Prosím o kontrolu logu (zpomalený notebook) Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Uživatelský avatar
Mety
Level 2.5
Level 2.5
Příspěvky: 304
Registrován: duben 12
Bydliště: Markvartovice
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu (zpomalený notebook)

Příspěvekod Mety » 17 čer 2020 00:13

Log ze Zoek 1.část:

Zoek.exe v5.0.0.2 Updated 03-May-2018(Online Version)
Tool run by mates on 16.06.2020 at 23:42:39,83.
Microsoft Windows 10 Home 10.0.18362 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\mates\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

16.06.2020 23:44:03 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\Origin Games deleted successfully
C:\PROGRA~2\Wondershare deleted successfully
C:\PROGRA~2\WondershareUpdate deleted successfully
C:\PROGRA~2\COMMON~1\Intel Corporation deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\PROGRA~3\ssh deleted successfully
C:\Users\mates\AppData\Roaming\Easeware deleted successfully
C:\Users\mates\AppData\Roaming\MPC-HC deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Roaming\hpqLog deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Roaming\hpqLog deleted successfully
C:\Users\mates\AppData\Local\DBG deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\DBG deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Packages deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~2\Origin Games not found
C:\PROGRA~2\Wondershare not found
C:\PROGRA~2\WondershareUpdate not found
C:\Users\mates\AppData\Local\Wondershare deleted
C:\Users\mates\AppData\Roaming\.tlauncher deleted
C:\Users\mates\AppData\Roaming\discord deleted
C:\82ace7d6-0197-474d-bf4b-a2043e72329b deleted
C:\Users\mates\AppData\Roaming\Wondershare deleted
C:\PROGRA~3\Package Cache deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tpm-17c4-27d0-1b7f32.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1274-3978-b3ade.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1274-3978-b3ae0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1274-3978-b3ae2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1274-3978-b3af4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1274-3978-b3af6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1274-3978-b3af8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1274-3978-b3b29.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1274-3978-b3b2b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1274-3978-b3b4c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1274-3978-b3b4e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1274-3978-b3b50.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1274-3978-b3b62.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1274-3978-b3b64.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1274-3978-b3b66.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1274-3978-b3b77.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1274-3978-b3b79.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1274-3978-b3b7b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1274-3978-b3b8d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1274-3978-b3b8f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1584-3ae0-9b335.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1584-3ae0-9b346.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1584-3ae0-9b348.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1584-3ae0-9b34a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1584-3ae0-9b34c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1584-3ae0-9b35e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1584-3ae0-9b360.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1584-3ae0-9b362.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1584-3ae0-9b364.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1584-3ae0-9b366.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1584-3ae0-9b377.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1584-3ae0-9b379.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1584-3ae0-9b37b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1584-3ae0-9b37d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1584-3ae0-9b38f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1584-3ae0-9b391.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1584-3ae0-9b393.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1584-3ae0-9b3a5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1584-3ae0-9b3a7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17c4-27d0-1b7aab.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17c4-27d0-1b7abc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17c4-27d0-1b7b0c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17c4-27d0-1b7b8b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17c4-27d0-1b7b9d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17c4-27d0-1b7bce.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17c4-27d0-1b7c8b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17c4-27d0-1b7cbc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17c4-27d0-1b7cce.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17c4-27d0-1b7cff.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17c4-27d0-1b7d10.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17c4-27d0-1b7d22.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17c4-27d0-1b7d34.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17c4-27d0-1b7d55.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17c4-27d0-1b7d57.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17c4-27d0-1b7d59.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17c4-27d0-1b7d6a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17c4-27d0-1b7d7c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17c4-27d0-1b7d8e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17c4-27d0-1b7d90.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17c4-27d0-1b7d92.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17c4-27d0-1b7d94.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17c4-27d0-1b7d96.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17c4-27d0-1b7da7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17c4-27d0-1b7db9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17c4-27d0-1b7dbb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17c4-27d0-1b7dbd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17c4-27d0-1b7dbf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17c4-27d0-1b7dd1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17c4-27d0-1b7dd3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17c4-27d0-1b7de4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17c4-27d0-1b7de6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17c4-27d0-1b7de8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17c4-27d0-1b7dfa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17c4-27d0-1b7dfc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17c4-27d0-1b7dfe.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17c4-27d0-1b7e0f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17c4-27d0-1b7e11.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17c4-27d0-1b7e23.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17c4-27d0-1b7e25.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17c4-27d0-1b7e27.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17c4-27d0-1b7e48.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17c4-27d0-1b7e4a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17c4-27d0-1b7e4c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17c4-27d0-1b7e5e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17c4-27d0-1b7e60.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17c4-27d0-1b7e72.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17c4-27d0-1b7e83.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17c4-27d0-1b7e95.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17c4-27d0-1b7e97.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17c4-27d0-1b7ea8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17c4-27d0-1b7eba.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17c4-27d0-1b7f0a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17c4-27d0-1b7f0c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17c4-27d0-1b7f1e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17c4-27d0-1b7f2f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17c4-27d0-1b7f31.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17d0-181c-1b9332.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17d0-181c-1b9334.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17d0-181c-1b9336.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17d0-181c-1b9338.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17d0-181c-1b9349.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17d0-181c-1b934b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17d0-181c-1b934d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17d0-181c-1b934f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17d0-181c-1b9361.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17d0-181c-1b9363.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17d0-181c-1b9365.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17d0-181c-1b9367.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17d0-181c-1b9369.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17d0-181c-1b937b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17d0-181c-1b937d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17d0-181c-1b937f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17d0-181c-1b9390.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17d0-181c-1b9392.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-17d0-181c-1b9394.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1900-1084-a7404.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1900-1084-a7406.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1900-1084-a7408.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1900-1084-a741a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1900-1084-a741c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1900-1084-a741e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1900-1084-a7420.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1900-1084-a7431.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1900-1084-a7433.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1900-1084-a7435.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1900-1084-a7447.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1900-1084-a7449.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1900-1084-a744b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1900-1084-a744d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1900-1084-a745e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1900-1084-a7460.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1900-1084-a7462.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1900-1084-a7464.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1900-1084-a7476.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b48-2544-60f279.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b48-2544-60f27b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b48-2544-60f28c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b48-2544-60f28e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b48-2544-60f290.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b48-2544-60f292.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b48-2544-60f2a4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b48-2544-60f2a6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b48-2544-60f2a8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b48-2544-60f2ba.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b48-2544-60f2bc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b48-2544-60f2be.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b48-2544-60f2c0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b48-2544-60f2d1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b48-2544-60f2d3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b48-2544-60f2e5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b48-2544-60f2e7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b48-2544-60f2e9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b48-2544-60f2fa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1d50-116c-39d559.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1d50-116c-39d55b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1d50-116c-39d55d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1d50-116c-39d56f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1d50-116c-39d571.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1d50-116c-39d573.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1d50-116c-39d575.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1d50-116c-39d587.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1d50-116c-39d589.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1d50-116c-39d59a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1d50-116c-39d5ac.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1d50-116c-39d5ae.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1d50-116c-39d5bf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1d50-116c-39d5c1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1d50-116c-39d5c3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1d50-116c-39d5d5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1d50-116c-39d5d7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1d50-116c-39d5d9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1d50-116c-39d5eb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e54-6c4-207d40.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e54-6c4-207d42.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e54-6c4-207d44.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e54-6c4-207d65.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e54-6c4-207d67.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e54-6c4-207d69.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e54-6c4-207d7b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e54-6c4-207d8d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e54-6c4-207d9e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e54-6c4-207da0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e54-6c4-207db2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e54-6c4-207dc4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e54-6c4-207dc6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e54-6c4-207dd7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e54-6c4-207dd9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e54-6c4-207ddb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e54-6c4-207ded.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e54-6c4-207def.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e54-6c4-207df1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f90-286c-f69da.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f90-286c-f69dc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f90-286c-f69de.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f90-286c-f69e0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f90-286c-f69f2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f90-286c-f69f4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f90-286c-f69f6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f90-286c-f69f8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f90-286c-f6a09.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f90-286c-f6a0b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f90-286c-f6a0d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f90-286c-f6a0f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f90-286c-f6a21.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f90-286c-f6a23.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f90-286c-f6a25.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f90-286c-f6a27.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f90-286c-f6a39.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f90-286c-f6a3b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f90-286c-f6a3d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-20a0-1bf4-6c2d79.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-20a0-1bf4-6c2d7b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-20a0-1bf4-6c2d7d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-20a0-1bf4-6c2d8e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-20a0-1bf4-6c2d90.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-20a0-1bf4-6c2d92.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-20a0-1bf4-6c2d94.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-20a0-1bf4-6c2da6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-20a0-1bf4-6c2da8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-20a0-1bf4-6c2daa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-20a0-1bf4-6c2dac.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-20a0-1bf4-6c2dbe.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-20a0-1bf4-6c2dcf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-20a0-1bf4-6c2df0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-20a0-1bf4-6c2df2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-20a0-1bf4-6c2e04.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-20a0-1bf4-6c2e06.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-20a0-1bf4-6c2e18.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-20a0-1bf4-6c2e29.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2174-b20-15b4b1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2174-b20-15b4c3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2174-b20-15b4c5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2174-b20-15b4c7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2174-b20-15b4c9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2174-b20-15b4cb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2174-b20-15b4dc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2174-b20-15b4de.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2174-b20-15b4e0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2174-b20-15b4e2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2174-b20-15b4e4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2174-b20-15b4f6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2174-b20-15b4f8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2174-b20-15b4fa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2174-b20-15b4fc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2174-b20-15b50e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2174-b20-15b510.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2174-b20-15b512.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2174-b20-15b514.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2410-2188-288dc4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2410-2188-288dd5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2410-2188-288dd7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2410-2188-288dd9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2410-2188-288deb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2410-2188-288ded.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2410-2188-288def.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2410-2188-288df1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2410-2188-288e03.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2410-2188-288e05.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2410-2188-288e07.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2410-2188-288e09.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2410-2188-288e1a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2410-2188-288e1c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2410-2188-288e2e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2410-2188-288e30.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2410-2188-288e32.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2410-2188-288e44.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2410-2188-288e46.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25e4-194c-50ee02.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25e4-194c-50ee14.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25e4-194c-50ee16.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25e4-194c-50ee18.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25e4-194c-50ee29.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25e4-194c-50ee3b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25e4-194c-50ee3d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25e4-194c-50ee3f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25e4-194c-50ee50.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25e4-194c-50ee62.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25e4-194c-50ee74.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25e4-194c-50ee76.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25e4-194c-50ee78.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25e4-194c-50ee89.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25e4-194c-50ee9b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25e4-194c-50eead.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25e4-194c-50eebe.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25e4-194c-50eec0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25e4-194c-50eed2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-296c-2c68-a2d75.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-296c-2c68-a2d87.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-296c-2c68-a2d89.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-296c-2c68-a2d8b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-296c-2c68-a2d8d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-296c-2c68-a2d9f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-296c-2c68-a2da1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-296c-2c68-a2da3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-296c-2c68-a2da5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-296c-2c68-a2db6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-296c-2c68-a2db8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-296c-2c68-a2dba.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-296c-2c68-a2dbc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-296c-2c68-a2dce.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-296c-2c68-a2dd0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-296c-2c68-a2dd2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-296c-2c68-a2dd4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-296c-2c68-a2de6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-296c-2c68-a2de8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2adc-60e4-47bda7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2adc-60e4-47bdb8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2adc-60e4-47bdba.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2adc-60e4-47bdbc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2adc-60e4-47bdce.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2adc-60e4-47bdd0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2adc-60e4-47bdd2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2adc-60e4-47bdd4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2adc-60e4-47bdd6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2adc-60e4-47bde8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2adc-60e4-47bdea.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2adc-60e4-47bdec.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2adc-60e4-47bdee.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2adc-60e4-47bdff.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2adc-60e4-47be01.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2adc-60e4-47be03.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2adc-60e4-47be05.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2adc-60e4-47be07.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2adc-60e4-47be19.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e00-33f8-364fdc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e00-33f8-36504b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e00-33f8-36504d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e00-33f8-36505f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e00-33f8-365061.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e00-33f8-365092.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e00-33f8-365094.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e00-33f8-365096.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e00-33f8-365098.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e00-33f8-3650aa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e00-33f8-3650ac.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e00-33f8-3650ae.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e00-33f8-3650bf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e00-33f8-36519c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e00-33f8-3651ae.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e00-33f8-3651bf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e00-33f8-365403.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e00-33f8-365473.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e00-33f8-365494.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2fe4-3524-2d75fe.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2fe4-3524-2d76cb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2fe4-3524-2d77a7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2fe4-3524-2d77f8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2fe4-3524-2d78c5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2fe4-3524-2d7905.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2fe4-3524-2d7975.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2fe4-3524-2d7a13.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2fe4-3524-2d7b6d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2fe4-3524-2d7cb7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2fe4-3524-2d7cb9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2fe4-3524-2d7cca.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2fe4-3524-2d7cdc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2fe4-3524-2d7cee.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2fe4-3524-2d7d1e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2fe4-3524-2d7d4f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2fe4-3524-2d7d51.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2fe4-3524-2d7d63.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2fe4-3524-2d7d65.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2ff4-130c-e04fb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2ff4-130c-e04fd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2ff4-130c-e050e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2ff4-130c-e0510.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2ff4-130c-e0512.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2ff4-130c-e0524.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2ff4-130c-e0526.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2ff4-130c-e0538.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2ff4-130c-e053a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2ff4-130c-e054b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2ff4-130c-e054d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2ff4-130c-e054f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2ff4-130c-e0570.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2ff4-130c-e0572.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2ff4-130c-e0574.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2ff4-130c-e0576.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2ff4-130c-e0588.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2ff4-130c-e058a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2ff4-130c-e058c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-306c-1b8c-36142b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-306c-1b8c-36142d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-306c-1b8c-36142f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-306c-1b8c-361431.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-306c-1b8c-361442.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-306c-1b8c-361444.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-306c-1b8c-361446.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-306c-1b8c-361448.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-306c-1b8c-36144a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-306c-1b8c-36145c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-306c-1b8c-36145e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-306c-1b8c-361460.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-306c-1b8c-361462.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-306c-1b8c-361464.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-306c-1b8c-361476.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-306c-1b8c-361478.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-306c-1b8c-36147a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-306c-1b8c-36147c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-306c-1b8c-36148d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3344-260c-66f114.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3344-260c-66f126.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3344-260c-66f128.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3344-260c-66f12a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3344-260c-66f13b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3344-260c-66f13d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3344-260c-66f13f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3344-260c-66f151.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3344-260c-66f153.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3344-260c-66f155.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3344-260c-66f157.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3344-260c-66f169.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3344-260c-66f16b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3344-260c-66f17c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3344-260c-66f17e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3344-260c-66f190.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3344-260c-66f192.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3344-260c-66f194.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3344-260c-66f1a5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-34b4-28e4-24cfa3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-34b4-28e4-24cfa5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-34b4-28e4-24cfa7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-34b4-28e4-24cfb8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-34b4-28e4-24cfba.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-34b4-28e4-24cfbc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-34b4-28e4-24cfbe.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-34b4-28e4-24cfd0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-34b4-28e4-24cfd2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-34b4-28e4-24cfd4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-34b4-28e4-24cfd6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-34b4-28e4-24cfe7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-34b4-28e4-24cfe9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-34b4-28e4-24cfeb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-34b4-28e4-24cfed.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-34b4-28e4-24cfff.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-34b4-28e4-24d001.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-34b4-28e4-24d003.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-34b4-28e4-24d015.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3848-1888-593564.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3848-1888-593586.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3848-1888-593597.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3848-1888-593599.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3848-1888-5935ab.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3848-1888-5935ad.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3848-1888-5935af.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3848-1888-5935b1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3848-1888-5935c3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3848-1888-5935c5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3848-1888-5935c7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3848-1888-5935c9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3848-1888-5935da.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3848-1888-5935dc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3848-1888-5935de.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3848-1888-5935f0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3848-1888-5935f2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3848-1888-5935f4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3848-1888-5935f6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-39c4-39a8-364b29.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-39c4-39a8-364b2b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-39c4-39a8-364b3d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-39c4-39a8-364b3f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-39c4-39a8-364b41.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-39c4-39a8-364b52.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-39c4-39a8-364b54.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-39c4-39a8-364b56.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-39c4-39a8-364b68.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-39c4-39a8-364bb8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-39c4-39a8-364bca.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-39c4-39a8-364bdb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-39c4-39a8-364bdd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-39c4-39a8-364bfe.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-39c4-39a8-364c2f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-39c4-39a8-364c31.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-39c4-39a8-364c43.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-39c4-39a8-364c45.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-39c4-39a8-364c47.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-418c-42a8-a7183.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-418c-42a8-a7185.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-418c-42a8-a7197.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-418c-42a8-a7199.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-418c-42a8-a719b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-418c-42a8-a719d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-418c-42a8-a71af.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-418c-42a8-a71b1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-418c-42a8-a71b3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-418c-42a8-a71b5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-418c-42a8-a71c6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-418c-42a8-a71c8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-418c-42a8-a71ca.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-418c-42a8-a71cc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-418c-42a8-a71de.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-418c-42a8-a71e0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-418c-42a8-a71e2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-418c-42a8-a71e4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-418c-42a8-a71f5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4268-63d4-111ad26.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4268-63d4-111ad37.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4268-63d4-111ad39.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4268-63d4-111ad4b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4268-63d4-111ad4d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4268-63d4-111ad5f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4268-63d4-111ad61.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4268-63d4-111ad82.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4268-63d4-111ada3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4268-63d4-111adb5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4268-63d4-111adb7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4268-63d4-111adb9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4268-63d4-111adca.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4268-63d4-111adcc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4268-63d4-111adde.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4268-63d4-111ade0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4268-63d4-111adf2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4268-63d4-111adf4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4268-63d4-111ae15.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-884-1dec-a177c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-884-1dec-a177e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-884-1dec-a17a0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-884-1dec-a17a2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-884-1dec-a17a4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-884-1dec-a17a6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-884-1dec-a17b7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-884-1dec-a17b9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-884-1dec-a17bb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-884-1dec-a17bd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-884-1dec-a17cf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-884-1dec-a17d1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-884-1dec-a17d3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-884-1dec-a17d5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-884-1dec-a17e7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-884-1dec-a17e9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-884-1dec-a17fa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-884-1dec-a180c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-884-1dec-a180e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8a0-88c-1e82ad1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8a0-88c-1e82ae2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8a0-88c-1e82ae4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8a0-88c-1e82ae6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8a0-88c-1e82ae8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8a0-88c-1e82aea.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8a0-88c-1e82afc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8a0-88c-1e82afe.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8a0-88c-1e82b00.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8a0-88c-1e82b02.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8a0-88c-1e82b14.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8a0-88c-1e82b16.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8a0-88c-1e82b18.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8a0-88c-1e82b1a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8a0-88c-1e82b1c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8a0-88c-1e82b2d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8a0-88c-1e82b2f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8a0-88c-1e82b31.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8a0-88c-1e82b33.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-dd8-1278-45b544.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-dd8-1278-45b546.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-dd8-1278-45b548.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-dd8-1278-45b54a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-dd8-1278-45b55c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-dd8-1278-45b55e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-dd8-1278-45b560.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-dd8-1278-45b562.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-dd8-1278-45b573.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-dd8-1278-45b575.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-dd8-1278-45b577.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-dd8-1278-45b579.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-dd8-1278-45b58b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-dd8-1278-45b58d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-dd8-1278-45b58f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-dd8-1278-45b591.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-dd8-1278-45b5a3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-dd8-1278-45b5a5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-dd8-1278-45b5a7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ec0-1598-121a35.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ec0-1598-121a37.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ec0-1598-121a48.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ec0-1598-121a4a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ec0-1598-121a4c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ec0-1598-121a4e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ec0-1598-121a50.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ec0-1598-121a62.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ec0-1598-121a64.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ec0-1598-121a66.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ec0-1598-121a68.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ec0-1598-121a7a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ec0-1598-121a7c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ec0-1598-121a7e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ec0-1598-121a80.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ec0-1598-121a91.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ec0-1598-121a93.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ec0-1598-121a95.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ec0-1598-121a97.tmp deleted
"c:\windows\Installer\8efb.msi" deleted
"C:\Users\mates\AppData\Local\AVAST Software\APM\mates\kv_pam.db" not deleted
"C:\Users\mates\AppData\Local\AVAST Software" not deleted
"C:\Users\mates\AppData\Local\AVAST Software\APM" not deleted
"C:\Users\mates\AppData\Local\AVAST Software\APM\mates" not deleted

Reklama
Uživatelský avatar
Mety
Level 2.5
Level 2.5
Příspěvky: 304
Registrován: duben 12
Bydliště: Markvartovice
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu (zpomalený notebook)

Příspěvekod Mety » 17 čer 2020 00:14

Log ze Zoek 2. část:

==== Chromium Look ======================

Google Chrome Version: 83.0.4103.97

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
eofcbnmajmjmplflapaojjnihcjkigck - No path found[]

Chrome Media Router - mates\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://hp17win10.msn.com/?pc=HCTE"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://hp17win10.msn.com/?pc=HCTE"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&form=PRHPC1&src=IE11TR&pc=HCTE
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&form=PRHPC1&src=IE11TR&pc=HCTE

==== Reset Google Chrome ======================

C:\Users\mates\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\mates\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\mates\AppData\Local\Microsoft\Edge\User Data\Default\Preferences was reset successfully
C:\Users\mates\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences was reset successfully
C:\Users\mates\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\mates\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\mates\AppData\Local\Microsoft\Edge\User Data\Default\Web Data was reset successfully
C:\Users\mates\AppData\Local\Microsoft\Edge\User Data\Default\Web Data-journal was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E3FB0F01BDBDA224C8214B4D76117D8C deleted successfully
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{10F0BF3E-DBDB-422A-8C12-B4D46711D7C8} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\E3FB0F01BDBDA224C8214B4D76117D8C deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\mates\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\mates\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Edge Cache ======================

Edge Cache Emptied Successfully

==== Empty Chrome Cache ======================

C:\Users\mates\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\mates\AppData\Local\Microsoft\Edge\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1930 folders=917 835891255 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\mates\AppData\Local\Temp will be emptied at reboot
C:\Users\TEMP\AppData\Local\Temp emptied successfully
C:\Users\TEMP.LAPTOP-O2MJJQRI\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\mates\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\mates\AppData\Local\AVAST Software\APM\mates\kv_pam.db" not found
"C:\Users\mates\AppData\Local\AVAST Software" not found

==== EOF on 17.06.2020 at 0:11:06,78 ======================

Uživatelský avatar
Mety
Level 2.5
Level 2.5
Příspěvky: 304
Registrován: duben 12
Bydliště: Markvartovice
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu (zpomalený notebook)

Příspěvekod Mety » 17 čer 2020 00:19

Log ze Zemana:

Informace o kontroly
Název produktu    :  Zemana AntiMalware
Stav kontroly    :  Dokončena
Datum kontroly    :  17.06.2020 0:16:52
Typ kontroly    :  Inteligentní kontrola
Čas trvání    :  00:00:24
Zkontrolované objekty    :  2237
Zjištěné objekty    :  10
Vyloučené objekty    :  0
Automatické odesílání    :  Ano
Operační systém    :  Windows 10 x64
Procesor    :  4X Intel(R) Core(TM) i5-7300HQ CPU @ 2.50GHz
Režim systému BIOS    :  UEFI
Informace o doméně    :  WORKGROUP,False,NetSetupWorkgroupName
CUID    :  14969FA3C431F486E7B9D2


Odhalení
MD5    :  8C4D91365E1240E3E3BABE78AA2B525F
Stav    :  Zkontrolováno
Objekt    :  c:\program files (x86)\intel\driver and support assistant\dsaupdateservice.exe
Vydavatel    :  IDSA Production signing key
Velikost    :  154472
Odhalení    :  Suspicious:SRC!P
Akce    :  Karanténa
-----------------------------------------------------------------------
MD5    :  3CF953CB88A72DD980F83F8E7503575E
Stav    :  Zkontrolováno
Objekt    :  c:\windows\system32\cx64proxy.dll
Vydavatel    :  Conexant Systems LLC
Velikost    :  1529232
Odhalení    :  Suspicious:SRC!P
Akce    :  Karanténa
-----------------------------------------------------------------------
MD5    :  6DEF47D0F609E1109CEA423E03295AFE
Stav    :  Zkontrolováno
Objekt    :  c:\program files (x86)\intel\driver and support assistant\dsaservice.exe
Vydavatel    :  IDSA Production signing key
Velikost    :  37736
Odhalení    :  Suspicious:SRC!P
Akce    :  Karanténa
-----------------------------------------------------------------------
MD5    :  222AB4406F12D415D1B035A1CE3E815F
Stav    :  Zkontrolováno
Objekt    :  c:\program files\intel\sur\queencreek\x64\sqlite3.dll
Vydavatel    :  
Velikost    :  1918464
Odhalení    :  Suspicious:SRC!P
Akce    :  Karanténa
-----------------------------------------------------------------------
MD5    :  E3D694ED9BB8BEA9030CF9DAE5517081
Stav    :  Zkontrolováno
Objekt    :  c:\windows\system32\intelihvrouter04.dll
Vydavatel    :  Intel Wireless Driver
Velikost    :  1062360
Odhalení    :  Suspicious:SRC!P
Akce    :  Karanténa
-----------------------------------------------------------------------
MD5    :  E7EA1E9BBA953F586F6747590A04C06C
Stav    :  Zkontrolováno
Objekt    :  c:\program files (x86)\origin\libeay32.dll
Vydavatel    :  
Velikost    :  1282048
Odhalení    :  Suspicious:SRC!P
Akce    :  Karanténa
-----------------------------------------------------------------------
MD5    :  6239E2530C6C9D1ACD6C5C158C5E06A8
Stav    :  Zkontrolováno
Objekt    :  c:\program files (x86)\origin\ssleay32.dll
Vydavatel    :  
Velikost    :  279040
Odhalení    :  Suspicious:SRC!P
Akce    :  Karanténa
-----------------------------------------------------------------------
MD5    :  8FD354D793FE604B9E876D62640037BE
Stav    :  Zkontrolováno
Objekt    :  c:\program files (x86)\intel\driver and support assistant\dsacoreinterop.dll
Vydavatel    :  IDSA Production signing key
Velikost    :  382312
Odhalení    :  Suspicious:SRC!P
Akce    :  Karanténa
-----------------------------------------------------------------------
MD5    :  C6FF5C7D19389B2A44DE0845157EF68E
Stav    :  Zkontrolováno
Objekt    :  c:\program files (x86)\intel\driver and support assistant\dsatray.exe
Vydavatel    :  IDSA Production signing key
Velikost    :  238440
Odhalení    :  Suspicious:SRC!P
Akce    :  Karanténa
-----------------------------------------------------------------------
MD5    :  85428F938BF170A389745C0E88F2E1C0
Stav    :  Zkontrolováno
Objekt    :  c:\windows\system32\drivers\netwtw04.sys
Vydavatel    :  Intel Wireless Driver
Velikost    :  8644560
Odhalení    :  Suspicious:SRC!D
Akce    :  Karanténa
-----------------------------------------------------------------------

Uživatelský avatar
Mety
Level 2.5
Level 2.5
Příspěvky: 304
Registrován: duben 12
Bydliště: Markvartovice
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu (zpomalený notebook)

Příspěvekod Mety » 17 čer 2020 00:20

Ještě bych připomněl, že při každém startu notebooku mi automaticky Google Chrome otevře dvě vyskakovací okna.

Nový log z HJT:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:19:56, on 17.06.2020
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.18362.0001)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\Bloody ToneMaker1.exe
C:\Program Files (x86)\HP\HP CoolSense\CoolSense.exe
C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\mates\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://hp17win10.msn.com/?pc=HCTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://hp17win10.msn.com/?pc=HCTE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_251\bin\ssv.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_251\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [HPMessageService] C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Discord] C:\Users\mates\AppData\Local\Discord\app-0.0.306\Discord.exe
O4 - HKCU\..\Run: [EpicGamesLauncher] "D:\HRY\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent
O4 - HKCU\..\Run: [BloodyToneMaker] "C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\Bloody ToneMaker1.exe" Minimum
O4 - HKCU\..\Run: [Steam] "D:\SteamGames\steam.exe" -silent
O4 - Global Startup: Java.bat
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastWscReporter - AVAST Software - C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\ki129369.inf_amd64_3b3c0bad4e037f26\IntelCpHeciSvc.exe
O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\ki129369.inf_amd64_3b3c0bad4e037f26\IntelCpHDCPSvc.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_7aef8 - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Intel(R) Driver & Support Assistant (DSAService) - Unknown owner - C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe (file missing)
O23 - Service: Intel(R) Driver & Support Assistant Updater (DSAUpdateService) - Unknown owner - C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe (file missing)
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @oem4.inf,%ServiceDisplayName%;Intel(R) Dynamic Platform and Thermal Framework service (esifsvc) - Unknown owner - C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe (file missing)
O23 - Service: Energy Server Service queencreek (ESRV_SVC_QUEENCREEK) - Unknown owner - C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.97\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Comm Recovery (HP Comm Recover) - HP Inc. - C:\Program Files\HPCommRecovery\HPCommRecovery.exe
O23 - Service: HP JumpStart Bridge (HPJumpStartBridge) - HP Inc. - c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
O23 - Service: HP CASL Framework Service (hpqcaslwmiex) - HP - C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: HPWMISVC - HP Inc. - C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
O23 - Service: Intel(R) Optane(TM) Memory Service (iaStorAfsService) - Intel Corporation - C:\windows\IAStorAfsService\iaStorAfsService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @oem5.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\WINDOWS\System32\ibtsiva (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\ki129369.inf_amd64_3b3c0bad4e037f26\igfxCUIService.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) SUR QC Software Asset Manager (Intel(R) SUR QC SAM) - Intel Corporation - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe
O23 - Service: Intel(R) TPM Provisioning Service - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: RogueKiller RTP (rkrtservice) - Unknown owner - C:\Program Files\RogueKiller\RogueKillerSvc.exe
O23 - Service: Rockstar Game Library Service (Rockstar Service) - Rockstar Games - D:\HRY\Launcher\RockstarService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: Intel(R) System Usage Report Service SystemUsageReportSvc_QUEENCREEK (SystemUsageReportSvc_QUEENCREEK) - Unknown owner - C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: User Energy Server Service queencreek (USER_ESRV_SVC_QUEENCREEK) - Unknown owner - C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: vgc - Riot Games, Inc. - C:\Program Files\Riot Vanguard\vgc.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) Extreme Tuning Utility Service (XTU3SERVICE) - Intel(R) Corporation - C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 16764 bytes

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu (zpomalený notebook)

Příspěvekod jaro3 » 17 čer 2020 00:33

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://hp17win10.msn.com/?pc=HCTE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://hp17win10.msn.com/?pc=HCTE
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - Global Startup: Java.bat


Vypni antivir i firewall.
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
další odkaz:
http://www.bleepingcomputer.com/downloa ... scan-tool/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.
další odkaz:
https://www.bleepingcomputer.com/downlo ... scan-tool/

další večer..
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Uživatelský avatar
Mety
Level 2.5
Level 2.5
Příspěvky: 304
Registrován: duben 12
Bydliště: Markvartovice
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu (zpomalený notebook)

Příspěvekod Mety » 17 čer 2020 14:30

Log z FRST 1.část:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-06-2020
Ran by mates (administrator) on LAPTOP-O2MJJQRI (HP OMEN by HP Laptop 15-ce0xx) (17-06-2020 14:26:24)
Running from C:\Users\mates\Downloads
Loaded Profiles: mates
Platform: Windows 10 Home Version 1903 18362.900 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\Bloody ToneMaker1.exe
() [File not signed] C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\SDK\CM_LibraryIO.exe
(Adlice -> ) C:\Program Files\RogueKiller\RogueKiller64.exe
(Adlice -> ) C:\Program Files\RogueKiller\RogueKillerSvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <2>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Epic Games Inc. -> Epic Games, Inc.) D:\HRY\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe
(Epic Games Inc. -> Epic Games, Inc.) D:\HRY\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <11>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Google LLC -> Google) C:\Users\mates\AppData\Local\Google\Chrome\User Data\SwReporter\83.237.200\software_reporter_tool.exe <4>
(HP Inc. -> HP Development Company, L.P.) C:\Program Files (x86)\HP\HP CoolSense\CoolSense.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(HP Inc. -> HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki129369.inf_amd64_3b3c0bad4e037f26\igfxCUIService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki129369.inf_amd64_3b3c0bad4e037f26\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki129369.inf_amd64_3b3c0bad4e037f26\IntelCpHDCPSvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki129369.inf_amd64_3b3c0bad4e037f26\IntelCpHeciSvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Extreme Tuning Utility -> Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(Intel(R) Software Development Products -> Intel Corporation) C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12006.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\usocoreworker.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [108728 2020-05-05] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11235928 2020-04-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [353776 2020-06-13] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321112 2019-07-29] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [707624 2018-08-08] (HP Inc. -> HP Inc.)
HKU\S-1-5-21-3338606067-1684232597-4108431110-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-3338606067-1684232597-4108431110-1001\...\Run: [Discord] => C:\Users\mates\AppData\Local\Discord\app-0.0.306\Discord.exe [90950968 2020-02-24] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-3338606067-1684232597-4108431110-1001\...\Run: [EpicGamesLauncher] => D:\HRY\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32194448 2020-06-09] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3338606067-1684232597-4108431110-1001\...\Run: [BloodyToneMaker] => C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\Bloody ToneMaker1.exe [8555008 2017-10-16] () [File not signed]
HKU\S-1-5-21-3338606067-1684232597-4108431110-1001\...\Run: [Steam] => D:\SteamGames\steam.exe [3375904 2020-06-04] (Valve -> Valve Corporation)
HKU\S-1-5-21-3338606067-1684232597-4108431110-1001\...\MountPoints2: {f41b0b89-3852-11ea-b279-e470b8d39fcc} - "F:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.97\Installer\chrmstp.exe [2020-06-05] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{9459C573-B17A-45AE-9F64-1857B5D58CEE}] -> C:\Program Files (x86)\Microsoft\Edge\Application\83.0.478.50\Installer\setup.exe [2020-06-16] (Microsoft Corporation -> Microsoft Corporation)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02182AA7-E32B-47FF-8595-74AFB059BEC5} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_255_pepper.exe [1453112 2019-09-11] (Adobe Inc. -> Adobe)
Task: {054EBA81-8C83-451D-85A3-E766A01BECA5} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644472 2019-06-21] (HP Inc. -> HP Inc.)
Task: {09E6EFA5-0D33-4179-A2E7-4CE4F147BC13} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [198696 2017-09-27] (HP Inc. -> HP Inc.)
Task: {0E34F281-0FAE-4898-B709-F259702864A9} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {12BDA6F2-EC79-4E36-84C6-EF0626146B6B} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {147E2FB9-DEA0-47D5-9E50-7D386A7320BD} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {1A237E98-8B74-4013-80BD-2F608F19C49B} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1B73D867-96DF-4541-94AF-CD20FB813A3E} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1EE41E2F-5BBE-41C5-83C0-16768A57D46C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {248F1D9B-4DE1-4ECF-AF6F-2CB86B2CE666} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3087184 2020-03-10] (Intel(R) Software Development Products -> Intel Corporation)
Task: {2C25FF7E-99AF-4240-BA20-D75F6E6213F5} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {31EA90FC-070F-4A6B-99C0-2F268461F446} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {33F59A79-3D79-41F2-9B1F-B1F5A2450202} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {35FC4125-5753-40EE-A66F-77C0FDB199AE} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3293168 2020-04-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {374FF1D4-8D5F-4ECA-8433-7CAD953780E7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [320856 2020-04-23] (HP Inc. -> HP Inc.)
Task: {37EBC322-743D-4E7F-A6B5-8FE97B89D787} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {41106265-F93D-494B-88DF-15117B99CAA6} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-06-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {611AE2B0-C286-4D35-94A6-3133FC59C2D3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1505624 2020-05-20] (HP Inc. -> HP Inc.)
Task: {62483783-69CD-4E71-9BBC-463CC810D9B5} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [816960 2017-09-21] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {62D5EA02-6368-4A7F-B694-4B43A2249133} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3339472 2020-05-05] (Avast Software s.r.o. -> AVAST Software)
Task: {69B96357-7A24-40E1-ABCD-AF0215FE2B57} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-03-12] (Google Inc -> Google Inc.)
Task: {6D5FD043-C123-4CD0-8355-9D27035EA0B0} - System32\Tasks\HPCeeScheduleFormates => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: {82C880D9-27E5-4FE7-A44A-F289374C8759} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {913A8B38-3F61-4C5C-9F4F-4CB73052645F} - System32\Tasks\AMHelper => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [659520 2019-11-04] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {93D6F1C1-43CC-40AC-8831-94A059FB5C59} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software)
Task: {974FDD0D-E868-4CA5-8C8A-7B600C331F22} - System32\Tasks\OMEN Command Center BackGround Process => C:\Program Files\HP\OMEN Ally\HPOMENBG.exe [255824 2017-10-23] (HP Inc. -> HP.Inc)
Task: {A11D46DD-50CD-48A2-9351-2F8495791C17} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A224053D-2A86-45E2-A0D6-EFE5006D55F3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {A4882343-A675-4478-8733-E5F97C313002} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-09-11] (Adobe Inc. -> Adobe)
Task: {A688ED3B-C423-445C-83DF-C53CC7CA7F76} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [134008 2020-03-25] (HP Inc. -> HP Inc.)
Task: {B0ADC352-9505-48CC-9FDD-5E39D4C54710} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {B443C6E8-5EC2-4DCF-880E-59B21EF6F379} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B77C377B-21B1-4611-B4C9-07CEF0D280D2} - System32\Tasks\HP\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\HP\HP CoolSense\CoolSense.exe [1359728 2017-10-25] (HP Inc. -> HP Development Company, L.P.)
Task: {C3360A9B-7359-4C9F-9A26-1F55428983B1} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {C594784F-FBC6-4589-86BF-8CAFF494A359} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3087184 2020-03-10] (Intel(R) Software Development Products -> Intel Corporation)
Task: {D88C2449-7232-402B-AB2C-E68BCF0CF4D6} - System32\Tasks\HPJumpStartLaunch => C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe [461824 2017-10-06] (HP Inc. -> HP Inc.)
Task: {DDE9413A-9B2B-4274-9E61-D5CB0F11E352} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {EA65E37F-55C1-4627-A200-BBA592450A88} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1505624 2020-05-20] (HP Inc. -> HP Inc.)
Task: {EAD7179D-F419-4232-B8ED-83182EEE8787} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-06-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {ED4E8F56-093F-4684-BF83-7CF9A4FB41CF} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EF994DEC-8916-4F38-B32C-2C84827AD09D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [662872 2020-04-30] (HP Inc. -> HP Inc.)
Task: {FFC11654-9C55-4162-8289-00D64236F95D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-03-12] (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\HPCeeScheduleFormates.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 62.129.50.20 85.135.32.100
Tcpip\..\Interfaces\{7df02d5e-e7d3-4dce-8536-110b379b3b8b}: [DhcpNameServer] 62.129.50.20 85.135.32.100

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-3338606067-1684232597-4108431110-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
SearchScopes: HKU\S-1-5-21-3338606067-1684232597-4108431110-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2017-10-27] (HP Inc. -> HP Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\ssv.dll [2020-05-30] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\jp2ssv.dll [2020-05-30] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-10-27] (HP Inc. -> HP Inc.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2019-08-19] (Microsoft Corporation -> Microsoft Corporation)

Edge:
======
Edge DefaultProfile: Default
Edge Profile: C:\Users\mates\AppData\Local\Microsoft\Edge\User Data\Default [2020-06-17]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> D:\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> D:\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> D:\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> D:\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> D:\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-05-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-05-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-07-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\mates\AppData\Local\Google\Chrome\User Data\Default [2020-06-17]
CHR Extension: (Video Downloader professional) - C:\Users\mates\AppData\Local\Google\Chrome\User Data\Default\Extensions\bacakpdjpomjaelpkpkabmedhkoongbi [2020-06-17]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\mates\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-06-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\mates\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-06-17]
CHR Extension: (Chrome Media Router) - C:\Users\mates\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-06-17]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6350752 2020-05-05] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [348968 2020-05-05] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [58048 2020-05-05] (Avast Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8402648 2019-11-26] (BattlEye Innovations e.K. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2020-02-27] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S2 edgeupdate; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-06-10] (Microsoft Corporation -> Microsoft Corporation)
S3 edgeupdatem; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-06-10] (Microsoft Corporation -> Microsoft Corporation)
S2 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [941368 2020-03-10] (Intel(R) Software Development Products -> )
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [905080 2019-12-19] (HP Inc. -> HP Inc.)
R2 HPJumpStartBridge; c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [477184 2017-10-06] (HP Inc. -> HP Inc.)
R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1075744 2017-10-11] (HP Inc. -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379224 2020-05-20] (HP Inc. -> HP Inc.)
R2 HPWMISVC; C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [628768 2017-07-13] (HP Inc. -> HP Inc.)
S3 iaStorAfsService; C:\windows\IAStorAfsService\iaStorAfsService.exe [2413752 2017-07-25] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R3 Intel(R) SUR QC SAM; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3087184 2020-03-10] (Intel(R) Software Development Products -> Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [197264 2017-09-25] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 MicrosoftEdgeElevationService; C:\Program Files (x86)\Microsoft\Edge\Application\83.0.478.50\elevation_service.exe [1507216 2020-06-12] (Microsoft Corporation -> Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [310880 2018-12-05] (Intel Corporation -> )
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [873272 2020-05-16] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2495280 2020-03-16] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3445552 2020-03-16] (Electronic Arts, Inc. -> Electronic Arts)
R2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [13558328 2020-06-15] (Adlice -> )
S3 Rockstar Service; D:\HRY\Launcher\RockstarService.exe [1705088 2020-05-12] (Rockstar Games, Inc. -> Rockstar Games)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [269840 2020-04-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [269912 2017-10-18] (Synaptics Incorporated -> Synaptics Incorporated)
R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe [208696 2020-03-10] (Intel(R) Software Development Products -> )
S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [941368 2020-03-10] (Intel(R) Software Development Products -> )
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [9875416 2020-06-13] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [18736 2018-06-14] (Intel(R) Extreme Tuning Utility -> Intel(R) Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [4102752 2018-12-05] (Intel Corporation -> Intel® Corporation)
S2 DSAService; "C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe" [X]
S3 DSAUpdateService; "C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Accelerometer; C:\WINDOWS\System32\drivers\Accelerometer.sys [53904 2019-07-22] (HP Inc. -> HP)
R1 amsdk; C:\WINDOWS\system32\drivers\amsdk.sys [232792 2020-06-17] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37136 2020-05-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205880 2020-05-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [234560 2020-05-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [178760 2020-05-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [60480 2020-05-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16304 2020-02-25] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42784 2020-05-05] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [175704 2020-05-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [501472 2020-05-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [109272 2020-05-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84856 2020-05-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851592 2020-05-05] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460992 2020-05-05] (Avast Software s.r.o. -> AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [235488 2020-05-05] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [319112 2020-05-28] (Avast Software s.r.o. -> AVAST Software)
S3 bertreader; C:\WINDOWS\System32\drivers\bertreader.sys [40320 2020-03-10] (Intel Corporation -> Intel Corporation)
R0 hpdskflt; C:\WINDOWS\System32\drivers\hpdskflt.sys [41104 2019-07-22] (HP Inc. -> HP)
R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [37104 2018-05-09] (Intel Corporation -> Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvhmi.inf_amd64_0ad867a415f135b5\nvlddmkm.sys [23454448 2020-05-18] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2020-04-01] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [67456 2020-03-11] (NVIDIA Corporation -> NVIDIA Corporation)
R1 rtf64; C:\WINDOWS\system32\DRIVERS\rtf64x64.sys [89944 2018-07-23] (Realtek Semiconductor Corp. -> Realtek)
R3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [41816 2020-03-10] (Intel Corporation -> )
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [45144 2017-10-18] (Synaptics Incorporated -> Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [46680 2017-10-18] (Synaptics Incorporated -> Synaptics Incorporated)
U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [32376 2020-06-17] (WDKTestCert dev,132203776155590427 -> )
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [6335912 2020-06-13] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2019-11-15] (HP Inc. -> HP)
S3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [54168 2017-04-18] (Intel Corporation -> Intel Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

Uživatelský avatar
Mety
Level 2.5
Level 2.5
Příspěvky: 304
Registrován: duben 12
Bydliště: Markvartovice
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu (zpomalený notebook)

Příspěvekod Mety » 17 čer 2020 14:34

Log z FRST 2.část:

2020-06-17 14:26 - 2020-06-17 14:26 - 000034145 _____ C:\Users\mates\Downloads\FRST.txt
2020-06-17 14:26 - 2020-06-17 14:26 - 000000000 ____D C:\FRST
2020-06-17 14:25 - 2020-06-17 14:25 - 002289152 _____ (Farbar) C:\Users\mates\Downloads\FRST64.exe
2020-06-17 14:22 - 2020-06-17 14:22 - 000000000 ____D C:\Users\mates\Downloads\backups
2020-06-17 00:15 - 2020-06-17 14:26 - 002179555 _____ C:\WINDOWS\ZAM.krnl.trace
2020-06-17 00:15 - 2020-06-17 00:17 - 000000000 ____D C:\Users\mates\AppData\Local\AMSDK
2020-06-17 00:15 - 2020-06-17 00:15 - 000232792 _____ (Copyright 2018.) C:\WINDOWS\system32\Drivers\amsdk.sys
2020-06-17 00:15 - 2020-06-17 00:15 - 000003558 _____ C:\WINDOWS\system32\Tasks\AMHelper
2020-06-17 00:15 - 2020-06-17 00:15 - 000001340 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2020-06-17 00:15 - 2020-06-17 00:15 - 000001340 _____ C:\ProgramData\Desktop\Zemana AntiMalware.lnk
2020-06-17 00:15 - 2020-06-17 00:15 - 000000000 ____D C:\Users\mates\AppData\Local\Zemana
2020-06-17 00:15 - 2020-06-17 00:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2020-06-17 00:15 - 2020-06-17 00:15 - 000000000 ____D C:\Program Files (x86)\Zemana
2020-06-17 00:14 - 2020-06-17 00:14 - 012741568 _____ (Zemana Ltd. ) C:\Users\mates\Downloads\AntiMalware_Setup.exe
2020-06-17 00:11 - 2020-06-17 00:11 - 000000000 ____D C:\Users\mates\AppData\Roaming\discord
2020-06-17 00:10 - 2020-06-17 00:10 - 000032376 _____ C:\WINDOWS\system32\Drivers\truesight.sys
2020-06-17 00:09 - 2014-02-13 23:59 - 000024064 _____ C:\WINDOWS\zoek-delete.exe
2020-06-16 23:42 - 2020-06-17 00:05 - 000000000 ____D C:\zoek_backup
2020-06-16 23:42 - 2020-06-16 23:42 - 002038755 _____ C:\Users\mates\Downloads\zoek.exe
2020-06-16 22:05 - 2020-06-16 22:09 - 1772532912 _____ C:\Users\mates\Downloads\719.Proc prave on - komedie - 2016 - cz dab..avi
2020-06-16 19:59 - 2020-06-16 20:04 - 000000000 ____D C:\ProgramData\RogueKiller
2020-06-16 19:59 - 2020-06-16 19:59 - 000000906 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2020-06-16 19:59 - 2020-06-16 19:59 - 000000906 _____ C:\ProgramData\Desktop\RogueKiller.lnk
2020-06-16 19:59 - 2020-06-16 19:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2020-06-16 19:59 - 2020-06-16 19:59 - 000000000 ____D C:\Program Files\RogueKiller
2020-06-16 19:58 - 2020-06-16 19:58 - 040306952 _____ (Adlice Software ) C:\Users\mates\Downloads\RogueKiller_setup.exe
2020-06-16 11:25 - 2020-06-16 11:25 - 000000000 ____D C:\ProgramData\Sophos
2020-06-16 11:23 - 2020-06-16 11:23 - 000002775 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2020-06-16 11:23 - 2020-06-16 11:23 - 000002775 _____ C:\ProgramData\Desktop\Sophos Virus Removal Tool.lnk
2020-06-16 11:23 - 2020-06-16 11:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2020-06-16 11:23 - 2020-06-16 11:23 - 000000000 ____D C:\Program Files (x86)\Sophos
2020-06-16 11:20 - 2020-06-16 11:21 - 206758184 _____ (Sophos Limited) C:\Users\mates\Downloads\Sophos Virus Removal Tool.exe
2020-06-15 16:59 - 2020-06-15 16:59 - 000000633 _____ C:\Users\mates\Desktop\JRT.txt
2020-06-15 16:48 - 2020-06-15 16:48 - 001790024 _____ (Malwarebytes) C:\Users\mates\Desktop\JRT.exe
2020-06-14 16:41 - 2020-06-14 16:48 - 994192048 _____ C:\Users\mates\Downloads\Old Boy (2003) CZ Dabing.avi
2020-06-14 11:43 - 2020-06-14 11:43 - 000000000 ____D C:\Users\mates\AppData\Local\mbam
2020-06-14 11:43 - 2020-06-14 11:43 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-06-14 11:42 - 2020-06-14 11:42 - 001988280 _____ (Malwarebytes) C:\Users\mates\Desktop\MBSetup.exe
2020-06-14 11:42 - 2020-06-14 11:42 - 000000000 ____D C:\Malwarebytes
2020-06-14 11:35 - 2020-06-14 11:37 - 000000000 ____D C:\AdwCleaner
2020-06-14 11:34 - 2020-06-14 11:34 - 008402608 _____ (Malwarebytes) C:\Users\mates\Desktop\AdwCleaner.exe
2020-06-14 11:31 - 2020-06-14 11:31 - 000448512 _____ (OldTimer Tools) C:\Users\mates\Downloads\TFC.exe
2020-06-14 11:30 - 2020-06-14 11:30 - 000050688 _____ (Atribune.org) C:\Users\mates\Downloads\ATF-Cleaner.exe
2020-06-13 23:47 - 2020-06-13 23:47 - 000388608 _____ (Trend Micro Inc.) C:\Users\mates\Downloads\HijackThis.exe
2020-06-13 21:13 - 2020-06-13 21:36 - 1732558791 _____ C:\Users\mates\Downloads\Kingsman-Tajna-Sluzba-Kingsman-The-Secret-Service-2014-480p-BDRip-AC3-CZ.mkv
2020-06-13 20:05 - 2020-06-13 20:05 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2020-06-13 00:30 - 2020-04-24 01:02 - 000541024 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2020-06-13 00:30 - 2020-04-24 01:02 - 000174832 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2020-06-13 00:30 - 2020-04-24 01:01 - 003168288 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2020-06-13 00:30 - 2020-04-24 01:01 - 001435032 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2020-06-13 00:30 - 2020-04-24 01:01 - 001414984 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDHF64.dll
2020-06-13 00:30 - 2020-04-24 01:01 - 001195856 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll
2020-06-13 00:30 - 2020-04-24 01:01 - 001078576 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SEHDHF32.dll
2020-06-13 00:30 - 2020-04-24 01:01 - 000467064 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2020-06-13 00:30 - 2020-04-24 01:01 - 000381512 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2020-06-13 00:30 - 2020-04-24 01:01 - 000341040 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll
2020-06-13 00:30 - 2020-04-24 01:01 - 000341040 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2020-06-13 00:30 - 2020-04-24 01:00 - 003676960 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2020-06-13 00:30 - 2020-04-24 01:00 - 003353720 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2020-06-13 00:30 - 2020-04-24 01:00 - 001403712 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll
2020-06-13 00:30 - 2020-04-24 01:00 - 001353208 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2020-06-13 00:30 - 2020-04-24 01:00 - 001327936 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll
2020-06-13 00:30 - 2020-04-24 01:00 - 001061464 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SECOMN32.dll
2020-06-13 00:30 - 2020-04-24 01:00 - 000692056 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2020-06-13 00:30 - 2020-04-24 01:00 - 000392760 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2020-06-13 00:30 - 2020-04-24 01:00 - 000343600 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2020-06-13 00:30 - 2020-04-24 01:00 - 000327168 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2020-06-13 00:30 - 2020-04-24 01:00 - 000327160 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2020-06-13 00:30 - 2020-04-24 01:00 - 000266440 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2020-06-13 00:30 - 2020-04-24 01:00 - 000220280 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2020-06-13 00:30 - 2020-04-24 01:00 - 000116432 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2020-06-13 00:30 - 2020-04-24 01:00 - 000093800 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2020-06-13 00:30 - 2020-04-24 00:59 - 072520840 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2020-06-13 00:30 - 2020-04-24 00:59 - 003159672 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2020-06-13 00:30 - 2020-04-24 00:59 - 002930280 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2020-06-13 00:30 - 2020-04-24 00:58 - 000122208 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2020-06-13 00:30 - 2020-04-24 00:57 - 001634424 _____ (Synaptics Incorporated.) C:\WINDOWS\system32\CX64APO.dll
2020-06-13 00:30 - 2020-04-24 00:57 - 000548936 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\CAF64APO2.dll
2020-06-13 00:30 - 2020-04-24 00:57 - 000123696 _____ (Conexant System, Inc.) C:\WINDOWS\system32\Caf64api.dll
2020-06-13 00:30 - 2020-04-24 00:36 - 039568371 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2020-06-13 00:18 - 2020-06-13 00:18 - 025902080 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 019851776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 019812864 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 018029056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 011608064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 009712640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 008015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 007760384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 007268864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 007012864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 006292480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 005909504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 005765144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 004858880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 004610560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 004470272 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2020-06-13 00:18 - 2020-06-13 00:18 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 003822592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 003525608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 003515392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 003398656 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2020-06-13 00:18 - 2020-06-13 00:18 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-06-13 00:18 - 2020-06-13 00:18 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-06-13 00:18 - 2020-06-13 00:18 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 002281472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcndmgr.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 002230240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 002204160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 002184504 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 001803776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe
2020-06-13 00:18 - 2020-06-13 00:18 - 001704448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcndmgr.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 001637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 001539072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2020-06-13 00:18 - 2020-06-13 00:18 - 001467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 001410048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe
2020-06-13 00:18 - 2020-06-13 00:18 - 001397560 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-06-13 00:18 - 2020-06-13 00:18 - 001344512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMNetMgr.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 001314304 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagperf.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 001312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 001284608 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 001272160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 001215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2020-06-13 00:18 - 2020-06-13 00:18 - 001193984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 001151824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 001138688 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 001112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMNetMgr.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 001099608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-06-13 00:18 - 2020-06-13 00:18 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdosys.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 001012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000994304 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000992256 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2fs.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapi3.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe
2020-06-13 00:18 - 2020-06-13 00:18 - 000940544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000868352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2fs.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapi3.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000832512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdosys.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000783496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-06-13 00:18 - 2020-06-13 00:18 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000747832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000740352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000692224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000686080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000619008 _____ (Microsoft Corporation) C:\WINDOWS\system32\azroles.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\psisdecd.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
2020-06-13 00:18 - 2020-06-13 00:18 - 000575488 _____ (Microsoft® Windows® Operating System) C:\WINDOWS\system32\wvc.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msTextPrediction.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000571904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2020-06-13 00:18 - 2020-06-13 00:18 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000549376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2020-06-13 00:18 - 2020-06-13 00:18 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSCOMEX.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2020-06-13 00:18 - 2020-06-13 00:18 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\azroles.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000484864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\psisdecd.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000478208 _____ (Microsoft® Windows® Operating System) C:\WINDOWS\SysWOW64\wvc.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000466944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassdo.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WalletService.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\termmgr.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000423424 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswmdm.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000407864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwizeng.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000398336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMM.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000398336 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000384512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\termmgr.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassdo.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswmdm.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Feedback.Analog.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000338944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WlanMM.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\CXHProvisioningServer.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpviewerax.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000267776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wavemsp.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2020-06-13 00:18 - 2020-06-13 00:18 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\FileHistory.exe
2020-06-13 00:18 - 2020-06-13 00:18 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wavemsp.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\cic.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
2020-06-13 00:18 - 2020-06-13 00:18 - 000204008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityCenterBroker.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmidx.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000196096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasrecst.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netprofm.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpdxm.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cic.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasnap.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000146944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmidx.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasrecst.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkspbrokerAx.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaatext.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasnap.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2020-06-13 00:18 - 2020-06-13 00:18 - 000099712 _____ (Microsoft Corporation) C:\WINDOWS\system32\FsIso.exe
2020-06-13 00:18 - 2020-06-13 00:18 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkspbrokerAx.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000093448 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwanRadioManager.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2020-06-13 00:18 - 2020-06-13 00:18 - 000083600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasads.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2020-06-13 00:18 - 2020-06-13 00:18 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasads.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtutils.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeUISrv.exe
2020-06-13 00:18 - 2020-06-13 00:18 - 000041864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityCenterBrokerPS.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000028368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SecurityCenterBrokerPS.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-06-13 00:18 - 2020-06-13 00:18 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-06-13 00:18 - 2020-06-13 00:18 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-06-13 00:18 - 2020-06-13 00:18 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-06-13 00:18 - 2020-06-13 00:18 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-06-13 00:18 - 2020-06-13 00:18 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-06-13 00:18 - 2020-06-13 00:18 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-06-13 00:18 - 2020-06-13 00:18 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-06-13 00:18 - 2020-06-13 00:18 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-06-13 00:18 - 2020-06-13 00:18 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-06-13 00:18 - 2020-06-13 00:18 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-06-13 00:18 - 2020-06-13 00:18 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-06-13 00:18 - 2020-06-13 00:18 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-06-13 00:17 - 2020-06-13 00:17 - 009931576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-06-13 00:17 - 2020-06-13 00:17 - 007604592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 006526448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 006435840 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 006091048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 005195432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 005111808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 005004344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 003368104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 002831872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 002798592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-06-13 00:17 - 2020-06-13 00:17 - 002583496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 001654960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 001649152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 001416224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 001393952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 001283072 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 001261568 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 001250816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 001153024 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 001100288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 001055184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 001003832 _____ (Microsoft Corporation) C:\WINDOWS\system32\DismApi.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000932256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-06-13 00:17 - 2020-06-13 00:17 - 000929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000897536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000894024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000892416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000892048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowsperformancerecordercontrol.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000797464 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000782336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000740664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DismApi.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000696832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000690176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkObjCore.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000684856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000651776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000628408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000614400 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000593424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000572200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000564496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-06-13 00:17 - 2020-06-13 00:17 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000522240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000518456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2020-06-13 00:17 - 2020-06-13 00:17 - 000508720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000508216 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000467952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000461112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000453944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2020-06-13 00:17 - 2020-06-13 00:17 - 000451864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe
2020-06-13 00:17 - 2020-06-13 00:17 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000405936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000357176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpr.exe
2020-06-13 00:17 - 2020-06-13 00:17 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpviewerax.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-06-13 00:17 - 2020-06-13 00:17 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2020-06-13 00:17 - 2020-06-13 00:17 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\RASMM.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Preview.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000280376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dism.exe
2020-06-13 00:17 - 2020-06-13 00:17 - 000259776 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkEd.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000223544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Dism.exe
2020-06-13 00:17 - 2020-06-13 00:17 - 000221496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-06-13 00:17 - 2020-06-13 00:17 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000199992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-06-13 00:17 - 2020-06-13 00:17 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\psr.exe
2020-06-13 00:17 - 2020-06-13 00:17 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000190048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdigest.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-06-13 00:17 - 2020-06-13 00:17 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaatext.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000165832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2020-06-13 00:17 - 2020-06-13 00:17 - 000165296 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000165192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000150328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2020-06-13 00:17 - 2020-06-13 00:17 - 000132424 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000130112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000129600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkStatus.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMM.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000108856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000090952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000089344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\RpcEpMap.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtutils.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000063288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-06-13 00:17 - 2020-06-13 00:17 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnrollCtrl.exe
2020-06-13 00:17 - 2020-06-13 00:17 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-06-13 00:17 - 2020-06-13 00:17 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atlthunk.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-06-13 00:17 - 2020-06-13 00:17 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-06-13 00:17 - 2020-06-13 00:17 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 007911176 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 007266080 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 006066808 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 005283264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 004565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-06-13 00:16 - 2020-06-13 00:16 - 004012032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 003726848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-06-13 00:16 - 2020-06-13 00:16 - 003712000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 003581240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-06-13 00:16 - 2020-06-13 00:16 - 003187200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-06-13 00:16 - 2020-06-13 00:16 - 002656256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 002289664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 002235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 001919488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 001743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 001683968 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 001637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 001583104 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 001486336 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-06-13 00:16 - 2020-06-13 00:16 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 001447424 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2020-06-13 00:16 - 2020-06-13 00:16 - 001274128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 001260744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 001158144 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 001155944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-06-13 00:16 - 2020-06-13 00:16 - 001073664 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 001007104 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 000931840 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkObjCore.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-06-13 00:16 - 2020-06-13 00:16 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2020-06-13 00:16 - 2020-06-13 00:16 - 000760296 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 000736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 000727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntime.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 000722072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 000716320 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 000716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntimewindows.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 000679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 000650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 000553984 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-06-13 00:16 - 2020-06-13 00:16 - 000548984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 000531768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2020-06-13 00:16 - 2020-06-13 00:16 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 000441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-06-13 00:16 - 2020-06-13 00:16 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 000425056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 000368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 000269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 000264192 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 000242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\psr.exe
2020-06-13 00:16 - 2020-06-13 00:16 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpdMtp.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 000209216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll

Uživatelský avatar
Mety
Level 2.5
Level 2.5
Příspěvky: 304
Registrován: duben 12
Bydliště: Markvartovice
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu (zpomalený notebook)

Příspěvekod Mety » 17 čer 2020 14:34

Log z FRST 3.část:

2020-06-13 00:16 - 2020-06-13 00:16 - 000201528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 000190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AarSvc.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3mm.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpdMtpUS.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2020-06-13 00:16 - 2020-06-13 00:16 - 000128312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2020-06-13 00:16 - 2020-06-13 00:16 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 000104248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\atl.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanRadioManager.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxGipRadioManager.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollCtrl.exe
2020-06-13 00:16 - 2020-06-13 00:16 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\NfcRadioMedia.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnosticsTool.exe
2020-06-13 00:16 - 2020-06-13 00:16 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\atlthunk.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2020-06-13 00:16 - 2020-06-13 00:16 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2020-06-12 23:59 - 2020-05-15 06:29 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-06-12 23:59 - 2020-05-15 06:10 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-06-10 21:52 - 2020-06-10 21:58 - 1947210606 _____ C:\Users\mates\Downloads\Poslední dům nalevo - The Last House on the Left - 2009 BRrip CZdabing.avi
2020-06-10 10:57 - 2020-06-10 10:59 - 000001611 _____ C:\Users\Public\Desktop\VALORANT.lnk
2020-06-10 10:57 - 2020-06-10 10:59 - 000001611 _____ C:\ProgramData\Desktop\VALORANT.lnk
2020-06-10 02:26 - 2020-06-16 22:15 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-06-10 02:26 - 2020-06-16 22:15 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-06-10 02:26 - 2020-06-16 22:15 - 000002281 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-06-10 02:26 - 2020-06-13 23:28 - 000003572 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-06-10 02:26 - 2020-06-13 23:28 - 000003348 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-06-09 13:57 - 2020-06-09 14:04 - 1840162816 _____ C:\Users\mates\Downloads\Pout (The Way) 2010 CZ dabing.avi
2020-06-07 21:44 - 2020-06-07 21:45 - 1468506112 _____ C:\Users\mates\Downloads\Fontana pre zuzanu 3 1999 - slovensky.avi
2020-06-07 21:40 - 2020-06-07 21:42 - 1355096184 _____ C:\Users\mates\Downloads\Fontana pre Zuzanu 1-Komedie-1985-CS-adriatic.avi
2020-06-07 19:54 - 2020-06-07 19:55 - 000000000 ____D C:\Users\mates\Desktop\Český Krumlov
2020-06-06 18:14 - 2020-06-06 18:16 - 1124653978 _____ C:\Users\mates\Downloads\Někdo to rád blond =2004-DVD-CZ.avi
2020-06-06 17:04 - 2020-06-06 17:04 - 000000000 ____D C:\Users\mates\Desktop\Prachovské skály
2020-06-06 11:08 - 2020-06-06 11:09 - 000000000 ____D C:\Users\mates\Desktop\Zámky Nové Hrady + Karlova Koruna
2020-06-02 21:52 - 2020-06-02 21:52 - 000000000 ____D C:\Users\mates\AppData\Local\VALORANT
2020-05-31 13:47 - 2020-05-31 13:50 - 1218416640 _____ C:\Users\mates\Downloads\Paradox casu - Predestination - 2014 - cz dabing.avi
2020-05-31 13:41 - 2020-05-31 13:44 - 1468014592 _____ C:\Users\mates\Downloads\Mandragora - 1997 - drama, thriller, psychologický.avi
2020-05-31 13:27 - 2020-05-31 13:29 - 1029020175 _____ C:\Users\mates\Downloads\Osudový dotek (2004).mkv
2020-05-30 19:33 - 2020-05-30 19:33 - 000000000 ____D C:\Users\mates\AppData\Roaming\java
2020-05-30 19:32 - 2020-05-30 19:32 - 000002210 _____ C:\Users\Public\Desktop\Minecraft.lnk
2020-05-30 19:32 - 2020-05-30 19:32 - 000002210 _____ C:\ProgramData\Desktop\Minecraft.lnk
2020-05-30 19:32 - 2020-05-30 19:32 - 000000000 ____D C:\ProgramData\Caphyon
2020-05-30 19:31 - 2020-05-30 19:31 - 000000000 ____D C:\Users\mates\AppData\Roaming\Mojang
2020-05-30 19:30 - 2020-05-30 19:30 - 320026232 _____ (Mojang) C:\Users\mates\Downloads\Minecraft 1.13.2 CZ.exe
2020-05-30 19:08 - 2020-05-30 19:08 - 000114344 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2020-05-30 19:08 - 2020-05-30 19:08 - 000000000 ____D C:\Users\mates\AppData\Roaming\Sun
2020-05-30 19:08 - 2020-05-30 19:08 - 000000000 ____D C:\Users\mates\AppData\LocalLow\Sun
2020-05-30 19:08 - 2020-05-30 19:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2020-05-30 19:07 - 2020-05-30 19:07 - 002066568 _____ (Oracle Corporation) C:\Users\mates\Downloads\JavaSetup8u251.exe
2020-05-30 19:07 - 2020-05-30 19:07 - 000000000 ____D C:\ProgramData\Oracle
2020-05-30 19:07 - 2020-05-30 19:07 - 000000000 ____D C:\Program Files (x86)\Java
2020-05-30 18:53 - 2020-06-10 10:52 - 000000000 ____D C:\Users\mates\AppData\Roaming\.minecraft
2020-05-30 14:07 - 2020-05-30 14:07 - 005775464 _____ C:\Users\mates\Downloads\DPTX_2013_1_11410_0_320031_0_146873.pdf
2020-05-30 11:04 - 2020-05-30 11:11 - 1508569524 _____ C:\Users\mates\Downloads\Plnou parou vzad-Boat trip DVDRip Cz 2002.avi
2020-05-27 18:45 - 2020-05-18 23:21 - 001729240 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-05-27 18:45 - 2020-05-18 23:21 - 001729240 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-05-27 18:45 - 2020-05-18 23:21 - 001329368 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-05-27 18:45 - 2020-05-18 23:21 - 001329368 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-05-27 18:45 - 2020-05-18 23:21 - 001079008 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-05-27 18:45 - 2020-05-18 23:21 - 001079008 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-05-27 18:45 - 2020-05-18 23:21 - 000937688 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-05-27 18:45 - 2020-05-18 23:21 - 000937688 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-05-27 18:45 - 2020-05-18 23:21 - 000451480 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-05-27 18:45 - 2020-05-18 23:21 - 000348056 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-05-27 18:45 - 2020-05-18 23:20 - 011944864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2020-05-27 18:45 - 2020-05-18 23:20 - 010286480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2020-05-27 18:45 - 2020-05-18 23:19 - 005856664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2020-05-27 18:45 - 2020-05-18 23:19 - 002072992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2020-05-27 18:45 - 2020-05-18 23:19 - 001722096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6444614.dll
2020-05-27 18:45 - 2020-05-18 23:19 - 001566096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2020-05-27 18:45 - 2020-05-18 23:19 - 001484184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6444614.dll
2020-05-27 18:45 - 2020-05-18 23:19 - 001482128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2020-05-27 18:45 - 2020-05-18 23:19 - 001350560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2020-05-27 18:45 - 2020-05-18 23:19 - 001141992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2020-05-27 18:45 - 2020-05-18 23:19 - 001048480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2020-05-27 18:45 - 2020-05-18 23:19 - 000816880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2020-05-27 18:45 - 2020-05-18 23:19 - 000811240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-05-27 18:45 - 2020-05-18 23:19 - 000680848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2020-05-27 18:45 - 2020-05-18 23:19 - 000676248 _____ C:\WINDOWS\system32\nvofapi64.dll
2020-05-27 18:45 - 2020-05-18 23:19 - 000655080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2020-05-27 18:45 - 2020-05-18 23:19 - 000546720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2020-05-27 18:45 - 2020-05-18 23:19 - 000543144 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2020-05-27 18:45 - 2020-05-18 23:18 - 017600240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2020-05-27 18:45 - 2020-05-18 23:18 - 015158000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2020-05-27 18:45 - 2020-05-18 23:18 - 005159320 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2020-05-27 18:45 - 2020-05-18 23:17 - 004195656 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2020-05-26 11:43 - 2020-06-09 21:27 - 000002738 _____ C:\WINDOWS\system32\Tasks\USER_ESRV_SVC_QUEENCREEK
2020-05-26 11:42 - 2020-05-26 11:42 - 002651768 _____ (Intel) C:\Users\mates\Downloads\Intel-Driver-and-Support-Assistant-Installer.exe
2020-05-25 18:37 - 2020-05-25 18:37 - 000244805 _____ C:\Users\mates\Downloads\e-book-JAK-aj.pdf
2020-05-24 21:32 - 2020-05-24 21:32 - 000030031 _____ C:\Users\mates\Downloads\ZOLDP.pdf
2020-05-24 16:05 - 2020-05-24 16:14 - 1941393325 _____ C:\Users\mates\Downloads\Ledové království II ( Frozen 2 2019 ) CZ dabing ,WEBrip,1080p,.mkv

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-06-17 14:12 - 2019-08-15 12:16 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-06-17 14:12 - 2019-08-15 12:07 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-06-17 00:17 - 2019-02-16 03:12 - 000000000 ____D C:\Program Files (x86)\Origin
2020-06-17 00:15 - 2019-08-15 12:19 - 001841642 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-06-17 00:15 - 2019-03-19 13:55 - 000768204 _____ C:\WINDOWS\system32\perfh005.dat
2020-06-17 00:15 - 2019-03-19 13:55 - 000170834 _____ C:\WINDOWS\system32\perfc005.dat
2020-06-17 00:15 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2020-06-17 00:13 - 2020-04-25 20:13 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2020-06-17 00:11 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-06-17 00:11 - 2018-01-04 08:57 - 000000000 ____D C:\ProgramData\NVIDIA
2020-06-17 00:10 - 2020-04-25 19:52 - 000000000 ____D C:\Program Files\Riot Vanguard
2020-06-17 00:10 - 2019-08-15 12:16 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-06-17 00:10 - 2019-03-19 06:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-06-17 00:10 - 2018-03-12 20:52 - 000000000 __SHD C:\Users\mates\IntelGraphicsProfiles
2020-06-16 23:44 - 2018-03-12 21:04 - 000000000 ____D C:\Users\mates\AppData\Local\CrashDumps
2020-06-16 23:40 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-06-16 23:24 - 2019-08-15 12:16 - 000002220 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-06-16 23:24 - 2019-08-15 12:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2020-06-16 23:24 - 2018-10-27 10:43 - 000000000 ____D C:\Users\mates\AppData\Roaming\vlc
2020-06-16 14:34 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-06-16 14:34 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-06-15 17:07 - 2018-03-12 21:00 - 000000000 ____D C:\ProgramData\AVAST Software
2020-06-14 11:32 - 2019-08-15 12:11 - 000000000 ____D C:\Users\mates
2020-06-13 23:53 - 2018-03-12 20:52 - 000000000 ____D C:\Users\mates\AppData\Local\VirtualStore
2020-06-13 20:05 - 2018-05-22 19:32 - 000000000 ____D C:\Program Files\Common Files\Intel
2020-06-13 20:05 - 2018-01-04 08:55 - 000000000 ____D C:\Program Files\Intel
2020-06-13 01:20 - 2019-08-15 12:07 - 000597656 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-06-13 01:20 - 2018-03-12 20:52 - 000000000 ___RD C:\Users\mates\3D Objects
2020-06-13 01:20 - 2017-10-06 01:38 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-06-13 01:19 - 2019-08-15 12:37 - 000000000 ____D C:\WINDOWS\HoloShell
2020-06-13 01:19 - 2019-03-19 13:58 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2020-06-13 01:19 - 2019-03-19 13:58 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2020-06-13 01:19 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2020-06-13 01:19 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\system32\F12
2020-06-13 01:19 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-06-13 01:19 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-06-13 01:19 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2020-06-13 01:19 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2020-06-13 01:19 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-06-13 01:19 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-06-13 01:19 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-06-13 01:19 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Com
2020-06-13 01:19 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2020-06-13 01:19 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-06-13 01:19 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-06-13 00:31 - 2019-10-27 14:26 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2020-06-13 00:31 - 2019-08-15 12:08 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OMEN Audio Control.lnk
2020-06-13 00:30 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-06-13 00:30 - 2018-01-04 08:56 - 003849681 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2020-06-13 00:30 - 2018-01-04 08:56 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2020-06-13 00:16 - 2019-08-15 12:09 - 002876416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2020-06-09 21:44 - 2020-05-05 21:44 - 000000000 ____D C:\Users\mates\Tracing
2020-06-09 21:44 - 2019-08-15 10:10 - 000000000 ___DC C:\WINDOWS\Panther
2020-06-09 21:43 - 2018-03-12 21:39 - 000000000 ____D C:\Users\mates\AppData\Roaming\TS3Client
2020-06-09 21:28 - 2018-12-25 20:59 - 000000364 _____ C:\WINDOWS\Tasks\HPCeeScheduleFormates.job
2020-06-09 21:27 - 2020-05-05 20:41 - 000002922 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3338606067-1684232597-4108431110-1001
2020-06-09 21:27 - 2019-08-15 12:16 - 000003462 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-06-09 21:27 - 2019-08-15 12:16 - 000003458 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-06-09 21:27 - 2019-08-15 12:16 - 000003256 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-06-09 21:27 - 2019-08-15 12:16 - 000003254 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-06-09 21:27 - 2019-08-15 12:16 - 000003238 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-06-09 21:27 - 2019-08-15 12:16 - 000003212 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-06-09 21:27 - 2019-08-15 12:16 - 000003102 _____ C:\WINDOWS\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2020-06-09 21:27 - 2019-08-15 12:16 - 000003044 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-06-09 21:27 - 2019-08-15 12:16 - 000003030 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132
2020-06-09 21:27 - 2019-08-15 12:16 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-06-09 21:27 - 2019-08-15 12:16 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-06-09 21:27 - 2019-08-15 12:16 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-06-09 21:27 - 2019-08-15 12:16 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-06-09 21:27 - 2019-08-15 12:16 - 000002974 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-06-09 21:27 - 2019-08-15 12:16 - 000002862 _____ C:\WINDOWS\system32\Tasks\HPCeeScheduleFormates
2020-06-09 21:27 - 2019-08-15 12:16 - 000002804 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-06-09 21:27 - 2019-08-15 12:16 - 000002664 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon
2020-06-06 10:43 - 2019-08-15 12:11 - 000002372 _____ C:\Users\mates\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-06-06 10:43 - 2018-03-12 20:54 - 000000000 ___RD C:\Users\mates\OneDrive
2020-06-05 23:03 - 2019-03-19 06:56 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-06-05 23:03 - 2019-03-19 06:56 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-06-05 02:12 - 2018-03-12 20:57 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-06-05 02:12 - 2018-03-12 20:57 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-06-05 02:12 - 2018-03-12 20:57 - 000002267 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-06-05 02:00 - 2018-03-12 20:52 - 000000000 ____D C:\Users\mates\AppData\Local\Packages
2020-05-31 17:55 - 2018-09-16 15:09 - 000000000 ____D C:\Users\mates\AppData\Local\Battle.net
2020-05-31 17:55 - 2018-09-16 15:09 - 000000000 ____D C:\Program Files (x86)\Battle.net
2020-05-30 19:35 - 2018-05-09 14:44 - 000000000 ____D C:\Users\mates\AppData\Local\D3DSCache
2020-05-30 19:03 - 2018-11-30 01:05 - 000000000 ____D C:\Users\mates\AppData\Local\NVIDIA
2020-05-30 18:52 - 2017-11-13 09:56 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2020-05-30 11:40 - 2019-10-21 14:04 - 000001517 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk
2020-05-30 11:40 - 2018-01-04 08:56 - 000000000 ____D C:\Program Files (x86)\Intel
2020-05-30 06:27 - 2019-06-18 12:18 - 000000000 ____D C:\Program Files\UNP
2020-05-28 19:00 - 2018-03-12 21:01 - 000319112 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2020-05-26 11:46 - 2018-12-14 19:16 - 000000000 ____D C:\Users\mates\Downloads\Intel Driver and Support Assistant
2020-05-26 11:43 - 2018-04-18 12:32 - 000000000 ____D C:\Users\mates\AppData\Local\Intel
2020-05-18 23:19 - 2019-08-14 21:43 - 023454448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2020-05-18 23:17 - 2019-08-14 21:43 - 004928256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll

==================== Files in the root of some directories ========

2018-08-17 18:46 - 2018-08-17 18:46 - 000000017 _____ () C:\Users\mates\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Uživatelský avatar
Mety
Level 2.5
Level 2.5
Příspěvky: 304
Registrován: duben 12
Bydliště: Markvartovice
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu (zpomalený notebook)

Příspěvekod Mety » 17 čer 2020 14:35

Log z Addition:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-06-2020
Ran by mates (17-06-2020 14:27:22)
Running from C:\Users\mates\Downloads
Windows 10 Home Version 1903 18362.900 (X64) (2019-08-15 10:16:56)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3338606067-1684232597-4108431110-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3338606067-1684232597-4108431110-503 - Limited - Disabled)
Guest (S-1-5-21-3338606067-1684232597-4108431110-501 - Limited - Disabled)
mates (S-1-5-21-3338606067-1684232597-4108431110-1001 - Administrator - Enabled) => C:\Users\mates
WDAGUtilityAccount (S-1-5-21-3338606067-1684232597-4108431110-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.255 - Adobe)
Aktualizace NVIDIA 38.0.5.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.5.0 - NVIDIA Corporation) Hidden
Apex Legends (HKLM-x32\...\{D7FBF176-382D-484E-863A-DFD1124A2A1C}) (Version: 1.0.3.3 - Electronic Arts, Inc.)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{6aa2484c-1a35-428e-a857-8ee0a874d2d1}) (Version: 20.110.0 - Intel Corporation)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.3.2405 - Avast Software)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version: - Blizzard Entertainment)
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Destiny 2 (HKLM-x32\...\Destiny 2) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-3338606067-1684232597-4108431110-1001\...\Discord) (Version: 0.0.306 - Discord Inc.)
Documentation Manager (HKLM\...\{59C2C057-0051-48B0-8570-75E21B5BBAE1}) (Version: 21.90.3.2 - Intel Corporation) Hidden
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
Epic Games Launcher (HKLM-x32\...\{0E63B233-DC24-442C-BD38-0B91D90FEC5B}) (Version: 1.1.167.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.97 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
HP Audio Switch (HKLM-x32\...\{3A5141D4-47DB-4302-9B1C-272BE585BC8A}) (Version: 1.0.179.0 - HP Inc.)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.16.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM-x32\...\{cdb5f70f-5107-4613-bf69-15de903b5b5d}) (Version: 5.5.22560 - HP Inc.)
HP JumpStart Bridge (HKLM-x32\...\{3FC961DB-BD36-4D8D-B276-0C456A2BB638}) (Version: 1.4.0.441 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{F213102E-FD30-4E22-AF73-4C682D65FFEE}) (Version: 1.4.441.0 - HP Inc.)
HP Support Assistant (HKLM-x32\...\{4AAC4B07-77EF-4BCF-88DC-D24E4DE683E8}) (Version: 8.8.26.13 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{4E100CB6-9312-48BC-9DC0-4F4D5C338449}) (Version: 12.16.22.11 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{57058272-92B0-4EFA-8FDD-ED3E5D689D37}) (Version: 1.4.32 - HP Inc.)
Intel Driver && Support Assistant (HKLM-x32\...\{AC62A2CE-110B-4DF9-93B4-3AEE721885F6}) (Version: 20.6.22.6 - Intel) Hidden
Intel XTU SDK (HKLM-x32\...\{43A58350-CB99-4F4E-9BB6-F058D7B27985}) (Version: 1.0.10 - HP Inc.) Hidden
Intel(R) Computing Improvement Program (HKLM\...\{D98C2DF9-C731-4322-A5F0-D897300216EE}) (Version: 2.4.05718 - Intel Corporation)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.11003.3588 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1043 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 24.20.100.6344 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.8.3.1003 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{2b32b7d0-4f9f-47c8-adb7-807e6cb2fb75}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000060-0210-1029-84C8-B8D95FA3C8C3}) (Version: 21.60.0.4 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{ac0384b9-75e3-4427-ab61-e59c3fa119a2}) (Version: 20.6.22.6 - Intel)
Intel® Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden
Intel® Software Installer (HKLM-x32\...\{4ac3b686-ca29-4a13-a973-06a4d4dd09e6}) (Version: 21.90.3.2 - Intel Corporation) Hidden
Java 8 Update 251 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180251F0}) (Version: 8.0.2510.8 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 83.0.478.50 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.129.31 - )
Microsoft Office Language Pack 2013 - Czech/čeština (HKLM\...\Office15.OMUI.cs-cz) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3338606067-1684232597-4108431110-1001\...\OneDriveSetup.exe) (Version: 20.064.0329.0008 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Minecraft 1.13.2 CZ + TLauncher 2.53 (HKLM-x32\...\Minecraft 1.13.2 CZ + TLauncher 2.53 1.13.2) (Version: 1.13.2 - Mojang)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.3.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.3.63 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.26 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 446.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 446.14 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OMEN Command Center (HKLM\...\{B13CB0A1-4411-404C-A7DB-BB1441B089EC}) (Version: 1.3.123 - HP Inc.)
OpenShot Video Editor verze 2.5.1 (HKLM\...\{4BB0DCDC-BC24-49EC-8937-72956C33A470}_is1) (Version: 2.5.1 - OpenShot Studios, LLC)
Origin (HKLM-x32\...\Origin) (Version: 10.5.66.38849 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 446.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 446.14 - NVIDIA Corporation) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.370.156 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.18.526.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8940.1 - Realtek Semiconductor Corp.)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.23.252 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.5.5 - Rockstar Games)
RogueKiller version 14.6.0.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 14.6.0.0 - Adlice Software)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0100-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{010BF41A-4D78-40C3-90BA-117DF64A0AE2}) (Version: - Microsoft)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.7.0 - Sophos Limited)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
TeamSpeak 3 Client (HKU\S-1-5-21-3338606067-1684232597-4108431110-1001\...\TeamSpeak 3 Client) (Version: 3.1.8 - TeamSpeak Systems GmbH)
The Sims 4 (HKLM-x32\...\The Sims 4_is1) (Version: - )
ToneMaker 1 (HKLM-x32\...\BloodyToneMaker) (Version: 17.10.0006 - Bloody)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
VALORANT (HKU\S-1-5-21-3338606067-1684232597-4108431110-1001\...\Riot Game valorant.live) (Version: - Riot Games, Inc)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.10 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
World of Warcraft Classic (HKLM-x32\...\World of Warcraft Classic) (Version: - Blizzard Entertainment)
Zemana AntiMalware verze 3.1.495 (HKLM-x32\...\{4E1F3677-C72E-4F7D-B66E-85467B1A289E}_is1) (Version: 3.1.495 - Zemana)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.8.5.0_x86__kgqvnymyfvs32 [2020-04-08] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.170.200.0_x86__kgqvnymyfvs32 [2020-06-13] (king.com)
Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_5.1.0.10_x86__h6adky7gbf63m [2020-06-03] (Gameloft SE)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.2.169.0_x64__rz1tebttyb220 [2020-04-18] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-05-16] (Microsoft Corporation)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_20.4.3.0_x64__xbfy0k16fey96 [2020-01-19] (Dropbox Inc.)
HP JumpStart -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStart_1.4.443.0_x86__v10z8vjag6ke6 [2018-01-04] (HP Inc.)
HP PC Hardware Diagnostics Windows -> C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnosticsWindows_1.6.4.0_x64__v10z8vjag6ke6 [2020-05-10] (HP Inc.)
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_4.8.1.1_x86__h6adky7gbf63m [2020-05-20] (Gameloft SE)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.5012.0_x64__8wekyb3d8bbwe [2020-05-03] (Microsoft Studios) [MS Ad]
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.41.21603.0_x64__8wekyb3d8bbwe [2020-06-13] (Microsoft Corporation)
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-26] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.96.725.0_x64__mcm4njqhnhss8 [2020-04-12] (Netflix, Inc.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0 [2020-06-03] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3338606067-1684232597-4108431110-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> "C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-3338606067-1684232597-4108431110-1001_Classes\CLSID\{C591CFEA-E432-495d-A0BE-58E4CCD87B17}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-05-05] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2019-11-04] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-05-05] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-05-05] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki129369.inf_amd64_3b3c0bad4e037f26\igfxDTCM.dll [2018-12-04] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-05-16] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2019-11-04] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-05-05] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\mates\AppData\Local\Microsoft\Edge\User Data\Default\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\mates\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) =============

2019-04-23 20:37 - 2014-01-10 11:48 - 004260352 _____ () [File not signed] C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\Data\RES\Forms\Internet_Advertisement\Internet_Advertisement_DLL.dll
2020-05-14 13:11 - 2020-05-14 13:11 - 000160768 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BRIDGECommon\2b748ba2da28dabbdeedfc56056b00a9\BRIDGECommon.ni.dll
2020-05-14 13:12 - 2020-05-14 13:12 - 000125440 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BridgeExtension\0c64190a26225f5770779ad2920eeaab\BridgeExtension.ni.dll
2020-05-14 13:12 - 2020-05-14 13:12 - 000395264 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CleanStartController\0fd9ae33902754ab94c8a2391a476909\CleanStartController.ni.dll
2020-05-14 13:12 - 2020-05-14 13:12 - 000145920 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Registratio4eabc192#\42f583f7e7a54bb735013d89bfb6d09a\RegistrationUtilities.ni.dll
2019-01-15 14:41 - 2019-01-15 14:41 - 098275328 _____ () [File not signed] D:\HRY\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libcef.dll
2019-01-15 14:41 - 2019-01-15 14:41 - 000092672 _____ () [File not signed] D:\HRY\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libEGL.dll
2019-01-15 14:41 - 2019-01-15 14:41 - 003922432 _____ () [File not signed] D:\HRY\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libGLESv2.dll
2020-05-14 13:12 - 2020-05-14 13:12 - 000136192 _____ (HP Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CommonPortable\de6bd5661c3d27ed00bceec2a4d85372\CommonPortable.ni.dll
2020-05-14 13:11 - 2020-05-14 13:11 - 002306560 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\253f2534f5b7d7d01e4954cabaac29f1\Newtonsoft.Json.ni.dll
2020-03-10 10:31 - 2020-03-10 10:31 - 001631744 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\SQLite.Interop.dll
2020-03-10 10:31 - 2020-03-10 10:31 - 001918464 _____ (SQLite Development Team) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\sqlite3.DLL
2019-01-15 14:41 - 2019-01-15 14:41 - 000547840 _____ (The Chromium Authors) [File not signed] D:\HRY\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\chrome_elf.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\mates\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\mates\Data aplikací:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\mates\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Public\AppData:CSM [472]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [468]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-29 15:46 - 2020-06-16 23:44 - 000000841 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Windows Live\Shared
HKU\S-1-5-21-3338606067-1684232597-4108431110-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\mates\Downloads\d28b10477f6a7d7cdef1e50ca2ee8815.jpg
DNS Servers: 62.129.50.20 - 85.135.32.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is disabled.

Network Binding:
=============
Wi-Fi: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled)
Ethernet 2: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{5F7552D8-2CD1-49A7-815B-817E4C9139DD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DF3B135E-911F-457F-85FC-4897B7F24F2C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EF80B36E-0ABA-4FC6-9647-711177D38C81}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{12C7303A-FB1D-4B72-B22E-685E6DD04F22}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{6A9C0C4B-8682-4D2C-AD5B-E338253045DB}D:\hry\destiny 2\destiny2.exe] => (Allow) D:\hry\destiny 2\destiny2.exe (Bungie Inc. -> Bungie)
FirewallRules: [UDP Query User{43E3D779-9AE1-4E58-B4F5-6DE61BB81DA6}D:\hry\destiny 2\destiny2.exe] => (Allow) D:\hry\destiny 2\destiny2.exe (Bungie Inc. -> Bungie)
FirewallRules: [{99142B2A-7DAA-42D8-A000-B6E2EADD57DF}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{7A565D3C-2F46-4372-9EBA-021F8DC57C15}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{9E7380A1-71B0-48AF-A70A-A29359DAA083}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C418E387-5A36-4220-8CE9-C4EE2CEF1DC2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{8BA467E1-25F2-4652-8CA4-B35CBB7A5B67}D:\hry\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\hry\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{3E5CADC7-25A0-4744-BCD2-BFA84E6A40E0}D:\hry\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\hry\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{D1D1D6BB-936F-4644-8D75-20FBA1CBA6C2}D:\hry\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\hry\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{2D53B85C-5DBF-4B35-A90A-F31282509489}D:\hry\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\hry\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{F6BF2149-7E8D-4F0E-9948-1F2FA838C967}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [TCP Query User{547421F3-5C65-48D1-B71F-6F85B44DA6AB}D:\hry\hearthstone\hearthstone.exe] => (Allow) D:\hry\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [UDP Query User{2684E080-3582-4073-BC56-C7B6BCA162FC}D:\hry\hearthstone\hearthstone.exe] => (Allow) D:\hry\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [TCP Query User{CF94920D-D877-4FAA-8AC2-498098D5E5FA}D:\hry\apex\r5apex.exe] => (Allow) D:\hry\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment)
FirewallRules: [UDP Query User{3DB7C2A3-38AD-4CE4-8BBA-2A744EC44805}D:\hry\apex\r5apex.exe] => (Allow) D:\hry\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment)
FirewallRules: [{02F534D4-8DD7-4921-8F51-76BCD9D7D435}] => (Allow) D:\SteamGames\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{7468EDA4-A0D3-4D38-9948-B51752E68A15}] => (Allow) D:\SteamGames\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{347EA017-39F8-46EB-B2F5-812DC4D598F7}] => (Allow) D:\SteamGames\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{95655875-6CA9-4378-839F-C65FD2B62051}] => (Allow) D:\SteamGames\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{0EED5D20-28FA-4A34-BB9C-379A17EE089E}] => (Allow) D:\SteamGames\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{051B984E-F482-4EF2-9D48-8BF2EBF74A55}] => (Allow) D:\SteamGames\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{A9896463-FC99-4309-B47C-CFDB67C159E4}] => (Allow) D:\SteamGames\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (PUBG CORPORATION -> PUBG Corporation)
FirewallRules: [{ED495D20-A9BA-4A90-A85E-D9389D6F5B8C}] => (Allow) D:\SteamGames\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (PUBG CORPORATION -> PUBG Corporation)
FirewallRules: [TCP Query User{FDC61643-D6C5-48E7-B712-61A211F470BE}D:\hry\league of legends\game\league of legends.exe] => (Allow) D:\hry\league of legends\game\league of legends.exe (Riot Games, Inc. -> )
FirewallRules: [UDP Query User{0718731A-5D37-43E7-A88C-58C7B508E0F4}D:\hry\league of legends\game\league of legends.exe] => (Allow) D:\hry\league of legends\game\league of legends.exe (Riot Games, Inc. -> )
FirewallRules: [{C1A67688-AFD1-44DF-8146-1B154FC90178}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.12026.20334.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DA4330DC-EF22-44DF-9F9F-A6AFAC23DA1F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A6D82A31-6BB4-447C-B6CB-27AC4915E0BE}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2DF23CAE-3473-46BC-A374-7E8E399BE95C}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C23E1C87-F4D8-47E0-AC1C-F5F6D97A196F}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A9007FAE-9C66-42D4-80DA-739B527CB338}] => (Allow) D:\SteamGames\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{CB7CD958-0058-475B-9F00-693C4E3F3183}] => (Allow) D:\SteamGames\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{C0A8590A-69B1-42E7-B34F-791D94F88939}D:\steamgames\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steamgames\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (PUBG CORPORATION -> Bluehole GinnoGames, Inc.)
FirewallRules: [UDP Query User{E07835B9-7A38-43FB-9A35-3983069E79F9}D:\steamgames\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steamgames\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (PUBG CORPORATION -> Bluehole GinnoGames, Inc.)
FirewallRules: [TCP Query User{4F86FF50-51A1-424B-9D98-E8FE81E70DF8}C:\users\mates\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\mates\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{3967EAE2-4D28-4EBE-8C9D-F21BF4F509F5}C:\users\mates\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\mates\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{A4DA71FC-541E-43A6-A7F0-C298F24F2056}D:\hry\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\hry\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [UDP Query User{F49E793C-A0EC-4F5E-810B-2B8A799770C9}D:\hry\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\hry\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{D75DCD11-4190-43F6-945C-44CA4233189B}] => (Allow) D:\HRY\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{3073E6B2-2235-4BBC-82AA-A7056913D5A6}] => (Allow) D:\HRY\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{D51BB0CC-DFA6-4BBC-A41F-8A64FB0501C8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{ED6374CB-9812-43BE-ABF2-6E5BA1D4906B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9326612E-08EE-4C0C-9120-E731AC0EF16E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{06ECD57C-801B-49B4-AC05-BCF2544E7EB4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7190BE08-020C-45AB-9F7B-46C059E37DF1}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D617927F-4E55-4F2D-95F8-2E7534472AA7}] => (Allow) LPort=2869
FirewallRules: [{A3A907BC-33E3-4D71-A7E7-3F62759E6ED3}] => (Allow) LPort=1900
FirewallRules: [{9A3EC7CD-C98D-4DAD-AAB4-773D8759BF23}] => (Allow) C:\Program Files\OpenShot Video Editor\openshot-qt.exe (OpenShot Studios, LLC) [File not signed]
FirewallRules: [TCP Query User{414EE8B4-D03F-4309-B3BF-A561DB413CF3}D:\hry\gtav\gta5.exe] => (Allow) D:\hry\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{AA11E332-801B-441F-BD58-29D7DA21FBDF}D:\hry\gtav\gta5.exe] => (Allow) D:\hry\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{66C7A307-C355-4D1A-9F27-B5B88C9E6ECC}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{9A9A67A8-092E-4961-BEFD-415B9B9DF679}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{B7ED34F6-4039-4498-94A2-FCBFDAF2AACD}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{3204FF52-3C6C-4159-BC7B-CE817E031A88}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [TCP Query User{EBCEBC6C-ABDE-458A-86D2-A57CE540BFF8}C:\users\mates\appdata\roaming\.tlauncher\jvms\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\users\mates\appdata\roaming\.tlauncher\jvms\jre1.8.0_51\bin\javaw.exe => No File
FirewallRules: [UDP Query User{0EFA25FA-4649-457F-BC30-3DBE865BA34F}C:\users\mates\appdata\roaming\.tlauncher\jvms\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\users\mates\appdata\roaming\.tlauncher\jvms\jre1.8.0_51\bin\javaw.exe => No File
FirewallRules: [{0D5FEEE9-F55E-4279-A5F0-0D01816450BB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{39B9E7B1-46EF-4A36-8DED-AAC2AD83E811}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{87598B26-B0CF-477A-92E3-FB58EBCF5471}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8EDDC9F0-B1E2-416D-98CD-DA2B1260183E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DB97AC22-FFF7-4D37-BD58-3497A2434F2C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{15682E21-86E7-4EF5-BBE3-286DC714CF29}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A98CB8CF-4DBA-4ECC-9E01-C858C27799B6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{48F6F008-6400-4E87-90C5-BAC8611EE1B4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{685A9767-812F-4619-AC3C-0008F9283B4A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{226ED926-0B4F-4600-B224-459AEA0261F9}] => (Allow) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

08-06-2020 11:46:56 Naplánovaný kontrolní bod
10-06-2020 10:57:45 Nainstalováno rozhraní DirectX
15-06-2020 16:49:31 JRT Pre-Junkware Removal
16-06-2020 23:43:55 zoek.exe restore point

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (06/17/2020 02:12:59 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (11644,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (06/17/2020 01:02:59 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1844

Error: (06/17/2020 01:02:59 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1844

Error: (06/17/2020 01:02:59 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/17/2020 12:24:26 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1843

Error: (06/17/2020 12:24:26 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1843

Error: (06/17/2020 12:24:26 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/17/2020 12:21:31 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3768,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).


System errors:
=============
Error: (06/17/2020 02:19:12 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\system32\IntelIHVRouter04.dll

Error: (06/17/2020 12:24:22 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\system32\IntelIHVRouter04.dll

Error: (06/17/2020 12:17:41 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Origin Web Helper Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (06/17/2020 12:17:38 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Energy Server Service queencreek byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (06/17/2020 12:17:37 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Driver & Support Assistant byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (06/17/2020 12:17:34 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Driver & Support Assistant Updater byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (06/17/2020 12:04:38 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (06/17/2020 12:04:38 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.


CodeIntegrity:
===================================

Date: 2020-06-17 14:25:26.596
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-06-17 14:25:25.572
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-06-17 14:25:24.793
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-06-17 14:25:24.194
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-06-17 14:25:23.857
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-06-17 14:25:23.642
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-06-17 14:25:23.633
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-06-17 14:25:23.632
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. F.10 11/01/2017
Motherboard: HP 838F
Processor: Intel(R) Core(TM) i5-7300HQ CPU @ 2.50GHz
Percentage of memory in use: 61%
Total physical RAM: 8071.1 MB
Available physical RAM: 3084.97 MB
Total Virtual: 14727.1 MB
Available Virtual: 7792.3 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:237.24 GB) (Free:86.8 GB) NTFS
Drive d: (DATA) (Fixed) (Total:917.6 GB) (Free:207.62 GB) NTFS
Drive e: (RECOVERY) (Fixed) (Total:13.91 GB) (Free:1.66 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{0c0595fb-1f7b-4c78-82dd-affcaa16b5bf}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.39 GB) NTFS
\\?\Volume{333a074c-9813-4855-96f9-ff63c4455f30}\ () (Fixed) (Total:0.25 GB) (Free:0.18 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 2CB5B8AE)

Partition: GPT.

==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: E8793BCC)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu (zpomalený notebook)

Příspěvekod jaro3 » 17 čer 2020 17:23

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-3338606067-1684232597-4108431110-1001\...\MountPoints2: {f41b0b89-3852-11ea-b279-e470b8d39fcc} - "F:\HiSuiteDownLoader.exe"
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {69B96357-7A24-40E1-ABCD-AF0215FE2B57} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-03-12] (Google Inc -> Google Inc.)
Task: {FFC11654-9C55-4162-8289-00D64236F95D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-03-12] (Google Inc -> Google Inc.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
SearchScopes: HKU\S-1-5-21-3338606067-1684232597-4108431110-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\Users\mates\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\mates\Data aplikací:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\mates\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
FirewallRules: [UDP Query User{0EFA25FA-4649-457F-BC30-3DBE865BA34F}C:\users\mates\appdata\roaming\.tlauncher\jvms\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\users\mates\appdata\roaming\.tlauncher\jvms\jre1.8.0_51\bin\javaw.exe => No File

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Uživatelský avatar
Mety
Level 2.5
Level 2.5
Příspěvky: 304
Registrován: duben 12
Bydliště: Markvartovice
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu (zpomalený notebook)

Příspěvekod Mety » 17 čer 2020 17:36

Fixlog:

Fix result of Farbar Recovery Scan Tool (x64) Version: 06-06-2020
Ran by mates (17-06-2020 17:26:32) Run:1
Running from C:\Users\mates\Desktop
Loaded Profiles: mates
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-3338606067-1684232597-4108431110-1001\...\MountPoints2: {f41b0b89-3852-11ea-b279-e470b8d39fcc} - "F:\HiSuiteDownLoader.exe"
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {69B96357-7A24-40E1-ABCD-AF0215FE2B57} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-03-12] (Google Inc -> Google Inc.)
Task: {FFC11654-9C55-4162-8289-00D64236F95D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-03-12] (Google Inc -> Google Inc.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
SearchScopes: HKU\S-1-5-21-3338606067-1684232597-4108431110-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\Users\mates\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\mates\Data aplikací:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\mates\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
FirewallRules: [UDP Query User{0EFA25FA-4649-457F-BC30-3DBE865BA34F}C:\users\mates\appdata\roaming\.tlauncher\jvms\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\users\mates\appdata\roaming\.tlauncher\jvms\jre1.8.0_51\bin\javaw.exe => No File

EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.
HKU\S-1-5-21-3338606067-1684232597-4108431110-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f41b0b89-3852-11ea-b279-e470b8d39fcc} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} => Error: No automatic fix found for this entry.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{69B96357-7A24-40E1-ABCD-AF0215FE2B57}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{69B96357-7A24-40E1-ABCD-AF0215FE2B57}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FFC11654-9C55-4162-8289-00D64236F95D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FFC11654-9C55-4162-8289-00D64236F95D}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKU\S-1-5-21-3338606067-1684232597-4108431110-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck => removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
C:\Users\mates\Application Data => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS removed successfully
"C:\Users\mates\Data aplikací" => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS not found.
"C:\Users\mates\AppData\Roaming" => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS not found.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0EFA25FA-4649-457F-BC30-3DBE865BA34F}C:\users\mates\appdata\roaming\.tlauncher\jvms\jre1.8.0_51\bin\javaw.exe" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 19184788 B
Java, Flash, Steam htmlcache => 58059043 B
Windows/system/drivers => 197470 B
Edge => 0 B
Chrome => 365424616 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 6656 B
systemprofile32 => 6656 B
LocalService => 11028 B
NetworkService => 11028 B
mates => 6253112 B

RecycleBin => 0 B
EmptyTemp: => 438.6 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 17:26:59 ====

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu (zpomalený notebook)

Příspěvekod jaro3 » 17 čer 2020 19:01

Co problémy?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 9 hostů