Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-09-2020
Ran by trody (administrator) on DESKTOP-4BAJTNA (Micro-Star International Co., Ltd MS-7B86) (28-09-2020 17:01:42)
Running from C:\Users\trody\Downloads
Loaded Profiles: trody
Platform: Windows 10 Home Version 1909 18363.1082 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/33 ... scan-tool/==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <28>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\trody\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowsstore_12009.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\HelpPane.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\spaceman.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\usocoreworker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.9-0\MsMpEng.exe
(Noriyuki Miyazaki -> Crystal Dew World) C:\Program Files (x86)\CrystalDiskInfo\DiskInfo32.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_fb5bb5bb5a3b03a4\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9277520 2020-07-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKU\S-1-5-21-2518751850-1939568582-2896737838-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3395360 2020-09-04] (Valve -> Valve Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\85.0.4183.121\Installer\chrmstp.exe [2020-09-28] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {055139B2-4351-4C1C-B992-01C7B0259853} - System32\Tasks\Driver Booster SkipUAC (trody) => C:\Program Files (x86)\IObit\Driver Booster\8.0.2\DriverBooster.exe [8070416 2020-09-16] (IObit Information Technology -> IObit)
Task: {18D275E8-9164-4AC9-BA4A-90B17E4D6727} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-09-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {47B32152-C93A-4F9F-A713-0CE9DDD28680} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\8.0.2\Scheduler.exe [152848 2020-09-14] (IObit Information Technology -> IObit)
Task: {4D3DFCAD-F0F5-4A42-857B-93CEBD327E41} - System32\Tasks\AMHelper => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [632896 2019-03-29] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {5BB0A490-AE07-48DF-9E63-1AE8BF53027C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-09-28] (Google LLC -> Google LLC)
Task: {74897FBE-7A19-469B-9914-4A8BEE2E8D47} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-09-28] (Google LLC -> Google LLC)
Task: {AD24D8F2-49EA-4E13-B3BD-856D8CE21995} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-09-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F0AD3167-038D-47BE-8362-2E8E7B3EB82D} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\8.0.2\AutoUpdate.exe [2264336 2020-09-14] (IObit Information Technology -> IObit)
Task: {F8B09281-886C-48F5-A968-1668F4E71ED4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-09-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FE4E7B25-6A8C-4AB1-9FE3-00035EF09DA1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-09-28] (Microsoft Windows Publisher -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.107.4.100 10.107.4.129
Tcpip\..\Interfaces\{b8ffada3-80d8-4c09-ae78-578e6f3f494c}: [DhcpNameServer] 10.107.4.100 10.107.4.129
Edge:
======
Edge Profile: C:\Users\trody\AppData\Local\Microsoft\Edge\User Data\Default [2020-09-28]
FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR Profile: C:\Users\trody\AppData\Local\Google\Chrome\User Data\Default [2020-09-28]
CHR Notifications: Default ->
hxxps://www.reddit.comCHR Extension: (Prezentace) - C:\Users\trody\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-09-28]
CHR Extension: (Privacy Pass) - C:\Users\trody\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajhmfdgkijocedmfjonnpjfojldioehi [2020-09-28]
CHR Extension: (Dokumenty) - C:\Users\trody\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-09-28]
CHR Extension: (Disk Google) - C:\Users\trody\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-09-28]
CHR Extension: (Pop up blocker for Chrome™ - Poper Blocker) - C:\Users\trody\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2020-09-28]
CHR Extension: (YouTube) - C:\Users\trody\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-09-28]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\trody\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-09-28]
CHR Extension: (Tabulky) - C:\Users\trody\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-09-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\trody\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-09-28]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\trody\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-09-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\trody\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-09-28]
CHR Extension: (Gmail) - C:\Users\trody\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-09-28]
CHR Extension: (Chrome Media Router) - C:\Users\trody\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-28]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [13610040 2020-09-15] (Adlice -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\NisSrv.exe [2343112 2020-09-28] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MsMpEng.exe [128360 2020-09-28] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_fb5bb5bb5a3b03a4\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_fb5bb5bb5a3b03a4\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 amsdk; C:\WINDOWS\system32\drivers\amsdk.sys [232792 2020-09-28] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
S3 gFilterMouUsb; C:\WINDOWS\System32\drivers\gFilterMouUsb.sys [30576 2019-10-16] (KYE SYSTEMS CORP. -> KYE Systems Corp.)
S3 gHidCommand; C:\WINDOWS\System32\Drivers\gHidCommand.sys [40936 2019-10-16] (KYE SYSTEMS CORP. -> KYE Systems Corp.)
S3 gKbdfltr; C:\WINDOWS\System32\drivers\gKbdfltr.sys [29576 2019-10-16] (KYE SYSTEMS CORP. -> )
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2020-09-28] (Martin Malik - REALiX -> REALiX(tm))
S3 ioFakDrv; C:\WINDOWS\System32\drivers\ioFakDrv.sys [35928 2019-10-16] (KYE Systems Corp -> KYE System Corp.)
S3 ioFakMap; C:\WINDOWS\System32\drivers\ioFakMap.sys [24664 2019-10-16] (KYE Systems Corp -> KYE System Corp.)
R1 MpKslDrv; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F2FFE4AF-311E-4C7F-89A0-9D685439D2B1}\MpKslDrv.sys [78056 2020-09-28] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2020-09-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [428256 2020-09-28] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [69856 2020-09-28] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-09-28 17:01 - 2020-09-28 17:01 - 002299392 _____ (Farbar) C:\Users\trody\Downloads\FRST64 (3).exe
2020-09-28 17:01 - 2020-09-28 17:01 - 000011605 _____ C:\Users\trody\Downloads\FRST.txt
2020-09-28 17:00 - 2020-09-28 17:00 - 002299392 _____ (Farbar) C:\Users\trody\Downloads\FRST64 (2).exe
2020-09-28 16:59 - 2020-09-28 17:01 - 000000000 ____D C:\FRST
2020-09-28 16:59 - 2020-09-28 16:59 - 002299392 _____ (Farbar) C:\Users\trody\Downloads\FRST64 (1).exe
2020-09-28 16:55 - 2020-09-28 16:55 - 002299392 _____ (Farbar) C:\Users\trody\Downloads\FRST64.exe
2020-09-28 16:54 - 2020-09-28 16:54 - 003956368 _____ (Crystal Dew World ) C:\Users\trody\Downloads\CrystalDiskInfo7_0_4-en.exe
2020-09-28 16:54 - 2020-09-28 16:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2020-09-28 16:54 - 2020-09-28 16:54 - 000000000 ____D C:\Program Files (x86)\CrystalDiskInfo
2020-09-28 16:29 - 2020-09-28 16:36 - 000000000 ____D C:\Program Files\Restoro
2020-09-28 16:28 - 2020-09-28 16:35 - 000000140 _____ C:\WINDOWS\restoro.ini
2020-09-28 16:28 - 2020-09-28 16:28 - 000931056 _____ (Restoro) C:\Users\trody\Downloads\Restoro.exe
2020-09-28 16:18 - 2020-09-28 16:18 - 000000000 ____D C:\ProgramData\ProductData
2020-09-28 16:01 - 2020-09-28 16:01 - 000000000 ____D C:\Users\trody\AppData\Local\Steam
2020-09-28 16:01 - 2020-09-28 16:01 - 000000000 ____D C:\Users\trody\AppData\Local\CEF
2020-09-28 16:00 - 2020-09-28 16:08 - 000000000 ____D C:\Program Files (x86)\Steam
2020-09-28 16:00 - 2020-09-28 16:00 - 001573568 _____ C:\Users\trody\Downloads\SteamSetup (1).exe
2020-09-28 16:00 - 2020-09-28 16:00 - 000001036 _____ C:\Users\Public\Desktop\Steam.lnk
2020-09-28 15:20 - 2020-09-28 15:20 - 069347520 _____ (Riot Games, Inc.) C:\Users\trody\Downloads\Install League of Legends na.exe
2020-09-28 15:19 - 2020-09-28 15:19 - 000000000 ____D C:\Users\trody\AppData\Local\VirtualStore
2020-09-28 14:40 - 2020-09-28 14:41 - 069347520 _____ (Riot Games, Inc.) C:\Users\trody\Downloads\Install League of Legends eune (3).exe
2020-09-28 14:28 - 2020-09-28 17:01 - 000946957 _____ C:\WINDOWS\ZAM.krnl.trace
2020-09-28 14:28 - 2020-09-28 14:28 - 000232792 _____ (Copyright 2018.) C:\WINDOWS\system32\Drivers\amsdk.sys
2020-09-28 14:28 - 2020-09-28 14:28 - 000003558 _____ C:\WINDOWS\system32\Tasks\AMHelper
2020-09-28 14:28 - 2020-09-28 14:28 - 000001333 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2020-09-28 14:28 - 2020-09-28 14:28 - 000000000 ____D C:\Users\trody\AppData\Local\Zemana
2020-09-28 14:28 - 2020-09-28 14:28 - 000000000 ____D C:\Users\trody\AppData\Local\AMSDK
2020-09-28 14:28 - 2020-09-28 14:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2020-09-28 14:28 - 2020-09-28 14:28 - 000000000 ____D C:\Program Files (x86)\Zemana
2020-09-28 14:27 - 2020-09-28 14:27 - 011596944 _____ (Zemana Ltd. ) C:\Users\trody\Downloads\AntiMalware_Setup.exe
2020-09-28 14:20 - 2020-09-28 14:20 - 000000000 ____D C:\Program Files\UNP
2020-09-28 14:15 - 2014-02-13 23:59 - 000024064 _____ C:\WINDOWS\zoek-delete.exe
2020-09-28 14:03 - 2020-09-28 14:13 - 000000000 ____D C:\zoek_backup
2020-09-28 14:03 - 2020-09-28 14:03 - 000000000 ____D C:\Users\trody\AppData\Local\CrashDumps
2020-09-28 13:51 - 2020-09-28 14:01 - 000000000 ____D C:\ProgramData\RogueKiller
2020-09-28 13:51 - 2020-09-28 13:51 - 000000899 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2020-09-28 13:51 - 2020-09-28 13:51 - 000000000 ____D C:\Program Files\RogueKiller
2020-09-28 13:49 - 2020-09-28 13:49 - 002038755 _____ C:\Users\trody\Downloads\zoek.exe
2020-09-28 13:46 - 2020-09-28 13:47 - 040327848 _____ (Adlice Software ) C:\Users\trody\Downloads\RogueKiller_setup (1).exe
2020-09-28 10:53 - 2020-09-28 10:54 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-09-28 10:53 - 2020-09-28 10:53 - 129170736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-09-28 10:05 - 2020-09-28 10:02 - 000744808 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-09-28 08:50 - 2020-09-28 08:00 - 000000000 ____D C:\Windows.old
2020-09-28 08:49 - 2020-09-28 08:50 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2020-09-28 08:49 - 2020-09-28 08:49 - 000000000 ____D C:\WINDOWS\AMDTAs
2020-09-28 08:48 - 2020-09-28 08:48 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2020-09-28 08:48 - 2020-09-28 08:48 - 000000000 ____D C:\WINDOWS\Setup
2020-09-28 08:47 - 2020-09-28 14:21 - 000716776 _____ C:\WINDOWS\system32\perfh005.dat
2020-09-28 08:47 - 2020-09-28 14:21 - 000144856 _____ C:\WINDOWS\system32\perfc005.dat
2020-09-28 08:47 - 2020-09-28 08:47 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2020-09-28 08:47 - 2020-09-28 08:47 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2020-09-28 08:47 - 2020-09-28 08:47 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2020-09-28 08:47 - 2020-09-28 08:47 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep
2020-09-28 08:47 - 2020-09-28 08:47 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2020-09-28 08:47 - 2020-09-28 08:47 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2020-09-28 08:47 - 2020-09-28 08:47 - 000000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
2020-09-28 08:47 - 2020-09-28 08:47 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2020-09-28 08:47 - 2020-09-28 08:47 - 000000000 ____D C:\WINDOWS\SysWOW64\0409
2020-09-28 08:47 - 2020-09-28 08:47 - 000000000 ____D C:\WINDOWS\system32\winrm
2020-09-28 08:47 - 2020-09-28 08:47 - 000000000 ____D C:\WINDOWS\system32\WCN
2020-09-28 08:47 - 2020-09-28 08:47 - 000000000 ____D C:\WINDOWS\system32\slmgr
2020-09-28 08:47 - 2020-09-28 08:47 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2020-09-28 08:47 - 2020-09-28 08:47 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2020-09-28 08:47 - 2020-09-28 08:47 - 000000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2020-09-28 08:47 - 2020-09-28 08:47 - 000000000 ____D C:\WINDOWS\OCR
2020-09-28 08:47 - 2020-09-28 08:47 - 000000000 ____D C:\Program Files\Reference Assemblies
2020-09-28 08:47 - 2020-09-28 08:47 - 000000000 ____D C:\Program Files\MSBuild
2020-09-28 08:47 - 2020-09-28 08:47 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2020-09-28 08:47 - 2020-09-28 08:47 - 000000000 ____D C:\Program Files (x86)\MSBuild
2020-09-28 08:47 - 2020-09-28 08:46 - 000296964 _____ C:\WINDOWS\system32\perfi005.dat
2020-09-28 08:47 - 2020-09-28 08:46 - 000038778 _____ C:\WINDOWS\system32\perfd005.dat
2020-09-28 08:46 - 2020-09-28 08:46 - 000000000 ____D C:\WINDOWS\system32\cs
2020-09-28 08:46 - 2020-09-28 08:46 - 000000000 ____D C:\WINDOWS\system32\0409
2020-09-28 08:46 - 2020-09-28 08:46 - 000000000 ____D C:\WINDOWS\DigitalLocker
2020-09-28 08:46 - 2020-06-05 23:03 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-09-28 08:46 - 2020-06-05 23:03 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-09-28 08:45 - 2020-09-28 16:55 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-09-28 08:45 - 2020-09-28 16:54 - 000000000 ___RD C:\Program Files (x86)
2020-09-28 08:45 - 2020-09-28 10:51 - 000000000 ___HD C:\Program Files\WindowsApps
2020-09-28 08:45 - 2020-09-28 10:51 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-09-28 08:45 - 2020-09-28 10:02 - 000000000 ____D C:\Program Files\Windows Defender
2020-09-28 08:45 - 2020-09-28 08:50 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2020-09-28 08:45 - 2020-09-28 08:50 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2020-09-28 08:45 - 2020-09-28 08:47 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2020-09-28 08:45 - 2020-09-28 08:47 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2020-09-28 08:45 - 2020-09-28 08:47 - 000000000 ___SD C:\WINDOWS\system32\F12
2020-09-28 08:45 - 2020-09-28 08:47 - 000000000 ___SD C:\WINDOWS\system32\dsc
2020-09-28 08:45 - 2020-09-28 08:47 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-09-28 08:45 - 2020-09-28 08:47 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-09-28 08:45 - 2020-09-28 08:47 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2020-09-28 08:45 - 2020-09-28 08:47 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2020-09-28 08:45 - 2020-09-28 08:47 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-09-28 08:45 - 2020-09-28 08:47 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2020-09-28 08:45 - 2020-09-28 08:47 - 000000000 ____D C:\WINDOWS\SystemResources
2020-09-28 08:45 - 2020-09-28 08:47 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2020-09-28 08:45 - 2020-09-28 08:47 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2020-09-28 08:45 - 2020-09-28 08:47 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2020-09-28 08:45 - 2020-09-28 08:47 - 000000000 ____D C:\WINDOWS\system32\setup
2020-09-28 08:45 - 2020-09-28 08:47 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2020-09-28 08:45 - 2020-09-28 08:47 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-09-28 08:45 - 2020-09-28 08:47 - 000000000 ____D C:\WINDOWS\system32\MUI
2020-09-28 08:45 - 2020-09-28 08:47 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-09-28 08:45 - 2020-09-28 08:47 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-09-28 08:45 - 2020-09-28 08:47 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-09-28 08:45 - 2020-09-28 08:47 - 000000000 ____D C:\WINDOWS\IME
2020-09-28 08:45 - 2020-09-28 08:47 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2020-09-28 08:45 - 2020-09-28 08:47 - 000000000 ____D C:\Program Files\Common Files\System
2020-09-28 08:45 - 2020-09-28 08:47 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2020-09-28 08:45 - 2020-09-28 08:47 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-09-28 08:45 - 2020-09-28 08:46 - 000000000 ____D C:\WINDOWS\system32\Com
2020-09-28 08:45 - 2020-09-28 08:46 - 000000000 ____D C:\WINDOWS\Help
2020-09-28 08:45 - 2020-09-28 08:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 __SHD C:\Program Files\Windows Sidebar
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 __RSD C:\WINDOWS\Media
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ___SD C:\WINDOWS\SysWOW64\Nui
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ___SD C:\WINDOWS\system32\Nui
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ___SD C:\WINDOWS\system32\Configuration
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ___RD C:\WINDOWS\Offline Web Pages
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ___HD C:\WINDOWS\LanguageOverlayCache
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\Web
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\WaaS
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\Vss
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\tracing
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\TextInput
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\TAPI
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\SysWOW64\SMI
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\SysWOW64\ras
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\SysWOW64\NDF
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\SysWOW64\Msdtc
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\SysWOW64\Ipmi
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\SysWOW64\icsxml
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\SystemApps
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\system32\winevt
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\system32\ti-et
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\system32\ta-lk
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\system32\ta-in
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\system32\si-lk
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\system32\ras
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\system32\ProximityToast
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\system32\PointOfService
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\system32\osa-Osge-001
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\system32\my-mm
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\system32\Keywords
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\system32\Ipmi
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\system32\IME
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\system32\icsxml
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\system32\ias
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\system32\Hydrogen
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\system32\GroupPolicyUsers
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\system32\ff-Adlm-SN
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\system32\DriverState
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\system32\downlevel
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\system32\DDFs
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\system32\config\TxR
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\system32\config\systemprofile
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\system32\config\RegBack
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\system32\config\Journal
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\system32\Bthprops
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\system32\appraiser
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\system32\am-et
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\System
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\SKB
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\schemas
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\SchCache
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\ShellComponents
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\security
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\Resources
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\rescache
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\Registration
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\Provisioning
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\PLA
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\Performance
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\ModemLogs
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\L2Schemas
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\InputMethod
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\IdentityCRL
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\Globalization
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\GameBarPresenceWriter
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\DiagTrack
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\Cursors
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\Containers
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\Branding
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\appcompat
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\WINDOWS\addins
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\ProgramData\WindowsHolographicDevices
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\ProgramData\USOShared
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\Program Files\Windows Security
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\Program Files\Windows Portable Devices
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\Program Files\ModifiableWindowsApps
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\Program Files\Common Files\Services
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\Program Files (x86)\Windows NT
2020-09-28 08:45 - 2020-09-28 08:45 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2020-09-28 08:45 - 2020-09-28 08:43 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2020-09-28 08:45 - 2020-09-28 08:43 - 000215943 _____ C:\WINDOWS\SysWOW64\dssec.dat
2020-09-28 08:45 - 2020-09-28 08:43 - 000215943 _____ C:\WINDOWS\system32\dssec.dat
2020-09-28 08:45 - 2020-09-28 08:43 - 000207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2020-09-28 08:45 - 2020-09-28 08:43 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2020-09-28 08:45 - 2020-09-28 08:43 - 000018903 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2020-09-28 08:45 - 2020-09-28 08:43 - 000017635 _____ C:\WINDOWS\system32\Drivers\etc\services
2020-09-28 08:45 - 2020-09-28 08:43 - 000003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam
2020-09-28 08:45 - 2020-09-28 08:43 - 000003103 _____ C:\WINDOWS\SysWOW64\mmc.exe.config
2020-09-28 08:45 - 2020-09-28 08:43 - 000003103 _____ C:\WINDOWS\system32\mmc.exe.config
2020-09-28 08:45 - 2020-09-28 08:43 - 000001358 _____ C:\WINDOWS\system32\Drivers\etc\protocol
2020-09-28 08:45 - 2020-09-28 08:43 - 000000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2020-09-28 08:45 - 2020-09-28 08:43 - 000000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT
2020-09-28 08:45 - 2020-09-28 08:43 - 000000741 _____ C:\WINDOWS\system32\NOISE.DAT
2020-09-28 08:45 - 2020-09-28 08:43 - 000000407 _____ C:\WINDOWS\system32\Drivers\etc\networks
2020-09-28 08:45 - 2020-09-28 08:43 - 000000219 _____ C:\WINDOWS\system.ini
2020-09-28 08:45 - 2020-09-28 08:43 - 000000092 _____ C:\WINDOWS\win.ini
2020-09-28 08:45 - 2020-09-28 08:17 - 000000000 ____D C:\WINDOWS\ServiceState
2020-09-28 08:45 - 2020-09-28 08:00 - 000000000 ____D C:\WINDOWS\system32\spool
2020-09-28 08:45 - 2020-09-28 08:00 - 000000000 ____D C:\WINDOWS\system32\FxsTmp