VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prostě preventivka :-)

https://forum.viry.cz:443/viewtopic.php?t=157328

Stránka 1 z 1

Prostě preventivka :-)

Napsal: 03 srp 2020 20:23
od gomik
Zdravím,
Chtěl bych poprosit o preventivní kontrolu logu. Už nějakou dobu mi nefunguje "automatické přehrávání" při vložení USB i když toto mám zapnuto, jinak můj PC celkem nic netrápí.
(jasně, tuhletu funkci by si měl člověk vypnout jako první věc po instalaci win a už jsem si i zvykl, že to nefunguje, nicméně otázka zní proč...) :-)

FRST je tedy níže a adition v příloze, bo to nevešlo.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-08-2020
Ran by thyma (administrator) on THYMALLUS-HP2 (HP HP Pavilion Notebook) (03-08-2020 21:13:11)
Running from C:\Users\thyma\Desktop
Loaded Profiles: thyma
Platform: Windows 10 Home Version 1909 18363.959 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Standard Mouse Driver\Monitor.EXE
(AB Team) [File not signed] C:\Program Files (x86)\Webteh\BSPlayer\bsplayer.exe
(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <4>
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <2>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(CyberLink Corp. -> CyberLink) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard Company -> HP Development Company, L.P.) C:\Program Files (x86)\HP\HP CoolSense\CoolSense.exe
(Hewlett-Packard Company -> HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
(HP Inc. -> ) C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
(HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(HP Inc. -> HP) C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe
(Igor Gottwald - OKsoftware) [File not signed] C:\Program Files (x86)\OKsoftware\Svátky a výročí\Vyroci.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126176.inf_amd64_694219dc1ebc939c\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126176.inf_amd64_694219dc1ebc939c\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126176.inf_amd64_694219dc1ebc939c\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126176.inf_amd64_694219dc1ebc939c\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Users\thyma\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2005.23.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12007.1001.2.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <13>
(Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(Node.js Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(Nullsoft Inc. -> Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Sony) [File not signed] C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TomTom International BV -> TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
(TomTom International BV -> TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Wacom Co., Ltd. -> Wacom Co. Ltd.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Co., Ltd. -> Wacom Co. Ltd.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Co., Ltd. -> Wacom Co. Ltd.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Co., Ltd. -> Wacom Co. Ltd.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8900104 2016-09-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [109160 2020-07-30] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321112 2019-06-28] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [85600 2013-12-13] (Nullsoft Inc. -> Nullsoft, Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058912 2012-04-02] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [Standard Mouse Driver] => C:\Program Files (x86)\Standard Mouse Driver\Monitor.exe [147456 2013-03-05] () [File not signed]
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [701984 2017-07-13] (HP Inc. -> HP Inc.)
HKLM-x32\...\Run: [HPRadioMgr] => C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe [324600 2017-04-25] (HP Inc. -> HP)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2091064 2020-07-17] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [114824 2020-06-06] (Adobe Inc. -> )
HKU\S-1-5-21-3435942051-1505872532-37019557-1001\...\Run: [Svátky a výročí] => C:\Program Files (x86)\OKsoftware\Svátky a výročí\Vyroci.exe [881664 2003-03-28] (Igor Gottwald - OKsoftware) [File not signed]
HKU\S-1-5-21-3435942051-1505872532-37019557-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [28990136 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3435942051-1505872532-37019557-1001\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [254840 2019-02-11] (TomTom International BV -> TomTom)
HKU\S-1-5-21-3435942051-1505872532-37019557-1001\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [677512 2020-07-25] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3435942051-1505872532-37019557-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [365760 2020-06-22] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-3435942051-1505872532-37019557-1001\...\MountPoints2: {2e3ff17d-bf4b-11ea-957b-88787362b2df} - "F:\_AUTORUN\AUTORUN.EXE"
HKU\S-1-5-21-3435942051-1505872532-37019557-1001\...\MountPoints2: {6156ddba-cdf0-11ea-9581-88787362b2df} - "F:\_AUTORUN\AUTORUN.EXE"
HKU\S-1-5-21-3435942051-1505872532-37019557-1001\...\MountPoints2: {6b37557a-c2ea-11ea-957e-88787362b2df} - "F:\_AUTORUN\AUTORUN.EXE"
HKU\S-1-5-21-3435942051-1505872532-37019557-1001\...\MountPoints2: {9080f9dc-c691-11ea-9580-88787362b2df} - "F:\_AUTORUN\AUTORUN.EXE"
HKU\S-1-5-21-3435942051-1505872532-37019557-1001\...\MountPoints2: {a38a58cd-c12a-11ea-957c-88787362b2df} - "F:\_AUTORUN\AUTORUN.EXE"
HKU\S-1-5-21-3435942051-1505872532-37019557-1001\...\MountPoints2: {aa03c2e6-b6cd-11ea-957a-88787362b2df} - "F:\_AUTORUN\AUTORUN.EXE"
HKU\S-1-5-21-3435942051-1505872532-37019557-1001\...\MountPoints2: {baff0293-b466-11ea-9575-88787362b2df} - "F:\_AUTORUN\AUTORUN.EXE"
HKU\S-1-5-21-3435942051-1505872532-37019557-1001\...\MountPoints2: {baff0e63-b466-11ea-9575-88787362b2df} - "F:\_AUTORUN\AUTORUN.EXE"
HKU\S-1-5-21-3435942051-1505872532-37019557-1001\...\MountPoints2: {e1bd672c-b6ca-11ea-9579-88787362b2df} - "F:\_AUTORUN\AUTORUN.EXE"
HKU\S-1-5-21-3435942051-1505872532-37019557-1001\...\MountPoints2: {e979ce09-b460-11ea-9574-88787362b2df} - "F:\_AUTORUN\AUTORUN.EXE"
HKU\S-1-5-21-3435942051-1505872532-37019557-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\PhotoScreensaver.scr [567808 2020-06-10] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\EPSON L210 Series 64MonitorBE: C:\windows\system32\E_YLMI2E.DLL [120320 2015-01-14] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\pdfcmon: C:\windows\system32\pdfcmon.dll [110264 2014-04-25] (pdfforge GmbH -> pdfforge GmbH)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00C7DD77-991C-4A12-8650-7ECD0C094AB4} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {11AC67F5-2381-4941-8D3B-C0401367165E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [662872 2020-04-30] (HP Inc. -> HP Inc.)
Task: {14529894-9F90-44E3-97AE-3CED8ED7D4DE} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3292984 2020-06-25] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {184C5C3F-E942-4259-95D6-B9789307CAA9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1505624 2020-05-20] (HP Inc. -> HP Inc.)
Task: {25BECBA9-DAAF-4F18-B462-3286824F91D9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1331792 2020-05-07] (Adobe Inc. -> Adobe Inc.)
Task: {2F162293-CEA7-4BC2-8D7F-B99B49B24EF7} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3810408 2020-07-30] (Avast Software s.r.o. -> AVAST Software)
Task: {44B94227-080D-4DD5-A947-B45E26276B4C} - System32\Tasks\HP\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\HP\HP CoolSense\CoolSense.exe [1356008 2016-01-21] (Hewlett-Packard Company -> HP Development Company, L.P.)
Task: {47F327BF-DFDD-4D80-9AC7-057155BF2382} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [24584376 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {4B338589-4CAD-4C78-AB7A-B257A7A0EB5E} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4CB9EA39-D28C-45A5-A5D3-56E5504D75B6} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_403_Plugin.exe [1475640 2020-07-15] (Adobe Inc. -> Adobe)
Task: {4EDBC80B-AF7B-45CA-AA09-05CA9D5CDCAB} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [123752 2020-07-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {51986363-1A3B-40B2-9144-8BD9E7681474} - System32\Tasks\HPJumpStartLaunch => C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe [459680 2017-07-28] (HP Inc. -> )
Task: {544BE2F7-7394-4287-9D37-999F41CA5D97} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-thymallus@centrum.cz => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {55C3DEA6-5A40-4FD7-BAF0-6D619FC34070} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [25128 2017-11-17] (HP Inc. -> )
Task: {58A7C418-778E-48CE-9247-DFA4C7C8928C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-09-23] (Google Inc -> Google Inc.)
Task: {61B8DFD0-6E5F-4B47-8183-8AD947FD14FB} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23815032 2020-07-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {62B45C08-6667-4E6D-8F92-75A079595488} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-05-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {67EBEC21-C51B-4015-AD70-7ABB59FDC71E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [135000 2020-06-22] (HP Inc. -> HP Inc.)
Task: {6932E311-94CB-49C8-9AE7-48DF24955BE8} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {6FCD9DB9-CCB7-4CBE-AA66-A5F5AAE36AEC} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software)
Task: {7C3ECDAC-B624-4EC4-8362-09BFDC5497E4} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8328DF7B-2222-43E3-B28F-204EE74CCED5} - System32\Tasks\Nvbackend_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
Task: {9EDB7EDF-3083-485F-A66E-9E35AE7E0998} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [320856 2020-04-23] (HP Inc. -> HP Inc.)
Task: {9EE07A7F-D442-428A-BF94-679FD15E2805} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [647656 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A467A2BF-0BCE-4B98-89B1-5747723A5975} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {AA91750B-FAA7-4F9E-B66F-EC87D84CDF4C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [662872 2020-04-30] (HP Inc. -> HP Inc.)
Task: {AAABE4CC-BBC3-4F93-97A0-0FB59A0F719A} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1657880 2016-10-04] (HP Inc. -> HP Inc.)
Task: {ACFE913A-6795-40AF-96D0-DAF4783EA2E3} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [123752 2020-07-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {B06B935C-5C86-4D5B-B9BE-E7CEC162B3D8} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {B7706326-3C4A-4D98-A22B-78FBAED560F7} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40432 2019-12-12] (Garmin International, Inc. -> )
Task: {BBDA1BDD-FC1D-48AB-B5A1-E41C7350F133} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BD7C22AB-4226-4602-A4EA-9603D66F617E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-09-23] (Google Inc -> Google Inc.)
Task: {C8B4931B-3A18-472B-84F3-797923EA1351} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1505624 2020-05-20] (HP Inc. -> HP Inc.)
Task: {C9A3ED70-C86D-4F74-965F-77AD226F642F} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-05-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CC899991-BA3D-4AB2-85AF-85F9861065F9} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D242C073-BDE5-4C03-A081-6D3F0E6152DD} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-07-15] (Adobe Inc. -> Adobe)
Task: {D85F8797-9DA6-42ED-8F0E-BE325B18D9E9} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23815032 2020-07-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {F0413AD3-FF8D-4026-9AA0-35457F4BE6D4} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [123600 2020-07-28] (Mozilla Corporation -> Mozilla Foundation)
Task: {F30E3CFC-CF58-4EDB-86FA-02321E671E82} - System32\Tasks\klcp_update => CodecTweakTool.exe
Task: {F6F06AD5-A4F2-4FED-ABFA-21A0A7BFF656} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {FF1BAE41-A282-4C08-B399-714C9CF04067} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{566ebe3f-c46e-4c6b-847c-54e80ebbeed4}: [DhcpNameServer] 88.81.92.1 88.81.64.1
Tcpip\..\Interfaces\{d681a49e-7d6e-444b-95e4-60c477ebfd5e}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-3435942051-1505872532-37019557-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
SearchScopes: HKLM -> {4299BE94-04EF-4492-9F88-25107EE7CE36} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {4299BE94-04EF-4492-9F88-25107EE7CE36} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-3435942051-1505872532-37019557-1001 -> {4299BE94-04EF-4492-9F88-25107EE7CE36} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: IEToEdge BHO -> {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} -> C:\Program Files (x86)\Microsoft\Edge\Application\84.0.522.52\BHO\ie_to_edge_bho_64.dll [2020-08-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-03-23] (Microsoft Corporation -> Microsoft Corporation)
BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2017-10-27] (HP Inc. -> HP Inc.)
BHO-x32: IEToEdge BHO -> {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} -> C:\Program Files (x86)\Microsoft\Edge\Application\84.0.522.52\BHO\ie_to_edge_bho.dll [2020-08-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-10-27] (HP Inc. -> HP Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-07-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-07-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-07-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-07-09] (Microsoft Corporation -> Microsoft Corporation)

Edge:
======
DownloadDir: C:\Users\thyma\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-3435942051-1505872532-37019557-1001 -> hxxp://www.seznam.cz/
Edge Notifications: HKU\S-1-5-21-3435942051-1505872532-37019557-1001 -> hxxps://www.kasafik.cz
Edge DefaultProfile: Default
Edge Profile: C:\Users\thyma\AppData\Local\Microsoft\Edge\User Data\Default [2020-07-31]
Edge DownloadDir: C:\Users\thyma\Downloads
Edge Notifications: Default -> hxxps://www.kasafik.cz
Edge HomePage: Default -> hxxp://www.seznam.cz/
Edge StartupUrls: Default -> "hxxp://seznam.cz/"

FireFox:
========
FF DefaultProfile: cwwa697j.default-1559214968621
FF ProfilePath: C:\Users\thyma\AppData\Roaming\TomTom\HOME\Profiles\og1e167d.default [2019-05-29]
FF Extension: (Map status indicator) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [2019-04-03] [Legacy] [not signed]
FF ProfilePath: C:\Users\thyma\AppData\Roaming\Mozilla\Firefox\Profiles\cwwa697j.default-1559214968621 [2020-08-03]
FF Homepage: Mozilla\Firefox\Profiles\cwwa697j.default-1559214968621 -> hxxps://www.seznam.cz/
FF Session Restore: Mozilla\Firefox\Profiles\cwwa697j.default-1559214968621 -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\cwwa697j.default-1559214968621 -> hxxps://www.kasafik.cz
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_403.dll [2020-07-15] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2020-07-17] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_403.dll [2020-07-15] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1235205.dll [2019-03-15] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-03-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-04] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2020-07-17] (Adobe Inc. -> Adobe Systems)
FF Plugin HKU\S-1-5-21-3435942051-1505872532-37019557-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\thyma\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-05-18] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-07-15] (Adobe Inc. -> Adobe)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [844856 2020-06-20] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3673680 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3406416 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7776160 2020-07-30] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [353696 2020-07-30] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [58048 2020-07-30] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [10574712 2020-07-02] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4701376 2020-06-22] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [135824 2011-12-12] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
S3 FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [1030600 2017-08-18] (Macrovision Corporation -> Macrovision Europe Ltd.) [File not signed]
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [905080 2019-12-19] (HP Inc. -> HP Inc.)
R2 HPJumpStartBridge; C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [471040 2017-07-28] (HP Inc. -> HP Inc.)
R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (Hewlett-Packard Company -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379224 2020-05-20] (HP Inc. -> HP Inc.)
R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-22] (HP Inc. -> HP Inc.)
R2 HPWMISVC; C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [628768 2017-07-13] (HP Inc. -> HP Inc.)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2016-03-23] (CyberLink Corp. -> CyberLink)
S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155520 2015-06-10] (Sony Mobile Communications AB -> Avanquest Software) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12758528 2019-12-16] (TeamViewer GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [2039336 2020-06-25] (Wacom Co., Ltd. -> Wacom Co. Ltd.)
R2 XperiaCompanionService; C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe [2548224 2019-09-05] (Sony) [File not signed]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37152 2020-07-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205888 2020-07-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [235592 2020-07-30] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [195656 2020-07-30] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [60488 2020-07-30] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16824 2020-07-24] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42776 2020-07-30] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [175200 2020-07-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [515544 2020-07-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [109280 2020-07-30] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84856 2020-07-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851608 2020-07-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [466752 2020-07-30] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [217336 2020-07-30] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [323792 2020-07-30] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-09-11] (Microsoft Corporation) [File not signed]
S3 silabenm; C:\WINDOWS\system32\DRIVERS\silabenm.sys [23552 2014-12-01] (Microsoft Windows Hardware Compatibility Publisher -> Silicon Laboratories)
S3 silabser; C:\WINDOWS\system32\DRIVERS\silabser.sys [79360 2014-12-01] (Microsoft Windows Hardware Compatibility Publisher -> Silicon Laboratories)
R0 sptd2; C:\WINDOWS\System32\Drivers\sptd2.sys [207344 2020-06-22] (Disc Soft Ltd -> Duplex Secure Ltd)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WacHidRouterPro; C:\WINDOWS\System32\drivers\wachidrouter.sys [125768 2020-06-25] (Microsoft Windows Hardware Compatibility Publisher -> Wacom Technology, Corp.)
S3 wacomrouterfilter; C:\WINDOWS\System32\drivers\wacomrouterfilter.sys [26440 2020-06-25] (Microsoft Windows Hardware Compatibility Publisher -> Wacom Technology, Corp.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP)
S3 iaStorA; System32\drivers\iaStorA.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-08-03 21:13 - 2020-08-03 21:13 - 000038541 _____ C:\Users\thyma\Desktop\FRST.txt
2020-08-03 21:11 - 2020-08-03 21:11 - 002295808 _____ (Farbar) C:\Users\thyma\Desktop\FRST64.exe
2020-08-03 13:13 - 2020-08-03 13:13 - 000000000 ____D C:\Users\thyma\Desktop\Červený trpaslík S08
2020-08-03 13:12 - 2020-08-03 13:12 - 000000000 ____D C:\Users\thyma\Desktop\Červený trpaslík S07
2020-08-03 13:12 - 2020-08-03 13:12 - 000000000 ____D C:\Users\thyma\Desktop\Červený trpaslík S06
2020-08-03 13:12 - 2020-08-03 13:12 - 000000000 ____D C:\Users\thyma\Desktop\Červený trpaslík S05
2020-08-03 13:12 - 2020-08-03 13:12 - 000000000 ____D C:\Users\thyma\Desktop\Červený trpaslík S04
2020-08-03 13:12 - 2020-08-03 13:12 - 000000000 ____D C:\Users\thyma\Desktop\Červený trpaslík S03
2020-08-03 13:12 - 2020-08-03 13:12 - 000000000 ____D C:\Users\thyma\Desktop\Červený trpaslík S02
2020-08-03 13:12 - 2020-08-03 13:12 - 000000000 ____D C:\Users\thyma\Desktop\Červený trpaslík S01
2020-08-03 13:11 - 2020-08-03 20:08 - 000000000 ____D C:\Users\thyma\Desktop\Červený trpaslík S13
2020-08-03 13:11 - 2020-08-03 19:50 - 000000000 ____D C:\Users\thyma\Desktop\Červený trpaslík S11
2020-08-03 13:11 - 2020-08-03 13:11 - 000000000 ____D C:\Users\thyma\Desktop\Červený trpaslík S12
2020-08-03 11:33 - 2020-08-03 13:11 - 000000000 ____D C:\Users\thyma\Desktop\Červený trpaslík S10
2020-08-03 08:35 - 2020-08-03 08:35 - 000000000 ____D C:\Users\thyma\Desktop\Červený trpaslík S09
2020-08-03 08:33 - 2020-08-03 08:37 - 000629935 _____ C:\Users\thyma\Desktop\Sammelbesteller_Antrag_Sk_2020-01_mR.pdf
2020-07-30 14:40 - 2020-07-30 14:40 - 000335968 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2020-07-30 14:40 - 2020-07-30 14:40 - 000217336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2020-07-30 14:40 - 2020-07-30 14:40 - 000175200 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2020-07-30 10:06 - 2020-07-30 10:06 - 000000000 ____D C:\Users\thyma\AppData\Roaming\WPersistent
2020-07-30 10:05 - 2020-07-30 10:05 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom Tablet
2020-07-28 20:51 - 2020-07-28 20:51 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-07-26 14:54 - 2019-11-18 09:43 - 370227585 _____ C:\Users\thyma\Desktop\Beauty retus oči.mp4
2020-07-24 20:00 - 2020-07-24 20:00 - 000001071 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2020.lnk
2020-07-24 19:45 - 2020-07-24 19:45 - 000001092 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2019.lnk
2020-07-15 21:24 - 2020-07-15 21:24 - 009585208 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2020-07-15 13:48 - 2020-07-15 13:48 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-07-15 13:48 - 2020-07-15 13:48 - 019812864 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-07-15 13:48 - 2020-07-15 13:48 - 007823912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2020-07-15 13:48 - 2020-07-15 13:48 - 007012864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-07-15 13:48 - 2020-07-15 13:48 - 006292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-07-15 13:48 - 2020-07-15 13:48 - 005099384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2020-07-15 13:48 - 2020-07-15 13:48 - 004129424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-07-15 13:48 - 2020-07-15 13:48 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-07-15 13:48 - 2020-07-15 13:48 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-07-15 13:48 - 2020-07-15 13:48 - 001346048 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2020-07-15 13:48 - 2020-07-15 13:48 - 001344512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2020-07-15 13:48 - 2020-07-15 13:48 - 001312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-07-15 13:48 - 2020-07-15 13:48 - 001307136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2020-07-15 13:48 - 2020-07-15 13:48 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-07-15 13:48 - 2020-07-15 13:48 - 000967680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2020-07-15 13:48 - 2020-07-15 13:48 - 000891392 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2020-07-15 13:48 - 2020-07-15 13:48 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2020-07-15 13:48 - 2020-07-15 13:48 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-07-15 13:48 - 2020-07-15 13:48 - 000521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2020-07-15 13:48 - 2020-07-15 13:48 - 000518456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftWebDriver.exe
2020-07-15 13:48 - 2020-07-15 13:48 - 000484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\MixedReality.Broker.dll
2020-07-15 13:48 - 2020-07-15 13:48 - 000467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2020-07-15 13:48 - 2020-07-15 13:48 - 000432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WalletService.dll
2020-07-15 13:48 - 2020-07-15 13:48 - 000394040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftWebDriver.exe
2020-07-15 13:48 - 2020-07-15 13:48 - 000355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2020-07-15 13:48 - 2020-07-15 13:48 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-07-15 13:48 - 2020-07-15 13:48 - 000352256 _____ (Microsoft Corporation) C:\WINDOWS\system32\APHostService.dll
2020-07-15 13:48 - 2020-07-15 13:48 - 000345560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2020-07-15 13:48 - 2020-07-15 13:48 - 000338944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2020-07-15 13:48 - 2020-07-15 13:48 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConsoleLogon.dll
2020-07-15 13:48 - 2020-07-15 13:48 - 000231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloShellRuntime.dll
2020-07-15 13:48 - 2020-07-15 13:48 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HoloShellRuntime.dll
2020-07-15 13:48 - 2020-07-15 13:48 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintWSDAHost.dll
2020-07-15 13:48 - 2020-07-15 13:48 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-07-15 13:48 - 2020-07-15 13:48 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-07-15 13:47 - 2020-07-15 13:48 - 018031104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 025902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 022641664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 019851776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 017792512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 014820352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 009931576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-07-15 13:47 - 2020-07-15 13:47 - 008015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 007917408 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 007850288 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 007297536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 007269376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 007268640 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 006523856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 006437376 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 006233080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 006169088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 006089512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 005946368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 005765648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 005111808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 004625192 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-07-15 13:47 - 2020-07-15 13:47 - 004565264 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-07-15 13:47 - 2020-07-15 13:47 - 004014592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 003974368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-07-15 13:47 - 2020-07-15 13:47 - 003800576 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 003748352 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 003743048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 003727360 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-07-15 13:47 - 2020-07-15 13:47 - 003712000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 003084800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 002799104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-07-15 13:47 - 2020-07-15 13:47 - 002768984 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 002737664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-07-15 13:47 - 2020-07-15 13:47 - 002576896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 002552120 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 002505496 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 002467840 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 002448712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 002357248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 002285056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 002264064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 002237096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 002161664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 002087168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 002074112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 002060288 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001991592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001952880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001946144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001918464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001885184 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001877504 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001827328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001821696 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001787392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001764336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001745728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001737728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001723392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001665728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001658368 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001656904 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001655472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001654304 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001640448 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001612800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001604608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001581568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001550336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001540608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001512960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001500160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001495040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001486848 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-07-15 13:47 - 2020-07-15 13:47 - 001484384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001477632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001463808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001420328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001397568 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-07-15 13:47 - 2020-07-15 13:47 - 001392128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001385696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001374208 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001357824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001337856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001335296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001306944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001290192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001284608 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001284608 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001271296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrSvc.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001265152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001223168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001195008 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001183744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001159168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001151304 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputHost.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-07-15 13:47 - 2020-07-15 13:47 - 001125376 _____ (Microsoft Corporation) C:\WINDOWS\system32\CBDHSvc.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001100800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001086776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001081344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-07-15 13:47 - 2020-07-15 13:47 - 001068544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001059840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001055232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001048992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001028336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Perception.Stub.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001014784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001009152 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001008960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 001007616 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000995840 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000958608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000950272 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000945176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000931840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000919880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000913408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000904192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000898048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000895600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000892928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000889416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000882184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000882176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000875008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000867840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000848384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000844096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000827904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000822200 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-07-15 13:47 - 2020-07-15 13:47 - 000821232 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.applicationmodel.datatransfer.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000814080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000797448 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000793320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputHost.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000783488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-07-15 13:47 - 2020-07-15 13:47 - 000782848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000779080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000778872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000750592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000750080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000742712 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000737792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntime.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000722072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000717824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntimewindows.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000695208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000692224 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockController.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000685384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000684864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000678720 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000673448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-07-15 13:47 - 2020-07-15 13:47 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000656696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2020-07-15 13:47 - 2020-07-15 13:47 - 000653824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000639488 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000628416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000628024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000614912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000614912 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000608256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000605896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000600064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000594992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000582056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.applicationmodel.datatransfer.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-07-15 13:47 - 2020-07-15 13:47 - 000549048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000542288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000538664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000524784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000522240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000518656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000518464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2020-07-15 13:47 - 2020-07-15 13:47 - 000513024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000513024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Activities.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000502784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000501760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000495616 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000478296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountWAMExtension.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000475136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000467960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000461112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000458240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000453944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2020-07-15 13:47 - 2020-07-15 13:47 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000442368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000442096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountExtension.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000419328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.NetworkOperators.ESim.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000411640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000411136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000410112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.Phone.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000406992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000406992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000405944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000399672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DataModel.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000397824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000392504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000387584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000382976 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000381152 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialEnrollmentManager.exe
2020-07-15 13:47 - 2020-07-15 13:47 - 000380224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PickerPlatform.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnclient.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000354816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000340328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000335360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountWAMExtension.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Cortana.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.internal.shellcommon.shareexperience.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-07-15 13:47 - 2020-07-15 13:47 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000311608 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000311440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000295936 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CXHProvisioningServer.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnclient.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Diagnostics.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000290304 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000287744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Preview.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000283648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.NetworkOperators.ESim.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PickerPlatform.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000268552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000266552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SystemSettings.DataModel.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2020-07-15 13:47 - 2020-07-15 13:47 - 000260288 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\PasswordEnrollmentManager.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000247864 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000239928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Workplace.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.CapturePicker.Desktop.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2020-07-15 13:47 - 2020-07-15 13:47 - 000220992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-07-15 13:47 - 2020-07-15 13:47 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MtcModel.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2020-07-15 13:47 - 2020-07-15 13:47 - 000217600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeopleBand.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagSvc.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\useractivitybroker.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000204608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2020-07-15 13:47 - 2020-07-15 13:47 - 000200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Internal.Input.ExpressiveInput.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000199496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-07-15 13:47 - 2020-07-15 13:47 - 000196096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AarSvc.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000193600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000190056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000188928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000188928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2020-07-15 13:47 - 2020-07-15 13:47 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdigest.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Clipboard.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-07-15 13:47 - 2020-07-15 13:47 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintWorkflowService.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppExtension.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Graphics.Display.DisplayEnhancementManagement.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000176952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Management.Workplace.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.CapturePicker.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000165840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2020-07-15 13:47 - 2020-07-15 13:47 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2020-07-15 13:47 - 2020-07-15 13:47 - 000162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintWSDAHost.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\useractivitybroker.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWSD.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000150336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2020-07-15 13:47 - 2020-07-15 13:47 - 000147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000146232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResourcePolicyServer.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintWorkflowService.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Energy.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Graphics.Display.DisplayEnhancementManagement.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppExtension.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000132408 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairingExperienceMEM.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredDialogBroker.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\CameraCaptureUI.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CaptureService.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWSD.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\EaseOfAccessDialog.exe
2020-07-15 13:47 - 2020-07-15 13:47 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000110040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.CredentialPicker.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\sethc.exe
2020-07-15 13:47 - 2020-07-15 13:47 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Authentication.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticInvoker.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CameraCaptureUI.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EaseOfAccessDialog.exe
2020-07-15 13:47 - 2020-07-15 13:47 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2020-07-15 13:47 - 2020-07-15 13:47 - 000091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Graphics.Display.DisplayColorManagement.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\keyiso.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000089328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-07-15 13:47 - 2020-07-15 13:47 - 000086272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Credentials.UI.CredentialPicker.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemUWPLauncher.exe
2020-07-15 13:47 - 2020-07-15 13:47 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Print.Workflow.Source.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sethc.exe
2020-07-15 13:47 - 2020-07-15 13:47 - 000076952 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialEnrollmentManagerForUser.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DiagnosticInvoker.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiverExt.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000070248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResourcePolicyClient.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\keyiso.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Graphics.Display.DisplayColorManagement.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SystemUWPLauncher.exe
2020-07-15 13:47 - 2020-07-15 13:47 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Print.Workflow.Source.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstUI.exe
2020-07-15 13:47 - 2020-07-15 13:47 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiverExt.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000052152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ResourcePolicyClient.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2020-07-15 13:47 - 2020-07-15 13:47 - 000040248 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkPS.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIMgrBroker.exe
2020-07-15 13:47 - 2020-07-15 13:47 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
2020-07-15 13:47 - 2020-07-15 13:47 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerClient.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintWorkflowProxy.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CSystemEventsBrokerClient.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SystemEventsBrokerClient.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintWorkflowProxy.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.Native.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIManagerBrokerps.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.Native.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2020-07-15 13:47 - 2020-07-15 13:47 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-07-15 13:47 - 2020-07-15 13:47 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-07-15 13:47 - 2020-07-15 13:47 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-07-15 13:47 - 2020-07-15 13:47 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-07-15 13:47 - 2020-07-15 13:47 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-07-15 13:47 - 2020-07-15 13:47 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-07-15 13:47 - 2020-07-15 13:47 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-07-15 13:47 - 2020-07-15 13:47 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-07-15 13:47 - 2020-07-15 13:47 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-07-15 13:47 - 2020-07-15 13:47 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-07-15 13:47 - 2020-07-15 13:47 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-07-15 13:47 - 2020-07-15 13:47 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-07-15 13:42 - 2020-06-30 06:32 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-07-15 13:42 - 2020-06-30 06:26 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-07-10 20:36 - 2020-07-07 18:31 - 001780952 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-07-10 20:36 - 2020-07-07 18:31 - 001780952 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-07-10 20:36 - 2020-07-07 18:31 - 001371352 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-07-10 20:36 - 2020-07-07 18:31 - 001371352 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-07-10 20:36 - 2020-07-07 18:31 - 001086680 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-07-10 20:36 - 2020-07-07 18:31 - 001086680 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-07-10 20:36 - 2020-07-07 18:31 - 000946392 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-07-10 20:36 - 2020-07-07 18:31 - 000946392 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-07-10 20:36 - 2020-07-07 18:30 - 000456600 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-07-10 20:36 - 2020-07-07 18:30 - 000349936 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-07-10 20:36 - 2020-07-07 18:29 - 001569680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2020-07-10 20:36 - 2020-07-07 18:29 - 001486744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2020-07-10 20:36 - 2020-07-07 18:29 - 001146264 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2020-07-10 20:36 - 2020-07-07 18:29 - 000816368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2020-07-10 20:36 - 2020-07-07 18:29 - 000812432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-07-10 20:36 - 2020-07-07 18:29 - 000674032 _____ C:\WINDOWS\system32\nvofapi64.dll
2020-07-10 20:36 - 2020-07-07 18:29 - 000670616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2020-07-10 20:36 - 2020-07-07 18:29 - 000655592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2020-07-10 20:36 - 2020-07-07 18:29 - 000555928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2020-07-10 20:36 - 2020-07-07 18:29 - 000541936 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2020-07-10 20:36 - 2020-07-07 18:28 - 006652816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2020-07-10 20:36 - 2020-07-07 18:28 - 005883280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2020-07-10 20:36 - 2020-07-07 18:28 - 003901672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2020-07-10 20:36 - 2020-07-07 18:28 - 002367720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2020-07-10 20:36 - 2020-07-07 18:28 - 001722088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6445167.dll
2020-07-10 20:36 - 2020-07-07 18:28 - 001482976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6445167.dll
2020-07-10 20:36 - 2020-07-07 18:26 - 004716168 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2020-07-10 20:08 - 2020-03-04 14:54 - 000050592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\NvModuleTracker.sys
2020-07-06 17:48 - 2020-07-07 20:41 - 000000000 ____D C:\Users\thyma\Desktop\01 vodojem

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-08-03 21:13 - 2018-11-24 15:47 - 000000000 ____D C:\FRST
2020-08-03 21:09 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-08-03 20:52 - 2017-08-18 11:25 - 000000000 ____D C:\Users\thyma\AppData\Local\CrashDumps
2020-08-03 19:07 - 2019-08-02 22:21 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-08-03 18:24 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-08-03 15:09 - 2020-06-10 10:41 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-08-03 15:09 - 2020-06-10 10:41 - 000003286 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-08-03 15:09 - 2020-01-19 21:14 - 000003488 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
2020-08-03 15:09 - 2019-12-31 20:39 - 000002702 _____ C:\WINDOWS\system32\Tasks\GarminUpdaterTask
2020-08-03 15:09 - 2019-10-04 08:30 - 000002612 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2020-08-03 15:09 - 2019-08-02 22:29 - 000003814 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-08-03 15:09 - 2019-08-02 22:29 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-08-03 15:09 - 2019-08-02 22:29 - 000003402 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-08-03 15:09 - 2019-08-02 22:29 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-08-03 15:09 - 2019-08-02 22:29 - 000003196 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-08-03 15:09 - 2019-08-02 22:29 - 000003178 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-08-03 15:09 - 2019-08-02 22:29 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-08-03 15:09 - 2019-08-02 22:29 - 000003030 _____ C:\WINDOWS\system32\Tasks\klcp_update
2020-08-03 15:09 - 2019-08-02 22:29 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-08-03 15:09 - 2019-08-02 22:29 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-08-03 15:09 - 2019-08-02 22:29 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-08-03 15:09 - 2019-08-02 22:29 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-08-03 15:09 - 2019-08-02 22:29 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-08-03 15:09 - 2019-08-02 22:29 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-08-03 15:09 - 2019-08-02 22:29 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-08-03 15:09 - 2019-08-02 22:29 - 000002856 _____ C:\WINDOWS\system32\Tasks\HPJumpStartLaunch
2020-08-03 15:09 - 2019-08-02 22:29 - 000002854 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3435942051-1505872532-37019557-1001
2020-08-03 15:09 - 2019-08-02 22:29 - 000002802 _____ C:\WINDOWS\system32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-thymallus@centrum.cz
2020-08-03 15:09 - 2019-08-02 22:29 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-08-03 15:09 - 2019-08-02 22:29 - 000002586 _____ C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask
2020-08-03 15:09 - 2019-08-02 22:29 - 000002562 _____ C:\WINDOWS\system32\Tasks\Nvbackend_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-08-03 15:09 - 2019-08-02 22:29 - 000002498 _____ C:\WINDOWS\system32\Tasks\HPEA3JOBS
2020-08-03 15:09 - 2019-08-02 22:29 - 000002488 _____ C:\WINDOWS\system32\Tasks\HPAudioSwitch
2020-08-03 15:09 - 2019-08-02 22:29 - 000002216 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-08-03 15:09 - 2019-08-02 22:29 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2020-08-03 12:25 - 2017-09-23 21:07 - 000000000 ____D C:\ProgramData\NVIDIA
2020-08-02 16:52 - 2017-08-17 08:53 - 000000000 ____D C:\Users\thyma\AppData\Local\VirtualStore
2020-08-02 15:56 - 2017-08-20 10:00 - 000000000 ____D C:\Users\thyma\AppData\Roaming\WTablet
2020-08-02 15:55 - 2020-06-10 10:41 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-08-02 15:55 - 2017-08-21 11:00 - 000000000 ___RD C:\Users\thyma\Creative Cloud Files
2020-08-02 15:54 - 2017-08-17 16:00 - 000000000 ____D C:\Users\thyma\AppData\LocalLow\Mozilla
2020-08-02 15:54 - 2017-08-17 08:55 - 000000000 ___RD C:\Users\thyma\OneDrive
2020-08-02 15:54 - 2017-08-17 08:53 - 000000000 __SHD C:\Users\thyma\IntelGraphicsProfiles
2020-08-01 09:33 - 2020-01-07 14:54 - 000038577 _____ C:\Users\thyma\Desktop\Výkaz cest.xlsx
2020-07-31 19:17 - 2020-03-30 12:46 - 000583554 _____ C:\Users\thyma\Desktop\INVENTURA 2020.xlsx
2020-07-31 18:45 - 2017-08-17 09:19 - 000000000 ____D C:\ProgramData\AVAST Software
2020-07-31 14:03 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2020-07-31 13:59 - 2019-08-02 22:27 - 001843996 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-07-31 13:59 - 2019-03-19 13:55 - 000753718 _____ C:\WINDOWS\system32\perfh005.dat
2020-07-31 13:59 - 2019-03-19 13:55 - 000163142 _____ C:\WINDOWS\system32\perfc005.dat
2020-07-31 13:52 - 2019-12-29 10:07 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-07-31 13:52 - 2019-08-02 22:29 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-07-31 13:52 - 2019-03-19 06:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-07-31 13:39 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-07-31 13:38 - 2017-09-14 08:17 - 000000000 ____D C:\Users\thyma\AppData\Local\ElevatedDiagnostics
2020-07-31 07:28 - 2020-03-30 12:29 - 003027456 _____ C:\Users\thyma\Desktop\F lite 2020+.xlsx
2020-07-30 14:40 - 2020-04-02 07:30 - 000515544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2020-07-30 14:40 - 2019-08-02 22:29 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-07-30 14:40 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-07-30 14:40 - 2019-01-14 18:47 - 000235592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2020-07-30 14:40 - 2019-01-06 08:31 - 000195656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2020-07-30 14:40 - 2019-01-06 08:31 - 000060488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2020-07-30 14:40 - 2019-01-06 08:31 - 000037152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2020-07-30 14:40 - 2018-10-13 09:35 - 000042776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2020-07-30 14:40 - 2018-01-21 17:15 - 000851608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2020-07-30 14:40 - 2018-01-21 17:15 - 000466752 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2020-07-30 14:40 - 2018-01-21 17:15 - 000323792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2020-07-30 14:40 - 2018-01-21 17:15 - 000205888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2020-07-30 14:40 - 2018-01-21 17:15 - 000109280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2020-07-30 14:40 - 2018-01-21 17:15 - 000084856 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2020-07-30 10:05 - 2020-04-10 11:54 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-07-30 10:05 - 2017-08-20 10:00 - 000000000 ____D C:\Program Files\Tablet
2020-07-30 10:05 - 2017-08-17 15:59 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-07-30 10:04 - 2017-08-21 10:53 - 000000000 ____D C:\Program Files\Adobe
2020-07-29 21:45 - 2018-06-24 16:15 - 000000000 ____D C:\Users\thyma\AppData\Local\AVAST Software
2020-07-28 20:51 - 2020-01-07 14:54 - 000000000 ____D C:\Users\thyma\Desktop\2019-10-07 reklamace stan
2020-07-28 20:51 - 2017-08-17 15:59 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-07-28 14:07 - 2018-01-21 18:06 - 000000000 ____D C:\Users\thyma\AppData\Local\Packages
2020-07-28 10:52 - 2020-04-03 11:44 - 000041984 _____ C:\Users\thyma\Desktop\Hesla.xlsx
2020-07-27 20:48 - 2018-06-21 19:34 - 000001480 _____ C:\Users\thyma\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2020-07-27 10:34 - 2020-04-27 09:02 - 000001371 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2020-07-27 10:34 - 2017-08-21 11:04 - 000000000 ____D C:\Program Files\Common Files\Adobe
2020-07-27 10:34 - 2017-08-18 08:39 - 000000000 ____D C:\Program Files (x86)\Adobe
2020-07-26 14:53 - 2017-08-18 13:04 - 000000000 ____D C:\Users\thyma\AppData\Roaming\BSplayer
2020-07-24 22:59 - 2017-08-17 08:56 - 000000000 ____D C:\Users\thyma\AppData\Roaming\Skype
2020-07-24 22:52 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-07-24 19:56 - 2020-01-07 14:54 - 000000000 ____D C:\Users\thyma\Desktop\Beskydskýpivovárek
2020-07-24 19:45 - 2017-08-17 08:53 - 000000000 ____D C:\Users\thyma\AppData\Roaming\Adobe
2020-07-24 19:36 - 2019-08-02 22:24 - 000002412 _____ C:\Users\thyma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-07-24 19:34 - 2018-06-22 21:08 - 000016824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2020-07-16 17:50 - 2017-08-20 10:31 - 000000000 ____D C:\ProgramData\tmp
2020-07-15 21:27 - 2016-11-24 04:04 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-07-15 21:25 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-07-15 21:25 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-07-15 13:53 - 2017-11-22 16:44 - 000000000 ___RD C:\Users\thyma\3D Objects
2020-07-15 13:53 - 2016-07-29 14:33 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-07-15 13:52 - 2019-08-02 22:21 - 000661824 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-07-15 13:51 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-07-15 13:51 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-07-15 13:51 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-07-15 13:51 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-07-15 13:51 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-07-15 13:51 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files\Common Files\System
2020-07-15 13:49 - 2017-04-11 16:31 - 000000000 ____D C:\WINDOWS\HP
2020-07-13 15:19 - 2017-08-17 08:55 - 000000000 ____D C:\Users\thyma\AppData\Local\NVIDIA
2020-07-10 20:09 - 2017-09-23 21:07 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2020-07-10 20:08 - 2017-09-23 21:07 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2020-07-10 20:08 - 2017-09-23 21:07 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2020-07-09 14:05 - 2017-08-18 08:39 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-07-07 18:29 - 2019-07-23 19:28 - 024682392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2020-07-07 18:29 - 2019-07-23 19:28 - 002076560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2020-07-07 18:27 - 2019-07-23 19:28 - 005399808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2020-07-06 07:33 - 2020-04-27 08:12 - 000000000 ___HD C:\temp
2020-07-06 01:26 - 2019-07-23 19:28 - 000058532 _____ C:\WINDOWS\system32\nvinfo.pb
2020-07-05 21:12 - 2017-09-23 21:07 - 005492712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2020-07-05 21:12 - 2017-09-23 21:07 - 002633528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2020-07-05 21:12 - 2017-09-23 21:07 - 001760232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2020-07-05 21:12 - 2017-09-23 21:07 - 000991032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2020-07-05 21:12 - 2017-09-23 21:07 - 000195560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2020-07-05 21:12 - 2017-09-23 21:07 - 000121144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2020-07-05 21:12 - 2017-09-23 21:07 - 000084456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll

==================== Files in the root of some directories ========

2018-06-21 19:34 - 2020-07-27 20:48 - 000001480 _____ () C:\Users\thyma\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2018-09-30 18:09 - 2018-09-30 18:09 - 000000000 _____ () C:\Users\thyma\AppData\Local\oobelibMkey.log
2017-08-18 07:36 - 2017-08-22 10:05 - 000013030 _____ () C:\Users\thyma\AppData\Local\PDOXUSRS.NET
2019-10-30 10:08 - 2019-10-30 10:08 - 000007602 _____ () C:\Users\thyma\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Re: Prostě preventivka :-)

Napsal: 04 srp 2020 17:05
od Conder
Ahoj :)

:arrow: Co sa tyka automatickeho prehravania, ak to chces mat zapnute, skus skontrolovat Nastavenia -> Zariadenia -> Automaticke prehravanie.

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Spustit skenovani a pockaj na dokoncenie
  • V pripade nalezov nechaj vsetky nalezy oznacene a klikni na Karantena (ak nie su ziadne nalezy, tak na Spustit zakladni opravu)
  • V pripade, ze sa detekuje aj "predinstalovany software", tieto programy mozes, ale nemusis zmazat (toto nie su skodlive programy, ale iba zbytocnosti)
  • Potvrd vyzvu, pockaj na dokoncenie a potvrd restartovanie PC
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah skopiruj a vloz do dalsej odpovede

Re: Prostě preventivka :-)

Napsal: 04 srp 2020 17:53
od gomik
automatické přehrávání mám právěže zaplé a nefunguje kromě mobilu u ničeho...
jako už jsem si zvykl, ale vadí mi, že nevím proč to nefunguje :-)


Tady je LOG:

# -------------------------------
# Malwarebytes AdwCleaner 8.0.7.0
# -------------------------------
# Build: 07-22-2020
# Database: 2020-07-20.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 08-04-2020
# Duration: 00:00:01
# OS: Windows 10 Home
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\Application Data\Lavasoft\Web Companion

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1898 octets] - [24/11/2018 11:22:45]
AdwCleaner[C00].txt - [1934 octets] - [24/11/2018 11:24:09]
AdwCleaner[S01].txt - [6567 octets] - [04/08/2020 18:47:37]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

Re: Prostě preventivka :-)

Napsal: 06 srp 2020 03:45
od Conder
Poprosim o obidva nove logy z FRST, a tiez o screenshot tych nastaveni autoplay.

Re: Prostě preventivka :-)

Napsal: 06 srp 2020 06:26
od gomik
vše v příloze :-)

Re: Prostě preventivka :-)

Napsal: 08 srp 2020 03:56
od Conder
:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum

ExportKey: HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
ExportKey: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
ExportKey: HKLM\System\CurrentControlSet\Services\ShellHWDetection
CMD: sc query ShellHWDetection
PowerShell: Get-Service ShellHWDetection | Select-Object *

File: C:\Program Files (x86)\Standard Mouse Driver\Monitor.EXE
File: C:\Program Files (x86)\Webteh\BSPlayer\bsplayer.exe
File: C:\Program Files (x86)\OKsoftware\Svátky a výročí\Vyroci.exe
ExportKey: HKLM\SOFTWARE\Policies\Mozilla\Firefox
ExportKey: HKLM\SOFTWARE\Policies\Google
CMD: type "C:\Windows\System32\Tasks\klcp_update"
ExportKey: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F30E3CFC-CF58-4EDB-86FA-02321E671E82}
ExportKey: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\klcp_update
CMD: dir /a "C:\ProgramData\tmp"

HKU\S-1-5-21-3435942051-1505872532-37019557-1001\...\MountPoints2: {2e3ff17d-bf4b-11ea-957b-88787362b2df} - "F:\_AUTORUN\AUTORUN.EXE" 
HKU\S-1-5-21-3435942051-1505872532-37019557-1001\...\MountPoints2: {6156ddba-cdf0-11ea-9581-88787362b2df} - "F:\_AUTORUN\AUTORUN.EXE" 
HKU\S-1-5-21-3435942051-1505872532-37019557-1001\...\MountPoints2: {6b37557a-c2ea-11ea-957e-88787362b2df} - "F:\_AUTORUN\AUTORUN.EXE" 
HKU\S-1-5-21-3435942051-1505872532-37019557-1001\...\MountPoints2: {9080f9dc-c691-11ea-9580-88787362b2df} - "F:\_AUTORUN\AUTORUN.EXE" 
HKU\S-1-5-21-3435942051-1505872532-37019557-1001\...\MountPoints2: {a38a58cd-c12a-11ea-957c-88787362b2df} - "F:\_AUTORUN\AUTORUN.EXE" 
HKU\S-1-5-21-3435942051-1505872532-37019557-1001\...\MountPoints2: {aa03c2e6-b6cd-11ea-957a-88787362b2df} - "F:\_AUTORUN\AUTORUN.EXE" 
HKU\S-1-5-21-3435942051-1505872532-37019557-1001\...\MountPoints2: {baff0293-b466-11ea-9575-88787362b2df} - "F:\_AUTORUN\AUTORUN.EXE" 
HKU\S-1-5-21-3435942051-1505872532-37019557-1001\...\MountPoints2: {baff0e63-b466-11ea-9575-88787362b2df} - "F:\_AUTORUN\AUTORUN.EXE" 
HKU\S-1-5-21-3435942051-1505872532-37019557-1001\...\MountPoints2: {e1bd672c-b6ca-11ea-9579-88787362b2df} - "F:\_AUTORUN\AUTORUN.EXE" 
HKU\S-1-5-21-3435942051-1505872532-37019557-1001\...\MountPoints2: {e979ce09-b460-11ea-9574-88787362b2df} - "F:\_AUTORUN\AUTORUN.EXE" 
Task: {F30E3CFC-CF58-4EDB-86FA-02321E671E82} - System32\Tasks\klcp_update => CodecTweakTool.exe
BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
S3 iaStorA; System32\drivers\iaStorA.sys [X]
2020-07-16 17:50 - 2017-08-20 10:31 - 000000000 ____D C:\ProgramData\tmp
2018-09-30 18:09 - 2018-09-30 18:09 - 000000000 _____ () C:\Users\thyma\AppData\Local\oobelibMkey.log
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File

Hosts:
EmptyTemp:
End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

Re: Prostě preventivka :-)

Napsal: 08 srp 2020 08:24
od gomik
tady to je:

Fix result of Farbar Recovery Scan Tool (x64) Version: 05-08-2020
Ran by thyma (08-08-2020 09:17:38) Run:3
Running from C:\Users\thyma\Desktop
Loaded Profiles: thyma
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum

ExportKey: HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
ExportKey: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
ExportKey: HKLM\System\CurrentControlSet\Services\ShellHWDetection
CMD: sc query ShellHWDetection
PowerShell: Get-Service ShellHWDetection | Select-Object *

File: C:\Program Files (x86)\Standard Mouse Driver\Monitor.EXE
File: C:\Program Files (x86)\Webteh\BSPlayer\bsplayer.exe
File: C:\Program Files (x86)\OKsoftware\Svátky a výročí\Vyroci.exe
ExportKey: HKLM\SOFTWARE\Policies\Mozilla\Firefox
ExportKey: HKLM\SOFTWARE\Policies\Google
CMD: type "C:\Windows\System32\Tasks\klcp_update"
ExportKey: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F30E3CFC-CF58-4EDB-86FA-02321E671E82}
ExportKey: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\klcp_update
CMD: dir /a "C:\ProgramData\tmp"

HKU\S-1-5-21-3435942051-1505872532-37019557-1001\...\MountPoints2: {2e3ff17d-bf4b-11ea-957b-88787362b2df} - "F:\_AUTORUN\AUTORUN.EXE"
HKU\S-1-5-21-3435942051-1505872532-37019557-1001\...\MountPoints2: {6156ddba-cdf0-11ea-9581-88787362b2df} - "F:\_AUTORUN\AUTORUN.EXE"
HKU\S-1-5-21-3435942051-1505872532-37019557-1001\...\MountPoints2: {6b37557a-c2ea-11ea-957e-88787362b2df} - "F:\_AUTORUN\AUTORUN.EXE"
HKU\S-1-5-21-3435942051-1505872532-37019557-1001\...\MountPoints2: {9080f9dc-c691-11ea-9580-88787362b2df} - "F:\_AUTORUN\AUTORUN.EXE"
HKU\S-1-5-21-3435942051-1505872532-37019557-1001\...\MountPoints2: {a38a58cd-c12a-11ea-957c-88787362b2df} - "F:\_AUTORUN\AUTORUN.EXE"
HKU\S-1-5-21-3435942051-1505872532-37019557-1001\...\MountPoints2: {aa03c2e6-b6cd-11ea-957a-88787362b2df} - "F:\_AUTORUN\AUTORUN.EXE"
HKU\S-1-5-21-3435942051-1505872532-37019557-1001\...\MountPoints2: {baff0293-b466-11ea-9575-88787362b2df} - "F:\_AUTORUN\AUTORUN.EXE"
HKU\S-1-5-21-3435942051-1505872532-37019557-1001\...\MountPoints2: {baff0e63-b466-11ea-9575-88787362b2df} - "F:\_AUTORUN\AUTORUN.EXE"
HKU\S-1-5-21-3435942051-1505872532-37019557-1001\...\MountPoints2: {e1bd672c-b6ca-11ea-9579-88787362b2df} - "F:\_AUTORUN\AUTORUN.EXE"
HKU\S-1-5-21-3435942051-1505872532-37019557-1001\...\MountPoints2: {e979ce09-b460-11ea-9574-88787362b2df} - "F:\_AUTORUN\AUTORUN.EXE"
Task: {F30E3CFC-CF58-4EDB-86FA-02321E671E82} - System32\Tasks\klcp_update => CodecTweakTool.exe
BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
S3 iaStorA; System32\drivers\iaStorA.sys [X]
2020-07-16 17:50 - 2017-08-20 10:31 - 000000000 ____D C:\ProgramData\tmp
2018-09-30 18:09 - 2018-09-30 18:09 - 000000000 _____ () C:\Users\thyma\AppData\Local\oobelibMkey.log
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 1046
Average :
Sum : 13866226913
Maximum :
Minimum :
Property : Length




========= End of Powershell: =========

================== ExportKey: ===================

[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"ForceActiveDesktopOn"="0"
"NoActiveDesktop"="1"
"NoActiveDesktopChanges"="1"
"NoRecentDocsHistory"="0"

=== End of ExportKey ===
================== ExportKey: ===================

[HKU\S-1-5-21-3435942051-1505872532-37019557-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoDriveTypeAutoRun"="255"

=== End of ExportKey ===
================== ExportKey: ===================

[HKLM\System\CurrentControlSet\Services\ShellHWDetection]
"DependOnService"="RpcSs"
"Description"="@%SystemRoot%\System32\shsvcs.dll,-12289"
"DisplayName"="@%SystemRoot%\System32\shsvcs.dll,-12288"
"ErrorControl"="0"
"FailureActions"="80510100000000000000000003000000140000000100000060ea00000100000060ea00000000000000000000"
"Group"="ShellSvcGroup"
"ImagePath"="%SystemRoot%\System32\svchost.exe -k netsvcs -p"
"ObjectName"="LocalSystem"
"RequiredPrivileges"="SeImpersonatePrivilege*SeSystemEnvironmentPrivilege"
"ServiceSidType"="1"
"Start"="2"
"Type"="32"
[HKLM\System\CurrentControlSet\Services\ShellHWDetection\Parameters]
"ServiceDll"="%SystemRoot%\System32\shsvcs.dll"
"ServiceDllUnloadOnStop"="1"
"ServiceMain"="HardwareDetectionServiceMain"

=== End of ExportKey ===

========= sc query ShellHWDetection =========


SERVICE_NAME: ShellHWDetection
TYPE : 30 WIN32
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

========= End of CMD: =========


========= Get-Service ShellHWDetection | Select-Object * =========



Name : ShellHWDetection
RequiredServices : {RpcSs}
CanPauseAndContinue : False
CanShutdown : False
CanStop : True
DisplayName : Rozpoznávání hardwaru
DependentServices : {}
MachineName : .
ServiceName : ShellHWDetection
ServicesDependedOn : {RpcSs}
ServiceHandle : SafeServiceHandle
Status : Running
ServiceType : Win32OwnProcess, Win32ShareProcess
StartType : Automatic
Site :
Container :




========= End of Powershell: =========


========================= File: C:\Program Files (x86)\Standard Mouse Driver\Monitor.EXE ========================

C:\Program Files (x86)\Standard Mouse Driver\Monitor.EXE
File not signed
MD5: D552DA5AFAF2AD47F950E3C2CB987E57
Creation and modification date: 2017-08-20 09:46 - 2013-03-05 17:14
Size: 000147456
Attributes: ----A
Company Name:
Internal Name: Monitor
Original Name: Monitor.exe
Product: Mouse Driver Application
Description: Monitor Application
File Version: 1, 0, 0, 0
Product Version: 1, 0, 0, 0
Copyright: Copyright (C) 2011
VirusTotal: https://www.virustotal.com/gui/file/756 ... 1588646145

====== End of File: ======


========================= File: C:\Program Files (x86)\Webteh\BSPlayer\bsplayer.exe ========================

C:\Program Files (x86)\Webteh\BSPlayer\bsplayer.exe
File not signed
MD5: CF55ACD914CF5BA63DB041E7CAF21B46
Creation and modification date: 2017-12-16 11:18 - 2017-12-16 11:18
Size: 002044928
Attributes: ----A
Company Name: AB Team
Internal Name: bsplayer
Original Name: bsplay.exe
Product: BSPlayer v2.72
Description: BS.Player
File Version: 2.7.2.1082
Product Version: 2.7.2.0
Copyright: (C) 2000-2017 AB Team
VirusTotal: https://www.virustotal.com/gui/file/ebb ... 1572730813

====== End of File: ======


========================= File: C:\Program Files (x86)\OKsoftware\Svátky a výročí\Vyroci.exe ========================

C:\Program Files (x86)\OKsoftware\Svátky a výročí\Vyroci.exe
File not signed
MD5: FAA5DD2832C7C24C1FEF9814D88058D1
Creation and modification date: 2003-03-28 21:48 - 2003-03-28 21:48
Size: 000881664
Attributes: ----A
Company Name: Igor Gottwald - OKsoftware
Internal Name: Vyroci
Original Name: Vyroci.exe
Product: Svátky a výročí
Description: Svátky a výročí
File Version: 2.2003.109.66
Product Version: 2003
Copyright: ©1999-2003 Igor Gottwald - OKsoftware
VirusTotal: https://www.virustotal.com/gui/file/ac6 ... 1426063155

====== End of File: ======

================== ExportKey: ===================

[HKLM\SOFTWARE\Policies\Mozilla\Firefox]
[HKLM\SOFTWARE\Policies\Mozilla\Firefox\Certificates]
"ImportEnterpriseRoots"="1"

=== End of ExportKey ===
================== ExportKey: ===================

[HKLM\SOFTWARE\Policies\Google]
[HKLM\SOFTWARE\Policies\Google\Chrome]

=== End of ExportKey ===

========= type "C:\Windows\System32\Tasks\klcp_update" =========

<?xml version="1.0" encoding="UTF-16"?>
<Task version="1.2" xmlns="http://schemas.microsoft.com/windows/2004/02/mit/task">
<RegistrationInfo>
<Date>2019-02-03T10:37:00</Date>
<URI>\klcp_update</URI>
</RegistrationInfo>
<Principals>
<Principal id="Author">
<UserId>S-1-5-21-3435942051-1505872532-37019557-1001</UserId>
<LogonType>InteractiveToken</LogonType>
<RunLevel>HighestAvailable</RunLevel>
</Principal>
</Principals>
<Settings>
<DisallowStartIfOnBatteries>false</DisallowStartIfOnBatteries>
<StopIfGoingOnBatteries>false</StopIfGoingOnBatteries>
<ExecutionTimeLimit>PT2H</ExecutionTimeLimit>
<MultipleInstancesPolicy>IgnoreNew</MultipleInstancesPolicy>
<Priority>4</Priority>
<StartWhenAvailable>true</StartWhenAvailable>
<RunOnlyIfNetworkAvailable>true</RunOnlyIfNetworkAvailable>
<IdleSettings>
<StopOnIdleEnd>true</StopOnIdleEnd>
<RestartOnIdle>false</RestartOnIdle>
</IdleSettings>
</Settings>
<Triggers>
<CalendarTrigger>
<StartBoundary>2019-02-03T10:37:00</StartBoundary>
<ScheduleByDay>
<DaysInterval>90</DaysInterval>
</ScheduleByDay>
</CalendarTrigger>
</Triggers>
<Actions Context="Author">
<Exec>
<Command>CodecTweakTool.exe</Command>
<Arguments>/verysilent /update /freq=90</Arguments>
<WorkingDirectory>%ProgramFiles(x86)%\K-Lite Codec Pack\Tools</WorkingDirectory>
</Exec>
</Actions>
</Task>
========= End of CMD: =========

================== ExportKey: ===================

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F30E3CFC-CF58-4EDB-86FA-02321E671E82}]
"Path"="\klcp_update"
"Hash"="9b6ccbb05bd4110cbf9efe0813c0c1fd96ee1353944b6b03d932064e99506d8c"
"Schema"="65538"
"Date"="2019-02-03T10:37:00"
"URI"="\klcp_update"
"Triggers"="17000000000000000107020000000300002ec564acbbd4010007020000000300ffffffffffffffffc821414348484848fddc0826484848480e0000004848484841007500740068006f007200000048480000000048484848004848484848484800484848 (the data entry has 520 more characters)."
"Actions"="03000c00000041007500740068006f0072006666000000002400000043006f0064006500630054007700650061006b0054006f006f006c002e00650078006500380000002f007600650072007900730069006c0065006e00740020002f00750070006400 (the data entry has 232 more characters)."
"DynamicInfo"="0300000058898e5b60e7d301fbfefdad4866d6010000000002000780f1231bbfa3bbd401"

=== End of ExportKey ===
================== ExportKey: ===================

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\klcp_update]
"SD"="01000480880000009800000000000000140000000200740004000000001018009f011f0001020000000000052000000020020000001014009f011f0001010000000000051200000000101800ff011f000102000000000005200000002002000000002400 (the data entry has 160 more characters)."
"Id"="{F30E3CFC-CF58-4EDB-86FA-02321E671E82}*"
"Index"="3"

=== End of ExportKey ===

========= dir /a "C:\ProgramData\tmp" =========

Volume in drive C is Windows
Volume Serial Number is 2474-638A

Directory of C:\ProgramData\tmp

16.07.2020 17:50 <DIR> .
16.07.2020 17:50 <DIR> ..
16.07.2020 17:50 54˙320 0003r0.tmp
22.05.2019 10:52 0 crashwatcher_fotoschau.log
24.12.2018 10:09 137 crashwatcher_hps.log
23.06.2020 20:52 <DIR> onlineProjects
23.06.2020 21:37 <DIR> order
23.06.2020 21:47 <DIR> QCEFWebView
09.09.2019 17:41 <DIR> QtWebEngine
3 File(s) 54˙457 bytes
6 Dir(s) 113˙116˙667˙904 bytes free

========= End of CMD: =========

HKU\S-1-5-21-3435942051-1505872532-37019557-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2e3ff17d-bf4b-11ea-957b-88787362b2df} => removed successfully
HKU\S-1-5-21-3435942051-1505872532-37019557-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6156ddba-cdf0-11ea-9581-88787362b2df} => removed successfully
HKU\S-1-5-21-3435942051-1505872532-37019557-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6b37557a-c2ea-11ea-957e-88787362b2df} => removed successfully
HKU\S-1-5-21-3435942051-1505872532-37019557-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9080f9dc-c691-11ea-9580-88787362b2df} => removed successfully
HKU\S-1-5-21-3435942051-1505872532-37019557-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a38a58cd-c12a-11ea-957c-88787362b2df} => removed successfully
HKU\S-1-5-21-3435942051-1505872532-37019557-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aa03c2e6-b6cd-11ea-957a-88787362b2df} => removed successfully
HKU\S-1-5-21-3435942051-1505872532-37019557-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{baff0293-b466-11ea-9575-88787362b2df} => removed successfully
HKU\S-1-5-21-3435942051-1505872532-37019557-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{baff0e63-b466-11ea-9575-88787362b2df} => removed successfully
HKU\S-1-5-21-3435942051-1505872532-37019557-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e1bd672c-b6ca-11ea-9579-88787362b2df} => removed successfully
HKU\S-1-5-21-3435942051-1505872532-37019557-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e979ce09-b460-11ea-9574-88787362b2df} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F30E3CFC-CF58-4EDB-86FA-02321E671E82}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F30E3CFC-CF58-4EDB-86FA-02321E671E82}" => removed successfully
C:\WINDOWS\System32\Tasks\klcp_update => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\klcp_update" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF} => removed successfully
HKLM\Software\Classes\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF} => removed successfully
HKLM\System\CurrentControlSet\Services\iaStorA => removed successfully
iaStorA => service removed successfully
C:\ProgramData\tmp => moved successfully
C:\Users\thyma\AppData\Local\oobelibMkey.log => moved successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 1352607904 B
Java, Flash, Steam htmlcache => 1127 B
Windows/system/drivers => 40293888 B
Edge => 833738 B
Chrome => 0 B
Firefox => 1150599301 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 6656 B
systemprofile32 => 6656 B
LocalService => 203308 B
NetworkService => 203308 B
defaultuser0 => 203308 B
thyma => 529406375 B

RecycleBin => 576179249 B
EmptyTemp: => 3.4 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 09:21:01 ====

Re: Prostě preventivka :-)

Napsal: 08 srp 2020 19:48
od Conder
:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
CloseProcesses:
CreateRestorePoint:
DeleteValue: HKU\S-1-5-21-3435942051-1505872532-37019557-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer|NoDriveTypeAutoRun
End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
:arrow: Potom skus otestovat, ci funguje automaticke prehravanie, a daj vediet, ako to vyzera s PC a ci su este nejake problemy.

Re: Prostě preventivka :-)

Napsal: 09 srp 2020 07:21
od gomik
přehrávání funguje!
čím to bylo - kde se stala chyba?
a tady je log:

Fix result of Farbar Recovery Scan Tool (x64) Version: 08-08-2020
Ran by thyma (09-08-2020 08:18:15) Run:4
Running from C:\Users\thyma\Desktop
Loaded Profiles: defaultuser0 & thyma
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
DeleteValue: HKU\S-1-5-21-3435942051-1505872532-37019557-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer|NoDriveTypeAutoRun
End
*****************

Processes closed successfully.
Restore point was successfully created.
"HKU\S-1-5-21-3435942051-1505872532-37019557-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDriveTypeAutoRun" => removed successfully


The system needed a reboot.

==== End of Fixlog 08:18:27 ====

Re: Prostě preventivka :-)

Napsal: 10 srp 2020 02:47
od Conder
V registroch bolo nastavenie, ktore zakazalo automaticke prehravanie pre vsetky typy zariadenii.

Ako to vyzera s PC? Su este nejake problemy?

Re: Prostě preventivka :-)

Napsal: 10 srp 2020 12:13
od gomik
Tak problémy - krom toho přehrávání USB - nebyly žádné.
myslím, že je vše OK a funguje jak má.
Děkuji moc za pomoc!

Re: Prostě preventivka :-)

Napsal: 12 srp 2020 01:29
od Conder
:arrow: Tak este upraceme po pouzitych nastrojoch:

Re: Prostě preventivka :-)

Napsal: 12 srp 2020 08:51
od gomik
Hotovo
Už to je asi vše, ano?
Příspěvek poslán a ještě jednou moc díky!



# DelFix v1.013 - Logfile created 12/08/2020 at 09:50:21
# Updated 17/04/2016 by Xplode
# Username : thyma - THYMALLUS-HP2
# Operating System : Windows 10 Home (64 bits)

~ Removing disinfection tools ...

Deleted : C:\RSIT
Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

########## - EOF - ##########

Re: Prostě preventivka :-)

Napsal: 12 srp 2020 20:58
od Conder
Ano, to by bolo vsetko. Nie je zaco a za prispevok na forum dakujeme! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz