11 01:34 - 2020-03-11 01:34 - 000145208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CscMig.dll
2020-03-11 01:34 - 2020-03-11 01:34 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-03-11 01:34 - 2020-03-11 01:34 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-03-11 01:34 - 2020-03-11 01:34 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-03-11 01:34 - 2020-03-11 01:34 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 025900544 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 022635008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 019850240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 007905784 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 007755776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 007259648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 006436352 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 006168064 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 006084344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 005112832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 005040640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 004855808 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 004622280 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-03-11 01:33 - 2020-03-11 01:33 - 004580352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 004471296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 004348408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 004140544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 004048896 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 003977216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 003971808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-03-11 01:33 - 2020-03-11 01:33 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 003799552 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 003728896 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-03-11 01:33 - 2020-03-11 01:33 - 003708928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 003587896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-03-11 01:33 - 2020-03-11 01:33 - 003552768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 003371720 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 003260928 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 003143168 _____ (Microsoft Corporation) C:\WINDOWS\system32\directml.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-03-11 01:33 - 2020-03-11 01:33 - 002875904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 002870272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 002808832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-03-11 01:33 - 2020-03-11 01:33 - 002773568 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 002768440 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-03-11 01:33 - 2020-03-11 01:33 - 002740736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directml.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 002715648 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-03-11 01:33 - 2020-03-11 01:33 - 002698040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-03-11 01:33 - 2020-03-11 01:33 - 002584008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 002522112 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 002474496 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 002453504 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 002307584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 002289152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 002259872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 002224952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 002180408 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 002157056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 002087376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 002031104 _____ C:\WINDOWS\system32\rdpnano.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 002021888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 001999952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 001985104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 001972536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2020-03-11 01:33 - 2020-03-11 01:33 - 001885184 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 001823232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 001764336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 001762304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 001757304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-03-11 01:33 - 2020-03-11 01:33 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 001743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 001729024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 001688064 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 001684992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 001665416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 001657120 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 001647072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 001609216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 001581056 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 001513040 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-03-11 01:33 - 2020-03-11 01:33 - 001484600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 001482040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-03-11 01:33 - 2020-03-11 01:33 - 001481216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 001480192 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-03-11 01:33 - 2020-03-11 01:33 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 001428992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2020-03-11 01:33 - 2020-03-11 01:33 - 001413632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 001412096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 001396152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 001394168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-03-11 01:33 - 2020-03-11 01:33 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 001284096 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 001283600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2020-03-11 01:33 - 2020-03-11 01:33 - 001273856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 001264128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 001260480 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 001218632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2020-03-11 01:33 - 2020-03-11 01:33 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 001190912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2020-03-11 01:33 - 2020-03-11 01:33 - 001180160 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 001153024 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-03-11 01:33 - 2020-03-11 01:33 - 001097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 001092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 001088000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 001083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 001071184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2020-03-11 01:33 - 2020-03-11 01:33 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 001054376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 001031680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 001027000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 001007672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 001000960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\refsutil.exe
2020-03-11 01:33 - 2020-03-11 01:33 - 000983896 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000945384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000935040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2020-03-11 01:33 - 2020-03-11 01:33 - 000929144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-03-11 01:33 - 2020-03-11 01:33 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000908504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000892696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000877232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-03-11 01:33 - 2020-03-11 01:33 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowsperformancerecordercontrol.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-03-11 01:33 - 2020-03-11 01:33 - 000845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2020-03-11 01:33 - 2020-03-11 01:33 - 000838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000833616 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000802304 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000796904 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-03-11 01:33 - 2020-03-11 01:33 - 000782848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000776488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000769552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000748032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000741392 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000734720 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetup.exe
2020-03-11 01:33 - 2020-03-11 01:33 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbc32.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-03-11 01:33 - 2020-03-11 01:33 - 000669496 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000668296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000661816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-03-11 01:33 - 2020-03-11 01:33 - 000654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000642216 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000637240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2020-03-11 01:33 - 2020-03-11 01:33 - 000636848 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxs.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000627216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000605896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-03-11 01:33 - 2020-03-11 01:33 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2020-03-11 01:33 - 2020-03-11 01:33 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000551824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxs.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-03-11 01:33 - 2020-03-11 01:33 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2020-03-11 01:33 - 2020-03-11 01:33 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000531768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2020-03-11 01:33 - 2020-03-11 01:33 - 000526848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000522384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2020-03-11 01:33 - 2020-03-11 01:33 - 000518656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000510768 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2020-03-11 01:33 - 2020-03-11 01:33 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000478792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-03-11 01:33 - 2020-03-11 01:33 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2020-03-11 01:33 - 2020-03-11 01:33 - 000459688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-03-11 01:33 - 2020-03-11 01:33 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2020-03-11 01:33 - 2020-03-11 01:33 - 000457016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2020-03-11 01:33 - 2020-03-11 01:33 - 000455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-03-11 01:33 - 2020-03-11 01:33 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountExtension.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000429880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2020-03-11 01:33 - 2020-03-11 01:33 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2020-03-11 01:33 - 2020-03-11 01:33 - 000403456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-03-11 01:33 - 2020-03-11 01:33 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000382976 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000355000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2020-03-11 01:33 - 2020-03-11 01:33 - 000353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Acx01000.sys
2020-03-11 01:33 - 2020-03-11 01:33 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-03-11 01:33 - 2020-03-11 01:33 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-03-11 01:33 - 2020-03-11 01:33 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-03-11 01:33 - 2020-03-11 01:33 - 000320312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2020-03-11 01:33 - 2020-03-11 01:33 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2020-03-11 01:33 - 2020-03-11 01:33 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcomapi.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountCloudAP.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000260920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2020-03-11 01:33 - 2020-03-11 01:33 - 000259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000254776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
2020-03-11 01:33 - 2020-03-11 01:33 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000250896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2020-03-11 01:33 - 2020-03-11 01:33 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-03-11 01:33 - 2020-03-11 01:33 - 000248064 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-03-11 01:33 - 2020-03-11 01:33 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000234984 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\TetheringMgr.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000224056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2020-03-11 01:33 - 2020-03-11 01:33 - 000222520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ataport.sys
2020-03-11 01:33 - 2020-03-11 01:33 - 000221200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-03-11 01:33 - 2020-03-11 01:33 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000213984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-03-11 01:33 - 2020-03-11 01:33 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000208696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2020-03-11 01:33 - 2020-03-11 01:33 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiswan.sys
2020-03-11 01:33 - 2020-03-11 01:33 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000201744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2020-03-11 01:33 - 2020-03-11 01:33 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000201528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2020-03-11 01:33 - 2020-03-11 01:33 - 000199992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2020-03-11 01:33 - 2020-03-11 01:33 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-03-11 01:33 - 2020-03-11 01:33 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000183608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2020-03-11 01:33 - 2020-03-11 01:33 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2020-03-11 01:33 - 2020-03-11 01:33 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2020-03-11 01:33 - 2020-03-11 01:33 - 000180232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2020-03-11 01:33 - 2020-03-11 01:33 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtm.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000174392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2020-03-11 01:33 - 2020-03-11 01:33 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeHelper.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000165504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000164776 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtm.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2020-03-11 01:33 - 2020-03-11 01:33 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000151568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2020-03-11 01:33 - 2020-03-11 01:33 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-03-11 01:33 - 2020-03-11 01:33 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000146712 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\GraphicsCapture.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAuto.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000141840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2020-03-11 01:33 - 2020-03-11 01:33 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceMetadataRetrievalClient.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUser.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnpclean.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000136328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\omadmapi.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys
2020-03-11 01:33 - 2020-03-11 01:33 - 000133944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\profapi.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000131896 _____ (Microsoft Corporation) C:\WINDOWS\system32\DTUHandler.exe
2020-03-11 01:33 - 2020-03-11 01:33 - 000130112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000128312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2020-03-11 01:33 - 2020-03-11 01:33 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000120560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000120048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2020-03-11 01:33 - 2020-03-11 01:33 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Taskbar.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2020-03-11 01:33 - 2020-03-11 01:33 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2020-03-11 01:33 - 2020-03-11 01:33 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2020-03-11 01:33 - 2020-03-11 01:33 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000107832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GraphicsCapture.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000105832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2020-03-11 01:33 - 2020-03-11 01:33 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2020-03-11 01:33 - 2020-03-11 01:33 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000102760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profapi.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssecuser.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2020-03-11 01:33 - 2020-03-11 01:33 - 000098104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2020-03-11 01:33 - 2020-03-11 01:33 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000089616 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000089568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3api.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3msm.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-03-11 01:33 - 2020-03-11 01:33 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-03-11 01:33 - 2020-03-11 01:33 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe
2020-03-11 01:33 - 2020-03-11 01:33 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\monitor.sys
2020-03-11 01:33 - 2020-03-11 01:33 - 000068408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceReactivation.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000067112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000066336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlrmdr.exe
2020-03-11 01:33 - 2020-03-11 01:33 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManMigrationPlugin.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000063288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-03-11 01:33 - 2020-03-11 01:33 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmRes.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmRes.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstUI.exe
2020-03-11 01:33 - 2020-03-11 01:33 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000056632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciidex.sys
2020-03-11 01:33 - 2020-03-11 01:33 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAProfileNotificationHandler.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmapi.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000048256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbs.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmprovhost.exe
2020-03-11 01:33 - 2020-03-11 01:33 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-03-11 01:33 - 2020-03-11 01:33 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000042336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbs.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000042296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2020-03-11 01:33 - 2020-03-11 01:33 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2020-03-11 01:33 - 2020-03-11 01:33 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2020-03-11 01:33 - 2020-03-11 01:33 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afunix.sys
2020-03-11 01:33 - 2020-03-11 01:33 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmtask.exe
2020-03-11 01:33 - 2020-03-11 01:33 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmprovhost.exe
2020-03-11 01:33 - 2020-03-11 01:33 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthMini.SYS
2020-03-11 01:33 - 2020-03-11 01:33 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2020-03-11 01:33 - 2020-03-11 01:33 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxstrace.exe
2020-03-11 01:33 - 2020-03-11 01:33 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
2020-03-11 01:33 - 2020-03-11 01:33 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-03-11 01:33 - 2020-03-11 01:33 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2020-03-11 01:33 - 2020-03-11 01:33 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-03-11 01:33 - 2020-03-11 01:33 - 000030008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\atapi.sys
2020-03-11 01:33 - 2020-03-11 01:33 - 000029712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tbs.sys
2020-03-11 01:33 - 2020-03-11 01:33 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxstrace.exe
2020-03-11 01:33 - 2020-03-11 01:33 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Drivers\afunix.sys
2020-03-11 01:33 - 2020-03-11 01:33 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000028936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspipe.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAgent.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wci.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msauserext.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000019984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelide.sys
2020-03-11 01:33 - 2020-03-11 01:33 - 000019768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2020-03-11 01:33 - 2020-03-11 01:33 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpnotify.exe
2020-03-11 01:33 - 2020-03-11 01:33 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msauserext.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000016912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciide.sys
2020-03-11 01:33 - 2020-03-11 01:33 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\MUILanguageCleanup.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmplpxy.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\LangCleanupSysprepAction.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2020-03-11 01:33 - 2020-03-11 01:33 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmplpxy.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchTM.exe
2020-03-11 01:33 - 2020-03-11 01:33 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtprio.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchTM.exe
2020-03-11 01:33 - 2020-03-11 01:33 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetupproxyserv.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtprio.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCertResources.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCertResources.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUserRes.dll
2020-03-11 01:33 - 2020-03-11 01:33 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-03-11 01:33 - 2020-03-11 01:33 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-03-11 01:33 - 2020-03-11 01:33 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-03-11 01:33 - 2020-03-11 01:33 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-03-11 01:33 - 2020-03-11 01:33 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-03-11 01:33 - 2020-03-11 01:33 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-03-11 01:33 - 2020-03-11 01:33 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-03-11 01:33 - 2020-03-11 01:33 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-03-11 01:33 - 2020-03-11 01:33 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-03-11 01:33 - 2020-03-11 01:33 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-03-11 01:33 - 2020-03-11 01:33 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-03-11 01:33 - 2020-03-11 01:33 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-03-11 01:27 - 2020-03-11 01:27 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-03-11 01:27 - 2020-03-11 01:27 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-03-04 10:31 - 2020-03-04 10:31 - 023152881 _____ (The qBittorrent project) C:\Users\Michael7\Downloads\qbittorrent_4.2.1_setup.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-04-01 22:00 - 2015-01-06 21:50 - 000000000 ____D C:\FRST
2020-04-01 21:48 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-04-01 21:39 - 2019-08-14 13:36 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-04-01 21:06 - 2019-08-14 13:49 - 001693640 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-04-01 21:06 - 2019-03-19 13:57 - 000716944 _____ C:\WINDOWS\system32\perfh005.dat
2020-04-01 21:06 - 2019-03-19 13:57 - 000145024 _____ C:\WINDOWS\system32\perfc005.dat
2020-04-01 21:06 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2020-04-01 21:04 - 2014-11-20 11:41 - 000000000 ___DC C:\Users\Michael7\AppData\Roaming\Skype
2020-04-01 21:01 - 2019-08-14 13:45 - 000003428 _____ C:\WINDOWS\system32\Tasks\iToolsDaemon
2020-04-01 21:01 - 2015-10-06 11:43 - 000000000 ___RD C:\Users\Michael7\OneDrive
2020-04-01 21:01 - 2014-12-30 11:46 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-04-01 21:00 - 2019-08-14 13:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-04-01 21:00 - 2019-03-19 06:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-04-01 21:00 - 2017-01-03 22:36 - 000000000 ____D C:\AdwCleaner
2020-04-01 21:00 - 2015-12-23 04:42 - 000000000 ____D C:\ProgramData\NVIDIA
2020-04-01 20:55 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-04-01 20:55 - 2016-07-12 21:56 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-04-01 19:55 - 2017-12-06 23:43 - 000000000 ___DC C:\Users\Michael7\AppData\Local\cache
2020-04-01 18:16 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-04-01 17:24 - 2020-02-19 10:23 - 000000000 ___DC C:\Users\Michael7\Desktop\bp
2020-04-01 16:13 - 2019-08-14 13:45 - 000004202 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{F269AAD2-C3AC-464D-A62E-EC4C8031B8C0}
2020-04-01 15:02 - 2015-01-28 15:54 - 000000000 ____D C:\Program Files (x86)\JpegResampler2010
2020-04-01 14:58 - 2014-10-30 03:18 - 000000000 ____D C:\ProgramData\Origin
2020-04-01 14:58 - 2014-10-30 03:18 - 000000000 ____D C:\Program Files (x86)\Origin
2020-04-01 13:21 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-04-01 13:20 - 2019-03-19 07:00 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2020-04-01 13:20 - 2019-03-19 07:00 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2020-04-01 13:20 - 2019-03-19 07:00 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2020-04-01 13:20 - 2019-03-19 07:00 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2020-04-01 13:20 - 2019-03-19 07:00 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2020-04-01 13:20 - 2019-03-19 07:00 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2020-04-01 13:20 - 2019-03-19 07:00 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2020-04-01 13:20 - 2019-03-19 07:00 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2020-04-01 13:20 - 2019-03-19 07:00 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2020-04-01 13:20 - 2019-03-19 07:00 - 000005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2020-04-01 13:20 - 2019-03-19 07:00 - 000005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2020-04-01 13:20 - 2019-03-19 06:57 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2020-04-01 13:20 - 2019-03-19 06:57 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2020-04-01 13:20 - 2019-03-19 06:57 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2020-04-01 13:20 - 2019-03-19 06:57 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2020-04-01 13:20 - 2019-03-19 06:57 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2020-04-01 13:20 - 2019-03-19 06:57 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2020-04-01 13:20 - 2019-03-19 06:57 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2020-03-31 20:44 - 2019-07-17 11:24 - 000000000 ___DC C:\Users\Michael7\AppData\Local\D3DSCache
2020-03-31 16:12 - 2017-05-02 09:58 - 000000000 ___DC C:\Users\Michael7\AppData\Local\ConnectedDevicesPlatform
2020-03-31 15:46 - 2014-11-05 19:50 - 000000000 ____D C:\Program Files (x86)\Opera
2020-03-30 22:38 - 2019-08-14 13:45 - 000003954 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1415209820
2020-03-30 22:38 - 2017-07-01 15:37 - 000001149 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2020-03-28 10:25 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-03-28 01:46 - 2019-08-14 13:45 - 000004178 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1547550793
2020-03-26 21:47 - 2014-10-30 03:23 - 000000000 ___DC C:\Users\Michael7\Desktop\faktury
2020-03-25 12:44 - 2018-02-11 16:59 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-03-22 21:17 - 2014-12-30 11:51 - 000000000 ___DC C:\Users\Michael7\AppData\Roaming\TeamViewer
2020-03-22 12:04 - 2019-11-15 10:54 - 000000000 ___DC C:\Users\Michael7\Desktop\pg
2020-03-20 21:46 - 2019-08-14 13:45 - 000003504 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA1d091af68ba3b5c
2020-03-20 21:46 - 2019-08-14 13:45 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-03-20 01:43 - 2014-10-29 23:01 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-03-19 12:31 - 2019-08-14 13:45 - 000003370 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2070481859-1754916886-4248104055-1001
2020-03-19 12:31 - 2019-08-14 13:40 - 000002411 ____C C:\Users\Michael7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-03-18 18:29 - 2019-08-14 13:45 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-03-18 18:29 - 2015-11-19 12:36 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-03-15 11:37 - 2019-06-05 16:59 - 000000000 ___DC C:\Users\Michael7\AppData\Local\PlaceholderTileLogoFolder
2020-03-15 11:37 - 2018-01-19 20:34 - 000000000 ___DC C:\Users\Michael7\AppData\Local\Packages
2020-03-14 02:51 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-03-14 02:51 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-03-13 23:45 - 2015-04-23 18:20 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-03-12 01:50 - 2015-04-23 18:21 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2020-03-12 01:35 - 2019-08-14 13:45 - 000004542 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-03-12 01:35 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-03-12 01:35 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-03-11 11:03 - 2017-09-21 17:14 - 000000000 ___RD C:\Users\Michael7\3D Objects
2020-03-11 11:03 - 2016-11-21 06:46 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-03-11 11:02 - 2019-08-14 13:36 - 000476744 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-03-11 01:50 - 2019-03-19 13:59 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2020-03-11 01:50 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-03-11 01:50 - 2019-03-19 06:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-03-11 01:50 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-03-11 01:50 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-03-11 01:50 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-03-11 01:50 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2020-03-11 01:50 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\setup
2020-03-11 01:50 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-03-11 01:50 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-03-11 01:50 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files\Windows Defender
2020-03-11 01:50 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\servicing
2020-03-11 01:38 - 2014-10-29 21:49 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-03-11 01:36 - 2014-10-29 21:49 - 121542864 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-03-05 00:55 - 2017-10-18 15:38 - 000000000 ___DC C:\Users\Michael7\AppData\Roaming\qBittorrent

==================== Files in the root of some directories ========

2014-11-05 19:18 - 2017-10-18 15:34 - 000000000 ____C () C:\Users\Michael7\AppData\Roaming\bitlord_log.txt
2016-03-22 21:43 - 2016-06-14 18:33 - 000000112 ____C () C:\Users\Michael7\AppData\Roaming\Předvolby CS6 pro JP2K
2014-10-29 21:14 - 2014-10-29 21:14 - 000000000 ____C () C:\Users\Michael7\AppData\Local\Driver_LOM_8161Present.flag
2016-08-24 21:23 - 2016-08-24 21:23 - 000000036 ____C () C:\Users\Michael7\AppData\Local\housecall.guid.cache
2017-10-18 15:36 - 2017-10-18 15:36 - 000000218 ____C () C:\Users\Michael7\AppData\Local\recently-used.xbel
2014-11-13 15:03 - 2014-11-13 15:03 - 000007661 ____C () C:\Users\Michael7\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-03-2020
Ran by Michael7 (01-04-2020 22:00:54)
Running from E:\Users\Michael7\Downloads
Windows 10 Pro Version 1903 18362.720 (X64) (2019-08-14 11:46:04)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2070481859-1754916886-4248104055-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2070481859-1754916886-4248104055-503 - Limited - Disabled)
Guest (S-1-5-21-2070481859-1754916886-4248104055-501 - Limited - Disabled)
Michael7 (S-1-5-21-2070481859-1754916886-4248104055-1001 - Administrator - Enabled) => C:\Users\Michael7
WDAGUtilityAccount (S-1-5-21-2070481859-1754916886-4248104055-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Smart Security (Disabled - Out of date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Smart Security (Disabled - Out of date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personální firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3DMark 11 (HKLM\...\{FD67BFA0-E205-47AA-BA09-123B3B72DB5E}) (Version: 1.0.132.0 - Futuremark) Hidden
3DMark 11 (HKLM-x32\...\{f9e83b9c-ab7e-4005-8f32-4ea69703a5e4}) (Version: 1.0.132.0 - Futuremark)
4K Stogram 2.7 (HKLM\...\{82061A13-3AB5-4A0A-9B28-A05FD94CA6D8}) (Version: 2.7.1.1695 - Open Media LLC)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.344 - Adobe)
AIDA64 Extreme v4.70 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 4.70 - FinalWire Ltd.)
Aktualizace NVIDIA 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
Apple Mobile Device Support (HKLM\...\{B5A46811-3612-4DA5-8A5A-E6DED5D7C523}) (Version: 12.2.1.12 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM-x32\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
Bandicam (HKLM-x32\...\Bandicam) (Version: 4.5.6.1647 - Bandicam.com)
Bandicam MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandicam.com)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
CopyTrans Control Center Uninstall Only (HKU\S-1-5-21-2070481859-1754916886-4248104055-1001\...\CopyTrans Suite) (Version: 4.017 - WindSolutions)
CPUID CPU-Z 1.91 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.91 - CPUID, Inc.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.6.0.0283 - Disc Soft Ltd)
ESET Smart Security (HKLM\...\{22A0C170-8BF5-40E2-9402-48C0FC686F95}) (Version: 10.1.235.1 - ESET, spol. s r.o.)
FastStone Capture 5.3 (HKLM-x32\...\FastStone Capture) (Version: 5.3 - FastStone Soft)
FollowLiker (HKU\S-1-5-21-2070481859-1754916886-4248104055-1001\...\950010d43e16bfae) (Version: 1.0.0.4 - FollowLiker)
Futuremark SystemInfo (HKLM-x32\...\{E114E635-F06E-43B4-A800-74A22536B1B0}) (Version: 4.30.472.0 - Futuremark)
GFExperience.Deployer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.Deployer) (Version: 3.19.0.107 - NVIDIA Corporation) Hidden
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.149 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Grids 4.7.1 (HKLM\...\Grids) (Version: - )
IGdm 2.1.0 (only current user) (HKU\S-1-5-21-2070481859-1754916886-4248104055-1001\...\1ead4f81-c61a-5fa6-9e81-7a8c0c868952) (Version: 2.1.0 - ifedapo olarewaju)
iTools 3 version 3.3.7.7 (HKLM-x32\...\{9AD3B3CA-16DF-4113-9178-89263F2E3820}_is1) (Version: 3.3.7.7 - Thinksky, Inc.)
iTunes (HKLM\...\{281A8A05-80EB-4B93-B825-C9FBEE17CE85}) (Version: 12.9.6.3 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Mafia (HKLM-x32\...\{C72D7008-266D-4DD8-BF3C-296B736127F6}) (Version: 1.02 - )
Mafia II (HKLM-x32\...\Mafia II_is1) (Version: - )
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProPlusRetail - cs-cz) (Version: 16.0.12527.20278 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2070481859-1754916886-4248104055-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0010 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM-x32\...\{90150000-001F-0405-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM-x32\...\{90150000-001F-041B-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
NordVPN (HKLM-x32\...\{83E5941F-5F93-4097-81F5-79FA38FFB875}) (Version: 6.27.11 - NordVPN) Hidden
NordVPN (HKLM-x32\...\NordVPN 6.27.11) (Version: 6.27.11 - NordVPN)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.16 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 349.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 349.95 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 432.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 432.00 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
NVIDIA Virtuální audio Miracast 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 350.12 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12527.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12527.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12527.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.12527.20278 - Microsoft Corporation) Hidden
OpenOffice 4.1.0 (HKLM-x32\...\{43245B34-BAEA-4716-B877-38E7E7026698}) (Version: 4.10.9764 - Apache Software Foundation)
Opera Stable 67.0.3575.115 (HKLM-x32\...\Opera 67.0.3575.115) (Version: 67.0.3575.115 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 432.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 432.00 - NVIDIA Corporation) Hidden
paint.net (HKLM\...\{141BA46D-2D1F-4DA6-9448-B847334585C0}) (Version: 4.0.4 - dotPDN LLC)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{5C028510-A6A1-409A-A2BF-4DCB43B21EF9}) (Version: 7.6 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{5C7D4FCF-80C5-4520-9934-D50532AAC59C}) (Version: 7.6 - Apple Inc.)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22532 - Microsoft Corporation)
Qualcomm Atheros Bandwidth Control Filter Driver (HKLM\...\{ABFED5A0-7D10-4617-A816-DD2D3B85706D}) (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (HKLM\...\{E970CE81-6F26-4274-8E4E-5AFC000FB888}) (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{FE5DFB80-6937-4154-A2C7-EF845C1301F8}) (Version: 1.0.30.1259 - Qualcomm Atheros)
Qualcomm Atheros Network Manager (HKLM\...\{401FADAA-1C16-4721-9F02-19067E1A1CA8}) (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7572 - Realtek Semiconductor Corp.)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.104 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
STK03N (HKLM-x32\...\{E83CD823-C522-4B71-B10A-E1088B3BD261}) (Version: 1.00.0 - Syntek)
System Requirements Lab CYRI (HKLM-x32\...\{6C8C4577-8E15-4C63-96ED-D40F2072FF74}) (Version: 6.0.19.0 - Husdawg, LLC)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.3.8497 - TeamViewer)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 8.51 - Ghisler Software GmbH)
Update for Skype for Business 2015 (KB4484097) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{5735F518-9EDC-4464-87BC-6316D456391E}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484097) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0405-0000-0000000FF1CE}_Office15.PROPLUSR_{5735F518-9EDC-4464-87BC-6316D456391E}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484097) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{5735F518-9EDC-4464-87BC-6316D456391E}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{2E8B8BDD-03DF-4C1C-8C99-E6A4BCBF43CE}) (Version: 2.51.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)

Packages:
=========
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_42.0.2.0_neutral__8xx8rvfyw5nnt [2020-03-05] (Instagram)
InstaPic -> C:\Program Files\WindowsApps\26968APPLYF.InstaPic_6.0.1.0_x64__4502q87ac11em [2017-09-26] (APP LYF) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-06] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-06] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.6.1224.0_x64__8wekyb3d8bbwe [2020-02-05] (Microsoft Studios) [MS Ad]
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-26] (Microsoft Corporation) [MS Ad]
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-26] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-26] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-26] (Microsoft Corporation) [MS Ad]
MSN Zdraví a fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2020-03-15] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2017-10-10] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers1-x32: [JRcm] -> {C20B9A7B-ED5B-4CEB-B2A6-F1F62E99C539} => C:\PROGRA~2\JPEGRE~1\JRcm.dll -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-08-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-08-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2017-10-10] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-10-03] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2017-10-10] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6-x32: [JRcm] -> {C20B9A7B-ED5B-4CEB-B2A6-F1F62E99C539} => C:\PROGRA~2\JPEGRE~1\JRcm.dll -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-08-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-08-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.mjpg] => C:\WINDOWS\system32\bdmjpeg64.dll [75248 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\WINDOWS\system32\bdmpegv64.dll [75272 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\WINDOWS\system32\bdmpega64.acm [75784 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-10-19] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-10-19] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\SysWOW64\bdmjpeg.dll [71152 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\SysWOW64\bdmpegv.dll [71176 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\SysWOW64\bdmpega.acm [71176 2017-01-26] (Bandicam Company -> )

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-04-01 21:01 - 2020-04-01 21:01 - 000088064 ____R () [File not signed] C:\Users\Michael7\AppData\Local\Temp\_MEI95122\_ctypes.pyd
2020-04-01 21:01 - 2020-04-01 21:01 - 000128512 ____R () [File not signed] C:\Users\Michael7\AppData\Local\Temp\_MEI95122\_elementtree.pyd
2020-04-01 21:01 - 2020-04-01 21:01 - 000914432 ____R () [File not signed] C:\Users\Michael7\AppData\Local\Temp\_MEI95122\_hashlib.pyd
2020-04-01 21:01 - 2020-04-01 21:01 - 000027648 ____R () [File not signed] C:\Users\Michael7\AppData\Local\Temp\_MEI95122\_multiprocessing.pyd
2020-04-01 21:01 - 2020-04-01 21:01 - 000036864 ____R () [File not signed] C:\Users\Michael7\AppData\Local\Temp\_MEI95122\_psutil_windows.pyd
2020-04-01 21:01 - 2020-04-01 21:01 - 000046080 ____R () [File not signed] C:\Users\Michael7\AppData\Local\Temp\_MEI95122\_socket.pyd
2020-04-01 21:01 - 2020-04-01 21:01 - 001303552 ____R () [File not signed] C:\Users\Michael7\AppData\Local\Temp\_MEI95122\_ssl.pyd
2020-04-01 21:01 - 2020-04-01 21:01 - 000020480 ____R () [File not signed] C:\Users\Michael7\AppData\Local\Temp\_MEI95122\_yappi.pyd
2020-04-01 21:01 - 2020-04-01 21:01 - 000012800 ____R () [File not signed] C:\Users\Michael7\AppData\Local\Temp\_MEI95122\common.time34.pyd
2020-04-01 21:01 - 2020-04-01 21:01 - 000007168 ____R () [File not signed] C:\Users\Michael7\AppData\Local\Temp\_MEI95122\hashobjs_ext.pyd
2020-04-01 21:01 - 2020-04-01 21:01 - 000127488 ____R () [File not signed] C:\Users\Michael7\AppData\Local\Temp\_MEI95122\pyexpat.pyd
2020-04-01 21:01 - 2020-04-01 21:01 - 000682496 ____R () [File not signed] C:\Users\Michael7\AppData\Local\Temp\_MEI95122\pysqlite2._sqlite.pyd
2020-04-01 21:01 - 2020-04-01 21:01 - 000364544 ____R () [File not signed] C:\Users\Michael7\AppData\Local\Temp\_MEI95122\pythoncom27.dll
2020-04-01 21:01 - 2020-04-01 21:01 - 000110080 ____R () [File not signed] C:\Users\Michael7\AppData\Local\Temp\_MEI95122\pywintypes27.dll
2020-04-01 21:01 - 2020-04-01 21:01 - 000010240 ____R () [File not signed] C:\Users\Michael7\AppData\Local\Temp\_MEI95122\select.pyd
2020-04-01 21:01 - 2020-04-01 21:01 - 000017920 ____R () [File not signed] C:\Users\Michael7\AppData\Local\Temp\_MEI95122\thumbnails_ext.pyd
2020-04-01 21:01 - 2020-04-01 21:01 - 000686080 ____R () [File not signed] C:\Users\Michael7\AppData\Local\Temp\_MEI95122\unicodedata.pyd
2020-04-01 21:01 - 2020-04-01 21:01 - 000088064 ____R () [File not signed] C:\Users\Michael7\AppData\Local\Temp\_MEI95122\usb_ext.pyd
2020-04-01 21:01 - 2020-04-01 21:01 - 000098816 ____R () [File not signed] C:\Users\Michael7\AppData\Local\Temp\_MEI95122\win32api.pyd
2020-04-01 21:01 - 2020-04-01 21:01 - 000320512 ____R () [File not signed] C:\Users\Michael7\AppData\Local\Temp\_MEI95122\win32com.shell.shell.pyd
2020-04-01 21:01 - 2020-04-01 21:01 - 000011264 ____R () [File not signed] C:\Users\Michael7\AppData\Local\Temp\_MEI95122\win32crypt.pyd
2020-04-01 21:01 - 2020-04-01 21:01 - 000018432 ____R () [File not signed] C:\Users\Michael7\AppData\Local\Temp\_MEI95122\win32event.pyd
2020-04-01 21:01 - 2020-04-01 21:01 - 000119808 ____R () [File not signed] C:\Users\Michael7\AppData\Local\Temp\_MEI95122\win32file.pyd
2020-04-01 21:01 - 2020-04-01 21:01 - 000167936 ____R () [File not signed] C:\Users\Michael7\AppData\Local\Temp\_MEI95122\win32gui.pyd
2020-04-01 21:01 - 2020-04-01 21:01 - 000038912 ____R () [File not signed] C:\Users\Michael7\AppData\Local\Temp\_MEI95122\win32inet.pyd
2020-04-01 21:01 - 2020-04-01 21:01 - 000025600 ____R () [File not signed] C:\Users\Michael7\AppData\Local\Temp\_MEI95122\win32pdh.pyd
2020-04-01 21:01 - 2020-04-01 21:01 - 000024064 ____R () [File not signed] C:\Users\Michael7\AppData\Local\Temp\_MEI95122\win32pipe.pyd
2020-04-01 21:01 - 2020-04-01 21:01 - 000035840 ____R () [File not signed] C:\Users\Michael7\AppData\Local\Temp\_MEI95122\win32process.pyd
2020-04-01 21:01 - 2020-04-01 21:01 - 000017408 ____R () [File not signed] C:\Users\Michael7\AppData\Local\Temp\_MEI95122\win32profile.pyd
2020-04-01 21:01 - 2020-04-01 21:01 - 000108544 ____R () [File not signed] C:\Users\Michael7\AppData\Local\Temp\_MEI95122\win32security.pyd
2020-04-01 21:01 - 2020-04-01 21:01 - 000022528 ____R () [File not signed] C:\Users\Michael7\AppData\Local\Temp\_MEI95122\win32ts.pyd
2020-04-01 21:01 - 2020-04-01 21:01 - 000078848 ____R () [File not signed] C:\Users\Michael7\AppData\Local\Temp\_MEI95122\wx._animate.pyd
2020-04-01 21:01 - 2020-04-01 21:01 - 001067008 ____R () [File not signed] C:\Users\Michael7\AppData\Local\Temp\_MEI95122\wx._controls_.pyd
2020-04-01 21:01 - 2020-04-01 21:01 - 001176576 ____R () [File not signed] C:\Users\Michael7\AppData\Local\Temp\_MEI95122\wx._core_.pyd
2020-04-01 21:01 - 2020-04-01 21:01 - 000806400 ____R () [File not signed] C:\Users\Michael7\AppData\Local\Temp\_MEI95122\wx._gdi_.pyd
2020-04-01 21:01 - 2020-04-01 21:01 - 000077312 ____R () [File not signed] C:\Users\Michael7\AppData\Local\Temp\_MEI95122\wx._html2.pyd
2020-04-01 21:01 - 2020-04-01 21:01 - 000733184 ____R () [File not signed] C:\Users\Michael7\AppData\Local\Temp\_MEI95122\wx._misc_.pyd
2020-04-01 21:01 - 2020-04-01 21:01 - 000816128 ____R () [File not signed] C:\Users\Michael7\AppData\Local\Temp\_MEI95122\wx._windows_.pyd
2020-04-01 21:01 - 2020-04-01 21:01 - 000123392 ____R () [File not signed] C:\Users\Michael7\AppData\Local\Temp\_MEI95122\wx._wizard.pyd
2014-10-29 21:22 - 2015-03-28 05:44 - 001847784 _____ (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\NvStreamSrv\rxinput.dll
2014-10-29 21:22 - 2015-03-28 05:43 - 001570672 _____ (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed] C:\WINDOWS\system32\nvspcap64.dll
2020-04-01 21:01 - 2020-04-01 21:01 - 002459648 ____R (Python Software Foundation) [File not signed] C:\Users\Michael7\AppData\Local\Temp\_MEI95122\python27.dll
2020-04-01 21:01 - 2020-04-01 21:01 - 000155136 ____R (wxWidgets development team) [File not signed] C:\Users\Michael7\AppData\Local\Temp\_MEI95122\wxbase30u_net_vc90.dll
2020-04-01 21:01 - 2020-04-01 21:01 - 002030592 ____R (wxWidgets development team) [File not signed] C:\Users\Michael7\AppData\Local\Temp\_MEI95122\wxbase30u_vc90.dll
2020-04-01 21:01 - 2020-04-01 21:01 - 001251328 ____R (wxWidgets development team) [File not signed] C:\Users\Michael7\AppData\Local\Temp\_MEI95122\wxmsw30u_adv_vc90.dll
2020-04-01 21:01 - 2020-04-01 21:01 - 004796928 ____R (wxWidgets development team) [File not signed] C:\Users\Michael7\AppData\Local\Temp\_MEI95122\wxmsw30u_core_vc90.dll
2020-04-01 21:01 - 2020-04-01 21:01 - 000601088 ____R (wxWidgets development team) [File not signed] C:\Users\Michael7\AppData\Local\Temp\_MEI95122\wxmsw30u_html_vc90.dll
2020-04-01 21:01 - 2020-04-01 21:01 - 000110080 ____R (wxWidgets development team) [File not signed] C:\Users\Michael7\AppData\Local\Temp\_MEI95122\wxmsw30u_webview_vc90.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:413A0025 [134]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2070481859-1754916886-4248104055-1001\...\samsungsetup.com -> hxxp://www.samsungsetup.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2017-01-04 22:32 - 000000753 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Skype\Phone\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2070481859-1754916886-4248104055-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Michael7\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-2070481859-1754916886-4248104055-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{8F383EC8-F8BC-4895-85FF-5E7B26A14A21}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{064440D6-1D82-42F7-ACBC-72C533FD384B}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F4E80AE7-5347-4B58-8A8D-C35C66DCC6BB}] => (Allow) E:\Program Files (x86)\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{BA775644-DC14-4684-BD4C-C646D8AA3182}] => (Allow) E:\Program Files (x86)\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{3EE478F5-E442-424F-B4C7-2571832646CB}] => (Allow) LPort=80
FirewallRules: [{955D900C-3BCB-40ED-A58D-0931823E6183}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D3F2299E-EC9F-43BD-AD2E-FD2F48CED76C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{90C8EE85-1814-434C-A970-4C8945562FFE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CCD83619-86DD-44C6-BF98-75D9200E738B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{20B4EEBC-483C-4B9D-AA5D-47B0A333FF58}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BCA50A0C-A431-4827-9398-CD0C91B8A891}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CBE03A81-50FF-4568-A2F8-8E229FA4E425}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{64E7D2DC-FF42-4A83-940D-56074F002792}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{62D92DF7-3CDC-47D1-9DB7-6A4A5AF9B49A}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4B279587-BB7E-421C-AAC3-89E9A9791434}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1A4ED081-FE4D-491E-8710-AECA51F54282}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1E6142D0-2660-40E3-A83A-2E8A4F879877}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CBAD10F4-0025-465F-B87D-F1A0F1C0050F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1FE0C785-9393-44CF-9D11-425BBE67A491}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4339E40D-8412-4F4E-8515-ED0EDE32588D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E164F1D8-F59C-4D7D-8253-91EE48242E20}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5FE25898-8DF1-485D-9E21-F9364C570812}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{F6B790A7-3EC8-42CE-A521-C6C1E8D22B91}E:\beamng drive\beamng.drive.v0.11.0.4\bin64\beamng.drive.x64.exe] => (Allow) E:\beamng drive\beamng.drive.v0.11.0.4\bin64\beamng.drive.x64.exe () [File not signed]
FirewallRules: [UDP Query User{36FEFA19-26A7-491C-BC4B-E7BCAB945E07}E:\beamng drive\beamng.drive.v0.11.0.4\bin64\beamng.drive.x64.exe] => (Allow) E:\beamng drive\beamng.drive.v0.11.0.4\bin64\beamng.drive.x64.exe () [File not signed]
FirewallRules: [{85D9DFE2-40ED-408E-93C0-BF04D192ACF0}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManager.exe (Apowersoft Ltd.) [File not signed]
FirewallRules: [{4955AA28-EE89-42F8-A620-21D31755D8F1}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManager.exe (Apowersoft Ltd.) [File not signed]
FirewallRules: [{CB9ACBA1-DDA4-474B-8C83-3757B3AC6020}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManagerCoreServices.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{F27CA1DB-3E16-40D6-BD5E-13690AE5201B}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManagerCoreServices.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{E0854CA2-AE37-4947-956D-6974AE664356}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0A36C8D4-5FB6-4796-BAB3-1AF31CC44CED}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F7E57063-07F3-44D1-9D1B-88C69FBB365F}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{62A59B2E-1A8E-437D-9040-B3A05E7CE85E}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7650CF79-24A9-4587-BB9B-885EC62878C8}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0C24D8A9-358C-440B-ADA3-3F01FB12F8B7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D51DE00C-0904-449A-A4B7-E9A3845CB922}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{CA764D3B-FAEA-454D-B7E3-EA743ECA5B96}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{9963D3A0-9590-4419-A1A6-B47656B75E86}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{FA40C4D8-D923-49A0-B8CF-19CA27EC6421}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{516475CA-51B5-4426-8AE1-7D6A959FE1B8}] => (Allow) C:\Program Files (x86)\Opera\67.0.3575.97\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{2425DA13-1144-4EB6-A381-39244E8C314B}] => (Allow) C:\Program Files (x86)\Opera\67.0.3575.115\opera.exe (Opera Software AS -> Opera Software)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:110.93 GB) (Free:12.01 GB) (11%)

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (04/01/2020 09:36:33 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8340,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (04/01/2020 09:16:13 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3300,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (04/01/2020 09:10:55 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5244,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (04/01/2020 09:01:01 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: Event-ID 2001

Error: (04/01/2020 09:01:01 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: Event-ID 2001

Error: (04/01/2020 08:56:42 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).

Error: (04/01/2020 08:54:53 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.

Error: (04/01/2020 08:15:05 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (13828,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).


System errors:
=============
Error: (04/01/2020 09:04:29 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {784E29F4-5EBE-4279-9948-1E8FE941646D} se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/01/2020 09:00:26 PM) (Source: DCOM) (EventID: 10010) (User: Michael)
Description: Server Microsoft.Windows.ShellExperienceHost_10.0.18362.449_neutral_neutral_cw5n1h2txyewy!App se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/01/2020 09:00:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Disc Soft Lite Bus Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/01/2020 09:00:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba iPod Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/01/2020 09:00:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Qualcomm Atheros Killer Service V2 byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/01/2020 09:00:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Razer Wizard Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/01/2020 09:00:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NVIDIA Network Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/01/2020 09:00:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NVIDIA Streamer Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
===================================
Date: 2020-03-26 20:47:14.092
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {BA663AAB-5D7F-4173-8C76-C0062798C068}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-03-26 20:11:12.119
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Generic!rfn
ID: 2147744279
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: containerfile:_E:\Users\Michael7\Downloads\Private.zip; file:_E:\Users\Michael7\Downloads\Private.zip->PasswordDecoder.exe; webfile:_E:\Users\Michael7\Downloads\Private.zip|about:internet|pid:624,ProcessStart:132297210083077830
Původ detekce: Internet
Typ detekce: Konkrétní
Zdroj detekce: Soubory ke stažení a přílohy
Uživatel: Michael\Michael7
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.313.128.0, AS: 1.313.128.0, NIS: 1.313.128.0
Verze modulu: AM: 1.1.16900.4, NIS: 1.1.16900.4

Date: 2020-03-05 09:09:32.755
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.311.519.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16800.2
Kód chyby: 0x80240438
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===================================

Date: 2020-04-01 21:11:12.665
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2020-04-01 21:11:12.659
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2020-04-01 21:03:02.900
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2020-04-01 20:54:54.224
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eamsi.dll that did not meet the Microsoft signing level requirements.

Date: 2020-04-01 20:54:54.219
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eamsi.dll that did not meet the Microsoft signing level requirements.

Date: 2020-04-01 20:54:54.208
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eamsi.dll that did not meet the Microsoft signing level requirements.

Date: 2020-04-01 20:54:54.202
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eamsi.dll that did not meet the Microsoft signing level requirements.

Date: 2020-04-01 20:54:54.194
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eamsi.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. P1.50 07/15/2014
Motherboard: ASRock Z87 Killer
Processor: Intel(R) Pentium(R) CPU G3258 @ 3.20GHz
Percentage of memory in use: 49%
Total physical RAM: 8122.58 MB
Available physical RAM: 4111.77 MB
Total Virtual: 11322.58 MB
Available Virtual: 6649.53 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:110.93 GB) (Free:12.01 GB) NTFS
Drive e: (DATA) (Fixed) (Total:1863.01 GB) (Free:1496.86 GB) NTFS
Drive f: (KINGSTON) (Removable) (Total:14.53 GB) (Free:14.53 GB) FAT32

\\?\Volume{9279b3c0-5f9c-11e4-be65-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.34 GB) (Free:0.05 GB) NTFS
\\?\Volume{c7110378-0000-0000-0000-c0d11b000000}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 03227130)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: C7110378)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=110.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=524 MB) - (Type=27)

==========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 14.5 GB) (Disk ID: 1803D260)
Partition 1: (Not Active) - (Size=14.5 GB) - (Type=0C)

==================== End of Addition.txt =======================

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1-x32: [JRcm] -> {C20B9A7B-ED5B-4CEB-B2A6-F1F62E99C539} => C:\PROGRA~2\JPEGRE~1\JRcm.dll -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers6-x32: [JRcm] -> {C20B9A7B-ED5B-4CEB-B2A6-F1F62E99C539} => C:\PROGRA~2\JPEGRE~1\JRcm.dll -> No File
C:\Users\Michael7\AppData\Local\Temp
AlternateDataStreams: C:\ProgramData\TEMP:413A0025 [134]
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
E:\Users\Michael7\Downloads\Private.zip
HKLM\Software\...\AppCompatFlags\Custom\chrome.exe: [{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb] ->
HKLM\Software\...\AppCompatFlags\Custom\explorer.zza: [{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb] ->
HKLM\Software\...\AppCompatFlags\Custom\iexplore.exe: [{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb] ->
ShortcutTarget: Jarvee.lnk -> C:\Users\Michael7\AppData\Roaming\Jarvee\Jarvee.exe (No File)
ShortcutTarget: MassPlanner2.lnk -> C:\Users\Michael7\AppData\Roaming\MP\MassPlannerNew.exe (No File)
Task: {02E56B97-E54F-4328-AE33-57842EF34373} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {18287286-AAF2-41A1-ACB5-A708BE9FC0E6} - System32\Tasks\GoogleUpdateTaskMachineUA1d091af68ba3b5c => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {25D8A49F-82BF-4540-9D56-437E119C7A02} - System32\Tasks\GoogleUpdateTaskMachineUA1d0043cc925955d => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {27851C77-6E13-4960-A275-A77F9C7661C0} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {3C05C208-DF53-4559-898B-8D2A461E5AEA} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {5DB1BE62-6153-49EA-AB91-B81B5072976E} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {692BBEC2-1C5C-49CE-B356-FD4DC0DD04E4} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {69D35737-732D-442C-B17E-19FC2A2C35F6} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {7C9507C5-3627-4C91-9F7F-C5A9D4D8F76E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {A96717C2-2668-486E-96F2-BD8E23055081} - \WPD\SqmUpload_S-1-5-21-2070481859-1754916886-4248104055-1001 -> No File <==== ATTENTION
Task: {AF394DBC-344B-4AF1-AF7F-16DD64D9B3F8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {CF37A8FD-E0D4-4E62-B288-E7C6F2874F75} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {E3418366-4CC6-448A-B222-3ABCBA8AC4A0} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {F4174FF1-9E54-4EE7-BFD1-0465BE37D8A2} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {FEB0C740-E649-449A-84A9-834DB90D47E0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
BHO: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> No File
FF Plugin HKU\S-1-5-21-2070481859-1754916886-4248104055-1001: @acestream.net/acestreamplugin,version=3.1.11 -> C:\Users\Michael7\AppData\Roaming\ACEStream\player\npace_plugin.dll [No File]
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA1d091af68ba3b5c
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
End

Uložte do E:\Users\Michael7\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 29-03-2020
Ran by Michael7 (02-04-2020 10:47:47) Run:1
Running from E:\Users\Michael7\Downloads
Loaded Profiles: Michael7 (Available Profiles: Michael7)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1-x32: [JRcm] -> {C20B9A7B-ED5B-4CEB-B2A6-F1F62E99C539} => C:\PROGRA~2\JPEGRE~1\JRcm.dll -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers6-x32: [JRcm] -> {C20B9A7B-ED5B-4CEB-B2A6-F1F62E99C539} => C:\PROGRA~2\JPEGRE~1\JRcm.dll -> No File
C:\Users\Michael7\AppData\Local\Temp
AlternateDataStreams: C:\ProgramData\TEMP:413A0025 [134]
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
E:\Users\Michael7\Downloads\Private.zip
HKLM\Software\...\AppCompatFlags\Custom\chrome.exe: [{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb] ->
HKLM\Software\...\AppCompatFlags\Custom\explorer.zza: [{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb] ->
HKLM\Software\...\AppCompatFlags\Custom\iexplore.exe: [{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb] ->
ShortcutTarget: Jarvee.lnk -> C:\Users\Michael7\AppData\Roaming\Jarvee\Jarvee.exe (No File)
ShortcutTarget: MassPlanner2.lnk -> C:\Users\Michael7\AppData\Roaming\MP\MassPlannerNew.exe (No File)
Task: {02E56B97-E54F-4328-AE33-57842EF34373} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {18287286-AAF2-41A1-ACB5-A708BE9FC0E6} - System32\Tasks\GoogleUpdateTaskMachineUA1d091af68ba3b5c => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {25D8A49F-82BF-4540-9D56-437E119C7A02} - System32\Tasks\GoogleUpdateTaskMachineUA1d0043cc925955d => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {27851C77-6E13-4960-A275-A77F9C7661C0} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {3C05C208-DF53-4559-898B-8D2A461E5AEA} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {5DB1BE62-6153-49EA-AB91-B81B5072976E} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {692BBEC2-1C5C-49CE-B356-FD4DC0DD04E4} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {69D35737-732D-442C-B17E-19FC2A2C35F6} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {7C9507C5-3627-4C91-9F7F-C5A9D4D8F76E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {A96717C2-2668-486E-96F2-BD8E23055081} - \WPD\SqmUpload_S-1-5-21-2070481859-1754916886-4248104055-1001 -> No File <==== ATTENTION
Task: {AF394DBC-344B-4AF1-AF7F-16DD64D9B3F8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {CF37A8FD-E0D4-4E62-B288-E7C6F2874F75} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {E3418366-4CC6-448A-B222-3ABCBA8AC4A0} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {F4174FF1-9E54-4EE7-BFD1-0465BE37D8A2} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {FEB0C740-E649-449A-84A9-834DB90D47E0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
BHO: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> No File
FF Plugin HKU\S-1-5-21-2070481859-1754916886-4248104055-1001: @acestream.net/acestreamplugin,version=3.1.11 -> C:\Users\Michael7\AppData\Roaming\ACEStream\player\npace_plugin.dll [No File]
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA1d091af68ba3b5c
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\JRcm => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{C20B9A7B-ED5B-4CEB-B2A6-F1F62E99C539} => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\JRcm => removed successfully
C:\Users\Michael7\AppData\Local\Temp => moved successfully
C:\ProgramData\TEMP => ":413A0025" ADS removed successfully
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) => Error: No automatic fix found for this entry.
"E:\Users\Michael7\Downloads\Private.zip" => not found
HKLM\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Custom\chrome.exe => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Custom\explorer.zza => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Custom\iexplore.exe => removed successfully
"C:\Users\Michael7\AppData\Roaming\Jarvee\Jarvee.exe" => not found
"C:\Users\Michael7\AppData\Roaming\MP\MassPlannerNew.exe" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{02E56B97-E54F-4328-AE33-57842EF34373}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{02E56B97-E54F-4328-AE33-57842EF34373}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{18287286-AAF2-41A1-ACB5-A708BE9FC0E6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{18287286-AAF2-41A1-ACB5-A708BE9FC0E6}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d091af68ba3b5c => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA1d091af68ba3b5c" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{25D8A49F-82BF-4540-9D56-437E119C7A02}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{25D8A49F-82BF-4540-9D56-437E119C7A02}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d0043cc925955d => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA1d0043cc925955d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{27851C77-6E13-4960-A275-A77F9C7661C0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{27851C77-6E13-4960-A275-A77F9C7661C0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3C05C208-DF53-4559-898B-8D2A461E5AEA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3C05C208-DF53-4559-898B-8D2A461E5AEA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5DB1BE62-6153-49EA-AB91-B81B5072976E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5DB1BE62-6153-49EA-AB91-B81B5072976E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{692BBEC2-1C5C-49CE-B356-FD4DC0DD04E4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{692BBEC2-1C5C-49CE-B356-FD4DC0DD04E4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{69D35737-732D-442C-B17E-19FC2A2C35F6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{69D35737-732D-442C-B17E-19FC2A2C35F6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7C9507C5-3627-4C91-9F7F-C5A9D4D8F76E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7C9507C5-3627-4C91-9F7F-C5A9D4D8F76E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A96717C2-2668-486E-96F2-BD8E23055081}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A96717C2-2668-486E-96F2-BD8E23055081}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-2070481859-1754916886-4248104055-1001" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AF394DBC-344B-4AF1-AF7F-16DD64D9B3F8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AF394DBC-344B-4AF1-AF7F-16DD64D9B3F8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CF37A8FD-E0D4-4E62-B288-E7C6F2874F75}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CF37A8FD-E0D4-4E62-B288-E7C6F2874F75}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E3418366-4CC6-448A-B222-3ABCBA8AC4A0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3418366-4CC6-448A-B222-3ABCBA8AC4A0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F4174FF1-9E54-4EE7-BFD1-0465BE37D8A2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F4174FF1-9E54-4EE7-BFD1-0465BE37D8A2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FEB0C740-E649-449A-84A9-834DB90D47E0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FEB0C740-E649-449A-84A9-834DB90D47E0}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} => removed successfully
HKLM\Software\Classes\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} => removed successfully
HKU\S-1-5-21-2070481859-1754916886-4248104055-1001\Software\MozillaPlugins\@acestream.net/acestreamplugin,version=3.1.11 => removed successfully
"C:\Users\Michael7\AppData\Roaming\ACEStream\player\npace_plugin.dll" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA1d091af68ba3b5c" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 739490113 B
Java, Flash, Steam htmlcache => 1270 B
Windows/system/drivers => 13117852 B
Edge => 1324373 B
Chrome => 27962853 B
Firefox => 0 B
Opera => 66048158 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 19722 B
NetworkService => 462026 B
Michael7 => 4666747 B

RecycleBin => 0 B
EmptyTemp: => 823.6 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 10:48:14 ====

Smazáno. Nastala nějaká změna?