Adware při startu Windows Vyřešeno

[Babis]

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 9:23:39, on 04.10.2020
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.18362.0001)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\miros\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo17win10.msn.com/?pc=LCTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo17win10.msn.com/?pc=LCTE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
O1 - Hosts: ::1 localhost
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\85.0.564.68\BHO\ie_to_edge_bho.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [TeamsMachineUninstallerLocalAppData] %LOCALAPPDATA%\Microsoft\Teams\Update.exe --uninstall --msiUninstall --source=default
O4 - HKLM\..\Run: [TeamsMachineUninstallerProgramData] %ProgramData%\Microsoft\Teams\Update.exe --uninstall --msiUninstall --source=default
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [EpicGamesLauncher] "C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent
O4 - HKCU\..\RunOnce: [Application Restart #0] C:\Program Files\Lenovo\Nerve Center\bin\x64\LenovoNerveCenter.exe -runbywidget /RestartByRestartManager:1E8028CF-B0F0-456b-A413-3383082784F7 /RestartByRestartManager:3F16CC4D-98BC-45d7-B96A-94AA610242B8 /RestartByRestartManager:FB17D34F-5AA7-4171-884A-8655959DCB0B
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Inc. - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastWscReporter - AVAST Software - C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\ki125133.inf_amd64_7a52044300619fc7\IntelCpHeciSvc.exe
O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\ki125133.inf_amd64_7a52044300619fc7\IntelCpHDCPSvc.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_3268c47 - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Dolby DAX2 API Service - Dolby Laboratories, Inc. - C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GameRecorderSVC - Lenovo(beijing) Limited - C:\Program Files\Lenovo\Nerve Center\bin\x86\GameRecorderSVC.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.121\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HuaweiHiSuiteService64.exe - Unknown owner - C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe (file missing)
O23 - Service: @oem16.inf,%iaStorAfsWindowsService.Name%;Intel(R) Optane(TM) Memory Service (iaStorAfsService) - Intel Corporation - C:\WINDOWS\IAStorAfsService\iaStorAfsService.exe
O23 - Service: @oem26.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\WINDOWS\system32\ibtsiva (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\ki125133.inf_amd64_7a52044300619fc7\igfxCUIService.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Online Connect - Intel Corporation - C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe
O23 - Service: Intel(R) Online Connect Helper - Intel Corporation - C:\Program Files\Intel\Intel(R) Online Connect\iocHelperService.exe
O23 - Service: Intel(R) Online Connect Software Asset Manager - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe
O23 - Service: Intel(R) Online Connect Access Legacy CS Loader (Intel(R) TechnologyAccessLegacyCSLoader) - Intel(R) Corporation - C:\Program Files\Intel\Intel(R) Online Connect Access\LegacyCsLoaderService.exe
O23 - Service: Intel(R) Online Connect Access (Intel(R) TechnologyAccessService) - Intel(R) Corporation - C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service: McSecDashboardService - Unknown owner - C:\Program Files\McAfeeDashboard\McSecDashboardService.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: PluginLoaderSvc - Lenovo(beijing) Limited - C:\Program Files\Lenovo\Nerve Center\bin\x64\PluginLoaderSvc.exe
O23 - Service: Rockstar Game Library Service (Rockstar Service) - Rockstar Games - C:\Program Files\Rockstar Games\Launcher\RockstarService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: Wireless Keyboard 850 Notification Service (WirelessKB850NotificationService) - Unknown owner - C:\WINDOWS\System32\WirelessKB850NotificationService.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15087 bytes

[Reklama]

[Babis]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03-10-2020
Ran by miros (administrator) on LAPTOP-IJ326MGV (LENOVO 80WK) (04-10-2020 09:26:15)
Running from C:\Users\miros\Desktop
Loaded Profiles: miros
Platform: Windows 10 Home Version 1909 18363.1082 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Dolby Laboratories, Inc. -> ) C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Online Connect -> Intel Corporation) C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe
(Intel(R) Online Connect Access -> Intel(R) Corporation) C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe
(Intel(R) Online Connect Access -> Intel(R) Corporation) C:\Program Files\Intel\Intel(R) Online Connect Access\LegacyCsLoaderService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125133.inf_amd64_7a52044300619fc7\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125133.inf_amd64_7a52044300619fc7\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125133.inf_amd64_7a52044300619fc7\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125133.inf_amd64_7a52044300619fc7\IntelCpHeciSvc.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(LENOVO -> Lenovo(beijing) Limited) C:\Program Files\Lenovo\LenovoUtility\utility.exe
(LENOVO -> Lenovo(beijing) Limited) C:\Program Files\Lenovo\Nerve Center\bin\x64\HotkeyMonitor.exe
(LENOVO -> Lenovo(beijing) Limited) C:\Program Files\Lenovo\Nerve Center\bin\x64\LenovoNerveCenterTray.exe
(LENOVO -> Lenovo(beijing) Limited) C:\Program Files\Lenovo\Nerve Center\bin\x64\LenovoNerveCenterUpdateAgent.exe
(LENOVO -> Lenovo(beijing) Limited) C:\Program Files\Lenovo\Nerve Center\bin\x64\PluginLoaderSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Zemana D.O.O. Sarajevo -> Zemana Ltd.) C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [894376 2017-04-14] (LENOVO -> Lenovo(beijing) Limited)
HKLM\...\Run: [NerveCenterTray] => C:\Program Files\Lenovo\Nerve Center\bin\x64\LenovoNerveCenterTray.exe [245088 2017-04-28] (LENOVO -> Lenovo(beijing) Limited)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [109160 2020-09-05] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506376 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391088 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506376 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [829632 2016-06-24] (Dolby Laboratories, Inc. -> )
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [710264 2020-06-18] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [TeamsMachineUninstallerLocalAppData] => C:\Users\miros\AppData\Local\Microsoft\Teams\Update.exe [2350776 2020-07-14] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM-x32\...\Run: [TeamsMachineUninstallerProgramData] => %ProgramData%\Microsoft\Teams\Update.exe --uninstall --msiUninstall --source=default
HKU\S-1-5-21-3721644651-469684830-772303768-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3395360 2020-09-04] (Valve -> Valve Corporation)
HKU\S-1-5-21-3721644651-469684830-772303768-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32407952 2020-08-27] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3721644651-469684830-772303768-1001\...\RunOnce: [Application Restart #0] => C:\Program Files\Lenovo\Nerve Center\bin\x64\LenovoNerveCenter.exe [2777952 2017-04-28] (LENOVO -> Lenovo(beijing) Limited)
HKU\S-1-5-21-3721644651-469684830-772303768-1001\...\MountPoints2: E - "E:\Setup.exe"
HKU\S-1-5-21-3721644651-469684830-772303768-1001\...\MountPoints2: {9493d090-6c30-11ea-9584-0028f8811626} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3721644651-469684830-772303768-1001\...\MountPoints2: {9493d106-6c30-11ea-9584-0028f8811626} - "E:\HiSuiteDownLoader.exe"
HKLM\...\Print\Monitors\us008 Langmon: C:\Windows\system32\us008lm.dll [31256 2016-02-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.121\Installer\chrmstp.exe [2020-09-23] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0134AC47-146D-46F8-A217-91D13F2B2C9F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {08577A07-132D-4CD4-AFFE-509025926EED} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158552 2020-09-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {1275E385-A8BA-43A9-8478-8853A99D2AFB} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24611696 2020-09-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {13CB38DF-2310-42FE-B05B-10CFF8C5F7CA} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-05-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1626845F-C96B-4BA8-9A51-750512B1EA3B} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3426B704-5549-44DD-A41A-7DB028F9AF52} - System32\Tasks\AMHelper => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [658808 2020-07-29] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {392F39E7-4033-4A42-9256-D064BB063647} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [124112 2020-07-10] (Mozilla Corporation -> Mozilla Foundation)
Task: {39C6559F-5089-4C6F-9261-852B932472DE} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2038152 2020-09-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {4EF0AFBC-EA86-4C95-ABC1-D00CA0A44420} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3850336 2020-09-05] (Avast Software s.r.o. -> AVAST Software)
Task: {50CF479E-A09F-44A0-8D2E-62F750E8F930} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {5266CCDA-E157-4D6A-AC2B-612F7AEA6339} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {598E77D8-E619-43B7-ABD9-A0F3698BF390} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {5C4F674A-9241-4E34-8B61-B6E903357DEA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6158240 2020-07-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {61823B59-6367-4ED7-976E-50D843C60318} - System32\Tasks\AMSkipUAC => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [658808 2020-07-29] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {690E150F-99A0-4D45-BBF9-EBA827B7CEE0} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158552 2020-09-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {6CFECD4F-0545-4572-9248-FDDFB33B581B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24611696 2020-09-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {73E672E9-8B0C-475E-9F96-3875BD3EB8E8} - System32\Tasks\NerveCenterUpdate => C:\Program Files\Lenovo\Nerve Center\bin\x64\LenovoNerveCenterUpdateAgent.exe [744800 2017-04-28] (LENOVO -> Lenovo(beijing) Limited)
Task: {7A4DE78E-108C-4E78-B6E4-8B94A651903D} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-05-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {93259873-F138-4163-9718-8C39AA71309A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {96564C33-B802-447A-9AB6-4065785C21F1} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7 => C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-10-15] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {9CA62E2A-CCC5-4810-8E71-8B4F30A6B33D} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A244EBD3-A4A0-405A-9473-9DDA136A8739} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6158240 2020-07-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {AA1B2966-CEFF-4CD9-B9A6-5EB03AE9F8E4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-23] (Google Inc -> Google Inc.)
Task: {B6075488-4443-47C5-AECA-D1E2FCD32D1E} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7-Logon => C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-10-15] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {B7D10C3B-8EFB-44B4-8FB8-861A23F203C2} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3292984 2020-06-25] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B8835D8E-68B5-43E2-83F3-8428C5224BBA} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [647656 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C04375FC-1B69-412D-B095-D6CBA40E6A6E} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [543536 2016-10-14] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {D8B80D8C-82F0-4678-9616-EAEA96DEF6AC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-23] (Google Inc -> Google Inc.)
Task: {DBE17D12-E6D6-4F87-B40A-E195A598CEBA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1341008 2020-09-06] (Adobe Inc. -> Adobe Inc.)
Task: {EBECC889-3D4C-42DA-A221-9BE1D870E080} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F1449020-17B1-4FEE-8708-1CC1B9435F80} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F49EB2B0-1C79-4139-BD0C-2896F2717AC3} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1741416 2020-09-18] (Avast Software s.r.o. -> Avast Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{be918b68-55e6-4e80-8937-b098a56bad42}: [DhcpNameServer] 192.168.0.1

Edge:
======
DownloadDir: C:\Users\miros\Downloads

FireFox:
========
FF DefaultProfile: ce1ftx7n.default
FF ProfilePath: C:\Users\miros\AppData\Roaming\Mozilla\Firefox\Profiles\ce1ftx7n.default [2019-06-08]
FF ProfilePath: C:\Users\miros\AppData\Roaming\Mozilla\Firefox\Profiles\uulv1rd7.default-release [2020-10-03]
FF DownloadDir: C:\Users\miros\Downloads
FF Homepage: Mozilla\Firefox\Profiles\uulv1rd7.default-release -> about:home
FF NewTab: Mozilla\Firefox\Profiles\uulv1rd7.default-release -> about:newtab
FF Plugin: @java.com/DTPlugin,version=11.261.2 -> C:\Program Files\Java\jre1.8.0_261\bin\dtplugin\npDeployJava1.dll [2020-09-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.261.2 -> C:\Program Files\Java\jre1.8.0_261\bin\plugin2\npjp2.dll [2020-09-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-07-25] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-07-25] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-07-25] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-09-11] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\miros\AppData\Local\Google\Chrome\User Data\Default [2020-10-04]
CHR HomePage: Default -> hxxps://www.google.cz/
CHR StartupUrls: Default -> "hxxps://www.google.cz/"
CHR Extension: (Prezentace) - C:\Users\miros\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-10-03]
CHR Extension: (Dokumenty) - C:\Users\miros\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-10-03]
CHR Extension: (Disk Google) - C:\Users\miros\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-03]
CHR Extension: (Beauty) - C:\Users\miros\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbbelgoeoihcmnkgkeanmogncgkfichm [2020-10-03]
CHR Extension: (YouTube) - C:\Users\miros\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-10-03]
CHR Extension: (Tabulky) - C:\Users\miros\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-10-03]
CHR Extension: (Word Online) - C:\Users\miros\AppData\Local\Google\Chrome\User Data\Default\Extensions\fiombgjlkfpdpkbhfioofeeinbehmajg [2020-10-03]
CHR Extension: (Dokumenty Google offline) - C:\Users\miros\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-10-03]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\miros\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-10-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\miros\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-10-03]
CHR Extension: (Dark Theme for Youtube) - C:\Users\miros\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocdjppogihmiaookphgljdbcjemckmjl [2020-10-03]
CHR Extension: (Gmail) - C:\Users\miros\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-03]
CHR Extension: (Chrome Media Router) - C:\Users\miros\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-10-03]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-09-06] (Adobe Inc. -> Adobe Inc.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7824280 2020-09-05] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357848 2020-09-05] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [58048 2020-09-05] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11118976 2020-09-06] (Microsoft Corporation -> Microsoft Corporation)
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2018-09-26] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
S3 GameRecorderSVC; C:\Program Files\Lenovo\Nerve Center\bin\x86\GameRecorderSVC.exe [392032 2017-04-28] (LENOVO -> Lenovo(beijing) Limited)
S3 iaStorAfsService; C:\WINDOWS\IAStorAfsService\iaStorAfsService.exe [2413024 2018-04-05] (Intel Corporation -> Intel Corporation)
U3 Intel(R) Online Connect; C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe [25312 2016-11-02] (Intel(R) Online Connect -> Intel Corporation)
S2 Intel(R) Online Connect Helper; C:\Program Files\Intel\Intel(R) Online Connect\iocHelperService.exe [34528 2016-11-02] (Intel(R) Online Connect -> Intel Corporation)
S3 Intel(R) Online Connect Software Asset Manager; C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-10-15] (Intel(R) Software Asset Manager -> Intel Corporation)
R2 Intel(R) TechnologyAccessLegacyCSLoader; C:\Program Files\Intel\Intel(R) Online Connect Access\LegacyCsLoaderService.exe [173288 2016-10-18] (Intel(R) Online Connect Access -> Intel(R) Corporation)
R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe [496872 2016-10-18] (Intel(R) Online Connect Access -> Intel(R) Corporation)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7185288 2020-10-02] (Malwarebytes Inc -> Malwarebytes)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2519352 2020-09-07] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3472192 2020-09-07] (Electronic Arts, Inc. -> Electronic Arts)
R2 PluginLoaderSvc; C:\Program Files\Lenovo\Nerve Center\bin\x64\PluginLoaderSvc.exe [966496 2017-04-28] (LENOVO -> Lenovo(beijing) Limited)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1711232 2020-07-06] (Rockstar Games, Inc. -> Rockstar Games)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\WINDOWS\System32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)
S2 HuaweiHiSuiteService64.exe; "C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe" -/service [X]
S3 McSecDashboardService; "C:\Program Files\McAfeeDashboard\McSecDashboardService.exe" [X]

[Babis]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 amsdk; C:\WINDOWS\system32\drivers\amsdk.sys [232792 2020-10-03] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37136 2020-09-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [206392 2020-09-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [235584 2020-09-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [195648 2020-09-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [60480 2020-09-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16824 2020-07-21] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42768 2020-09-05] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [175192 2020-09-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [109272 2020-09-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84848 2020-09-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851600 2020-09-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [469880 2020-09-05] (Avast Software s.r.o. -> AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [217328 2020-09-05] (Avast Software s.r.o. -> AVAST Software)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2018-09-05] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326408 2020-09-08] (Avast Software s.r.o. -> AVAST Software)
R3 BHTPCRDR; C:\WINDOWS\System32\drivers\bhtpcrdr.sys [173432 2016-08-11] (BayHub Technology Inc. -> BayHubTech/O2Micro)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2019-12-27] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 FBNetFilter; C:\Windows\system32\Drivers\FBNetFlt.sys [46576 2017-04-28] (Lenovo (Beijing) Co., Ltd. -> Lenovo(beijing) Limited)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2019-12-27] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [217592 2020-10-02] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-10-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-10-02] (Malwarebytes Inc -> Malwarebytes)
R1 ndisrd; C:\WINDOWS\system32\DRIVERS\ndisrfl.sys [59792 2016-09-14] (Intel(R) Technology Access -> Intel Corporation)
S3 ssudcdf; C:\WINDOWS\System32\drivers\ssudcdf.sys [36608 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssuddmgr; C:\WINDOWS\System32\drivers\ssuddmgr.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudobex; C:\WINDOWS\System32\drivers\ssudobex.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudrmnet; C:\WINDOWS\System32\drivers\ssudrmnet.sys [70400 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
S3 ssudserd; C:\WINDOWS\System32\drivers\ssudserd.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ss_conn_usb_driver; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [26368 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2017-07-28] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2017-07-21] (Valve Corp. -> )
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-10-04 09:26 - 2020-10-04 09:26 - 000029860 _____ C:\Users\miros\Desktop\FRST.txt
2020-10-04 09:25 - 2020-10-04 09:26 - 000000000 ____D C:\FRST
2020-10-04 09:24 - 2020-10-04 09:25 - 002299392 _____ (Farbar) C:\Users\miros\Desktop\FRST64.exe
2020-10-04 09:22 - 2020-10-04 09:22 - 000388608 _____ (Trend Micro Inc.) C:\Users\miros\Desktop\HijackThis.exe
2020-10-03 10:41 - 2014-02-13 23:59 - 000024064 _____ C:\WINDOWS\zoek-delete.exe
2020-10-03 09:57 - 2020-10-03 10:35 - 000000000 ____D C:\zoek_backup
2020-10-03 09:56 - 2020-10-03 09:56 - 002038755 _____ C:\Users\miros\Desktop\zoek.exe
2020-10-03 09:54 - 2020-10-04 09:26 - 001230031 _____ C:\WINDOWS\ZAM.krnl.trace
2020-10-03 09:54 - 2020-10-04 09:19 - 000002680 _____ C:\WINDOWS\system32\Tasks\AMSkipUAC
2020-10-03 09:54 - 2020-10-04 09:19 - 000000000 ____D C:\Users\miros\AppData\Local\AMSDK
2020-10-03 09:54 - 2020-10-03 23:48 - 000002522 _____ C:\WINDOWS\system32\Tasks\AMHelper
2020-10-03 09:54 - 2020-10-03 09:54 - 000232792 _____ (Copyright 2018.) C:\WINDOWS\system32\Drivers\amsdk.sys
2020-10-03 09:54 - 2020-10-03 09:54 - 000001336 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2020-10-03 09:54 - 2020-10-03 09:54 - 000001336 _____ C:\ProgramData\Desktop\Zemana AntiMalware.lnk
2020-10-03 09:54 - 2020-10-03 09:54 - 000000000 ____D C:\Users\miros\AppData\Local\Zemana
2020-10-03 09:54 - 2020-10-03 09:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2020-10-03 09:54 - 2020-10-03 09:54 - 000000000 ____D C:\Program Files (x86)\Zemana
2020-10-02 15:00 - 2020-10-02 15:00 - 000000000 ____D C:\ProgramData\Sophos
2020-10-02 09:57 - 2020-10-02 09:57 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2020-10-02 09:57 - 2020-09-10 18:14 - 000436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2020-10-02 09:55 - 2020-10-02 09:55 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-10-02 09:55 - 2020-10-02 09:55 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-10-02 09:55 - 2020-10-02 09:54 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-10-01 17:48 - 2020-10-01 17:48 - 000002322 _____ C:\Users\Public\Desktop\VtM Bloodlines.lnk
2020-10-01 17:48 - 2020-10-01 17:48 - 000002322 _____ C:\ProgramData\Desktop\VtM Bloodlines.lnk
2020-10-01 17:48 - 2020-10-01 17:48 - 000000000 ____D C:\ProgramData\Caphyon
2020-10-01 17:45 - 2020-10-01 17:45 - 000000000 ____D C:\Program Files (x86)\Activision
2020-09-24 13:25 - 2020-09-24 13:25 - 000000000 ___HD C:\$Windows.~WS
2020-09-24 13:25 - 2020-09-24 13:25 - 000000000 ____D C:\$WINDOWS.~BT
2020-09-19 18:35 - 2020-09-19 18:35 - 000000000 ____D C:\Users\miros\AppData\Local\Fallout4
2020-09-19 17:33 - 2020-09-19 17:33 - 000000222 _____ C:\Users\miros\Desktop\Fallout 4.url
2020-09-19 16:33 - 2020-09-19 16:33 - 000000000 ____D C:\Users\miros\AppData\Local\FalloutNV
2020-09-18 18:15 - 2020-09-18 18:15 - 003678720 _____ C:\Users\miros\Downloads\2182-ochrana-ppt_4dc03f0b794e4.ppt
2020-09-18 17:44 - 2020-09-18 17:44 - 000194804 _____ C:\Users\miros\Downloads\8_L_L_ML_9_dekontaminace_RaL.pdf
2020-09-18 17:43 - 2020-09-18 17:43 - 002094776 _____ C:\Users\miros\Downloads\RPTX_2018_2_11160_0_642302_0_216669.pdf
2020-09-18 17:11 - 2020-09-18 17:11 - 000361472 _____ C:\Users\miros\Downloads\Stedrova__seminarNM.ppt
2020-09-17 11:28 - 2020-09-22 17:27 - 000000000 ____D C:\Users\miros\Desktop\Bergel
2020-09-11 11:00 - 2020-09-11 11:00 - 000288756 _____ C:\Users\miros\Downloads\e-ticket (1).pdf
2020-09-11 11:00 - 2020-09-11 11:00 - 000288722 _____ C:\Users\miros\Downloads\e-ticket.pdf
2020-09-10 21:57 - 2020-10-02 09:55 - 000217592 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-09-10 10:20 - 2020-09-10 10:20 - 032928920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll
2020-09-10 10:20 - 2020-09-10 10:20 - 031598936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsRaw.dll
2020-09-10 10:20 - 2020-09-10 10:20 - 025444864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-09-10 10:20 - 2020-09-10 10:20 - 019812864 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-09-10 10:20 - 2020-09-10 10:20 - 006304256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-09-10 10:20 - 2020-09-10 10:20 - 005907456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-09-10 10:20 - 2020-09-10 10:20 - 005503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2020-09-10 10:20 - 2020-09-10 10:20 - 004470272 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2020-09-10 10:20 - 2020-09-10 10:20 - 004309504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2020-09-10 10:20 - 2020-09-10 10:20 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-09-10 10:20 - 2020-09-10 10:20 - 003822592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-09-10 10:20 - 2020-09-10 10:20 - 003525608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2020-09-10 10:20 - 2020-09-10 10:20 - 003501568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-09-10 10:20 - 2020-09-10 10:20 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2020-09-10 10:20 - 2020-09-10 10:20 - 002494752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-09-10 10:20 - 2020-09-10 10:20 - 002422384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2020-09-10 10:20 - 2020-09-10 10:20 - 002315472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2020-09-10 10:20 - 2020-09-10 10:20 - 002230240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2020-09-10 10:20 - 2020-09-10 10:20 - 002138264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2020-09-10 10:20 - 2020-09-10 10:20 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-09-10 10:20 - 2020-09-10 10:20 - 001491160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2020-09-10 10:20 - 2020-09-10 10:20 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-09-10 10:20 - 2020-09-10 10:20 - 001272160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2020-09-10 10:20 - 2020-09-10 10:20 - 001247744 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2020-09-10 10:20 - 2020-09-10 10:20 - 001151808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-09-10 10:20 - 2020-09-10 10:20 - 001108384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2020-09-10 10:20 - 2020-09-10 10:20 - 001099600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2020-09-10 10:20 - 2020-09-10 10:20 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-09-10 10:20 - 2020-09-10 10:20 - 001039872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2020-09-10 10:20 - 2020-09-10 10:20 - 001012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-09-10 10:20 - 2020-09-10 10:20 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2020-09-10 10:20 - 2020-09-10 10:20 - 000941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2020-09-10 10:20 - 2020-09-10 10:20 - 000928768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFS.exe
2020-09-10 10:20 - 2020-09-10 10:20 - 000748384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2020-09-10 10:20 - 2020-09-10 10:20 - 000744240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
2020-09-10 10:20 - 2020-09-10 10:20 - 000738072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2020-09-10 10:20 - 2020-09-10 10:20 - 000724480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2020-09-10 10:20 - 2020-09-10 10:20 - 000709632 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2020-09-10 10:20 - 2020-09-10 10:20 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-09-10 10:20 - 2020-09-10 10:20 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-09-10 10:20 - 2020-09-10 10:20 - 000682752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL
2020-09-10 10:20 - 2020-09-10 10:20 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFSR.dll
2020-09-10 10:20 - 2020-09-10 10:20 - 000666288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2020-09-10 10:20 - 2020-09-10 10:20 - 000609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2020-09-10 10:20 - 2020-09-10 10:20 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfh264enc.dll
2020-09-10 10:20 - 2020-09-10 10:20 - 000574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfh264enc.dll
2020-09-10 10:20 - 2020-09-10 10:20 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-09-10 10:20 - 2020-09-10 10:20 - 000537608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2020-09-10 10:20 - 2020-09-10 10:20 - 000522752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2020-09-10 10:20 - 2020-09-10 10:20 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2020-09-10 10:20 - 2020-09-10 10:20 - 000420168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2020-09-10 10:20 - 2020-09-10 10:20 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMPOSE.dll
2020-09-10 10:20 - 2020-09-10 10:20 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2020-09-10 10:20 - 2020-09-10 10:20 - 000338944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2020-09-10 10:20 - 2020-09-10 10:20 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll
2020-09-10 10:20 - 2020-09-10 10:20 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOVER.exe
2020-09-10 10:20 - 2020-09-10 10:20 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSUTILITY.dll
2020-09-10 10:20 - 2020-09-10 10:20 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-09-10 10:20 - 2020-09-10 10:20 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-09-10 10:20 - 2020-09-10 10:20 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2020-09-10 10:20 - 2020-09-10 10:20 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-09-10 10:20 - 2020-09-10 10:20 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NAPCRYPT.DLL
2020-09-10 10:20 - 2020-09-10 10:20 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMPOSERES.dll
2020-09-10 10:20 - 2020-09-10 10:20 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 022642176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 019852288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 018032128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 009926456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-09-10 10:19 - 2020-09-10 10:19 - 007910152 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 007761408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 007284736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 007271232 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 006526448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 006170624 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 006069360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 005848848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 005767744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 005284328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 005041152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 005003832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 004859904 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 004605952 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 004565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-09-10 10:19 - 2020-09-10 10:19 - 004538368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 004048384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 003805696 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 003740456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 003727872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-09-10 10:19 - 2020-09-10 10:19 - 003547136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 003371176 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 003265024 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-09-10 10:19 - 2020-09-10 10:19 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 002799104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-09-10 10:19 - 2020-09-10 10:19 - 002774088 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 002772616 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 002697536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-09-10 10:19 - 2020-09-10 10:19 - 002585032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 002576896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 002565120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 002483712 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 002306048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 002260824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 002259680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 002090280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 002073600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 001999968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 001957552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 001930752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 001918464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 001750016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 001743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 001726264 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 001704960 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 001698816 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 001688064 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 001672544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 001670144 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 001664696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 001653792 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 001522176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 001521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 001512960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 001486848 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-09-10 10:19 - 2020-09-10 10:19 - 001485824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 001480520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-09-10 10:19 - 2020-09-10 10:19 - 001459200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 001421392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 001399216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 001397560 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-09-10 10:19 - 2020-09-10 10:19 - 001393960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 001369088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 001326592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 001307464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 001274128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 001260752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 001246208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 001218424 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2020-09-10 10:19 - 2020-09-10 10:19 - 001170960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 001141048 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 001138688 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 001124864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 001092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-09-10 10:19 - 2020-09-10 10:19 - 001054160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 001009200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000932256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-09-10 10:19 - 2020-09-10 10:19 - 000894032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000893104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000892728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2020-09-10 10:19 - 2020-09-10 10:19 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000867328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000864768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000858928 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-09-10 10:19 - 2020-09-10 10:19 - 000844088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000823752 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-09-10 10:19 - 2020-09-10 10:19 - 000822784 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000783496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-09-10 10:19 - 2020-09-10 10:19 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000775768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000775480 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-09-10 10:19 - 2020-09-10 10:19 - 000768504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000716304 _____ (Microsoft Corporation)

[Babis]

C:\WINDOWS\system32\StateRepository.Core.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000675840 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000675032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-09-10 10:19 - 2020-09-10 10:19 - 000671560 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-09-10 10:19 - 2020-09-10 10:19 - 000667312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000661832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-09-10 10:19 - 2020-09-10 10:19 - 000652800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000628400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-09-10 10:19 - 2020-09-10 10:19 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000600064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000593480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2020-09-10 10:19 - 2020-09-10 10:19 - 000578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000572208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000564480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-09-10 10:19 - 2020-09-10 10:19 - 000553664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-09-10 10:19 - 2020-09-10 10:19 - 000544336 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2020-09-10 10:19 - 2020-09-10 10:19 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2020-09-10 10:19 - 2020-09-10 10:19 - 000528896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000510792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000492032 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-09-10 10:19 - 2020-09-10 10:19 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000466352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000460192 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-09-10 10:19 - 2020-09-10 10:19 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000457016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2020-09-10 10:19 - 2020-09-10 10:19 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000422008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-09-10 10:19 - 2020-09-10 10:19 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000372536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2020-09-10 10:19 - 2020-09-10 10:19 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000363128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000356160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-09-10 10:19 - 2020-09-10 10:19 - 000332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-09-10 10:19 - 2020-09-10 10:19 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-09-10 10:19 - 2020-09-10 10:19 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000299072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2020-09-10 10:19 - 2020-09-10 10:19 - 000294728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2020-09-10 10:19 - 2020-09-10 10:19 - 000285056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppLockerCSP.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFMCP.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000260408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2020-09-10 10:19 - 2020-09-10 10:19 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000254776 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\FileHistory.exe
2020-09-10 10:19 - 2020-09-10 10:19 - 000245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2020-09-10 10:19 - 2020-09-10 10:19 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-09-10 10:19 - 2020-09-10 10:19 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpsrv.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000224064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000213824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-09-10 10:19 - 2020-09-10 10:19 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000209216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000205640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2020-09-10 10:19 - 2020-09-10 10:19 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-09-10 10:19 - 2020-09-10 10:19 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000165184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidpolicyconverter.exe
2020-09-10 10:19 - 2020-09-10 10:19 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWSD.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000146640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000146248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2020-09-10 10:19 - 2020-09-10 10:19 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnscmmc.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000132408 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000131896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys
2020-09-10 10:19 - 2020-09-10 10:19 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWSD.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnscmmc.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mapistub.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mapi32.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000108856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdSSDP.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000104248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000093496 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2020-09-10 10:19 - 2020-09-10 10:19 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000090944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000090936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vid.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000089344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdSSDP.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000084280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2020-09-10 10:19 - 2020-09-10 10:19 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2020-09-10 10:19 - 2020-09-10 10:19 - 000079576 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhuxgraphics.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000066872 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.exe
2020-09-10 10:19 - 2020-09-10 10:19 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpapi.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtutils.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000063296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-09-10 10:19 - 2020-09-10 10:19 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\edpnotify.exe
2020-09-10 10:19 - 2020-09-10 10:19 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000059392 _____ C:\WINDOWS\system32\runexehelper.exe
2020-09-10 10:19 - 2020-09-10 10:19 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000057888 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2020-09-10 10:19 - 2020-09-10 10:19 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiscap.sys
2020-09-10 10:19 - 2020-09-10 10:19 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtutils.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tar.exe
2020-09-10 10:19 - 2020-09-10 10:19 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NAPCRYPT.DLL
2020-09-10 10:19 - 2020-09-10 10:19 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edpnotify.exe
2020-09-10 10:19 - 2020-09-10 10:19 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfctrs.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfproc.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tar.exe
2020-09-10 10:19 - 2020-09-10 10:19 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfctrs.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfdisk.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2020-09-10 10:19 - 2020-09-10 10:19 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfos.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfproc.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfdisk.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wslapi.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfos.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
2020-09-10 10:19 - 2020-09-10 10:19 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2020-09-10 10:19 - 2020-09-10 10:19 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2020-09-10 10:19 - 2020-09-10 10:19 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfnet.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidtel.exe
2020-09-10 10:19 - 2020-09-10 10:19 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfnet.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000021304 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidtel.exe
2020-09-10 10:19 - 2020-09-10 10:19 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidcertstorecheck.exe
2020-09-10 10:19 - 2020-09-10 10:19 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\applockerfltr.sys
2020-09-10 10:19 - 2020-09-10 10:19 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fixmapi.exe
2020-09-10 10:19 - 2020-09-10 10:19 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDJPN.DLL
2020-09-10 10:19 - 2020-09-10 10:19 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDJPN.DLL
2020-09-10 10:19 - 2020-09-10 10:19 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDKOR.DLL
2020-09-10 10:19 - 2020-09-10 10:19 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbd106.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbd106n.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbd101.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbd106n.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbd106.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbd101.DLL
2020-09-10 10:19 - 2020-09-10 10:19 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3r.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3r.dll
2020-09-10 10:19 - 2020-09-10 10:19 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-09-10 10:19 - 2020-09-10 10:19 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-09-10 10:19 - 2020-09-10 10:19 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-09-10 10:19 - 2020-09-10 10:19 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-09-10 10:19 - 2020-09-10 10:19 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-09-10 10:19 - 2020-09-10 10:19 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-09-10 10:19 - 2020-09-10 10:19 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-09-10 10:19 - 2020-09-10 10:19 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-09-10 10:19 - 2020-09-10 10:19 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-09-10 10:19 - 2020-09-10 10:19 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-09-10 10:19 - 2020-09-10 10:19 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-09-10 10:19 - 2020-09-10 10:19 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-09-10 10:18 - 2020-09-10 10:18 - 007845080 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-09-10 10:18 - 2020-09-10 10:18 - 007582768 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2020-09-10 10:18 - 2020-09-10 10:18 - 006233080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2020-09-10 10:18 - 2020-09-10 10:18 - 004005888 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-09-10 10:18 - 2020-09-10 10:18 - 003714048 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-09-10 10:18 - 2020-09-10 10:18 - 003581240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-09-10 10:18 - 2020-09-10 10:18 - 003136000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-09-10 10:18 - 2020-09-10 10:18 - 003084800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2020-09-10 10:18 - 2020-09-10 10:18 - 002711552 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-09-10 10:18 - 2020-09-10 10:18 - 002454904 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2020-09-10 10:18 - 2020-09-10 10:18 - 002291712 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-09-10 10:18 - 2020-09-10 10:18 - 002060288 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2020-09-10 10:18 - 2020-09-10 10:18 - 001942016 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-09-10 10:18 - 2020-09-10 10:18 - 001885184 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-09-10 10:18 - 2020-09-10 10:18 - 001784832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2020-09-10 10:18 - 2020-09-10 10:18 - 001767424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-09-10 10:18 - 2020-09-10 10:18 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-09-10 10:18 - 2020-09-10 10:18 - 001746232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2020-09-10 10:18 - 2020-09-10 10:18 - 001499136 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2020-09-10 10:18 - 2020-09-10 10:18 - 001182720 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-09-10 10:18 - 2020-09-10 10:18 - 001182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2020-09-10 10:18 - 2020-09-10 10:18 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-09-10 10:18 - 2020-09-10 10:18 - 001008952 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2020-09-10 10:18 - 2020-09-10 10:18 - 000981320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2020-09-10 10:18 - 2020-09-10 10:18 - 000978232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2020-09-10 10:18 - 2020-09-10 10:18 - 000944680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2020-09-10 10:18 - 2020-09-10 10:18 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-09-10 10:18 - 2020-09-10 10:18 - 000841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2020-09-10 10:18 - 2020-09-10 10:18 - 000817152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2020-09-10 10:18 - 2020-09-10 10:18 - 000750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-09-10 10:18 - 2020-09-10 10:18 - 000722072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2020-09-10 10:18 - 2020-09-10 10:18 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2020-09-10 10:18 - 2020-09-10 10:18 - 000555320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
2020-09-10 10:18 - 2020-09-10 10:18 - 000521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2020-09-10 10:18 - 2020-09-10 10:18 - 000441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-09-10 10:18 - 2020-09-10 10:18 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountExtension.dll
2020-09-10 10:18 - 2020-09-10 10:18 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-09-10 10:18 - 2020-09-10 10:18 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-09-10 10:18 - 2020-09-10 10:18 - 000375096 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2020-09-10 10:18 - 2020-09-10 10:18 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-09-10 10:18 - 2020-09-10 10:18 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smbwmiv2.dll
2020-09-10 10:18 - 2020-09-10 10:18 - 000273208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2020-09-10 10:18 - 2020-09-10 10:18 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-09-10 10:18 - 2020-09-10 10:18 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-09-10 10:18 - 2020-09-10 10:18 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-09-10 10:18 - 2020-09-10 10:18 - 000250680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2020-09-10 10:18 - 2020-09-10 10:18 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-09-10 10:18 - 2020-09-10 10:18 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-09-10 10:18 - 2020-09-10 10:18 - 000224072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2020-09-10 10:18 - 2020-09-10 10:18 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2020-09-10 10:18 - 2020-09-10 10:18 - 000208712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2020-09-10 10:18 - 2020-09-10 10:18 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-09-10 10:18 - 2020-09-10 10:18 - 000201544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2020-09-10 10:18 - 2020-09-10 10:18 - 000200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2020-09-10 10:18 - 2020-09-10 10:18 - 000200008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2020-09-10 10:18 - 2020-09-10 10:18 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2020-09-10 10:18 - 2020-09-10 10:18 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapistub.dll
2020-09-10 10:18 - 2020-09-10 10:18 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapi32.dll
2020-09-10 10:18 - 2020-09-10 10:18 - 000142152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2020-09-10 10:18 - 2020-09-10 10:18 - 000129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe
2020-09-10 10:18 - 2020-09-10 10:18 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-09-10 10:18 - 2020-09-10 10:18 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-09-10 10:18 - 2020-09-10 10:18 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-09-10 10:18 - 2020-09-10 10:18 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-09-10 10:18 - 2020-09-10 10:18 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-09-10 10:18 - 2020-09-10 10:18 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-09-10 10:18 - 2020-09-10 10:18 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-09-10 10:18 - 2020-09-10 10:18 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-09-10 10:18 - 2020-09-10 10:18 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-09-10 10:18 - 2020-09-10 10:18 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-09-10 10:18 - 2020-09-10 10:18 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2020-09-10 10:18 - 2020-09-10 10:18 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-09-10 10:18 - 2020-09-10 10:18 - 000059192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2020-09-10 10:18 - 2020-09-10 10:18 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-09-10 10:18 - 2020-09-10 10:18 - 000047008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-09-10 10:18 - 2020-09-10 10:18 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2020-09-10 10:18 - 2020-09-10 10:18 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2020-09-10 10:18 - 2020-09-10 10:18 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-09-10 10:18 - 2020-09-10 10:18 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-09-10 10:18 - 2020-09-10 10:18 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-09-10 10:18 - 2020-09-10 10:18 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdiagnostics.dll
2020-09-10 10:18 - 2020-09-10 10:18 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\fixmapi.exe
2020-09-10 10:18 - 2020-09-10 10:18 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2020-09-10 10:11 - 2020-09-10 10:12 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-09-10 10:11 - 2020-09-10 10:12 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-09-05 12:57 - 2020-09-05 12:57 - 000338528 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2020-09-05 12:57 - 2020-09-05 12:57 - 000217328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2020-09-05 12:57 - 2020-09-05 12:57 - 000175192 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-10-04 09:21 - 2019-03-23 21:58 - 000000000 ____D C:\ProgramData\NVIDIA
2020-10-04 09:20 - 2020-07-15 10:44 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-10-04 09:20 - 2020-07-15 10:44 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-10-04 09:19 - 2019-03-23 14:07 - 000000000 __SHD C:\Users\miros\IntelGraphicsProfiles
2020-10-03 23:48 - 2020-07-10 15:24 - 000002854 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3721644651-469684830-772303768-1001
2020-10-03 23:48 - 2020-02-24 11:49 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-10-03 23:48 - 2020-02-24 11:49 - 000003402 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-10-03 23:48 - 2020-02-24 11:49 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-10-03 23:48 - 2020-02-24 11:49 - 000003196 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-10-03 23:48 - 2020-02-24 11:49 - 000003194 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-10-03 23:48 - 2020-02-24 11:49 - 000003178 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-10-03 23:48 - 2020-02-24 11:49 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-10-03 23:48 - 2020-02-24 11:49 - 000003118 _____ C:\WINDOWS\system32\Tasks\Intel PTT EK Recertification
2020-10-03 23:48 - 2020-02-24 11:49 - 000003074 _____ C:\WINDOWS\system32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7
2020-10-03 23:48 - 2020-02-24 11:49 - 000003042 _____ C:\WINDOWS\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2020-10-03 23:48 - 2020-02-24 11:49 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-10-03 23:48 - 2020-02-24 11:49 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-10-03 23:48 - 2020-02-24 11:49 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-10-03 23:48 - 2020-02-24 11:49 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-10-03 23:48 - 2020-02-24 11:49 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-10-03 23:48 - 2020-02-24 11:49 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-10-03 23:48 - 2020-02-24 11:49 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-10-03 23:48 - 2020-02-24 11:49 - 000002708 _____ C:\WINDOWS\system32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7-Logon
2020-10-03 23:48 - 2020-02-24 11:49 - 000002404 _____ C:\WINDOWS\system32\Tasks\NerveCenterUpdate
2020-10-03 23:48 - 2020-02-24 11:49 - 000002234 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-10-03 23:48 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-10-03 23:25 - 2020-02-24 11:49 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2020-10-03 21:03 - 2019-04-14 15:30 - 000000000 ____D C:\Program Files (x86)\Steam
2020-10-03 20:36 - 2020-02-24 11:41 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-10-03 20:05 - 2020-07-15 10:44 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-10-03 15:19 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-10-03 12:46 - 2019-04-14 15:22 - 000000000 ____D C:\ProgramData\AVAST Software
2020-10-03 11:54 - 2020-02-24 11:51 - 001693640 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-10-03 11:54 - 2019-03-19 13:55 - 000718198 _____ C:\WINDOWS\system32\perfh005.dat
2020-10-03 11:54 - 2019-03-19 13:55 - 000145242 _____ C:\WINDOWS\system32\perfc005.dat
2020-10-03 11:54 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2020-10-03 11:50 - 2020-02-24 11:49 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-10-03 11:50 - 2019-03-19 06:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-10-03 10:35 - 2020-02-24 11:45 - 000000000 ____D C:\Users\miros
2020-10-03 09:58 - 2019-04-15 20:28 - 000000000 ____D C:\Users\miros\AppData\Local\CrashDumps
2020-10-02 15:30 - 2020-07-10 22:40 - 000000000 ____D C:\Users\miros\AppData\Local\SquirrelTemp
2020-10-02 14:56 - 2019-03-23 13:47 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2020-10-02 14:54 - 2020-02-24 11:41 - 000451776 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-10-02 14:16 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-10-02 09:55 - 2019-08-12 16:34 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-10-02 09:55 - 2019-08-12 16:34 - 000002028 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-10-02 09:55 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-10-02 09:54 - 2019-08-12 16:34 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-09-26 15:49 - 2019-04-23 17:30 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-09-24 13:36 - 2020-02-20 19:33 - 000000000 ___DC C:\WINDOWS\Panther
2020-09-24 13:36 - 2019-06-06 19:21 - 000000000 ____D C:\ESD
2020-09-23 22:11 - 2019-03-23 14:12 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-09-23 22:11 - 2019-03-23 14:12 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-09-23 22:11 - 2019-03-23 14:12 - 000002267 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-09-22 18:11 - 2019-03-25 16:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2020-09-22 18:11 - 2019-03-25 16:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2020-09-22 18:11 - 2019-03-25 16:37 - 000000000 ____D C:\Program Files\Java
2020-09-22 18:10 - 2019-03-25 16:38 - 000193704 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2020-09-22 15:46 - 2019-03-23 14:07 - 000000000 ____D C:\Users\miros\AppData\Local\Packages
2020-09-21 18:37 - 2020-08-30 12:14 - 000000000 ____D C:\Users\miros\AppData\Roaming\Origin
2020-09-21 18:37 - 2019-04-14 15:33 - 000000000 ____D C:\ProgramData\Origin
2020-09-21 17:18 - 2020-08-30 12:14 - 000000000 ____D C:\Users\miros\AppData\Local\Origin
2020-09-21 10:15 - 2020-02-24 11:49 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-09-19 18:34 - 2020-08-09 09:19 - 000000000 ____D C:\Users\miros\Documents\BloodBowlChaos
2020-09-19 16:50 - 2019-04-14 17:47 - 000000000 ____D C:\Users\miros\Documents\My Games
2020-09-19 09:41 - 2020-07-10 15:18 - 000000000 ____D C:\Program Files\Microsoft Office
2020-09-15 16:19 - 2020-08-30 12:17 - 000000000 ____D C:\Program Files (x86)\Origin Games
2020-09-15 16:19 - 2020-08-30 12:14 - 000000000 ____D C:\Program Files (x86)\Origin
2020-09-12 15:11 - 2020-02-24 11:45 - 000002368 _____ C:\Users\miros\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-09-12 15:11 - 2019-03-23 14:09 - 000000000 ___RD C:\Users\miros\OneDrive
2020-09-10 18:14 - 2020-02-19 19:28 - 000905528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2020-09-10 11:24 - 2019-03-23 14:07 - 000000000 ___RD C:\Users\miros\3D Objects
2020-09-10 11:24 - 2017-03-23 19:27 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-09-10 11:23 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-09-10 11:23 - 2019-03-19 06:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2020-09-10 11:23 - 2019-03-19 06:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-09-10 11:23 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-09-10 11:23 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-09-10 11:23 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-09-10 11:23 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-09-10 11:23 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\Provisioning
2020-09-10 11:23 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-09-10 10:36 - 2019-03-23 16:12 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-09-10 10:30 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-09-10 10:22 - 2019-03-23 16:12 - 129170736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-09-10 10:18 - 2020-02-24 11:44 - 002876416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2020-09-08 10:00 - 2019-04-14 15:23 - 000326408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2020-09-05 12:57 - 2019-12-30 20:21 - 000037136 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2020-09-05 12:57 - 2019-04-14 15:23 - 000851600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2020-09-05 12:57 - 2019-04-14 15:23 - 000469880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2020-09-05 12:57 - 2019-04-14 15:23 - 000235584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2020-09-05 12:57 - 2019-04-14 15:23 - 000206392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2020-09-05 12:57 - 2019-04-14 15:23 - 000195648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2020-09-05 12:57 - 2019-04-14 15:23 - 000109272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2020-09-05 12:57 - 2019-04-14 15:23 - 000084848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2020-09-05 12:57 - 2019-04-14 15:23 - 000060480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2020-09-05 12:57 - 2019-04-14 15:23 - 000042768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

[Babis]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-10-2020
Ran by miros (04-10-2020 09:27:01)
Running from C:\Users\miros\Desktop
Windows 10 Home Version 1909 18363.1082 (X64) (2020-02-24 09:49:55)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3721644651-469684830-772303768-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3721644651-469684830-772303768-503 - Limited - Disabled)
Guest (S-1-5-21-3721644651-469684830-772303768-501 - Limited - Disabled)
miros (S-1-5-21-3721644651-469684830-772303768-1001 - Administrator - Enabled) => C:\Users\miros
WDAGUtilityAccount (S-1-5-21-3721644651-469684830-772303768-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.012.20048 - Adobe Systems Incorporated)
Aktualizace NVIDIA 38.0.5.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.5.0 - NVIDIA Corporation) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.7.2425 - Avast Software)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
Dolby Audio X2 Windows API SDK (HKLM\...\{8738A898-221B-4279-BC87-FEF7938022C1}) (Version: 0.8.8.87 - Dolby Laboratories, Inc.)
Dolby Audio X2 Windows APP (HKLM\...\{D765CF7F-14F9-4C80-B06C-10E68F10EBCC}) (Version: 0.7.2.62 - Dolby Laboratories, Inc.)
Epic Games Launcher (HKLM-x32\...\{1D4EB18B-0FEE-444E-B4D1-6F2CFBC363E6}) (Version: 1.1.267.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 85.0.4183.121 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Grand Theft Auto IV (HKLM-x32\...\{5454083B-1308-4485-BF17-1110000D8301}) (Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Intel(R) Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1039 - Intel Corporation)
Intel(R) Online Connect Software Asset Manager (HKLM-x32\...\{4FA94F64-1A00-4426-BF58-D08EB592CE1B}) (Version: 3.4.2095 - Intel Corporation) Hidden
IPVanish (HKLM\...\{23AC5A9C-F6D0-4458-8593-94BD6A0C55E2}) (Version: 3.4.4.4 - Mudhook Marketing, Inc) Hidden
IPVanish (HKLM-x32\...\{7e72bd81-8d45-4e2f-abdf-7faba4db186c}) (Version: 3.4.4.4 - )
Java 8 Update 261 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180261F0}) (Version: 8.0.2610.12 - Oracle Corporation)
Java SE Development Kit 8 Update 201 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180201}) (Version: 8.0.2010.9 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lenovo Utility (HKLM\...\{12ABAC82-7D83-4CB8-9DD2-434DC9AF2942}_is1) (Version: 3.0.0.17 - Lenovo)
Malwarebytes version 4.2.1.89 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.2.1.89 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 85.0.564.68 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.135.37 - )
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.12527.21104 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3721644651-469684830-772303768-1001\...\OneDriveSetup.exe) (Version: 20.143.0716.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{97238E8A-4919-4A1E-965A-C6C36938F4CE}) (Version: 2.68.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Mozilla Firefox 78.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 78.0.2 (x64 cs)) (Version: 78.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 67.0.1 - Mozilla)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.4.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.4.14 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 446.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 446.14 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12527.20988 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12527.20988 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.12527.20988 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.83.43781 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 446.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 446.14 - NVIDIA Corporation) Hidden
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.25.260 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.6.1 - Rockstar Games)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.69.43.024017 - Electronic Arts Inc.)
The Sims™ 3 Povolání snů (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Ambitions) (Version: 1.0.0.0 - Electronic Arts Inc.)
TomTom MyDrive Connect 4.2.7.3966 (HKLM-x32\...\MyDriveConnect) (Version: 4.2.7.3966 - TomTom)
Unofficial Oblivion Patch v3.2.0 (HKLM-x32\...\Unofficial Oblivion Patch_is1) (Version: 3.2.0 - Quarn and Kivan)
Uplay (HKLM-x32\...\Uplay) (Version: 85.1 - Ubisoft)
Vampire The Masquerade: Bloodlines CZ (HKLM-x32\...\Vampire The Masquerade: Bloodlines CZ 9.7) (Version: 9.7 - Activision)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - Intel Corporation Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-2) (Version: 1.0.54.1 - Intel Corporation Inc.)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Zemana AntiMalware verze 3.2.27 (HKLM-x32\...\{4E1F3677-C72E-4F7D-B66E-85467B1A289E}_is1) (Version: 3.2.27 - Zemana)

Packages:
=========
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.8101.0_x64__8wekyb3d8bbwe [2020-08-26] (Microsoft Studios) [MS Ad]
Uživatelský portál Lenovo -> C:\Program Files\WindowsApps\lenovocorporation.lenovoid_2.0.37.0_x86__4642shxvsv8s2 [2019-03-23] (LENOVO INCORPORATED.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-09-05] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2020-07-29] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-09-05] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-09-05] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki125133.inf_amd64_7a52044300619fc7\igfxDTCM.dll [2017-11-05] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-05-16] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2020-07-29] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-09-05] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2015-04-14] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2015-04-14] (Electronic Arts -> On2.com)

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-08-30 12:14 - 2020-08-30 12:14 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2020-08-30 12:14 - 2020-08-30 12:14 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2020-08-30 12:14 - 2020-08-30 12:14 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2020-09-15 16:19 - 2020-08-30 12:14 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2020-09-15 16:19 - 2020-08-30 12:14 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2020-09-15 16:19 - 2020-08-30 12:14 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2020-09-15 16:19 - 2020-08-30 12:14 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2020-09-15 16:19 - 2020-08-30 12:14 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2020-09-15 16:19 - 2020-08-30 12:14 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-3721644651-469684830-772303768-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-3721644651-469684830-772303768-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-3721644651-469684830-772303768-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKU\S-1-5-21-3721644651-469684830-772303768-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3721644651-469684830-772303768-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2020-07-25] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_261\bin\ssv.dll [2020-09-22] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_261\bin\jp2ssv.dll [2020-09-22] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-07-25] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-07-25] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-07-25] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-07-25] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-07-25] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-07-25] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-07-25] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-07-25] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-07-25] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3721644651-469684830-772303768-1001\...\sharepoint.com -> hxxps://campuscvut-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 23:03 - 2020-10-03 09:59 - 000000841 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

2020-03-24 10:41 - 2020-03-24 10:41 - 000000444 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Windows\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3721644651-469684830-772303768-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\miros\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\backgrounds-hd-wallpaper-bioshock.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

Network Binding:
=============
Wi-Fi: Intel(R) Technology Access Filter Driver -> nt_ndisrd (enabled)
Ethernet: Intel(R) Technology Access Filter Driver -> nt_ndisrd (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-3721644651-469684830-772303768-1001\...\StartupApproved\Run: => "EpicGamesLauncher"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{18AD6796-9F22-45C0-8A8B-4A59FAC54324}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FDAB60CE-279F-4D90-9C8E-582CE68BADBF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8F1FC6DC-A3D1-40DF-B0E7-B0F8256B5AAC}] => (Allow) D:\Games\Steam Games\steamapps\common\FarCry5\bin\ArcadeEditor64.exe => No File
FirewallRules: [{9ACD24B7-8639-4DCE-A2AF-658D175BF452}] => (Allow) D:\Games\Steam Games\steamapps\common\FarCry5\bin\ArcadeEditor64.exe => No File
FirewallRules: [{8A6B03D3-D56D-4E2F-9F8C-F301EC92A224}] => (Allow) D:\Games\Steam Games\steamapps\common\Rise of the Tomb Raider\ROTTR.exe (Square Enix LTD -> Eidos Inc.)
FirewallRules: [{F74AEAB0-3E8A-4E86-8749-D6D1E468AD77}] => (Allow) D:\Games\Steam Games\steamapps\common\Rise of the Tomb Raider\ROTTR.exe (Square Enix LTD -> Eidos Inc.)
FirewallRules: [{A28114D9-0F1A-4CC4-8A1D-F1CA8BB14EC4}] => (Allow) D:\Games\Steam Games\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe => No File
FirewallRules: [{D3C97EFD-1AA2-4367-847E-B1A6EBC831FB}] => (Allow) D:\Games\Steam Games\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe => No File
FirewallRules: [UDP Query User{43E5C4B4-9BCD-4A28-BAC4-9D80259D29F4}D:\games\steam games\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) D:\games\steam games\steamapps\common\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{A6058F19-AACA-43F3-B4CD-96D670DAEE35}D:\games\steam games\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) D:\games\steam games\steamapps\common\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{02ABCDD7-0208-496E-9193-E5A85613FB4E}] => (Allow) D:\Games\Steam Games\steamapps\common\Red Dead Redemption 2\PlayRDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{FB058C33-7BB8-4B7B-9677-3FDE6D78F72C}] => (Allow) D:\Games\Steam Games\steamapps\common\Red Dead Redemption 2\PlayRDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{C7B6E39B-432B-40B1-840A-0A2BB0038896}] => (Allow) D:\Games\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe => No File
FirewallRules: [{8E0706F8-8EE7-4F0D-9CCA-4D692CFF8B3B}] => (Allow) D:\Games\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe => No File
FirewallRules: [{CB310662-DF97-419C-9E39-74BFA6FFF2F6}] => (Allow) D:\Games\Origin Games\The Sims 4\Game\Bin\TS4.exe => No File
FirewallRules: [{95F7E7A2-B4D9-43CD-AF9F-CA75CF86DB38}] => (Allow) D:\Games\Origin Games\The Sims 4\Game\Bin\TS4.exe => No File
FirewallRules: [UDP Query User{3AA0E44F-C6DD-4428-8565-AC74AF667460}D:\games\steam games\steamapps\common\styx shards of darkness\styx2\binaries\win64\styx2-win64-shipping.exe] => (Allow) D:\games\steam games\steamapps\common\styx shards of darkness\styx2\binaries\win64\styx2-win64-shipping.exe => No File
FirewallRules: [TCP Query User{632A06D4-D1B2-4973-83B4-7DF5F50817C2}D:\games\steam games\steamapps\common\styx shards of darkness\styx2\binaries\win64\styx2-win64-shipping.exe] => (Allow) D:\games\steam games\steamapps\common\styx shards of darkness\styx2\binaries\win64\styx2-win64-shipping.exe => No File
FirewallRules: [{B1E3AFB0-B1E1-426E-A3A7-8163D62710BB}] => (Allow) D:\Games\Steam Games\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{FD58E3A1-FFA9-4455-98A4-F2CBAEF71A2E}] => (Allow) D:\Games\Steam Games\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{390FB800-8E2B-4843-B230-F3AEA47ECCE2}] => (Allow) D:\Games\Steam Games\steamapps\common\Mafia\Mafia\Setup.exe () [File not signed]
FirewallRules: [{92690A4F-0391-4A61-8F3D-655F71F7A8DF}] => (Allow) D:\Games\Steam Games\steamapps\common\Mafia\Mafia\Setup.exe () [File not signed]
FirewallRules: [{26B26677-584A-4866-82AD-B130FF7C22CC}] => (Allow) D:\Games\Steam Games\steamapps\common\Mafia\Mafia\Game.exe (Illusion Softworks) [File not signed]
FirewallRules: [{E70FED49-750D-4E5C-9533-EDFF702C2076}] => (Allow) D:\Games\Steam Games\steamapps\common\Mafia\Mafia\Game.exe (Illusion Softworks) [File not signed]
FirewallRules: [{E2F3F1BD-E427-4A3F-B916-F42B8C2D03F3}] => (Allow) D:\Games\Uplay Games\Assassin's Creed Unity\ACU.exe => No File
FirewallRules: [{852999D2-4C22-43F7-92BE-B6A33D4277B6}] => (Allow) D:\Games\Uplay Games\Assassin's Creed Unity\ACU.exe => No File
FirewallRules: [{D28C1DF2-21E8-490F-98E9-9284735D1629}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A6C3CC41-C6E5-4444-B54C-9868C5086445}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{DE8DBE09-3799-4B9B-9E40-28BB4B2CDD52}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{EB022ECF-96D8-4A32-B993-3BBD36746710}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{1B079E7C-B174-44D4-AAD5-796A1F0DF914}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{85647FEC-E6EF-4C44-AF94-98CA714D4FF3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{03BD8434-2420-44D5-86D4-250E489B4AB4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{47BFD42D-B29F-4D72-AA18-A33D33062A0A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{60B9E0BC-9647-422E-8481-FDB23FB6E2B9}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe => No File
FirewallRules: [{540D26BB-A4BB-4004-966F-1F0FE862DA5A}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe => No File
FirewallRules: [{AF4DF605-5305-44C3-B0FD-C32AA94E9D71}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E4882077-F0FA-47E5-8DD8-9CFD10594218}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{50903355-E738-4F7B-BF7E-8B8F74D920B4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe => No File
FirewallRules: [{D59A9A07-499A-47D9-A2AC-350B1249A208}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3290B54E-1C8D-4EE7-8AD3-7FA080212040}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EF764C7D-97FE-4014-A379-DECB9A2061B3}] => (Allow) C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe (TomTom International B.V. -> TomTom)
FirewallRules: [{9208E7EC-755A-4E8F-98E7-F301ED20CA50}] => (Allow) D:\Games\Steam Games\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe => No File
FirewallRules: [{6335D2F7-8EEC-4AB9-B516-2EFC4A9216AF}] => (Allow) D:\Games\Steam Games\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe => No File
FirewallRules: [TCP Query User{5B7DBCF7-DEEC-461B-882B-715F7CC1B24A}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{DC773C0F-3799-4FBD-A558-D325B4AA5D0E}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{4E4BD0D8-B45B-4A3D-AE33-0CC0A342B638}C:\windows\system32\sihost.exe] => (Allow) C:\windows\system32\sihost.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{2EF644FC-64A0-49AA-9670-B1DF739CF0A1}C:\windows\system32\sihost.exe] => (Allow) C:\windows\system32\sihost.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{FF74A7CE-C0F2-4633-9AA0-92469833CF24}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [UDP Query User{3D33D441-1BEE-4E3F-A532-DBB323983BA3}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [TCP Query User{C6024354-0758-4665-9E31-0218A72ABEC7}D:\games\grand theft auto iv\gtaiv.exe] => (Block) D:\games\grand theft auto iv\gtaiv.exe => No File
FirewallRules: [UDP Query User{7D839BB6-3DF0-454B-8F78-04266EEDAD5B}D:\games\grand theft auto iv\gtaiv.exe] => (Block) D:\games\grand theft auto iv\gtaiv.exe => No File
FirewallRules: [{F6C8D07E-F4CF-4F3A-ACD0-2A32084A634E}] => (Allow) D:\Games\Steam Games\steamapps\common\Grand Theft Auto IV\GTAIV\PlayGTAIV.exe => No File
FirewallRules: [{5E60B01A-98D5-43B0-A508-4D11E2857355}] => (Allow) D:\Games\Steam Games\steamapps\common\Grand Theft Auto IV\GTAIV\PlayGTAIV.exe => No File
FirewallRules: [{7E7ECBDE-B557-41B9-B4BA-FB2B9AF13262}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5D71D126-613B-43A6-BDA0-A1DE18650D07}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{20F5C7E7-F743-4995-B81A-CDA588C44073}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C5B92841-D1A7-4C32-9BFC-85260FFCE837}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8A03CF3E-974A-4DE9-8C56-3FFE2942D5E4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F698141C-CE7F-4C1D-9200-D3051FCCDD90}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D1643B72-94F6-4E09-AD1D-6DADC82E2139}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{45B279FC-514D-4397-B581-0D0FDB2ED473}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{5E1F4DF5-3805-4306-9A9A-B07D29E304D8}D:\games\steam games\steamapps\common\blood bowl 2\benchmarkdx11.exe] => (Allow) D:\games\steam games\steamapps\common\blood bowl 2\benchmarkdx11.exe => No File
FirewallRules: [UDP Query User{DEB67C23-D7A8-4298-9EB1-755E50A73CB6}D:\games\steam games\steamapps\common\blood bowl 2\benchmarkdx11.exe] => (Allow) D:\games\steam games\steamapps\common\blood bowl 2\benchmarkdx11.exe => No File
FirewallRules: [TCP Query User{73EB2FBD-198A-4F0E-B733-0225908173EB}D:\games\steam games\steamapps\common\blood bowl 2\bloodbowl2_dx_32.exe] => (Allow) D:\games\steam games\steamapps\common\blood bowl 2\bloodbowl2_dx_32.exe => No File
FirewallRules: [UDP Query User{88A459EC-B127-473A-B4AB-BECA913B736A}D:\games\steam games\steamapps\common\blood bowl 2\bloodbowl2_dx_32.exe] => (Allow) D:\games\steam games\steamapps\common\blood bowl 2\bloodbowl2_dx_32.exe => No File
FirewallRules: [{BF8A36F8-B5EC-42CC-BE99-1296E69219D1}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{25D239A4-0E66-4FFA-9C84-290B2F10358B}] => (Allow) D:\Games\Steam Games\steamapps\common\Blood Bowl Chaos Edition\BB_Chaos.exe (Focus Home Interactive -> Cyanide)
FirewallRules: [{FC66D170-4A3A-42B6-9A15-AE8290D1F6F9}] => (Allow) D:\Games\Steam Games\steamapps\common\Blood Bowl Chaos Edition\BB_Chaos.exe (Focus Home Interactive -> Cyanide)
FirewallRules: [{39C7D54A-2F62-4930-AD72-6F60B8D4106D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{78F4CD76-876A-4119-B201-4476835FAFF3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{85499AF0-A002-4FEE-B1A2-E6DD9591946B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5360B509-3A07-4355-84EF-F337A95C2F45}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{48A206FB-478A-498A-AD69-1EAECE38FC43}] => (Allow) D:\Games\Steam Games\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe => No File
FirewallRules: [{93742131-DFBE-417D-B2BD-2A7BC6A66B3A}] => (Allow) D:\Games\Steam Games\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe => No File
FirewallRules: [{DDE3499F-67C0-4AA6-AC0B-43BF6FD12480}] => (Allow) D:\Games\Steam Games\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe (Valve Corp. -> Irrational Games) [File not signed]
FirewallRules: [{E0CDDDC4-1E23-41DB-9ADE-742EA68E0CC4}] => (Allow) D:\Games\Steam Games\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe (Valve Corp. -> Irrational Games) [File not signed]
FirewallRules: [{9300BB5A-5418-4B14-A5C1-561DD317C634}] => (Allow) D:\Games\Steam Games\steamapps\common\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{9733BF9E-2793-476E-A7F7-4C37839BD3C3}] => (Allow) D:\Games\Steam Games\steamapps\common\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{C3C31621-37B7-4978-B8E2-D02D49A57F44}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (10/03/2020 11:30:59 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5280,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (10/03/2020 11:03:57 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (13228,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (10/03/2020 10:54:43 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10408,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (10/03/2020 10:08:01 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6116,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (10/03/2020 09:13:13 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (11268,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (10/03/2020 07:34:20 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5572,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (10/03/2020 07:27:45 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2932,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (10/03/2020 06:59:26 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4268,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).


System errors:
=============
Error: (10/03/2020 11:48:51 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-IJ326MGV)
Description: Server {38E441FB-3D16-422F-8750-B2DACEC5CEFC} se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/03/2020 11:00:47 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-IJ326MGV)
Description: Server {D18705BE-FC2F-44C8-AEFF-1CD49AEA8FC1} se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/03/2020 10:42:41 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-IJ326MGV)
Description: Server {D18705BE-FC2F-44C8-AEFF-1CD49AEA8FC1} se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/03/2020 11:50:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba HuaweiHiSuiteService64.exe neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (10/03/2020 11:50:11 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Avast Antivirus se po přijetí pokynu pro vypnutí neukončila správně.

Error: (10/03/2020 10:59:09 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error: (10/03/2020 10:33:12 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (10/03/2020 10:33:12 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.


CodeIntegrity:
===================================

Date: 2020-10-04 09:25:34.109
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2020-10-04 09:24:55.135
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-10-04 09:24:54.922
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-10-04 09:24:54.734
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-10-04 09:24:54.518
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-10-04 09:24:53.930
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-10-04 09:24:53.738
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-10-04 09:24:53.533
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: LENOVO 4KCN45WW 01/11/2019
Motherboard: LENOVO VIUU4
Processor: Intel(R) Core(TM) i7-7700HQ CPU @ 2.80GHz
Percentage of memory in use: 25%
Total physical RAM: 16276.16 MB
Available physical RAM: 12151.1 MB
Total Virtual: 17300.16 MB
Available Virtual: 12064.04 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:117.42 GB) (Free:30.92 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:931.39 GB) (Free:574.62 GB) NTFS

\\?\Volume{92733e3e-6d36-4da5-9788-f48a6c969f97}\ () (Fixed) (Total:0.57 GB) (Free:0.08 GB) NTFS
\\?\Volume{da1cfca9-ee3a-43d8-b3f8-8a39ef8fcb69}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 4BD8A694)

Partition: GPT.

==========================================================
Disk: 1 (Size: 119.2 GB) (Disk ID: 07E90F3C)

Partition: GPT.

==================== End of Addition.txt =======================

[jaro3]

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo17win10.msn.com/?pc=LCTE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo17win10.msn.com/?pc=LCTE
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
O1 - Hosts: ::1 localhost
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\RunOnce: [Application Restart #0] C:\Program Files\Lenovo\Nerve Center\bin\x64\LenovoNerveCenter.exe -runbywidget /RestartByRestartManager:1E8028CF-B0F0-456b-A413-3383082784F7 /RestartByRestartManager:3F16CC4D-98BC-45d7-B96A-94AA610242B8 /RestartByRestartManager:FB17D34F-5AA7-4171-884A-8655959DCB0B

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-3721644651-469684830-772303768-1001\...\MountPoints2: E - "E:\Setup.exe"
HKU\S-1-5-21-3721644651-469684830-772303768-1001\...\MountPoints2: {9493d090-6c30-11ea-9584-0028f8811626} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3721644651-469684830-772303768-1001\...\MountPoints2: {9493d106-6c30-11ea-9584-0028f8811626} - "E:\HiSuiteDownLoader.exe"
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {AA1B2966-CEFF-4CD9-B9A6-5EB03AE9F8E4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-23] (Google Inc -> Google Inc.)
Task: {D8B80D8C-82F0-4678-9616-EAEA96DEF6AC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-23] (Google Inc -> Google Inc.)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
SearchScopes: HKU\S-1-5-21-3721644651-469684830-772303768-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3721644651-469684830-772303768-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
FirewallRules: [{8F1FC6DC-A3D1-40DF-B0E7-B0F8256B5AAC}] => (Allow) D:\Games\Steam Games\steamapps\common\FarCry5\bin\ArcadeEditor64.exe => No File
FirewallRules: [{9ACD24B7-8639-4DCE-A2AF-658D175BF452}] => (Allow) D:\Games\Steam Games\steamapps\common\FarCry5\bin\ArcadeEditor64.exe => No File
FirewallRules: [{A28114D9-0F1A-4CC4-8A1D-F1CA8BB14EC4}] => (Allow) D:\Games\Steam Games\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe => No File
FirewallRules: [{D3C97EFD-1AA2-4367-847E-B1A6EBC831FB}] => (Allow) D:\Games\Steam Games\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe => No File
FirewallRules: [{C7B6E39B-432B-40B1-840A-0A2BB0038896}] => (Allow) D:\Games\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe => No File
FirewallRules: [{8E0706F8-8EE7-4F0D-9CCA-4D692CFF8B3B}] => (Allow) D:\Games\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe => No File
FirewallRules: [{CB310662-DF97-419C-9E39-74BFA6FFF2F6}] => (Allow) D:\Games\Origin Games\The Sims 4\Game\Bin\TS4.exe => No File
FirewallRules: [{95F7E7A2-B4D9-43CD-AF9F-CA75CF86DB38}] => (Allow) D:\Games\Origin Games\The Sims 4\Game\Bin\TS4.exe => No File
FirewallRules: [UDP Query User{3AA0E44F-C6DD-4428-8565-AC74AF667460}D:\games\steam games\steamapps\common\styx shards of darkness\styx2\binaries\win64\styx2-win64-shipping.exe] => (Allow) D:\games\steam games\steamapps\common\styx shards of darkness\styx2\binaries\win64\styx2-win64-shipping.exe => No File
FirewallRules: [TCP Query User{632A06D4-D1B2-4973-83B4-7DF5F50817C2}D:\games\steam games\steamapps\common\styx shards of darkness\styx2\binaries\win64\styx2-win64-shipping.exe] => (Allow) D:\games\steam games\steamapps\common\styx shards of darkness\styx2\binaries\win64\styx2-win64-shipping.exe => No File
FirewallRules: [{E2F3F1BD-E427-4A3F-B916-F42B8C2D03F3}] => (Allow) D:\Games\Uplay Games\Assassin's Creed Unity\ACU.exe => No File
FirewallRules: [{852999D2-4C22-43F7-92BE-B6A33D4277B6}] => (Allow) D:\Games\Uplay Games\Assassin's Creed Unity\ACU.exe => No File
FirewallRules: [{1B079E7C-B174-44D4-AAD5-796A1F0DF914}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{85647FEC-E6EF-4C44-AF94-98CA714D4FF3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{60B9E0BC-9647-422E-8481-FDB23FB6E2B9}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe => No File
FirewallRules: [{540D26BB-A4BB-4004-966F-1F0FE862DA5A}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe => No File
FirewallRules: [{50903355-E738-4F7B-BF7E-8B8F74D920B4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe => No File
FirewallRules: [{9208E7EC-755A-4E8F-98E7-F301ED20CA50}] => (Allow) D:\Games\Steam Games\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe => No File
FirewallRules: [{6335D2F7-8EEC-4AB9-B516-2EFC4A9216AF}] => (Allow) D:\Games\Steam Games\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe => No File
FirewallRules: [TCP Query User{C6024354-0758-4665-9E31-0218A72ABEC7}D:\games\grand theft auto iv\gtaiv.exe] => (Block) D:\games\grand theft auto iv\gtaiv.exe => No File
FirewallRules: [UDP Query User{7D839BB6-3DF0-454B-8F78-04266EEDAD5B}D:\games\grand theft auto iv\gtaiv.exe] => (Block) D:\games\grand theft auto iv\gtaiv.exe => No File
FirewallRules: [{F6C8D07E-F4CF-4F3A-ACD0-2A32084A634E}] => (Allow) D:\Games\Steam Games\steamapps\common\Grand Theft Auto IV\GTAIV\PlayGTAIV.exe => No File
FirewallRules: [{5E60B01A-98D5-43B0-A508-4D11E2857355}] => (Allow) D:\Games\Steam Games\steamapps\common\Grand Theft Auto IV\GTAIV\PlayGTAIV.exe => No File
FirewallRules: [TCP Query User{5E1F4DF5-3805-4306-9A9A-B07D29E304D8}D:\games\steam games\steamapps\common\blood bowl 2\benchmarkdx11.exe] => (Allow) D:\games\steam games\steamapps\common\blood bowl 2\benchmarkdx11.exe => No File
FirewallRules: [UDP Query User{DEB67C23-D7A8-4298-9EB1-755E50A73CB6}D:\games\steam games\steamapps\common\blood bowl 2\benchmarkdx11.exe] => (Allow) D:\games\steam games\steamapps\common\blood bowl 2\benchmarkdx11.exe => No File
FirewallRules: [TCP Query User{73EB2FBD-198A-4F0E-B733-0225908173EB}D:\games\steam games\steamapps\common\blood bowl 2\bloodbowl2_dx_32.exe] => (Allow) D:\games\steam games\steamapps\common\blood bowl 2\bloodbowl2_dx_32.exe => No File
FirewallRules: [UDP Query User{88A459EC-B127-473A-B4AB-BECA913B736A}D:\games\steam games\steamapps\common\blood bowl 2\bloodbowl2_dx_32.exe] => (Allow) D:\games\steam games\steamapps\common\blood bowl 2\bloodbowl2_dx_32.exe => No File

Hosts:

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

[Babis]

Fix result of Farbar Recovery Scan Tool (x64) Version: 04-10-2020
Ran by miros (04-10-2020 18:17:52) Run:1
Running from C:\Users\miros\Desktop
Loaded Profiles: miros
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-3721644651-469684830-772303768-1001\...\MountPoints2: E - "E:\Setup.exe"
HKU\S-1-5-21-3721644651-469684830-772303768-1001\...\MountPoints2: {9493d090-6c30-11ea-9584-0028f8811626} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3721644651-469684830-772303768-1001\...\MountPoints2: {9493d106-6c30-11ea-9584-0028f8811626} - "E:\HiSuiteDownLoader.exe"
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {AA1B2966-CEFF-4CD9-B9A6-5EB03AE9F8E4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-23] (Google Inc -> Google Inc.)
Task: {D8B80D8C-82F0-4678-9616-EAEA96DEF6AC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-23] (Google Inc -> Google Inc.)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
SearchScopes: HKU\S-1-5-21-3721644651-469684830-772303768-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3721644651-469684830-772303768-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
FirewallRules: [{8F1FC6DC-A3D1-40DF-B0E7-B0F8256B5AAC}] => (Allow) D:\Games\Steam Games\steamapps\common\FarCry5\bin\ArcadeEditor64.exe => No File
FirewallRules: [{9ACD24B7-8639-4DCE-A2AF-658D175BF452}] => (Allow) D:\Games\Steam Games\steamapps\common\FarCry5\bin\ArcadeEditor64.exe => No File
FirewallRules: [{A28114D9-0F1A-4CC4-8A1D-F1CA8BB14EC4}] => (Allow) D:\Games\Steam Games\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe => No File
FirewallRules: [{D3C97EFD-1AA2-4367-847E-B1A6EBC831FB}] => (Allow) D:\Games\Steam Games\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe => No File
FirewallRules: [{C7B6E39B-432B-40B1-840A-0A2BB0038896}] => (Allow) D:\Games\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe => No File
FirewallRules: [{8E0706F8-8EE7-4F0D-9CCA-4D692CFF8B3B}] => (Allow) D:\Games\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe => No File
FirewallRules: [{CB310662-DF97-419C-9E39-74BFA6FFF2F6}] => (Allow) D:\Games\Origin Games\The Sims 4\Game\Bin\TS4.exe => No File
FirewallRules: [{95F7E7A2-B4D9-43CD-AF9F-CA75CF86DB38}] => (Allow) D:\Games\Origin Games\The Sims 4\Game\Bin\TS4.exe => No File
FirewallRules: [UDP Query User{3AA0E44F-C6DD-4428-8565-AC74AF667460}D:\games\steam games\steamapps\common\styx shards of darkness\styx2\binaries\win64\styx2-win64-shipping.exe] => (Allow) D:\games\steam games\steamapps\common\styx shards of darkness\styx2\binaries\win64\styx2-win64-shipping.exe => No File
FirewallRules: [TCP Query User{632A06D4-D1B2-4973-83B4-7DF5F50817C2}D:\games\steam games\steamapps\common\styx shards of darkness\styx2\binaries\win64\styx2-win64-shipping.exe] => (Allow) D:\games\steam games\steamapps\common\styx shards of darkness\styx2\binaries\win64\styx2-win64-shipping.exe => No File
FirewallRules: [{E2F3F1BD-E427-4A3F-B916-F42B8C2D03F3}] => (Allow) D:\Games\Uplay Games\Assassin's Creed Unity\ACU.exe => No File
FirewallRules: [{852999D2-4C22-43F7-92BE-B6A33D4277B6}] => (Allow) D:\Games\Uplay Games\Assassin's Creed Unity\ACU.exe => No File
FirewallRules: [{1B079E7C-B174-44D4-AAD5-796A1F0DF914}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{85647FEC-E6EF-4C44-AF94-98CA714D4FF3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{60B9E0BC-9647-422E-8481-FDB23FB6E2B9}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe => No File
FirewallRules: [{540D26BB-A4BB-4004-966F-1F0FE862DA5A}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe => No File
FirewallRules: [{50903355-E738-4F7B-BF7E-8B8F74D920B4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe => No File
FirewallRules: [{9208E7EC-755A-4E8F-98E7-F301ED20CA50}] => (Allow) D:\Games\Steam Games\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe => No File
FirewallRules: [{6335D2F7-8EEC-4AB9-B516-2EFC4A9216AF}] => (Allow) D:\Games\Steam Games\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe => No File
FirewallRules: [TCP Query User{C6024354-0758-4665-9E31-0218A72ABEC7}D:\games\grand theft auto iv\gtaiv.exe] => (Block) D:\games\grand theft auto iv\gtaiv.exe => No File
FirewallRules: [UDP Query User{7D839BB6-3DF0-454B-8F78-04266EEDAD5B}D:\games\grand theft auto iv\gtaiv.exe] => (Block) D:\games\grand theft auto iv\gtaiv.exe => No File
FirewallRules: [{F6C8D07E-F4CF-4F3A-ACD0-2A32084A634E}] => (Allow) D:\Games\Steam Games\steamapps\common\Grand Theft Auto IV\GTAIV\PlayGTAIV.exe => No File
FirewallRules: [{5E60B01A-98D5-43B0-A508-4D11E2857355}] => (Allow) D:\Games\Steam Games\steamapps\common\Grand Theft Auto IV\GTAIV\PlayGTAIV.exe => No File
FirewallRules: [TCP Query User{5E1F4DF5-3805-4306-9A9A-B07D29E304D8}D:\games\steam games\steamapps\common\blood bowl 2\benchmarkdx11.exe] => (Allow) D:\games\steam games\steamapps\common\blood bowl 2\benchmarkdx11.exe => No File
FirewallRules: [UDP Query User{DEB67C23-D7A8-4298-9EB1-755E50A73CB6}D:\games\steam games\steamapps\common\blood bowl 2\benchmarkdx11.exe] => (Allow) D:\games\steam games\steamapps\common\blood bowl 2\benchmarkdx11.exe => No File
FirewallRules: [TCP Query User{73EB2FBD-198A-4F0E-B733-0225908173EB}D:\games\steam games\steamapps\common\blood bowl 2\bloodbowl2_dx_32.exe] => (Allow) D:\games\steam games\steamapps\common\blood bowl 2\bloodbowl2_dx_32.exe => No File
FirewallRules: [UDP Query User{88A459EC-B127-473A-B4AB-BECA913B736A}D:\games\steam games\steamapps\common\blood bowl 2\bloodbowl2_dx_32.exe] => (Allow) D:\games\steam games\steamapps\common\blood bowl 2\bloodbowl2_dx_32.exe => No File

Hosts:

EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.
HKU\S-1-5-21-3721644651-469684830-772303768-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E => removed successfully
HKU\S-1-5-21-3721644651-469684830-772303768-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9493d090-6c30-11ea-9584-0028f8811626} => removed successfully
HKU\S-1-5-21-3721644651-469684830-772303768-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9493d106-6c30-11ea-9584-0028f8811626} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AA1B2966-CEFF-4CD9-B9A6-5EB03AE9F8E4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AA1B2966-CEFF-4CD9-B9A6-5EB03AE9F8E4}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D8B80D8C-82F0-4678-9616-EAEA96DEF6AC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D8B80D8C-82F0-4678-9616-EAEA96DEF6AC}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\PowerISO => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\PowerISO => removed successfully
"HKU\S-1-5-21-3721644651-469684830-772303768-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-3721644651-469684830-772303768-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8F1FC6DC-A3D1-40DF-B0E7-B0F8256B5AAC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9ACD24B7-8639-4DCE-A2AF-658D175BF452}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A28114D9-0F1A-4CC4-8A1D-F1CA8BB14EC4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D3C97EFD-1AA2-4367-847E-B1A6EBC831FB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C7B6E39B-432B-40B1-840A-0A2BB0038896}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8E0706F8-8EE7-4F0D-9CCA-4D692CFF8B3B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CB310662-DF97-419C-9E39-74BFA6FFF2F6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{95F7E7A2-B4D9-43CD-AF9F-CA75CF86DB38}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{3AA0E44F-C6DD-4428-8565-AC74AF667460}D:\games\steam games\steamapps\common\styx shards of darkness\styx2\binaries\win64\styx2-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{632A06D4-D1B2-4973-83B4-7DF5F50817C2}D:\games\steam games\steamapps\common\styx shards of darkness\styx2\binaries\win64\styx2-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E2F3F1BD-E427-4A3F-B916-F42B8C2D03F3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{852999D2-4C22-43F7-92BE-B6A33D4277B6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1B079E7C-B174-44D4-AAD5-796A1F0DF914}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{85647FEC-E6EF-4C44-AF94-98CA714D4FF3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{60B9E0BC-9647-422E-8481-FDB23FB6E2B9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{540D26BB-A4BB-4004-966F-1F0FE862DA5A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{50903355-E738-4F7B-BF7E-8B8F74D920B4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9208E7EC-755A-4E8F-98E7-F301ED20CA50}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6335D2F7-8EEC-4AB9-B516-2EFC4A9216AF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C6024354-0758-4665-9E31-0218A72ABEC7}D:\games\grand theft auto iv\gtaiv.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{7D839BB6-3DF0-454B-8F78-04266EEDAD5B}D:\games\grand theft auto iv\gtaiv.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F6C8D07E-F4CF-4F3A-ACD0-2A32084A634E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5E60B01A-98D5-43B0-A508-4D11E2857355}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5E1F4DF5-3805-4306-9A9A-B07D29E304D8}D:\games\steam games\steamapps\common\blood bowl 2\benchmarkdx11.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{DEB67C23-D7A8-4298-9EB1-755E50A73CB6}D:\games\steam games\steamapps\common\blood bowl 2\benchmarkdx11.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{73EB2FBD-198A-4F0E-B733-0225908173EB}D:\games\steam games\steamapps\common\blood bowl 2\bloodbowl2_dx_32.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{88A459EC-B127-473A-B4AB-BECA913B736A}D:\games\steam games\steamapps\common\blood bowl 2\bloodbowl2_dx_32.exe" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 23228545 B
Java, Flash, Steam htmlcache => 433594371 B
Windows/system/drivers => 4631844 B
Edge => 0 B
Chrome => 419330150 B
Firefox => 196980 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 4372 B
NetworkService => 4372 B
miros => 5062428 B

RecycleBin => 0 B
EmptyTemp: => 854.8 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 18:18:15 ====

[jaro3]

Co problémy?

[Babis]

Reklamy zmizely už předevčírem. Vypadá to v pohodě. Bylo to hodně napadený/zanešený?

[jaro3]

Ne moc , hlavbně nic vážného.

Stáhni si zde DelFix
Další odkazy:
https://toolslib.net/downloads/viewdownload/2-delfix/
http://ccm.net/download/download-24087-delfix
https://www.bleepingcomputer.com/download/delfix/

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7, 8 a10 musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je zpráva zde:
v C: \ DelFix.txt

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.

[Babis]

# DelFix v1.010 - Logfile created 05/10/2020 at 19:17:51
# Updated 26/04/2015 by Xplode
# Username : miros - LAPTOP-IJ326MGV
# Operating System : Windows 10 Home (64 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\zoek_backup
Deleted : C:\Users\miros\Desktop\FRST-OlderVersion
Deleted : C:\zoek-results.log
Deleted : C:\Users\miros\Desktop\Addition.txt
Deleted : C:\Users\miros\Desktop\Fixlog.txt
Deleted : C:\Users\miros\Desktop\FRST64.exe
Deleted : C:\Users\miros\Desktop\HijackThis.exe
Deleted : C:\Users\miros\Desktop\hijackthis.log
Deleted : C:\Users\miros\Desktop\zoek.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

~ Cleaning system restore ...

Deleted : RP #3 [Restore Point Created by FRST | 10/04/2020 16:17:53]

New restore point created !

########## - EOF - ##########

Všechno OK, díky moc!