Jump to content

RTP Trojan - outgoing with port 137 (?)


Recommended Posts

 

Hello, my malwarebytes sometimes inform me about blocked rtp outgoing connection (trojan) from different ip to port 137. I blocked this port on my second antyvirus - eset nod32 but this still appears. 2 antyviruses can't find this trojan... scaninng, scaninng and nothing... 

somebody? please help me 🤕

-Log Details-
Protection Event Date: 8/11/20
Protection Event Time: 7:42 AM
Log File: 65fd68c2-db95-11ea-8a37-d45d64524d3b.json

-Software Information-
Version: 4.1.2.73
Components Version: 1.0.1003
Update Package Version: 1.0.28303
License: Premium

-System Information-
OS: Windows 10 (Build 18362.959)
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, System, Blocked, -1, -1, 0.0.0, , 

-Website Data-
Category: Trojan
Domain: 
IP Address: 176.221.220.7
Port: 137
Type: Outbound
File: System

(end)

or

-Log Details-
Protection Event Date: 8/11/20
Protection Event Time: 7:41 AM
Log File: 4b1e1e5c-db95-11ea-95ea-d45d64524d3b.json

-Software Information-
Version: 4.1.2.73
Components Version: 1.0.1003
Update Package Version: 1.0.28303
License: Premium

-System Information-
OS: Windows 10 (Build 18362.959)
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, System, Blocked, -1, -1, 0.0.0, , 

-Website Data-
Category: Trojan
Domain: 
IP Address: 37.232.4.190
Port: 137
Type: Outbound
File: System

(end)

 

Link to post
Share on other sites

Hello dzikimurai and welcome to Malwarebytes,

Run the following:

Download Farbar Recovery Scan Tool and save it to your desktop.

Alternative download option: http://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

If your security alerts to FRST either, accept the alert or turn your security off to allow FRST to run. It is not malicious or infected in any way...

Be aware FRST must be run from an account with Administrator status...

When you`ve downloaded FRST64.exe, rename it to FRST64English.exe...
 
  • Double-click to run it. When the tool opens click Yes to disclaimer.(Windows 8/10 users will be prompted about Windows SmartScreen protection - click More information and Run.)
  • Make sure Addition.txt is checkmarked under "Optional scans"
    user posted image
     
  • Press Scan button to run the tool....
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The tool will also make a log named (Addition.txt) Please attach that log to your reply.


Thank you,

Kevin..
Link to post
Share on other sites

4 hours ago, kevinf80 said:
Witaj dzikimurai i witaj w Malwarebytes,

uruchom następujące polecenie:

Pobierz narzędzie Farbar Recovery Scan Tool i zapisz je na pulpicie.

Alternatywna opcja pobierania: http://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html

Uwaga : Musisz uruchomić wersję kompatybilną z twoim systemem (32-bitową lub 64-bitową). Jeśli nie jesteś pewien, która wersja dotyczy Twojego systemu, pobierz obie i spróbuj je uruchomić. Tylko jeden z nich będzie działał w twoim systemie, będzie to właściwa wersja.

Jeśli również alerty bezpieczeństwa wysyłane są do FRST, zaakceptuj alert lub wyłącz zabezpieczenia, aby umożliwić uruchomienie FRST. Nie jest złośliwy ani w żaden sposób zainfekowany ...

Należy pamiętać, że FRST musi być uruchamiany z konta ze statusem administratora ...

Po pobraniu FRST64.exe zmień jego nazwę na FRST64English.exe ...
 
  • Kliknij dwukrotnie, aby go uruchomić. Gdy narzędzie się otworzy, kliknij Tak, aby zrzec się odpowiedzialności (użytkownicy systemu Windows 8/10 zostaną poproszeni o ochronę Windows SmartScreen - kliknij Więcej informacji i Uruchom).
  • Upewnij się, że Addition.txt jest zaznaczone w sekcji „Skanowania opcjonalne”
    obraz opublikowany przez użytkownika
     
  • Naciśnij przycisk Skanuj , aby uruchomić narzędzie ....
  • Spowoduje to utworzenie dziennika ( FRST.txt ) w tym samym katalogu, w którym narzędzie jest uruchamiane. Skopiuj go i wklej do swojej odpowiedzi.
  • Narzędzie utworzy również dziennik o nazwie ( Addition.txt ). Dołącz ten dziennik do swojej odpowiedzi.


Dziękuję,

Kevin ...

FRST.TXT:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-08-2020
Ran by piter (administrator) on DESKTOP-QS6UT4F (11-08-2020 16:30:07)
Running from E:\Pobrane
Loaded Profiles: piter
Platform: Windows 10 Pro Version 1909 18363.959 (X64) Language: Polski (Polska)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Systems Inc.) [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc. -> Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.00.45\atkexComSvc.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(ASUSTeK Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe
(ASUSTeK Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.UserSessionHelper.exe
(ASUSTEK COMPUTER INCORPORATION -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe
(Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\10.1.0.3194\AdskLicensingService\AdskLicensingService.exe
(A-Volute -> Nahimic) C:\Windows\System32\NahimicService.exe
(A-Volute -> Nahimic) C:\Windows\System32\NahimicSvc64.exe <2>
(A-Volute -> Nahimic) C:\Windows\SysWOW64\NahimicSvc32.exe <2>
(Chris Andriessen) [File not signed] D:\Programy\Windows\TskBarX\TaskbarX.exe
(Cooler Master) [File not signed] C:\Program Files (x86)\AMD Wraith\Wraith Prism\Wraith Prism HID.exe
(Discord Inc. -> Discord Inc.) C:\Users\piter\AppData\Local\Discord\app-0.0.307\Discord.exe <6>
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <4>
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\104.3.170\QtWebEngineProcess.exe <2>
(Electronic Arts, Inc. -> ) D:\Gry\Origin\QtWebEngineProcess.exe <2>
(Electronic Arts, Inc. -> Electronic Arts) D:\Gry\Origin\Origin.exe
(Electronic Arts, Inc. -> Electronic Arts) D:\Gry\Origin\OriginClientService.exe
(Electronic Arts, Inc. -> Electronic Arts) D:\Gry\Origin\OriginWebHelperService.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Firebit OU -> Rainmeter) D:\Programy\Windows\Rainmeter\Rainmeter.exe
(Flexera Software LLC -> Flexera) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
(GlassWire -> SecureMix LLC) C:\Program Files (x86)\GlassWire\GlassWire.exe
(GlassWire -> SecureMix LLC) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
(GlassWire -> SecureMix LLC) C:\Program Files (x86)\GlassWire\GWIdlMon.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <18>
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Logitech Inc -> Logitech) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(Logitech Inc -> Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12007.1001.2.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CredentialEnrollmentManager.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_edab19158bdd0d0a\Display.NvContainer\NVDisplay.Container.exe <2>
(Paddy Xu) C:\Program Files\WindowsApps\21090PaddyXu.QuickLook_3.6.9.0_neutral__egxr34yet59cg\Package\QuickLook.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(TEFINCOM S.A. -> TEFINCOM S.A.) C:\Program Files\NordVPN\nordvpn-service.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) D:\Gry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) D:\Gry\Steam\steam.exe
(WeMod LLC -> Daring Development Inc.) C:\Users\piter\AppData\Local\WeMod\app-6.3.10\resources\app.asar.unpacked\static\unpacked\auxiliary\WeModAuxiliaryService.exe
(WeMod LLC -> WeMod) C:\Users\piter\AppData\Local\WeMod\app-6.3.10\WeMod.exe <4>
(Wire Swiss GmbH -> Wire) C:\Users\piter\AppData\Local\wire\app-3.19.3731\Wire.exe <6>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [961824 2019-07-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [185648 2020-07-31] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302392 2020-05-20] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [2109064 2020-04-27] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7651840 2020-08-07] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Autodesk Genuine Service ] => C:\Users\piter\AppData\Local\Programs\Autodesk\Genuine Service\GenuineService.exe [1077864 2020-01-02] (Autodesk, Inc. -> Autodesk)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [664872 2020-03-04] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM-x32\...\Run: [Wraith Prism] => C:\Program Files (x86)\AMD Wraith\Wraith Prism\Wraith Prism HID.exe [1899520 2019-05-03] (Cooler Master) [File not signed]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5314096 2020-03-06] (Adobe Inc. -> Adobe Systems Inc.) [File not signed]
HKLM-x32\...\Run: [] => [X]
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-1489700858-2589907274-1545136375-1001\...\Run: [Steam] => D:\Gry\Steam\steam.exe [3377440 2020-07-31] (Valve -> Valve Corporation)
HKU\S-1-5-21-1489700858-2589907274-1545136375-1001\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [648328 2020-03-09] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1489700858-2589907274-1545136375-1001\...\Run: [Wire] => C:\Users\piter\AppData\Local\wire\update.exe [2224792 2020-08-05] (Wire Swiss GmbH -> )
HKU\S-1-5-21-1489700858-2589907274-1545136375-1001\...\Run: [GlassWire] => C:\Program Files (x86)\GlassWire\glasswire.exe [7864296 2019-10-02] (GlassWire -> SecureMix LLC)
HKU\S-1-5-21-1489700858-2589907274-1545136375-1001\...\Run: [qBittorrent] => D:\Programy\qBittorrent\qbittorrent.exe [25509376 2020-04-25] () [File not signed]
HKU\S-1-5-21-1489700858-2589907274-1545136375-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-03-22] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1489700858-2589907274-1545136375-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2020-03-22] (Apple Inc. -> Apple Inc.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [65488 2020-03-06] (Adobe Inc. -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.125\Installer\chrmstp.exe [2020-08-10] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2020-08-07]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS -> SteelSeries ApS)
Startup: C:\Users\piter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2020-05-09]
ShortcutTarget: Rainmeter.lnk -> D:\Programy\Windows\Rainmeter\Rainmeter.exe (Firebit OU -> Rainmeter)
Startup: C:\Users\piter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2020-05-01]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS -> SteelSeries ApS)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {026A72B5-C5B0-466A-9615-E47D8CC0ACAA} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {04A97500-8305-41AF-A0D5-43976CD47EEE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-21] (Google LLC -> Google LLC)
Task: {060A20F2-A47E-4D73-B6B1-CC61772E9843} - System32\Tasks\AMDAutoUpdate => C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe [677624 2019-11-21] (Advanced Micro Devices INC. -> )
Task: {063FB173-CCEE-42D6-95E2-A7B2612FD060} - System32\Tasks\TaskbarX => D:\Programy\Windows\TskBarX\TaskbarX.exe [244736 2020-05-03] (Chris Andriessen) [File not signed]
Task: {15013557-4ACC-4F3A-9BBC-8F974DC9C2C8} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-05-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1F94764E-D549-4D0D-A3E1-9F012F8AB94A} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2020-04-22] (Dropbox, Inc -> Dropbox, Inc.)
Task: {215A83AA-29CE-4488-A01D-3CD9C70F2FD7} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2E72561F-1CD2-402F-A35F-2B136F2C4942} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [647656 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {34ae80b5-ee5c-40e8-936c-cb918d3530ad} - no filepath
Task: {37a8c9ae-3ca1-4fc9-8f21-e84b1fe2731e} - no filepath
Task: {4912AA52-4703-4276-AC87-F0CFB34AC5AB} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {49847c8f-f07e-4021-9922-4a390d3489ee} - no filepath
Task: {4D81CA31-BA2F-4AB8-8334-1A8BC02280BF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task: {559F50B8-00B9-4F2A-B465-9EFB66B9F6AB} - System32\Tasks\NahimicSvc32Run => C:\Windows\SysWOW64\NahimicSvc32.exe [810224 2020-05-07] (A-Volute -> Nahimic)
Task: {5bf6052b-b345-4724-b639-b29fe2dded13} - no filepath
Task: {5BFFEAE2-23DB-47BC-9DAF-4527862078FA} - System32\Tasks\NahimicSvc64Run => C:\Windows\system32\NahimicSvc64.exe [1080568 2020-05-07] (A-Volute -> Nahimic)
Task: {5CC5823B-CC8B-40CA-B4BC-79066DD30E96} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [49048864 2020-03-16] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {61A566DD-98C1-41EA-BA10-88D3D17DE7B7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-21] (Google LLC -> Google LLC)
Task: {66B18637-1969-400F-A952-35619AEEFCD8} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [163176 2020-04-21] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {7481EEA7-B74A-432F-AEDC-D6FE1992C889} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {750A595B-60D9-4DE8-8591-FE1B96190F4A} - System32\Tasks\NahimicTask64 => C:\Windows\system32\.\NahimicSvc64.exe [1080568 2020-05-07] (A-Volute -> Nahimic)
Task: {84279027-DBE1-434D-84C9-431BC6832A99} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [1729736 2020-06-19] (ASUSTeK Computer Inc. -> ASUS)
Task: {86ABD25A-AFDE-481E-8E92-75E37E211C05} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {876D84A1-BE4E-4405-91AE-39C0C37777B2} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-05-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B162ADBC-C74F-47A1-AFB9-4C5B3CBB246F} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore1d617f81953f1ae => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [163176 2020-04-21] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {B2779DE3-AA47-4557-A5B8-9742E7AFD6D7} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2020-04-22] (Dropbox, Inc -> Dropbox, Inc.)
Task: {B4F69DE4-3FB1-4FE6-BA68-07550B103FF3} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BE897647-1507-482B-AC69-CF95153479DC} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3292984 2020-06-25] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C171DD18-0780-486B-A342-9751763AEDAA} - System32\Tasks\NahimicTask32 => C:\Windows\system32\..\SysWOW64\NahimicSvc32.exe [810224 2020-05-07] (A-Volute -> Nahimic)
Task: {D399F6FF-4D2A-4539-BE52-D62B977DD6EC} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [124112 2020-07-29] (Mozilla Corporation -> Mozilla Foundation)
Task: {DAF7B61D-545A-4A40-B50E-9121BF89958D} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe [60408 2020-04-23] (ASUSTeK Computer Inc. -> )
Task: {FBB1E6ED-D5EB-45C2-BD5B-5393A8F85377} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 62.179.1.63 62.179.1.62
Tcpip\..\Interfaces\{00185990-d244-4dd7-ad05-7b00463fc6b3}: [NameServer] 1.1.1.1,208.67.222.222
Tcpip\..\Interfaces\{00185990-d244-4dd7-ad05-7b00463fc6b3}: [DhcpNameServer] 62.179.1.63 62.179.1.62
Tcpip\..\Interfaces\{71bc808d-c16c-4ff4-a3ed-3b8253baad27}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{e89bc6d4-c76c-461c-b874-e5a95e9146d0}: [DhcpNameServer] 62.179.1.63 62.179.1.62

Internet Explorer:
==================
HKU\S-1-5-21-1489700858-2589907274-1545136375-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.pl/
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

Edge: 
======
DownloadDir: E:\Pobrane
Edge Profile: C:\Users\piter\AppData\Local\Microsoft\Edge\User Data\Default [2020-08-07]
Edge DownloadDir: E:\Pobrane
Edge HomePage: Default -> hxxp://google.pl/
Edge Extension: (Tłumacz Google) - C:\Users\piter\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-08-05]
Edge Extension: (lock) - C:\Users\piter\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dppgmdbiimibapkepcbdbmkaabgiofem [2020-08-05]
Edge Extension: (WebRTC Leak Prevent) - C:\Users\piter\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\eiadekoaikejlgdbkbdfeijglgfdalml [2020-08-05]
Edge Extension: (Wikiwand: Wikipedia Modernized) - C:\Users\piter\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\emffkefkbkpkgpdeeooapgaicgmcbolj [2020-08-05]
Edge Extension: (Nano Adblocker) - C:\Users\piter\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\epbkapkgcmdmfpogenoebpdeibmfinpf [2020-08-05]
Edge Extension: (Zakładki iCloud) - C:\Users\piter\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2020-08-05]
Edge Extension: (Tampermonkey) - C:\Users\piter\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\iikmkjmpaadaobahmlepeloendndfphd [2020-08-05]
Edge Extension: (Nano Defender Pro) - C:\Users\piter\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ijfkmnlofajajikjhfiigelipempcklj [2020-08-05]
Edge Extension: (Decentraleyes) - C:\Users\piter\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ldpochfccmkkmhdbclfhpagapcfdljkj [2020-08-05]
Edge Extension: (Snowflake) - C:\Users\piter\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mafpmfcccpbjnhfhjnllmmalhifmlcie [2020-08-05]
Edge Extension: (Privacy Badger) - C:\Users\piter\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mkejgcgkdlddbggjhhflekkondicpnop [2020-08-05]

FireFox:
========
FF DefaultProfile: 3f939lcb.default
FF ProfilePath: C:\Users\piter\AppData\Roaming\Mozilla\Firefox\Profiles\3f939lcb.default [2020-04-28]
FF ProfilePath: C:\Users\piter\AppData\Roaming\Mozilla\Firefox\Profiles\q9pyn4b0.default-release [2020-07-30]
FF Extension: (CanvasBlocker) - C:\Users\piter\AppData\Roaming\Mozilla\Firefox\Profiles\q9pyn4b0.default-release\Extensions\CanvasBlocker@kkapsner.de.xpi [2020-06-09]
FF Extension: (Cookie AutoDelete) - C:\Users\piter\AppData\Roaming\Mozilla\Firefox\Profiles\q9pyn4b0.default-release\Extensions\CookieAutoDelete@kennydo.com.xpi [2020-07-29]
FF Extension: (HTTPS Everywhere) - C:\Users\piter\AppData\Roaming\Mozilla\Firefox\Profiles\q9pyn4b0.default-release\Extensions\https-everywhere-eff@eff.org.xpi [2020-07-29] [UpdateUrl:hxxps://www.eff.org/files/https-everywhere-updates.json]
FF Extension: (Decentraleyes) - C:\Users\piter\AppData\Roaming\Mozilla\Firefox\Profiles\q9pyn4b0.default-release\Extensions\jid1-BoFifL9Vbdl2zQ@jetpack.xpi [2020-04-28]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2020-03-05]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin-x32: @tools.asus.com/ASUS Update;version=3 -> C:\Program Files (x86)\ASUS\Update\1.3.107.27\npAsusUpdate3.dll [2020-08-05] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FF Plugin-x32: @tools.asus.com/ASUS Update;version=9 -> C:\Program Files (x86)\ASUS\Update\1.3.107.27\npAsusUpdate3.dll [2020-08-05] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2020-08-11]

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\piter\AppData\Local\Google\Chrome\User Data\Default [2020-08-11]
CHR DownloadDir: E:\Pobrane
CHR HomePage: Default -> hxxp://smaker.pl/przepis-sernik-z-brzoskwiniami-wg-ewy,102786.html
CHR StartupUrls: Default -> "hxxp://www.google.pl/"
CHR Extension: (Tłumacz Google) - C:\Users\piter\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-04-21]
CHR Extension: (Prezentacje) - C:\Users\piter\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-04-21]
CHR Extension: (lock) - C:\Users\piter\AppData\Local\Google\Chrome\User Data\Default\Extensions\aeblfdkhhhdcdjpifhhbdiojplfjncoa [2020-06-28]
CHR Extension: (Dokumenty) - C:\Users\piter\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-04-21]
CHR Extension: (Dysk Google) - C:\Users\piter\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-04-21]
CHR Extension: (YouTube) - C:\Users\piter\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-04-21]
CHR Extension: (Tampermonkey) - C:\Users\piter\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2020-06-25]
CHR Extension: (WebRTC Leak Prevent) - C:\Users\piter\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiadekoaikejlgdbkbdfeijglgfdalml [2020-04-28]
CHR Extension: (Wikiwand: Wikipedia Modernized) - C:\Users\piter\AppData\Local\Google\Chrome\User Data\Default\Extensions\emffkefkbkpkgpdeeooapgaicgmcbolj [2020-04-21]
CHR Extension: (Crypto Miner Blocker) - C:\Users\piter\AppData\Local\Google\Chrome\User Data\Default\Extensions\fekkecoifalagdiibmfnmjfmgmpblogb [2020-04-21]
CHR Extension: (Arkusze) - C:\Users\piter\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-04-21]
CHR Extension: (Nano Adblocker) - C:\Users\piter\AppData\Local\Google\Chrome\User Data\Default\Extensions\gabbbocakeomblphkmmnoamkioajlkfo [2020-07-26]
CHR Extension: (Nano Defender) - C:\Users\piter\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggolfgbegefeeoocgjbmkembbncoadlb [2020-06-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\piter\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-08-03]
CHR Extension: (Decentraleyes) - C:\Users\piter\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldpochfccmkkmhdbclfhpagapcfdljkj [2020-07-26]
CHR Extension: (Snowflake) - C:\Users\piter\AppData\Local\Google\Chrome\User Data\Default\Extensions\mafpmfcccpbjnhfhjnllmmalhifmlcie [2020-07-07]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\piter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-04-21]
CHR Extension: (Outlook.com) - C:\Users\piter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpeapihoiogbcmdmnibeplnikfnhoge [2020-04-21]
CHR Extension: (Gmail) - C:\Users\piter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-04-21]
CHR Extension: (Chrome Media Router) - C:\Users\piter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-07-26]
CHR Extension: (Privacy Badger) - C:\Users\piter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkehgijcmpdhfbdbbnkijodmdjhbjlgp [2020-07-26]
CHR Profile: C:\Users\piter\AppData\Local\Google\Chrome\User Data\System Profile [2020-08-07]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1046904 2020-03-04] (Autodesk, Inc. -> Autodesk Inc.)
R2 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [16930616 2019-12-18] (Autodesk, Inc. -> Autodesk)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3673680 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3406416 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-05-20] (Apple Inc. -> Apple Inc.)
R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe [312288 2020-07-26] (ASUSTeK Computer Inc. -> ASUSTeK COMPUTER INC.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.00.45\atkexComSvc.exe [442416 2020-06-02] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [163176 2020-04-21] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [163176 2020-04-21] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S2 AsusROGLSLService; C:\Program Files (x86)\ASUS\AsusROGLSLService\AsusROGLSLService.exe [660096 2020-08-10] (ASUSTeK Computer Inc. -> ASUS)
S2 AsusUpdateCheck; C:\Windows\System32\AsusUpdateCheck.exe [838760 2020-08-10] (ASUSTeK Computer Inc. -> )
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8646752 2020-07-01] (BattlEye Innovations e.K. -> )
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2020-04-22] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2020-04-22] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [44552 2020-08-07] (Dropbox, Inc -> Dropbox, Inc.)
S2 DtsApo4Service; C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe [145128 2019-06-26] (DTS, Inc. -> DTS Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811120 2020-08-02] (EasyAntiCheat Oy -> Epic Games, Inc)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2371760 2020-07-31] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2371760 2020-07-31] (ESET, spol. s r.o. -> ESET)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2020-06-17] (FUTUREMARK INC -> Futuremark)
R2 GlassWire; C:\Program Files (x86)\GlassWire\GWCtlSrv.exe [5840360 2019-10-02] (GlassWire -> SecureMix LLC)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [2977672 2020-07-20] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6970968 2020-07-07] (Malwarebytes Inc -> Malwarebytes)
R2 NahimicService; C:\Windows\system32\NahimicService.exe [2696432 2020-05-07] (A-Volute -> Nahimic)
R2 nordvpn-service; C:\Program Files\NordVPN\nordvpn-service.exe [269584 2020-07-10] (TEFINCOM S.A. -> TEFINCOM S.A.)
R3 Origin Client Service; D:\Gry\Origin\OriginClientService.exe [2510136 2020-07-30] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; D:\Gry\Origin\OriginWebHelperService.exe [3462464 2020-07-30] (Electronic Arts, Inc. -> Electronic Arts)
S3 Rockstar Service; D:\Gry\Rockstar Games\Launcher\RockstarService.exe [1676416 2020-07-14] (Rockstar Games, Inc. -> Rockstar Games)
R2 ROG Live Service; C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe [2411232 2020-07-20] (ASUSTEK COMPUTER INCORPORATION -> ASUSTek COMPUTER INC.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5930136 2020-04-21] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SteelSeriesUpdateService; C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesUpdateService.exe [32648 2020-08-06] (SteelSeries ApS -> )
S3 ucldr_battlegrounds_gl; C:\Program Files\Common Files\Uncheater\ucldr_battlegrounds_gl.exe [6995800 2020-08-10] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\NisSrv.exe [3294680 2020-04-21] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MsMpEng.exe [103168 2020-04-21] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_edab19158bdd0d0a\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_edab19158bdd0d0a\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMDRyzenMasterDriverV15; C:\Program Files\AMD\RyzenMaster\bin\AMDRyzenMasterDriver.sys [69920 2020-01-27] (Advanced Micro Devices INC. -> Advanced Micro Devices)
S3 AppleKmdfFilter; C:\Windows\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R1 Asusgio2; C:\Windows\system32\drivers\AsIO2.sys [33832 2019-04-09] (ASUSTeK Computer Inc. -> )
R3 AVoluteSS3Vad; C:\Windows\System32\drivers\AVoluteSS3Vad.sys [89176 2019-09-19] (A-Volute -> Windows (R) Win 7 DDK provider)
R3 e1rexpress; C:\Windows\System32\drivers\e1r68x64.sys [592240 2019-05-21] (Intel(R) INTELND1820 -> Intel Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [159528 2020-07-07] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [106640 2020-07-07] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15800 2020-04-01] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [195456 2020-07-07] (ESET, spol. s r.o. -> ESET)
S4 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [53064 2020-07-07] (ESET, spol. s r.o. -> ESET)
R1 EneTechIo; C:\Windows\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [79536 2020-07-07] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [116488 2020-07-07] (ESET, spol. s r.o. -> ESET)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153312 2020-07-07] (Malwarebytes Corporation -> Malwarebytes)
S3 FairplayKD; C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [104512 2020-08-10] (Hans Roes -> Multi Theft Auto)
R1 GLCKIO2; C:\Windows\system32\drivers\GLCKIO2.sys [29368 2019-04-24] (ASUSTeK Computer Inc. -> )
R1 gwdrv; C:\Windows\system32\DRIVERS\gwdrv.sys [33152 2015-05-29] (GlassWire -> SecureMix LLC)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [216056 2020-07-29] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2020-07-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [197264 2020-08-03] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73368 2020-08-03] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-07-29] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [131232 2020-08-10] (Malwarebytes Inc -> Malwarebytes)
R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
S3 Netaapl; C:\Windows\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 nlwt; C:\Windows\system32\DRIVERS\nlwt.sys [39360 2020-04-24] (TEFINCOM S.A. -> WireGuard LLC)
R1 nordlwf; C:\Windows\system32\DRIVERS\nordlwf.sys [38608 2020-07-10] (TEFINCOM S.A. -> TEFINCOM S.A.)
R3 ssdevfactory; C:\Windows\System32\drivers\ssdevfactory.sys [46776 2019-12-23] (SteelSeries ApS -> )
R3 sshid; C:\Windows\System32\drivers\sshid.sys [48936 2020-07-29] (SteelSeries ApS -> SteelSeries ApS)
R3 tapnordvpn; C:\Windows\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
S3 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [45960 2020-04-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [391392 2020-04-21] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [59104 2020-04-21] (Microsoft Windows -> Microsoft Corporation)
R2 WinRing0_1_2_0; C:\Program Files (x86)\EVGA\LED Sync\WinRing0\WinRing0x64.sys [14536 2017-11-16] (EVGA -> OpenLibSys.org)
S3 xhunter1; C:\Windows\xhunter1.sys [2740480 2020-08-10] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 cpuz149; \??\C:\Windows\temp\cpuz149\cpuz149_x64.sys [X]
S3 GPU-Z-v2; \??\C:\Users\piter\AppData\Local\Temp\GPU-Z-v2.sys [X] <==== ATTENTION

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-08-11 16:29 - 2020-08-11 16:30 - 000000000 ____D C:\FRST
2020-08-11 11:17 - 2020-08-11 11:17 - 000000000 ____D C:\Program Files\DIFX
2020-08-11 08:02 - 2020-08-11 08:02 - 000000000 ____D C:\Users\piter\Desktop\rkill
2020-08-11 08:01 - 2020-08-11 10:58 - 000002070 _____ C:\Users\piter\Desktop\Rkill.txt
2020-08-10 21:42 - 2020-08-10 21:42 - 000003112 _____ C:\Windows\system32\Tasks\NahimicTask32
2020-08-10 21:42 - 2020-08-10 21:42 - 000003092 _____ C:\Windows\system32\Tasks\NahimicTask64
2020-08-10 21:32 - 2020-08-10 22:59 - 000000000 ___HD C:\ProgramData\Dokumenty\AdobeGC
2020-08-10 19:36 - 2020-08-10 19:36 - 002740480 _____ (Wellbia.com Co., Ltd.) C:\Windows\xhunter1.sys
2020-08-10 19:36 - 2020-08-10 19:36 - 000000000 ____D C:\Program Files\Common Files\Uncheater
2020-08-10 17:58 - 2020-08-10 17:58 - 000131232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2020-08-10 17:37 - 2020-05-12 01:28 - 000020992 _____ C:\Windows\system32\Drivers\ene.sys
2020-08-10 17:29 - 2020-08-10 17:29 - 000000000 ____D C:\Program Files\Patriot
2020-08-10 17:29 - 2020-01-19 19:49 - 000017424 _____ (MICSYS Technology Co., LTd) C:\Windows\system32\Drivers\MsIo64.sys
2020-08-07 21:09 - 2020-08-07 21:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2020-08-07 13:46 - 2020-08-07 13:46 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2020-08-07 13:46 - 2020-08-07 13:46 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2020-08-07 13:46 - 2020-08-07 13:46 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2020-08-07 13:46 - 2020-08-07 13:46 - 000044552 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2020-08-07 10:50 - 2020-08-11 11:40 - 000000000 ____D C:\Users\piter\Desktop\fds
2020-08-06 19:33 - 2020-08-06 19:33 - 000157367 _____ C:\Users\piter\Desktop\piotr-p-cv-kowski-fortun.pdf
2020-08-04 18:24 - 2020-08-04 18:24 - 000000203 _____ C:\Users\piter\Desktop\Counter-Strike Source.url
2020-08-03 17:57 - 2020-08-03 17:57 - 000000407 _____ C:\Users\piter\Desktop\odblokuj_nowe_menustart_windows10.zip
2020-08-03 11:58 - 2020-08-03 11:58 - 000197264 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2020-08-03 11:58 - 2020-08-03 11:58 - 000073368 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2020-08-03 10:14 - 2020-08-03 10:14 - 000000000 ___SH C:\Users\Public\Shared Files
2020-08-03 10:07 - 2020-08-03 10:07 - 000000000 ____D C:\Users\piter\AppData\Local\FortniteGame
2020-08-02 22:54 - 2020-08-11 07:21 - 000000000 ___RD C:\Users\piter\iCloudDrive
2020-08-02 22:54 - 2020-08-02 22:54 - 000000000 ____D C:\Users\piter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iCloud
2020-08-02 21:20 - 2020-07-29 21:08 - 000305376 _____ (SteelSeries) C:\Windows\system32\engineco.dll
2020-08-02 21:20 - 2020-07-29 21:08 - 000048936 _____ (SteelSeries ApS) C:\Windows\system32\Drivers\sshid.sys
2020-08-02 21:05 - 2020-08-02 21:05 - 000000205 _____ C:\Users\piter\Desktop\AaaaaAAaaaAAAaaAAAAaAAAAA!!! for the Awesome.url
2020-07-30 18:21 - 2020-07-30 18:21 - 000000694 _____ C:\Users\piter\Desktop\torrjaj.txt
2020-07-29 20:59 - 2020-07-29 20:59 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2020-07-29 20:59 - 2020-07-29 20:59 - 000216056 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2020-07-29 01:20 - 2020-07-29 01:20 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2020-07-29 00:23 - 2020-07-29 00:23 - 000000000 ____D C:\Users\piter\AppData\Local\GIANTSPackageRegistry
2020-07-29 00:23 - 2020-07-29 00:23 - 000000000 ____D C:\Users\piter\AppData\Local\GIANTS Editor 64bit 8.2.0
2020-07-29 00:23 - 2020-07-29 00:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIANTS Software
2020-07-29 00:23 - 2020-07-29 00:23 - 000000000 ____D C:\Program Files\GIANTS Software
2020-07-28 11:13 - 2020-07-28 11:13 - 000179840 _____ C:\Users\piter\Desktop\piotr-p-cv-kowski.pdf
2020-07-27 22:07 - 2020-07-27 22:07 - 000001772 _____ C:\Users\piter\Desktop\NordVPN.lnk
2020-07-27 22:07 - 2020-07-27 22:07 - 000000000 ____D C:\ProgramData\NordVPN
2020-07-27 22:07 - 2020-07-27 22:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\NordSec
2020-07-27 22:07 - 2020-07-27 22:07 - 000000000 ____D C:\Program Files\NordVPN
2020-07-27 22:07 - 2020-07-10 15:32 - 000038608 _____ (TEFINCOM S.A.) C:\Windows\system32\Drivers\nordlwf.sys
2020-07-26 22:22 - 2020-07-26 22:22 - 000000000 ____D C:\Users\piter\Dokumenty\Polymorph Games
2020-07-26 22:22 - 2020-07-26 22:22 - 000000000 ____D C:\Users\piter\AppData\Local\CrashRpt
2020-07-26 22:20 - 2020-07-26 22:20 - 000000206 _____ C:\Users\piter\Desktop\Foundation.url
2020-07-26 20:18 - 2020-07-26 20:18 - 002510856 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 025902592 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 025444352 _____ (Microsoft Corporation) C:\Windows\system32\Hydrogen.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 022641664 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 019851776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 019812864 _____ (Microsoft Corporation) C:\Windows\system32\HologramWorld.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 018031104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 008015872 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 007823912 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 007269376 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 007012864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 006523856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 006292992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 006089512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 005765648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 005099384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 004129424 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 003743048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 002799104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2020-07-26 20:16 - 2020-07-26 20:16 - 002494744 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 001991592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 001952880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 001737728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallService.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 001665728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 001655472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 001610240 _____ (Microsoft Corporation) C:\Windows\system32\HologramCompositor.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 001581568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Perception.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 001495040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 001477632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 001463808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.PointOfService.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 001458688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 001420328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 001397568 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2020-07-26 20:16 - 2020-07-26 20:16 - 001357824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 001346048 _____ (Microsoft Corporation) C:\Windows\system32\HoloSI.PCShell.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 001344512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Audio.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 001312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 001307136 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Audio.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 001284608 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 001265152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Speech.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 001195008 _____ (Microsoft Corporation) C:\Windows\system32\sdengin2.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 001151816 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 001125376 _____ (Microsoft Corporation) C:\Windows\system32\CBDHSvc.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 001077048 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2020-07-26 20:16 - 2020-07-26 20:16 - 001014784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 001009152 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000995840 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000967680 _____ (Microsoft Corporation) C:\Windows\system32\WebcamUi.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000945176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000898048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000895600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000891392 _____ (Microsoft Corporation) C:\Windows\system32\HolographicExtensions.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000875008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000815616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebcamUi.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000814080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000783488 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2020-07-26 20:16 - 2020-07-26 20:16 - 000782848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000779080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Services.TargetedContent.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000750080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Mirage.Internal.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000694784 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000689664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000685384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000673448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2020-07-26 20:16 - 2020-07-26 20:16 - 000669184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000653824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000614912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efswrt.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000593408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000584704 _____ (Microsoft Corporation) C:\Windows\system32\PlayToManager.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000564736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000542288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000538664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000533504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000521728 _____ (Microsoft Corporation) C:\Windows\system32\WinBioDataModel.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000484352 _____ (Microsoft Corporation) C:\Windows\system32\MixedReality.Broker.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000467456 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Picker.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000462848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000456704 _____ (Microsoft Corporation) C:\Windows\system32\upnphost.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000453944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2020-07-26 20:16 - 2020-07-26 20:16 - 000452096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TileDataRepository.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000444416 _____ (Microsoft Corporation) C:\Windows\system32\fhsettingsprovider.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000442096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.MediaControl.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000432128 _____ (Microsoft Corporation) C:\Windows\system32\WalletService.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000430592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000419328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000416768 _____ (Microsoft Corporation) C:\Windows\system32\RDXTaskFactory.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000411136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToManager.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000406992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Enumeration.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000406992 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000405944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000403968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Payments.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000388096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.LowLevel.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000387584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000380224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000371712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Geolocation.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000355328 _____ (Microsoft Corporation) C:\Windows\system32\ConsoleLogon.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RTMediaFrame.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000352256 _____ (Microsoft Corporation) C:\Windows\system32\APHostService.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000345560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsmf.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AboveLockAppHost.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000338944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Picker.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000329728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnphost.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000328192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgeIso.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32k.sys
2020-07-26 20:16 - 2020-07-26 20:16 - 000293888 _____ (Microsoft Corporation) C:\Windows\system32\CXHProvisioningServer.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnclient.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000292864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.System.Diagnostics.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Lights.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000272384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PickerPlatform.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000268552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.ApplicationData.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000256000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ConsoleLogon.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.CredDialogController.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000240640 _____ (Microsoft Corporation) C:\Windows\system32\dialclient.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000231424 _____ (Microsoft Corporation) C:\Windows\system32\HoloShellRuntime.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000224768 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE
2020-07-26 20:16 - 2020-07-26 20:16 - 000217600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bthprops.cpl
2020-07-26 20:16 - 2020-07-26 20:16 - 000215040 _____ (Microsoft Corporation) C:\Windows\system32\DiagSvc.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000211256 _____ (Microsoft Corporation) C:\Windows\system32\tcbloader.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000199496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2020-07-26 20:16 - 2020-07-26 20:16 - 000196096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000193600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\weretw.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000190056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logoncli.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000188928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000188928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWWIN.EXE
2020-07-26 20:16 - 2020-07-26 20:16 - 000186368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000180224 _____ (Microsoft Corporation) C:\Windows\system32\dialserver.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Clipboard.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000179200 _____ (Microsoft Corporation) C:\Windows\system32\easwrt.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000176952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Management.Workplace.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\HoloShellRuntime.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dialclient.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000162816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ErrorDetails.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000160768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CapabilityAccessManagerClient.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000157184 _____ (Microsoft Corporation) C:\Windows\system32\PrintWSDAHost.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\fdWSD.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000150336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2020-07-26 20:16 - 2020-07-26 20:16 - 000143360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\easwrt.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintWorkflowService.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000140800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Energy.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000130560 _____ (Microsoft Corporation) C:\Windows\system32\StorageUsage.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWSD.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000124928 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintWSDAHost.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppointmentActivation.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000107520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.SerialCommunication.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EaseOfAccessDialog.exe
2020-07-26 20:16 - 2020-07-26 20:16 - 000089328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32u.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sethc.exe
2020-07-26 20:16 - 2020-07-26 20:16 - 000075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DiagnosticInvoker.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000071168 _____ (Microsoft Corporation) C:\Windows\system32\MiracastReceiverExt.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000068096 _____ (Microsoft Corporation) C:\Windows\system32\udhisapi.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\keyiso.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\iemigplugin.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iemigplugin.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Print.Workflow.Source.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\udhisapi.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MiracastReceiverExt.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\upnpcont.exe
2020-07-26 20:16 - 2020-07-26 20:16 - 000038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnpcont.exe
2020-07-26 20:16 - 2020-07-26 20:16 - 000016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintWorkflowProxy.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.Workflow.Native.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\RemoteFXvGPUDisablement.exe
2020-07-26 20:16 - 2020-07-26 20:16 - 000011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2020-07-26 20:16 - 2020-07-26 20:16 - 000000315 _____ C:\Windows\system32\DrtmAuth9.bin
2020-07-26 20:16 - 2020-07-26 20:16 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2020-07-26 20:16 - 2020-07-26 20:16 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2020-07-26 20:16 - 2020-07-26 20:16 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2020-07-26 20:16 - 2020-07-26 20:16 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2020-07-26 20:16 - 2020-07-26 20:16 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2020-07-26 20:16 - 2020-07-26 20:16 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2020-07-26 20:16 - 2020-07-26 20:16 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2020-07-26 20:16 - 2020-07-26 20:16 - 000000315 _____ C:\Windows\system32\DrtmAuth12.bin
2020-07-26 20:16 - 2020-07-26 20:16 - 000000315 _____ C:\Windows\system32\DrtmAuth11.bin
2020-07-26 20:16 - 2020-07-26 20:16 - 000000315 _____ C:\Windows\system32\DrtmAuth10.bin
2020-07-26 20:16 - 2020-07-26 20:16 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
2020-07-26 20:15 - 2020-07-26 20:15 - 017792512 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 014820352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 009931576 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2020-07-26 20:15 - 2020-07-26 20:15 - 007917408 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 007850288 _____ (Microsoft Corporation) C:\Windows\system32\OneCoreUAPCommonProxyStub.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 007604584 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 007297536 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 007268640 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 006437376 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 006233080 _____ (Microsoft Corporation) C:\Windows\system32\StartTileData.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 006169088 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 005946368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 005111808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 004625192 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2020-07-26 20:15 - 2020-07-26 20:15 - 004565264 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2020-07-26 20:15 - 2020-07-26 20:15 - 004014592 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Bluetooth.Service.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 003980800 _____ (Microsoft Corporation) C:\Windows\system32\tellib.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 003974368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2020-07-26 20:15 - 2020-07-26 20:15 - 003800576 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 003748352 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 003727360 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2020-07-26 20:15 - 2020-07-26 20:15 - 003712000 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 003084800 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 002768984 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 002737664 _____ (Microsoft Corporation) C:\Windows\system32\WebRuntimeManager.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 002716672 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2020-07-26 20:15 - 2020-07-26 20:15 - 002576896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 002552120 _____ (Microsoft Corporation) C:\Windows\system32\UpdateAgent.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 002505496 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 002467840 _____ (Microsoft Corporation) C:\Windows\system32\InstallService.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 002448712 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 002357248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Perception.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 002285056 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.3D.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 002264064 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 002237096 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 002161664 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.PointOfService.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 002087168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 002074112 _____ (Microsoft Corporation) C:\Windows\system32\ISM.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 002060288 _____ (Microsoft Corporation) C:\Windows\system32\cdprt.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 001946144 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 001918464 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 001885184 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 001877504 _____ (Microsoft Corporation) C:\Windows\system32\LocationFramework.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 001827328 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Speech.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 001821696 _____ (Microsoft Corporation) C:\Windows\system32\CoreShell.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 001787392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 001764336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 001745728 _____ (Microsoft Corporation) C:\Windows\system32\ContentDeliveryManager.Utilities.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 001743680 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 001723392 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 001697792 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 001658368 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 001656904 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 001654304 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 001640448 _____ (Microsoft Corporation) C:\Windows\system32\TaskFlowDataEngine.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 001612800 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 001604608 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 001550336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.3D.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 001540608 _____ (Microsoft Corporation) C:\Windows\system32\WindowManagement.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 001512960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdprt.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 001500160 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 001486848 _____ (Microsoft Corporation) C:\Windows\system32\usocoreworker.exe
2020-07-26 20:15 - 2020-07-26 20:15 - 001484384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 001392128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.FaceAnalysis.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 001385696 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 001374208 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 001371136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 001337856 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 001335296 _____ (Microsoft Corporation) C:\Windows\system32\MiracastReceiver.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 001306944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ContentDeliveryManager.Utilities.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 001290192 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 001284608 _____ (Microsoft Corporation) C:\Windows\system32\usermgr.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 001271296 _____ (Microsoft Corporation) C:\Windows\system32\SEMgrSvc.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 001247232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 001223168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.FaceAnalysis.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 001183744 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 001159168 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApiPublic.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 001151304 _____ (Microsoft Corporation) C:\Windows\system32\InputHost.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 001149712 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2020-07-26 20:15 - 2020-07-26 20:15 - 001121792 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 001100800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 001086776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Services.TargetedContent.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 001081344 _____ (Microsoft Corporation) C:\Windows\system32\ShareHost.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 001059840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 001055232 _____ (Microsoft Corporation) C:\Windows\system32\Windows.AccountsControl.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 001048992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 001028336 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Perception.Stub.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 001008960 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostCommon.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 001007616 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000958608 _____ (Microsoft Corporation) C:\Windows\system32\AppContracts.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000950272 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000949760 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Ocr.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000931840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000922624 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.Service.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000919880 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000917504 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000913408 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000912896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MiracastReceiver.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000904192 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.SmartCards.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000899584 _____ (Microsoft Corporation) C:\Windows\system32\MdmDiagnostics.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000892928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApiPublic.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000889416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Shell.Broker.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000882184 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000882176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ShareHost.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000867840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000865280 _____ (Microsoft Corporation) C:\Windows\system32\efswrt.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000848384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000844096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudExperienceHostCommon.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000827904 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Import.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000822200 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2020-07-26 20:15 - 2020-07-26 20:15 - 000821232 _____ (Microsoft Corporation) C:\Windows\system32\windows.applicationmodel.datatransfer.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000809984 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Gaming.Input.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000797448 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000793320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputHost.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000778872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppContracts.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000750592 _____ (Microsoft Corporation) C:\Windows\system32\ActivationManager.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000742712 _____ (Microsoft Corporation) C:\Windows\system32\LicensingWinRT.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000737792 _____ (Microsoft Corporation) C:\Windows\system32\Windows.System.Launcher.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\windows.immersiveshell.serviceprovider.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000727040 _____ (Microsoft Corporation) C:\Windows\system32\agentactivationruntime.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000722072 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.AccountsControl.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000716288 _____ (Microsoft Corporation) C:\Windows\system32\agentactivationruntimewindows.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000695208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000692224 _____ (Microsoft Corporation) C:\Windows\system32\LockController.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Ocr.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000684864 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000678720 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000656696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2020-07-26 20:15 - 2020-07-26 20:15 - 000651264 _____ (Microsoft Corporation) C:\Windows\system32\DevicesFlowBroker.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000639488 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000638464 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000630784 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.AllJoyn.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000628416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000628024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicensingWinRT.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000624640 _____ (Microsoft Corporation) C:\Windows\system32\TileDataRepository.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000616960 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.LowLevel.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000614912 _____ (Microsoft Corporation) C:\Windows\system32\netprofmsvc.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000608256 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.SmartCards.Phone.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000605896 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000602112 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Payments.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000600064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActivationManager.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000596992 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000594992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Perception.Stub.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000582056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.applicationmodel.datatransfer.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000570368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Import.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000565248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Gaming.Input.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000550400 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2020-07-26 20:15 - 2020-07-26 20:15 - 000549048 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.MediaControl.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000544256 _____ (Microsoft Corporation) C:\Windows\system32\usosvc.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000540672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.SmartCards.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000534016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000526848 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000524784 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Enumeration.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000522240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.System.Launcher.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000518656 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000518464 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2020-07-26 20:15 - 2020-07-26 20:15 - 000513024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000513024 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Activities.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000512000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Cortana.Desktop.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000502784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000502784 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.WiFiDirect.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000501760 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.LockScreen.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000495616 _____ (Microsoft Corporation) C:\Windows\system32\RTMediaFrame.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000490496 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000478296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000477184 _____ (Microsoft Corporation) C:\Windows\system32\CloudDomainJoinDataModelServer.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\MicrosoftAccountWAMExtension.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000475136 _____ (Microsoft Corporation) C:\Windows\system32\Geolocation.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000467960 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000467456 _____ (Microsoft Corporation) C:\Windows\system32\modernexecserver.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000466432 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.Workflow.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000461112 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000458240 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.ConversationalAgent.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000444416 _____ (Microsoft Corporation) C:\Windows\system32\edgeIso.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.AllJoyn.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000434176 _____ (Microsoft Corporation) C:\Windows\system32\MicrosoftAccountExtension.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000432128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Midi.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000419328 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.NetworkOperators.ESim.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000416768 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Usb.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000412672 _____ (Microsoft Corporation) C:\Windows\system32\AboveLockAppHost.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000411640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Devices.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000410112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.SmartCards.Phone.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000399672 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.DataModel.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000397824 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Lights.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000395264 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Gaming.Preview.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000392504 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHost.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000382976 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000381152 _____ (Microsoft Corporation) C:\Windows\system32\CredentialEnrollmentManager.exe
2020-07-26 20:15 - 2020-07-26 20:15 - 000375296 _____ (Microsoft Corporation) C:\Windows\system32\Windows.System.Diagnostics.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000374272 _____ (Microsoft Corporation) C:\Windows\system32\PickerPlatform.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000361472 _____ (Microsoft Corporation) C:\Windows\system32\vaultsvc.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000361472 _____ (Microsoft Corporation) C:\Windows\system32\QuickActionsDataModel.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.WiFiDirect.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000355840 _____ (Microsoft Corporation) C:\Windows\system32\wpnclient.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000355840 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicSvc.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000340328 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.ApplicationData.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000335360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MicrosoftAccountWAMExtension.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000334336 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Cortana.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000327168 _____ (Microsoft Corporation) C:\Windows\system32\windows.internal.shellcommon.shareexperience.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000317440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Midi.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\SyncSettings.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000311608 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostBroker.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000311440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Devices.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000306688 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.CredDialogController.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000295936 _____ (Microsoft Corporation) C:\Windows\system32\TDLMigration.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000290304 _____ (Microsoft Corporation) C:\Windows\system32\vaultcli.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000287744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Gaming.Preview.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000285184 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicCapsule.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000283648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.NetworkOperators.ESim.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000283136 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.AppDefaults.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000281600 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.HumanInterfaceDevice.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000280576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Usb.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000274432 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Identity.Provider.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000266552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SystemSettings.DataModel.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000265728 _____ (Microsoft Corporation) C:\Windows\system32\netman.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000261632 _____ (Microsoft Corporation) C:\Windows\system32\bthprops.cpl
2020-07-26 20:15 - 2020-07-26 20:15 - 000260288 _____ (Microsoft Corporation) C:\Windows\system32\logoncli.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000248832 _____ (Microsoft Corporation) C:\Windows\system32\PasswordEnrollmentManager.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000247864 _____ (Microsoft Corporation) C:\Windows\system32\weretw.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000243200 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000242688 _____ (Microsoft Corporation) C:\Windows\system32\CapabilityAccessManagerClient.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000239928 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.Workplace.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000237056 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.CapturePicker.Desktop.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000237056 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000237056 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000228864 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000228864 _____ (Microsoft Corporation) C:\Windows\system32\netprofm.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncSettings.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000220992 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2020-07-26 20:15 - 2020-07-26 20:15 - 000220672 _____ (Microsoft Corporation) C:\Windows\system32\MtcModel.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000219136 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000217600 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Core.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\UserDeviceRegistration.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000215040 _____ (Microsoft Corporation) C:\Windows\system32\PeopleBand.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000210944 _____ (Microsoft Corporation) C:\Windows\system32\ErrorDetails.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000206336 _____ (Microsoft Corporation) C:\Windows\system32\useractivitybroker.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000204608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spacedump.sys
2020-07-26 20:15 - 2020-07-26 20:15 - 000200704 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Internal.Input.ExpressiveInput.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000195584 _____ (Microsoft Corporation) C:\Windows\system32\AarSvc.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000183808 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Energy.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000179512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2020-07-26 20:15 - 2020-07-26 20:15 - 000179200 _____ (Microsoft Corporation) C:\Windows\system32\PrintWorkflowService.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000179200 _____ (Microsoft Corporation) C:\Windows\system32\AppExtension.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000178688 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Graphics.Display.DisplayEnhancementManagement.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.CapturePicker.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000165840 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2020-07-26 20:15 - 2020-07-26 20:15 - 000165376 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2020-07-26 20:15 - 2020-07-26 20:15 - 000162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDeviceRegistration.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000159744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Core.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\useractivitybroker.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000151040 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.SerialCommunication.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000147968 _____ (Microsoft Corporation) C:\Windows\system32\Family.Client.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000146232 _____ (Microsoft Corporation) C:\Windows\system32\ResourcePolicyServer.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\AppointmentActivation.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000133632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Graphics.Display.DisplayEnhancementManagement.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000133632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppExtension.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000132608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Storage.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000132408 _____ (Microsoft Corporation) C:\Windows\system32\offlinelsa.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000131584 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairingExperienceMEM.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\CredDialogBroker.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\CameraCaptureUI.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\CaptureService.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000127064 _____ (Microsoft Corporation) C:\Windows\system32\win32u.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000118784 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000118272 _____ (Microsoft Corporation) C:\Windows\system32\EaseOfAccessDialog.exe
2020-07-26 20:15 - 2020-07-26 20:15 - 000112128 _____ (Microsoft Corporation) C:\Windows\system32\AxInstSv.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000110040 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Credentials.UI.CredentialPicker.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000105984 _____ (Microsoft Corporation) C:\Windows\system32\utcutil.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\sethc.exe
2020-07-26 20:15 - 2020-07-26 20:15 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\Family.Authentication.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000100352 _____ (Microsoft Corporation) C:\Windows\system32\DiagnosticInvoker.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000094720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CameraCaptureUI.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000093184 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe
2020-07-26 20:15 - 2020-07-26 20:15 - 000091648 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Graphics.Display.DisplayColorManagement.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000090624 _____ (Microsoft Corporation) C:\Windows\system32\keyiso.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000089600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000089088 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicAgent.exe
2020-07-26 20:15 - 2020-07-26 20:15 - 000086272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Credentials.UI.CredentialPicker.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000083456 _____ (Microsoft Corporation) C:\Windows\system32\SystemUWPLauncher.exe
2020-07-26 20:15 - 2020-07-26 20:15 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\LocationFrameworkInternalPS.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000081408 _____ (Microsoft Corporation) C:\Windows\system32\Print.Workflow.Source.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000076952 _____ (Microsoft Corporation) C:\Windows\system32\CredentialEnrollmentManagerForUser.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000070248 _____ (Microsoft Corporation) C:\Windows\system32\ResourcePolicyClient.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Graphics.Display.DisplayColorManagement.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SystemUWPLauncher.exe
2020-07-26 20:15 - 2020-07-26 20:15 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\AxInstUI.exe
2020-07-26 20:15 - 2020-07-26 20:15 - 000052152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ResourcePolicyClient.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\npmproxy.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000040248 _____ (Microsoft Corporation) C:\Windows\system32\LocationFrameworkPS.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000037376 _____ (Microsoft Corporation) C:\Windows\system32\UIMgrBroker.exe
2020-07-26 20:15 - 2020-07-26 20:15 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerClient.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\nlmproxy.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicPS.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\PrintWorkflowProxy.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\CSystemEventsBrokerClient.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SystemEventsBrokerClient.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\nlmsprep.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.Workflow.Native.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000013824 _____ (Microsoft Corporation) C:\Windows\system32\UIManagerBrokerps.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000003072 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2020-07-26 20:15 - 2020-07-26 20:15 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2020-07-26 20:09 - 2020-06-30 06:32 - 000390656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2020-07-26 20:09 - 2020-06-30 06:26 - 000492544 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2020-07-26 20:02 - 2020-07-07 17:47 - 001780952 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2020-07-26 20:02 - 2020-07-07 17:47 - 001780952 _____ C:\Windows\system32\vulkaninfo.exe
2020-07-26 20:02 - 2020-07-07 17:47 - 001371352 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-07-26 20:02 - 2020-07-07 17:47 - 001371352 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2020-07-26 20:02 - 2020-07-07 17:47 - 001086680 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2020-07-26 20:02 - 2020-07-07 17:47 - 001086680 _____ C:\Windows\system32\vulkan-1.dll
2020-07-26 20:02 - 2020-07-07 17:47 - 000946392 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2020-07-26 20:02 - 2020-07-07 17:47 - 000946392 _____ C:\Windows\SysWOW64\vulkan-1.dll
2020-07-26 20:02 - 2020-07-07 17:47 - 000456600 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2020-07-26 20:02 - 2020-07-07 17:47 - 000349936 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2020-07-26 20:02 - 2020-07-07 17:46 - 000674016 _____ C:\Windows\system32\nvofapi64.dll
2020-07-26 20:02 - 2020-07-07 17:46 - 000541928 _____ C:\Windows\SysWOW64\nvofapi.dll
2020-07-26 20:02 - 2020-07-07 17:45 - 006652824 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2020-07-26 20:02 - 2020-07-07 17:45 - 005883288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2020-07-26 20:02 - 2020-07-07 17:45 - 003901680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2020-07-26 20:02 - 2020-07-07 17:45 - 002367728 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2020-07-26 20:02 - 2020-07-07 17:45 - 002076568 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2020-07-26 20:02 - 2020-07-07 17:45 - 001569688 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2020-07-26 20:02 - 2020-07-07 17:45 - 001486736 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2020-07-26 20:02 - 2020-07-07 17:45 - 001146256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2020-07-26 20:02 - 2020-07-07 17:45 - 001017744 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2020-07-26 20:02 - 2020-07-07 17:45 - 000816360 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcumd.dll
2020-07-26 20:02 - 2020-07-07 17:45 - 000812440 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2020-07-26 20:02 - 2020-07-07 17:45 - 000670608 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2020-07-26 20:02 - 2020-07-07 17:45 - 000655600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2020-07-26 20:02 - 2020-07-07 17:45 - 000581864 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2020-07-26 20:02 - 2020-07-07 17:45 - 000555920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2020-07-26 20:02 - 2020-07-07 17:45 - 000444824 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2020-07-26 20:02 - 2020-07-07 17:44 - 005399816 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2020-07-26 20:02 - 2020-07-07 17:44 - 004716176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2020-07-26 20:02 - 2020-07-07 17:44 - 000849648 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2020-07-26 20:02 - 2020-07-06 02:40 - 000078796 _____ C:\Windows\system32\nvinfo.pb
2020-07-26 19:59 - 2020-07-26 19:59 - 000004308 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-07-26 19:59 - 2020-07-26 19:59 - 000004106 _____ C:\Windows\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-07-26 19:59 - 2020-07-26 19:59 - 000003976 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-07-26 19:59 - 2020-07-26 19:59 - 000003940 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-07-26 19:59 - 2020-07-26 19:59 - 000003894 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-07-26 19:59 - 2020-07-26 19:59 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-07-26 19:59 - 2020-07-26 19:59 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-07-26 19:59 - 2020-07-26 19:59 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-07-26 19:59 - 2020-07-26 19:59 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-07-26 19:59 - 2020-07-26 19:59 - 000003654 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-07-26 19:59 - 2020-06-23 16:20 - 002754024 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2020-07-26 19:59 - 2020-06-23 16:20 - 002122216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2020-07-26 19:59 - 2020-03-04 14:54 - 001804784 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2020-07-26 19:59 - 2020-03-04 14:54 - 000050592 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\NvModuleTracker.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-08-11 16:30 - 2020-04-24 23:10 - 000000000 ____D C:\Users\piter\AppData\Roaming\Origin
2020-08-11 16:29 - 2020-04-25 02:20 - 000000000 ____D C:\Users\piter\AppData\LocalLow\IGDump
2020-08-11 16:28 - 2020-04-21 21:08 - 000000000 ____D C:\Users\piter\AppData\Roaming\Wire
2020-08-11 16:00 - 2020-04-21 18:06 - 000000000 ____D C:\Windows\system32\SleepStudy
2020-08-11 15:59 - 2020-04-23 17:28 - 000000000 ____D C:\Users\piter\AppData\Roaming\discord
2020-08-11 14:48 - 2020-04-21 20:56 - 000000000 ____D C:\Users\piter\AppData\Local\D3DSCache
2020-08-11 14:48 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-08-11 13:19 - 2020-04-22 10:19 - 000000000 ____D C:\Users\piter\AppData\Local\CrashDumps
2020-08-11 12:47 - 2020-07-08 14:53 - 000000000 ____D C:\Users\piter\AppData\Roaming\WeMod
2020-08-11 12:46 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\system32\NDF
2020-08-11 12:25 - 2020-04-21 18:34 - 000000000 ____D C:\ProgramData\NVIDIA
2020-08-11 11:26 - 2020-04-21 18:12 - 001769484 _____ C:\Windows\system32\PerfStringBackup.INI
2020-08-11 11:26 - 2019-03-19 14:24 - 000784752 _____ C:\Windows\system32\perfh015.dat
2020-08-11 11:26 - 2019-03-19 14:24 - 000152550 _____ C:\Windows\system32\perfc015.dat
2020-08-11 11:26 - 2019-03-19 06:50 - 000000000 ____D C:\Windows\INF
2020-08-11 11:16 - 2020-04-22 13:08 - 000000000 ____D C:\Users\piter\AppData\Local\ElevatedDiagnostics
2020-08-11 09:56 - 2020-04-21 18:49 - 000000000 ____D C:\Users\piter\AppData\Roaming\vlc
2020-08-11 09:21 - 2020-04-24 23:10 - 000000000 ____D C:\Users\piter\AppData\Local\Origin
2020-08-11 09:21 - 2020-04-24 23:10 - 000000000 ____D C:\ProgramData\Origin
2020-08-11 08:50 - 2020-05-15 23:38 - 000000000 ____D C:\Users\piter\AppData\Roaming\qBittorrent
2020-08-11 00:31 - 2020-04-21 18:11 - 000000000 ____D C:\Users\piter
2020-08-11 00:12 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-08-11 00:12 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\AppReadiness
2020-08-10 22:59 - 2020-06-24 19:27 - 000000000 ___HD C:\ProgramData\Dokumenty\AdobeGCData
2020-08-10 22:48 - 2020-04-21 18:42 - 000002361 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-08-10 21:41 - 2020-04-21 18:06 - 000877320 _____ C:\Windows\system32\wpbbin.exe
2020-08-10 21:41 - 2020-04-21 18:06 - 000838760 _____ C:\Windows\system32\AsusUpdateCheck.exe
2020-08-10 21:41 - 2020-04-21 18:06 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-08-10 18:19 - 2020-04-23 17:28 - 000000000 ____D C:\Users\piter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2020-08-10 18:19 - 2020-04-23 17:28 - 000000000 ____D C:\Users\piter\AppData\Local\Discord
2020-08-10 17:57 - 2019-03-19 06:37 - 000524288 _____ C:\Windows\system32\config\BBI
2020-08-10 17:56 - 2019-03-19 06:37 - 000000000 ____D C:\Windows\CbsTemp
2020-08-10 17:54 - 2020-05-25 20:08 - 000000000 ____D C:\Users\piter\AppData\Roaming\Apple Computer
2020-08-10 17:38 - 2020-04-21 18:16 - 000000000 ____D C:\Program Files\ASUS
2020-08-10 17:38 - 2020-04-21 18:15 - 000000000 ____D C:\ProgramData\Package Cache
2020-08-10 17:38 - 2020-04-21 18:15 - 000000000 ____D C:\Program Files (x86)\ASUS
2020-08-10 17:38 - 2020-04-21 18:06 - 000000000 ____D C:\ProgramData\ASUS
2020-08-10 17:28 - 2020-04-21 18:16 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2020-08-10 17:28 - 2020-04-21 18:15 - 000000000 ____D C:\Windows\system32\Tasks\ASUS
2020-08-10 17:28 - 2020-04-21 18:13 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-08-07 21:09 - 2020-04-22 00:32 - 000000000 ____D C:\Program Files (x86)\Dropbox
2020-08-07 09:30 - 2020-04-21 18:17 - 000000000 ____D C:\Program Files (x86)\LightingService
2020-08-06 09:39 - 2020-04-21 18:13 - 000000000 ____D C:\Users\piter\AppData\Local\Packages
2020-08-05 17:57 - 2020-04-27 00:10 - 000000000 ____D C:\Users\piter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2020-08-05 17:44 - 2020-05-12 13:28 - 000000000 ____D C:\Users\piter\AppData\Local\GameAnalytics
2020-08-05 16:08 - 2020-05-10 14:16 - 000000000 ____D C:\Users\piter\AppData\Local\wire
2020-08-03 12:36 - 2020-04-22 23:02 - 000000000 ____D C:\ProgramData\boost_interprocess
2020-08-03 11:58 - 2020-06-09 13:34 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-08-03 11:58 - 2020-04-28 00:32 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-08-03 10:14 - 2019-03-19 06:52 - 000000000 __SHD C:\Users\Public\Libraries
2020-08-03 10:08 - 2020-04-21 18:35 - 000000000 ____D C:\Users\piter\AppData\Local\NVIDIA Corporation
2020-08-03 10:07 - 2020-04-23 10:39 - 000000000 ____D C:\Users\piter\AppData\Local\UnrealEngine
2020-08-02 22:54 - 2020-05-25 21:36 - 000000000 ____D C:\Users\piter\AppData\Local\Apple Inc
2020-07-30 23:40 - 2020-04-28 00:32 - 000000000 ____D C:\Users\piter\AppData\LocalLow\Mozilla
2020-07-30 10:35 - 2020-04-22 12:44 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2020-07-30 10:34 - 2020-04-22 12:44 - 000000000 ____D C:\Program Files\Rockstar Games
2020-07-29 01:20 - 2020-04-28 00:32 - 000001013 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-07-27 23:51 - 2020-04-21 18:41 - 000000000 ____D C:\ProgramData\A-Volute
2020-07-27 22:07 - 2020-04-28 00:31 - 000000000 ____D C:\Users\piter\AppData\Local\NordVPN
2020-07-27 08:53 - 2020-04-22 00:48 - 000000000 ____D C:\Program Files\SteelSeries
2020-07-27 08:51 - 2020-04-23 01:23 - 000000000 ___RD C:\Users\piter\3D Objects
2020-07-27 08:51 - 2020-04-21 18:06 - 000281776 _____ C:\Windows\system32\FNTCACHE.DAT
2020-07-27 08:50 - 2020-04-22 00:32 - 000001182 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2020-07-27 08:50 - 2020-04-22 00:32 - 000001178 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2020-07-27 08:50 - 2019-03-19 06:52 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2020-07-27 08:50 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\SystemResources
2020-07-27 08:50 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\system32\oobe
2020-07-27 08:50 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\ShellExperiences
2020-07-27 08:50 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\bcastdvr
2020-07-27 08:50 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files\Common Files\System
2020-07-26 22:22 - 2020-04-21 18:11 - 000000000 ___RD C:\Users\piter\Dokumenty
2020-07-26 20:07 - 2020-04-22 00:32 - 000004242 _____ C:\Windows\system32\Tasks\DropboxUpdateTaskMachineUA
2020-07-26 20:07 - 2020-04-22 00:32 - 000004010 _____ C:\Windows\system32\Tasks\DropboxUpdateTaskMachineCore
2020-07-26 19:59 - 2020-04-21 18:34 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2020-07-26 19:59 - 2020-04-21 18:11 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2020-07-26 19:59 - 2020-04-21 18:11 - 000000000 ____D C:\Program Files\NVIDIA Corporation

==================== Files in the root of some directories ========

2020-05-12 18:58 - 2020-05-12 18:58 - 000000081 _____ () C:\Users\piter\AppData\Roaming\debug.log
2020-07-07 18:19 - 2020-07-07 18:19 - 000001496 _____ () C:\Users\piter\AppData\Local\Adobe Zapisz dla Internetu 13.0 Prefs
2020-05-04 17:04 - 2020-05-04 17:04 - 000000291 _____ () C:\Users\piter\AppData\Local\ledConfiguration.config
2020-05-04 17:05 - 2020-05-04 17:05 - 000000737 _____ () C:\Users\piter\AppData\Local\NvidiaLEDVisualizer.config
2020-06-24 19:25 - 2020-06-24 19:25 - 000000410 _____ () C:\Users\piter\AppData\Local\oobelibMkey.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

 

addition:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-08-2020
Ran by piter (11-08-2020 16:31:02)
Running from E:\Pobrane
Windows 10 Pro Version 1909 18363.959 (X64) (2020-04-21 16:08:45)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1489700858-2589907274-1545136375-500 - Administrator - Disabled)
Gość (S-1-5-21-1489700858-2589907274-1545136375-501 - Limited - Disabled)
Konto domyślne (S-1-5-21-1489700858-2589907274-1545136375-503 - Limited - Disabled)
piter (S-1-5-21-1489700858-2589907274-1545136375-1001 - Administrator - Enabled) => C:\Users\piter
WDAGUtilityAccount (S-1-5-21-1489700858-2589907274-1545136375-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
FW: ESET Zapora (Enabled) {B066057A-E576-007C-D591-56C163D3B33B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ADATA SSD ToolBox version 3.0.11 (HKLM-x32\...\{C0991D3E-8786-48E7-A5DB-57FBACB0A03A}_is1) (Version: 3.0.11 - ADATA, Inc.)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated)
Adobe After Effects 2020 (HKLM-x32\...\AEFT_17_0_5) (Version: 17.0.5 - Adobe Systems Incorporated)
Adobe Audition 2020 (HKLM-x32\...\AUDT_13_0_6) (Version: 13.0.6 - Adobe Inc.)
Adobe Illustrator 2020 (HKLM-x32\...\ILST_24_1_1) (Version: 24.1.1 - Adobe Systems Incorporated)
Adobe InDesign 2020 (HKLM-x32\...\IDSN_15_0_2) (Version: 15.0.2 - Adobe Systems Incorporated)
Adobe Media Encoder 2020 (HKLM-x32\...\AME_14_0_4) (Version: 14.0.4 - Adobe Systems Incorporated)
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_1_2) (Version: 21.1.2 - Adobe Systems Incorporated)
AIDA64 Extreme v6.20 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 6.20 - FinalWire Ltd.)
Aktualizacje NVIDIA 38.0.5.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.5.0 - NVIDIA Corporation) Hidden
All MB (HKLM-x32\...\{93795eb8-bd86-4d4d-ab27-ff80f9467b37}) (Version: 1.02.10 - ASUSTek Computer Inc.)
AltServer (HKLM-x32\...\{6CC7EBC1-2C38-4717-B13D-CB0A478552EF}) (Version: 1.3.2 - Riley Testut)
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 2.04.28.626 - Advanced Micro Devices, Inc.)
AMD Ryzen Master (HKLM\...\AMD Ryzen Master) (Version: 2.1.1.1472 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.30.28 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{6f87e20b-2c1c-4788-9380-541e79886292}) (Version: 2.04.28.626 - Advanced Micro Devices, Inc.) Hidden
Aplikacja na pulpit firmy Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 8.0.0.46 - Autodesk)
Apple Application Support (32-bit) (HKLM-x32\...\{11C4575B-4B32-44D2-A097-D59A00BA60DE}) (Version: 8.5 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D39B163A-9E12-442C-95E9-33FA5746AB21}) (Version: 8.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C788AE25-3D4E-4D18-811B-3219F778487E}) (Version: 13.5.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
ARMOURY CRATE Lite Service (HKLM\...\{EF3944FF-2501-4568-B15C-5701E726719E}) (Version: 3.0.4 - ASUS)
ASUS AIOFan HAL (HKLM\...\{EAE80DED-1A39-41C5-9F60-87CC947F6454}) (Version: 1.1.11.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AIOFan HAL (HKLM-x32\...\{2c89afc7-34f1-46a8-99a8-ededb99eb20f}) (Version: 1.1.11.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM\...\{2C39FF80-1BB2-42C5-A58D-DC90EFF048F6}) (Version: 1.0.23 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM-x32\...\{c1fab792-fdc8-4343-aa29-cae3af29ce76}) (Version: 1.0.23 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM\...\{D800D836-DE15-4B00-8273-521F022CD837}) (Version: 1.0.66 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM-x32\...\{f96df338-98e2-44e4-ab84-adcf722e48e7}) (Version: 1.0.66 - ASUSTeK COMPUTER INC.) Hidden
ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.03.53 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA VGA Component (HKLM\...\{71BB96A6-EAC4-45AE-A17D-D3ED43FF1D14}) (Version: 0.0.2.6 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA VGA Component (HKLM-x32\...\{5c465d6f-1288-415a-946e-b6ecf1b1a30c}) (Version: 0.0.2.6 - ASUSTek COMPUTER INC. ) Hidden
ASUS Framework Service (HKLM-x32\...\{ae62c209-3c0a-4062-b1dd-7f31e7a07a49}) (Version: 1.0.4.5 - ASUSTek COMPUTER INC.)
ASUS Framework Service (HKLM-x32\...\{CB0E3BB6-3F2F-401E-B1D4-E23C582ACB11}) (Version: 1.0.4.5 - ASUSTek COMPUTER INC.) Hidden
ASUS GLCKIO2 Driver (HKLM-x32\...\{3507c756-a80f-4b0e-8475-975d8b432176}) (Version: 1.0.20 - ASUSTeK Computer Inc.) Hidden
ASUS GLCKIO2 Driver (HKLM-x32\...\{5960FD0F-BB3B-49AF-B175-F77DC91E995A}) (Version: 1.0.20 - ASUSTeK Computer Inc.) Hidden
ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.107.27 - ASUSTeK Computer Inc.) Hidden
AURA DRAM Component (HKLM\...\{3881F403-B6B7-4D2F-BDAC-7901EB677F52}) (Version: 1.0.48 - ASUS) Hidden
AURA DRAM Component (HKLM-x32\...\{95c37d21-77e3-4b72-9e0e-7ba93e636dde}) (Version: 1.0.48 - ASUS) Hidden
AURA lighting effect add-on (HKLM-x32\...\{1E2EA04B-FCA7-457E-B6F4-F33E1858E859}) (Version: 0.0.11 - ASUS)
AURA lighting effect add-on x64 (HKLM\...\{C5A4A164-4428-4931-B728-96EEF0FA3C44}) (Version: 0.0.11 - ASUS)
AURA Service (HKLM-x32\...\{0E536061-3B55-4D45-BF58-0BDA261C94B0}) (Version: 3.04.15 - ASUSTeK Computer Inc.) Hidden
AURA Service (HKLM-x32\...\{409f323b-0865-4c82-8161-a444b1f3f709}) (Version: 3.04.15 - ASUSTeK Computer Inc.)
Autodesk 3ds Max 2021 (HKLM\...\{35156605-CE91-4AF6-8207-56211CB30369}) (Version: 23.0.0.915 - Autodesk, Inc.)
Autodesk 3ds Max 2021 (HKLM\...\{91A3588B-1DB9-428B-A176-A53115C6199F}) (Version: 23.0.0.915 - Autodesk) Hidden
Autodesk Advanced Material Library Base Resolution Image Library 2021 (HKLM-x32\...\{C9FDA270-A0B9-45EE-8748-F37DF1370767}) (Version: 19.1.23.0 - Autodesk)
Autodesk Advanced Material Library Low Resolution Image Library 2021 (HKLM-x32\...\{AB7DC10F-1D72-4F90-988F-CDC2D6323A48}) (Version: 19.1.23.0 - Autodesk)
Autodesk Advanced Material Library Medium Resolution Image Library 2021 (HKLM-x32\...\{B4545986-9002-4090-9E58-44F985F2FF4F}) (Version: 19.1.23.0 - Autodesk)
Autodesk Fusion 360 (HKU\S-1-5-21-1489700858-2589907274-1545136375-1001\...\73e72ada57b7480280f7a6f4a289729f) (Version: 2.0.8412 - Autodesk, Inc.)
Autodesk Genuine Service (HKLM-x32\...\{54A00624-3EF9-49A2-92A9-7244EADD0212}) (Version: 3.2.18 - Autodesk)
Autodesk Material Library 2021 (HKLM-x32\...\{8C559572-4A10-43C2-9346-6E7C7E012487}) (Version: 19.1.23.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2021 (HKLM-x32\...\{EFC36459-CD89-44F3-BA04-B7C5804199AF}) (Version: 19.1.23.0 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2021 (HKLM-x32\...\{69D8FFED-B14E-4998-BBC2-535006E195D6}) (Version: 19.1.23.0 - Autodesk)
Autodesk Single Sign On Component (HKLM\...\{7F0FE09D-E25D-4C59-A1AA-DB17153FC353}) (Version: 11.3.0.1803 - Autodesk)
Balanced (HKLM-x32\...\{24819F88-1B0B-4808-9982-5DC9C4AC7FA6}) (Version: 5.00.0000 - Advanced Micro Devices, Inc.) Hidden
Battlefield™ V (HKLM-x32\...\{e26b382f-e945-4f70-9318-121b683f1d61}) (Version: 1.0.63.26518 - Electronic Arts)
Bethesda.net Launcher (HKLM-x32\...\{3448917E-E4FE-4E30-9502-9FD52EABB6F5}_is1) (Version: 1.62.9 - Bethesda Softworks)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Discord (HKU\S-1-5-21-1489700858-2589907274-1545136375-1001\...\Discord) (Version: 0.0.307 - Discord Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 104.3.170 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.337.1 - Dropbox, Inc.) Hidden
DZSALauncher version 0.0.4.8 (HKLM-x32\...\DZSALauncher_is1) (Version: 0.0.4.8 - Maca134)
ENE IO Driver (HKLM-x32\...\{D0512FFD-6194-4D2E-967E-25B82A3322FF}) (Version: 3.3.0 - ENE TECHNOLOGY INC.) Hidden
ENE RGB HAL (HKLM\...\{E050E98C-5524-4AFB-9E53-97700BEF2C02}) (Version: 1.1.23.0 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{1ed73932-bb1f-42f9-b276-d10182a64b07}) (Version: 1.1.23.0 - Ene Tech.) Hidden
Epic Games Launcher (HKLM-x32\...\{39D848C4-F441-470F-8FAB-51D60946D35B}) (Version: 1.1.267.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ESET Security (HKLM\...\{0C3F76CB-98AA-49B1-9B72-CD040E3E17E8}) (Version: 13.2.16.0 - ESET, spol. s r.o.)
Fallout 76 (HKLM-x32\...\Fallout 76) (Version:  - Bethesda Softworks)
Futuremark SystemInfo (HKLM-x32\...\{4738FDE3-3763-4E2E-A8FC-65E2DC138B7C}) (Version: 5.29.839.0 - Futuremark)
GIANTS Editor 8.2.0 64-bit (HKLM-x32\...\giants_editor_8.2.0_win64_is1) (Version: 8.2.0 - GIANTS Software GmbH)
GlassWire 2.1 (remove only) (HKLM-x32\...\GlassWire 2.1) (Version: 2.1.167 - SecureMix LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 84.0.4147.125 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Grand Theft Auto: San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.0.0.22 - Rockstar Games)
Grand Theft Auto: San Andreas (HKLM-x32\...\Grand Theft Auto: San Andreas) (Version: 1.0.0.22 - Rockstar Games)
iCloud (HKLM\...\{A3616230-EF97-44F3-83D3-1AE29DC639D3}) (Version: 7.18.0.22 - Apple Inc.)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
IrfanView 4.54 (64-bit) (HKLM\...\IrfanView64) (Version: 4.54 - Irfan Skiljan)
iTunes (HKLM\...\{2C371A0D-A895-4F25-A600-C84C6711701E}) (Version: 12.10.7.3 - Apple Inc.)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kingston AURA DRAM Component (HKLM\...\{6D2D2DAF-BFE4-45A6-BF40-8A9F7FF54F42}) (Version: 1.0.26 - KINGSTON COMPONENTS INC.) Hidden
Kingston AURA DRAM Component (HKLM-x32\...\{e5d9f7b7-590f-42bf-8068-23e9a16c58fb}) (Version: 1.0.26 - KINGSTON COMPONENTS INC.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LED Sync (HKLM-x32\...\{D10D6F85-907E-4F37-8E30-C17F6BC57813}) (Version: 1.1.0 - EVGA)
Logitech Options (HKLM\...\LogiOptions) (Version: 8.20.329 - Logitech)
Malwarebytes version 4.1.2.73 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.2.73 - Malwarebytes)
Maxon Cinema 4D R21 (HKLM\...\Maxon Cinema 4D R21) (Version: R21 - Maxon)
Microsoft Teams (HKU\S-1-5-21-1489700858-2589907274-1545136375-1001\...\Teams) (Version: 1.3.00.13565 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Mozilla Firefox 78.0.1 (x64 pl) (HKLM\...\Mozilla Firefox 78.0.1 (x64 pl)) (Version: 78.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 75.0 - Mozilla)
MTA:SA v1.5.7 (HKLM-x32\...\MTA:SA 1.5) (Version: v1.5.7 - Multi Theft Auto)
Node.js (HKLM\...\{B33A4494-0730-4755-8F69-EC9BB86BA367}) (Version: 12.16.2 - Node.js Foundation)
NordVPN (HKLM\...\{19465C24-3D5D-4327-B99F-3CC0A1D38151}_is1) (Version: 6.31.5.0 - TEFINCOM S.A.)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
NordVPN network TUN (HKLM\...\{77DA107A-7AE4-497D-A84A-B143C3A21676}) (Version: 1.0.0 - NordVPN)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.8.7 - Notepad++ Team)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.4.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.4.14 - NVIDIA Corporation)
NVIDIA LED Visualizer 1.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.LEDVisualizer) (Version: 1.3 - NVIDIA Corporation)
NVIDIA Oprogramowanie systemu PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NVIDIA Sterownik dźwięku HD 1.3.38.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.34 - NVIDIA Corporation)
NVIDIA Sterownik graficzny 451.67 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 451.67 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
OEM Application Profile (HKLM-x32\...\{84AD2AF7-10C8-0395-66F9-FFAEB4C5DBF1}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.79.42672 - Electronic Arts, Inc.)
Paradox Launcher v2 (HKLM\...\{986898D9-7C26-4E7F-814C-9B5472FA3209}) (Version: 2.0.0.0 - Paradox Interactive)
Patriot Viper DRAM RGB (HKLM\...\{E42E13B0-071E-49C1-B1CC-58198E82F302}) (Version: 1.0.8.2 - Patriot Memory) Hidden
Patriot Viper DRAM RGB (HKLM-x32\...\{ecc0c116-9518-483f-9c93-a57a89253188}) (Version: 1.0.8.2 - Patriot Memory)
Patriot Viper M2 SSD RGB (HKLM\...\{0886A906-0625-4A43-930D-AA92F6665AF4}) (Version: 1.0.5.1 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM-x32\...\{3dac46db-9b14-478d-832c-0057bf8d149a}) (Version: 1.0.5.1 - Patriot Memory)
PHISON HAL (HKLM\...\{966E33F0-6786-4B38-AA29-C1B3F6C1955D}) (Version: 1.0.2.0 - PHISON Electronics Corp.) Hidden
PHISON HAL (HKLM-x32\...\{69f528f4-31b2-49ad-b881-879068592acf}) (Version: 1.0.2.0 - PHISON Electronics Corp.) Hidden
qBittorrent 4.2.5 (HKLM-x32\...\qBittorrent) (Version: 4.2.5 - The qBittorrent project)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 4.3.1 r3321 - Rainmeter)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.35.510.2019 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8751.1 - Realtek Semiconductor Corp.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.26.268 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.6.1 - Rockstar Games)
ROG Live Service (HKLM-x32\...\{2D87BFB6-C184-4A59-9BBE-3E20CE797631}) (Version: 1.1.2.0 - ASUSTek COMPUTER INC.)
SnowRunner A MudRunner Game MULTi12 - ElAmigos wersja 4.7 (HKLM-x32\...\{1CBB2A79-6B10-45D4-8F6E-4A1C3CD9B84A}_is1) (Version: 4.7 - cus Home Interactive)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries Engine 3.18.3 (HKLM\...\SteelSeries Engine 3) (Version: 3.18.3 - SteelSeries ApS)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.11 - VideoLAN)
W10Privacy (HKLM-x32\...\W10Privacy) (Version: 3.4.0.2 - Bernd Schuster)
WeMod (HKU\S-1-5-21-1489700858-2589907274-1545136375-1001\...\WeMod) (Version: 6.3.10 - WeMod)
Windows Driver Package - Cambridge Silicon Radio Ltd. (CSRBC) USB  (03/07/2013 2.4.0.0) (HKLM\...\FB6346ABC58E926B03FC05975B4A9232E5FD8F1D) (Version: 03/07/2013 2.4.0.0 - Cambridge Silicon Radio Ltd.)
WinRAR 5.80 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH)
Wire (HKU\S-1-5-21-1489700858-2589907274-1545136375-1001\...\wire) (Version: 3.19.3731 - Wire)
Wraith Prism Settings software (HKLM-x32\...\{1A3E3EA7-5A7C-4292-8A13-B0DE1BF49E13}_COOLER_MASTER_SR4) (Version: 1.18 - AMD Wraith)

Packages:
=========
ARMOURY CRATE -> C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_3.0.4.0_x64__qmba6cd70vzyy [2020-07-26] (ASUSTeK COMPUTER INC.)
Fluent Terminal -> C:\Program Files\WindowsApps\53621FSApps.FluentTerminal_0.7.0.0_x64__zzw7cgfsy6dd6 [2020-05-18] (FS Apps) [Startup Task]
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_115.1.152.0_x64__v10z8vjag6ke6 [2020-06-01] (HP Inc.)
Kodi -> C:\Program Files\WindowsApps\XBMCFoundation.Kodi_18.8.500.0_x64__4n2hpmxwrvr6p [2020-08-03] (XBMC Foundation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-04-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-04-21] (Microsoft Corporation) [MS Ad]
MSN Pogoda -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-04-21] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.958.0_x64__56jybvy8sckqj [2020-06-23] (NVIDIA Corp.)
QuickLook -> C:\Program Files\WindowsApps\21090PaddyXu.QuickLook_3.6.9.0_neutral__egxr34yet59cg [2020-05-26] (Paddy Xu) [Startup Task]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.3.185.0_x64__dt26b99r8h8gj [2020-04-21] (Realtek Semiconductor Corp)
Sonic Radar 3 -> C:\Program Files\WindowsApps\A-Volute.28054DF1F58B4_3.16.11.0_x64__w2gh52qy24etm [2020-07-27] (A-Volute)
Sonic Studio 3 -> C:\Program Files\WindowsApps\A-Volute.SonicStudio3_3.16.11.0_x64__w2gh52qy24etm [2020-07-27] (A-Volute)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.139.612.0_x86__zpdnekdrzrea0 [2020-08-11] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1489700858-2589907274-1545136375-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\piter\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20091.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1489700858-2589907274-1545136375-1001_Classes\CLSID\{C4F0910E-E0B4-4E68-8086-452730C7A26A}\InprocServer32 -> C:\Users\piter\AppData\Local\Autodesk\webdeploy\production\1f559bb8ae333199306b5c4f1fe680c6eb7ab9e0\NPreview10.dll (Autodesk, Inc. -> )
CustomCLSID: HKU\S-1-5-21-1489700858-2589907274-1545136375-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\piter\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20091.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1489700858-2589907274-1545136375-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => E:\Inne\!DANE\Dropbox [2020-04-22 00:36]
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> No File
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> No File
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2020-06-05] (Notepad++ -> )
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-07-31] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> No File
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-03-22] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-07-31] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-21] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> [CC]{0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [MEGA (Context menu)] -> [CC]{0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> No File
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.44.0.dll [2020-08-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_edab19158bdd0d0a\nvshext.dll [2020-07-07] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-07-31] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-21] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-25] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\piter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> -enable-features=darkMode
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> -enable-features=darkMode

==================== Loaded Modules (Whitelisted) =============

2020-02-27 17:05 - 2020-02-27 17:05 - 000148992 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ffi\build\Release\ffi_bindings.node
2020-02-27 17:05 - 2020-02-27 17:05 - 000138752 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ref\build\Release\binding.node
2015-03-17 06:34 - 2015-03-17 06:34 - 000010240 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\pl_pl\AcroTray.pol
2020-05-04 16:26 - 2018-03-11 14:13 - 000082944 _____ () [File not signed] C:\Program Files (x86)\AMD Wraith\Wraith Prism\HidDevice.dll
2020-08-10 17:28 - 2019-12-23 18:51 - 000093184 _____ () [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\zlibwapi.dll
2020-08-10 17:28 - 2019-06-26 16:07 - 000094208 _____ () [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\MacroControl.dll
2020-02-27 17:05 - 2020-02-27 17:05 - 000081920 _____ () [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\WindowID\WindowID.dll
2020-05-26 23:39 - 2020-05-26 23:39 - 000163328 _____ () [File not signed] C:\Program Files\WindowsApps\21090PaddyXu.QuickLook_3.6.9.0_neutral__egxr34yet59cg\Package\QuickLook.Native64.dll
2020-05-26 23:39 - 2020-05-26 23:39 - 002422272 _____ () [File not signed] C:\Program Files\WindowsApps\21090PaddyXu.QuickLook_3.6.9.0_neutral__egxr34yet59cg\Package\QuickLook.Plugin\QuickLook.Plugin.ImageViewer\exiv2-ql-64.dll
2020-08-07 12:01 - 2020-07-08 09:17 - 000015360 _____ () [File not signed] D:\Gry\Origin\libEGL.DLL
2020-08-07 12:01 - 2020-07-08 09:17 - 003090944 _____ () [File not signed] D:\Gry\Origin\libGLESv2.dll
2020-03-06 06:11 - 2020-03-06 06:11 - 000021504 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\pl_pl\Acrobat Elements\ContextMenuShim64.pol
2020-02-25 16:59 - 2020-02-25 16:59 - 002831360 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\LightingService\log4cxx.dll
2020-08-10 17:28 - 2019-10-24 11:15 - 002676736 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\AURAChecker.dll
2020-05-09 13:46 - 2020-04-18 12:06 - 000329728 _____ (Microsoft Corporation) [File not signed] D:\Programy\Windows\TskBarX\oleacc.DLL
2020-08-07 12:01 - 2020-07-08 09:17 - 000002560 _____ (The ICU Project) [File not signed] D:\Gry\Origin\icudt58.dll
2020-08-07 12:01 - 2020-07-08 09:17 - 001252864 _____ (The ICU Project) [File not signed] D:\Gry\Origin\icuuc58.dll
2020-08-10 17:28 - 2019-06-26 16:07 - 003394560 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\libcrypto-1_1-x64.dll
2020-08-10 17:28 - 2019-06-26 16:07 - 000679424 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\libssl-1_1-x64.dll
2020-08-07 12:01 - 2020-07-08 09:17 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] D:\Gry\Origin\LIBEAY32.dll
2020-08-07 12:01 - 2020-07-08 09:17 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] D:\Gry\Origin\ssleay32.dll
2020-08-07 12:01 - 2020-07-08 09:17 - 000030208 _____ (The Qt Company Ltd) [File not signed] D:\Gry\Origin\imageformats\qgif.dll
2020-08-07 12:01 - 2020-07-08 09:17 - 000032768 _____ (The Qt Company Ltd) [File not signed] D:\Gry\Origin\imageformats\qico.dll
2020-08-07 12:01 - 2020-07-08 09:17 - 000256512 _____ (The Qt Company Ltd) [File not signed] D:\Gry\Origin\imageformats\qjpeg.dll
2020-08-07 12:01 - 2020-07-08 09:17 - 000026112 _____ (The Qt Company Ltd) [File not signed] D:\Gry\Origin\imageformats\qtga.dll
2020-08-07 12:01 - 2020-07-08 09:17 - 000305152 _____ (The Qt Company Ltd) [File not signed] D:\Gry\Origin\imageformats\qtiff.dll
2020-08-07 12:01 - 2020-07-08 09:17 - 000025600 _____ (The Qt Company Ltd) [File not signed] D:\Gry\Origin\imageformats\qwbmp.dll
2020-08-07 12:01 - 2020-07-08 09:17 - 000278016 _____ (The Qt Company Ltd) [File not signed] D:\Gry\Origin\mediaservice\dsengine.dll
2020-08-07 12:01 - 2020-07-08 09:17 - 001611264 _____ (The Qt Company Ltd) [File not signed] D:\Gry\Origin\platforms\qwindows.dll
2020-08-07 12:01 - 2020-07-08 09:17 - 005487104 _____ (The Qt Company Ltd) [File not signed] D:\Gry\Origin\Qt5Core.dll
2020-08-07 12:01 - 2020-07-08 09:17 - 005841920 _____ (The Qt Company Ltd) [File not signed] D:\Gry\Origin\Qt5Gui.dll
2020-08-07 12:01 - 2020-07-08 09:17 - 000709120 _____ (The Qt Company Ltd) [File not signed] D:\Gry\Origin\Qt5Multimedia.dll
2020-08-07 12:01 - 2020-07-08 09:17 - 001179136 _____ (The Qt Company Ltd) [File not signed] D:\Gry\Origin\Qt5Network.dll
2020-08-07 12:01 - 2020-07-08 09:17 - 000207360 _____ (The Qt Company Ltd) [File not signed] D:\Gry\Origin\Qt5Positioning.dll
2020-08-07 12:01 - 2020-07-08 09:17 - 000310272 _____ (The Qt Company Ltd) [File not signed] D:\Gry\Origin\Qt5PrintSupport.dll
2020-08-07 12:01 - 2020-07-08 09:17 - 003513344 _____ (The Qt Company Ltd) [File not signed] D:\Gry\Origin\Qt5Qml.dll
2020-08-07 12:01 - 2020-07-08 09:17 - 003390976 _____ (The Qt Company Ltd) [File not signed] D:\Gry\Origin\Qt5Quick.dll
2020-08-07 12:01 - 2020-07-08 09:17 - 000068096 _____ (The Qt Company Ltd) [File not signed] D:\Gry\Origin\Qt5QuickWidgets.dll
2020-08-07 12:01 - 2020-07-08 09:17 - 000045568 _____ (The Qt Company Ltd) [File not signed] D:\Gry\Origin\Qt5TextToSpeech.dll
2020-08-07 12:01 - 2020-07-08 09:17 - 000116224 _____ (The Qt Company Ltd) [File not signed] D:\Gry\Origin\Qt5WebChannel.dll
2020-08-07 12:01 - 2020-07-08 09:17 - 054071296 _____ (The Qt Company Ltd) [File not signed] D:\Gry\Origin\Qt5WebEngineCore.dll
2020-08-07 12:01 - 2020-07-08 09:17 - 000211456 _____ (The Qt Company Ltd) [File not signed] D:\Gry\Origin\Qt5WebEngineWidgets.dll
2020-08-07 12:01 - 2020-07-08 09:17 - 000146432 _____ (The Qt Company Ltd) [File not signed] D:\Gry\Origin\Qt5WebSockets.dll
2020-08-07 12:01 - 2020-07-08 09:17 - 005089792 _____ (The Qt Company Ltd) [File not signed] D:\Gry\Origin\Qt5Widgets.dll
2020-08-07 12:01 - 2020-07-08 09:17 - 000184832 _____ (The Qt Company Ltd) [File not signed] D:\Gry\Origin\Qt5Xml.dll
2020-08-10 17:28 - 2019-07-31 14:48 - 000072704 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Protocol\Interrupt\InterruptTransfer.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT [40]
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 [982]
AlternateDataStreams: C:\Users\piter\Dane aplikacji:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\piter\Dane aplikacji:NT [40]
AlternateDataStreams: C:\Users\piter\Dane aplikacji:NT2 [982]
AlternateDataStreams: C:\Users\piter\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\piter\AppData\Roaming:NT [40]
AlternateDataStreams: C:\Users\piter\AppData\Roaming:NT2 [982]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [490]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 06:49 - 2020-06-25 00:50 - 000000906 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64\compiler;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files\nodejs\;C:\Program Files\Common Files\Autodesk Shared\;C:\ProgramData\chocolatey\bin;
HKU\S-1-5-21-1489700858-2589907274-1545136375-1001\Control Panel\Desktop\\Wallpaper -> d:\inne\!dane\tapeta\qi-bin-w4hbafegiac-unsplash.jpg
DNS Servers: 1.1.1.1 - 208.67.222.222
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

Network Binding:
=============
Ethernet: NordVPN LightWeight Firewall -> NordLwf (enabled) 
NordVPN: NordVPN LightWeight Firewall -> NordLwf (enabled) 
Wi-Fi: NordVPN LightWeight Firewall -> NordLwf (enabled) 
Ethernet 2: NordVPN LightWeight Firewall -> NordLwf (enabled) 

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Autodesk Genuine Service "
HKLM\...\StartupApproved\Run32: => "Autodesk Desktop App"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{AB36AD6F-3EAC-4499-BFF7-1424EBDC51F9}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK Computer Inc. -> ASUS)
FirewallRules: [{1A04896A-1FF9-473C-992D-D06BFE03032A}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK Computer Inc. -> ASUS)
FirewallRules: [{7B5E5FC9-08C1-40BA-9983-EF10C3D522B8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{48FD4FD1-0D37-4C4E-AE90-EFEDE40173C8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{8B48B164-8982-4AF6-AE2A-0809B2614060}C:\users\piter\appdata\local\packages\b9eced6f.armourycrate_qmba6cd70vzyy\localstate\gridupdatefile\asusgcdriverupdateclient.exe] => (Allow) C:\users\piter\appdata\local\packages\b9eced6f.armourycrate_qmba6cd70vzyy\localstate\gridupdatefile\asusgcdriverupdateclient.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [UDP Query User{C79C7BE7-EA11-4710-88A9-15CD5122011F}C:\users\piter\appdata\local\packages\b9eced6f.armourycrate_qmba6cd70vzyy\localstate\gridupdatefile\asusgcdriverupdateclient.exe] => (Allow) C:\users\piter\appdata\local\packages\b9eced6f.armourycrate_qmba6cd70vzyy\localstate\gridupdatefile\asusgcdriverupdateclient.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{BAA32E24-8576-492E-8BED-03583DD5551D}] => (Allow) D:\Gry\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{DB70700E-BA93-4563-B3F1-EEB534CD0A36}] => (Allow) D:\Gry\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{3F10EB46-560F-4F44-8B2C-698D624D59A3}] => (Allow) D:\Gry\Steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
FirewallRules: [{A245B60B-65A8-401E-B48E-0870F5585433}] => (Allow) D:\Gry\Steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
FirewallRules: [{A7B0B523-9508-4370-A273-5C0501B4AB88}] => (Block) C:\Windows\systemapps\Microsoft.XboxGameCallableUI_cw5n1h2txyewy\XBox.TCUI.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{95E90EDE-0F1D-41BC-8CB6-F41639593795}] => (Allow) D:\Gry\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (PUBG CORPORATION -> PUBG Corporation)
FirewallRules: [{E7D30C2D-F17D-4B51-B011-DDCD30156FF8}] => (Allow) D:\Gry\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (PUBG CORPORATION -> PUBG Corporation)
FirewallRules: [TCP Query User{F31AC9EA-B0F0-4AC5-902E-E693EC8FBC20}D:\programy\vlc\vlc.exe] => (Allow) D:\programy\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{8AD56178-FD41-41FC-889D-5599D73AD09D}D:\programy\vlc\vlc.exe] => (Allow) D:\programy\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{21E16D0E-642F-40D4-9155-4F7A3F264548}] => (Allow) D:\Gry\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{37B99DD9-80D2-4280-A724-1174C5F1B311}] => (Allow) D:\Gry\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{1F52AE20-F09D-48CD-9081-A8C3E01A76C9}] => (Allow) D:\Gry\Steam\steamapps\common\Tabletopia\Tabletopia.exe () [File not signed]
FirewallRules: [{8CEDF61F-3E63-474F-8803-839961867F1B}] => (Allow) D:\Gry\Steam\steamapps\common\Tabletopia\Tabletopia.exe () [File not signed]
FirewallRules: [{F51FFF5C-CBBC-40C7-B8C3-1B0BEA0BABD0}] => (Allow) D:\Gry\Steam\steamapps\common\War Selection\SteamLauncher.exe () [File not signed]
FirewallRules: [{AEFC2817-E892-4E53-8F72-6F6431E59C19}] => (Allow) D:\Gry\Steam\steamapps\common\War Selection\SteamLauncher.exe () [File not signed]
FirewallRules: [{2E7630B0-29E5-4321-B29D-1FE8D4E4CA89}] => (Allow) D:\Gry\Steam\steamapps\common\Red Dead Redemption 2\PlayRDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{0A63B562-2C04-4C6E-8DEF-65F8A2A56B0F}] => (Allow) D:\Gry\Steam\steamapps\common\Red Dead Redemption 2\PlayRDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{470EE553-DEC1-4BE7-878D-41486716B022}] => (Allow) D:\Gry\Steam\steamapps\common\SMITE\Binaries\Win64\SmiteEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{C3B89DB5-4EA1-4BE0-A86B-450F7D893C40}] => (Allow) D:\Gry\Steam\steamapps\common\SMITE\Binaries\Win64\SmiteEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{DA4C0CC0-86A7-495E-A2B0-71C4D8CD5AB6}] => (Allow) D:\Gry\Steam\steamapps\common\SMITE\Binaries\Win32\SmiteEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{AA044786-A452-4715-AE0A-EBECB0312F72}] => (Allow) D:\Gry\Steam\steamapps\common\SMITE\Binaries\Win32\SmiteEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{7FD9FB32-1F6A-4AC0-920E-58E8357A664B}] => (Allow) D:\Gry\Steam\steamapps\common\Prison Architect\Prison Architect.exe () [File not signed]
FirewallRules: [{64668652-0815-4CBD-896E-FC7DA8B16BC9}] => (Allow) D:\Gry\Steam\steamapps\common\Prison Architect\Prison Architect.exe () [File not signed]
FirewallRules: [{F953A97E-2441-47A9-8E77-7536FB18A7D1}] => (Allow) D:\Gry\Steam\steamapps\common\Prison Architect\Launcher\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{610985C8-4889-4425-8C30-D62C6743FD75}] => (Allow) D:\Gry\Steam\steamapps\common\Prison Architect\Launcher\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{B3D66B55-F88A-42D8-B4F3-09B8B43CD1CE}] => (Allow) D:\Gry\Steam\steamapps\common\DayZ\DayZ_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{1AFC0A8A-3C31-4EA4-9D3F-80CFB5D072E9}] => (Allow) D:\Gry\Steam\steamapps\common\DayZ\DayZ_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{EF30FC34-5D0A-4A1F-B9F0-EBA3EB78FBEC}] => (Allow) D:\Gry\Steam\steamapps\common\DayZ\DayZ_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{02CDE1F1-4FC6-4CC5-9B9F-6B3D2CDF3ED6}] => (Allow) D:\Gry\Steam\steamapps\common\DayZ\DayZ_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{B84F9D28-0364-40F3-90EB-00F458B2FF68}] => (Allow) D:\Gry\Steam\steamapps\common\EVGA PrecisionX\PrecisionX_x64.exe (EVGA Corp. -> EVGA Co., Ltd.)
FirewallRules: [{B6A0E318-80AA-418E-A86D-2DA0A7813579}] => (Allow) D:\Gry\Steam\steamapps\common\EVGA PrecisionX\PrecisionX_x64.exe (EVGA Corp. -> EVGA Co., Ltd.)
FirewallRules: [{3B52E3E5-0D2D-4641-A51F-70F7592529F6}] => (Allow) D:\Gry\Steam\steamapps\common\EVGA PrecisionX\PrecisionX_x64.exe (EVGA Corp. -> EVGA Co., Ltd.)
FirewallRules: [{DFEA754B-E516-4747-8427-E49DC31667F5}] => (Allow) D:\Gry\Steam\steamapps\common\EVGA PrecisionX\PrecisionX_x64.exe (EVGA Corp. -> EVGA Co., Ltd.)
FirewallRules: [{B31A01B1-84C0-48FA-9DB8-A64BF302142F}] => (Allow) D:\Gry\Steam\steamapps\common\ProjectZomboid\ProjectZomboid64.exe () [File not signed]
FirewallRules: [{30767643-68E6-4A66-A0D7-028F3900CFEA}] => (Allow) D:\Gry\Steam\steamapps\common\ProjectZomboid\ProjectZomboid64.exe () [File not signed]
FirewallRules: [{3FA3A5D6-8AB6-4C72-AF75-28A59FA584AB}] => (Allow) D:\Gry\Steam\steamapps\common\KingdomComeDeliverance\Bin\Win64\KingdomCome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [{D2E44461-1E1F-4896-B3A9-7C9FEFC73BF3}] => (Allow) D:\Gry\Steam\steamapps\common\KingdomComeDeliverance\Bin\Win64\KingdomCome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [{2518401B-A481-4765-9B52-F7B0753E54A7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{EA332FD2-C2D4-477F-9C5E-C69EE0C48E82}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{77FE81C3-13DA-46B8-8D7A-1B7DCFC80F74}] => (Allow) D:\Gry\Steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe (Relic Entertainment, Inc -> Relic Entertainment Inc.)
FirewallRules: [{C24684DC-1B1C-43CD-9385-3B7ACF1784D9}] => (Allow) D:\Gry\Steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe (Relic Entertainment, Inc -> Relic Entertainment Inc.)
FirewallRules: [{E40E6FB3-E5F7-44B7-A057-C21D5B4AE936}] => (Allow) D:\Gry\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe () [File not signed]
FirewallRules: [{96CC1B09-4694-43AB-8FD3-DDF2DBBF9C76}] => (Allow) D:\Gry\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe () [File not signed]
FirewallRules: [{316F83E9-F820-4860-8FC9-D43F7D0F1560}] => (Allow) D:\Gry\Steam\steamapps\common\ActionRecorder\Action.exe (Mirillis Sp. z o.o. -> Mirillis Ltd.)
FirewallRules: [{9F3D32C7-259E-4A50-98F6-3F56D2C8D069}] => (Allow) D:\Gry\Steam\steamapps\common\ActionRecorder\Action.exe (Mirillis Sp. z o.o. -> Mirillis Ltd.)
FirewallRules: [{1A0CEFBD-F661-4AD0-B50D-AC607BABFE6E}] => (Allow) D:\Gry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{37F5BCFC-5D96-4BE7-8EFE-EF0D4EDD980D}] => (Allow) D:\Gry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{57BD69F2-B5DA-49F6-BA74-E9DE6C789518}] => (Allow) D:\Gry\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{C3B6AD12-5EC1-445F-B0EB-2B4D22D6D0DB}] => (Allow) D:\Gry\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{820570BD-FC19-4A9B-9C85-975EDD81E585}] => (Allow) D:\Gry\Steam\steamapps\common\Lossless Scaling\LosslessScaling.exe (THS) [File not signed]
FirewallRules: [{0B8997CE-8111-4CD0-8C95-21DFCBBBF9BE}] => (Allow) D:\Gry\Steam\steamapps\common\Lossless Scaling\LosslessScaling.exe (THS) [File not signed]
FirewallRules: [{1CE321C9-230C-44D3-AC6F-B907ACCAD59A}] => (Allow) D:\Gry\Steam\steamapps\common\Jurassic World Evolution\JWE.exe (Frontier Developments) [File not signed]
FirewallRules: [{8CC64096-33F2-4756-9E25-062251EFCDD3}] => (Allow) D:\Gry\Steam\steamapps\common\Jurassic World Evolution\JWE.exe (Frontier Developments) [File not signed]
FirewallRules: [{83BA1BC3-0E17-4D0E-9913-3E8B6A3A3198}] => (Allow) D:\Gry\Steam\steamapps\common\Frostpunk\Frostpunk.exe (Marek Ziemak -> 11 bit studios S.A.)
FirewallRules: [{99215075-2D3C-4222-A516-CD2B0410E2A8}] => (Allow) D:\Gry\Steam\steamapps\common\Frostpunk\Frostpunk.exe (Marek Ziemak -> 11 bit studios S.A.)
FirewallRules: [{00A9CD0E-597F-4A12-AFEF-185F13A46B6D}] => (Allow) D:\Gry\Steam\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> Epic Games, Inc)
FirewallRules: [{E3B4FA44-104F-4CE7-9997-2EA2111FB767}] => (Allow) D:\Gry\Steam\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> Epic Games, Inc)
FirewallRules: [{8F9F7B88-0FD8-4EA2-B018-0421847BB3D9}] => (Allow) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe (GlassWire -> SecureMix LLC)
FirewallRules: [{FF7D1169-F9D4-4A23-9555-C839B4D6DA95}] => (Allow) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe (GlassWire -> SecureMix LLC)
FirewallRules: [{BEE855CD-6A21-4636-A31B-02D643ABDC32}] => (Allow) D:\Gry\Steam\steamapps\common\SovietRepublic\SETUPAPPLICATION SOVIET.exe (3DIVISION) [File not signed]
FirewallRules: [{A836E9E2-3A59-4D54-80F9-83A8CBAE747E}] => (Allow) D:\Gry\Steam\steamapps\common\SovietRepublic\SETUPAPPLICATION SOVIET.exe (3DIVISION) [File not signed]
FirewallRules: [{2E1F7D40-3238-4897-903B-FEFED2F3048D}] => (Allow) D:\Gry\Steam\steamapps\common\Heroes of Might & Magic III - HD Edition\HOMM3Launcher.exe () [File not signed]
FirewallRules: [{6CF8B1B1-384A-48FD-9C7B-5E66C3ED43DA}] => (Allow) D:\Gry\Steam\steamapps\common\Heroes of Might & Magic III - HD Edition\HOMM3Launcher.exe () [File not signed]
FirewallRules: [{A2A481AF-F8ED-4EB9-8E12-6405FC90D96E}] => (Allow) D:\Programy\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{5FB2CB9B-C704-44E6-AD75-5BEF26FC8ECB}] => (Allow) D:\Programy\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{F08EA130-96E1-497F-915F-78A82FB2D4AF}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BBC00CEA-8594-4391-ADB8-EC7869B2B18F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1CE4467E-57F1-4EB7-92A2-C55F15E4BDFC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6926BFE3-B4B7-4379-9A38-4B43B14EE046}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{286595C1-4B87-46B6-9BEB-9378A9C28CBE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{18C52398-9734-4D18-9808-20C604CF74D6}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6F7BC4FF-8D41-4FFD-871E-CB8D484B9EED}] => (Allow) D:\Gry\Steam\steamapps\common\Cities_Skylines\dowser.exe (Paradox Interactive Ab (Publ) -> )
FirewallRules: [{E5C8FC5F-0E44-4B20-A435-B293764801CC}] => (Allow) D:\Gry\Steam\steamapps\common\Cities_Skylines\dowser.exe (Paradox Interactive Ab (Publ) -> )
FirewallRules: [{CFD37610-E05B-48DF-9E9C-B36D1957CADB}] => (Allow) D:\Gry\Steam\steamapps\common\Planet Zoo\PlanetZoo.exe (Frontier Developments) [File not signed]
FirewallRules: [{55DC4ACC-9BE2-4E6C-8262-39AA5A36FD17}] => (Allow) D:\Gry\Steam\steamapps\common\Planet Zoo\PlanetZoo.exe (Frontier Developments) [File not signed]
FirewallRules: [{D9342925-698B-493C-A756-321F88BD8462}] => (Allow) D:\Gry\Steam\steamapps\common\3DMark\3DMarkLauncher.exe (FUTUREMARK INC -> Futuremark)
FirewallRules: [{5B9A83FB-A98F-40ED-B772-D92C62FBBE90}] => (Allow) D:\Gry\Steam\steamapps\common\3DMark\3DMarkLauncher.exe (FUTUREMARK INC -> Futuremark)
FirewallRules: [{9E345FC7-599C-4EE9-8F5E-8CD13421885F}] => (Allow) D:\Gry\Steam\steamapps\common\DayZ\DayZLauncher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{149BB36B-3184-418F-9D9E-EFC77026110F}] => (Allow) D:\Gry\Steam\steamapps\common\DayZ\DayZLauncher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{76FAE416-6D90-46D6-85E9-F4D765965F9A}] => (Allow) D:\Gry\Origin\games\Battlefield V\bfvTrial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{BC15843A-8570-49C7-A095-BCA3542617C7}] => (Allow) D:\Gry\Origin\games\Battlefield V\bfvTrial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{FD0ABE34-074C-4F3C-99CC-79848650E0DA}] => (Allow) D:\Gry\Origin\games\Battlefield V\bfv.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{37ACB89E-7B1B-4A24-A368-ACE867E81544}] => (Allow) D:\Gry\Origin\games\Battlefield V\bfv.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{D46B3047-1FDC-4FB1-97C9-D00FD77DD2A3}] => (Allow) D:\Gry\Steam\steamapps\common\3DMark\bin\x86\3DMark.exe (FUTUREMARK INC -> )
FirewallRules: [{CA8DE591-AB37-4CA8-A5AD-82DDCF851B3D}] => (Allow) D:\Gry\Steam\steamapps\common\3DMark\bin\x86\3DMark.exe (FUTUREMARK INC -> )
FirewallRules: [{FB76B845-15FB-42BA-A2CE-8227E4ED6D00}] => (Allow) D:\Gry\Steam\steamapps\common\3DMark\bin\x64\3DMark.exe (FUTUREMARK INC -> )
FirewallRules: [{985B802D-9281-4DF9-9EA5-132101938A76}] => (Allow) D:\Gry\Steam\steamapps\common\3DMark\bin\x64\3DMark.exe (FUTUREMARK INC -> )
FirewallRules: [TCP Query User{32CD8468-BF06-4708-967D-508A2ADC1C9C}C:\programdata\logishrd\logioptions\software\current\logioptionsmgr.exe] => (Allow) C:\programdata\logishrd\logioptions\software\current\logioptionsmgr.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [UDP Query User{F083776E-79C3-42BE-A01C-655C1A3922EC}C:\programdata\logishrd\logioptions\software\current\logioptionsmgr.exe] => (Allow) C:\programdata\logishrd\logioptions\software\current\logioptionsmgr.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{AE7F33DD-49E6-4364-85E8-A8645CFE1092}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7E91278B-C0E8-474D-BD6C-72568DC4CAAE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C2D8930B-0B40-4723-B4FD-6B8DCA1EDE38}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{AB185579-C272-4E76-97F3-E0274E6A9481}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{33776745-F921-48AF-AA48-3AA801BAE987}] => (Allow) D:\Gry\Steam\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe (Xsolla (USA), Inc -> 2K)
FirewallRules: [{A71E22B8-0A83-4686-BB70-011B13E8F213}] => (Allow) D:\Gry\Steam\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe (Xsolla (USA), Inc -> 2K)
FirewallRules: [{4E8506BD-A0E6-4285-8AC3-9B102E5DFCBE}] => (Allow) D:\Gry\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{E79C2A35-84CB-49A5-B47D-A6C4F8F888A9}] => (Allow) D:\Gry\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{ECA8550B-2A08-4300-857A-1A3CE18A95B0}] => (Allow) D:\Gry\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{2DC0453D-ACEE-4B04-97DB-969ED8DA573E}] => (Allow) D:\Gry\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{744CF1B2-330D-45EF-8CEC-43E415D2ED07}] => (Allow) D:\Gry\Steam\steamapps\common\Foundation\foundation.exe (Polymorph Games) [File not signed]
FirewallRules: [{95AC169B-02D1-4BDA-B4BD-8632C5BE1FD8}] => (Allow) D:\Gry\Steam\steamapps\common\Foundation\foundation.exe (Polymorph Games) [File not signed]
FirewallRules: [{BF5E3119-C5AD-4E40-9F3D-8C765C1264F4}] => (Allow) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTEK COMPUTER INCORPORATION -> ASUSTek COMPUTER INC.)
FirewallRules: [{6FFA256B-08A9-4893-8475-F916E6995E9B}] => (Allow) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTEK COMPUTER INCORPORATION -> ASUSTek COMPUTER INC.)
FirewallRules: [{167F1D95-4BBB-432A-9FF1-C8642BED34F0}] => (Allow) D:\Gry\Steam\steamapps\common\Awesome\Awesome.exe () [File not signed]
FirewallRules: [{BE09071B-47AB-4A19-8306-0CECE85AA200}] => (Allow) D:\Gry\Steam\steamapps\common\Awesome\Awesome.exe () [File not signed]
FirewallRules: [{40E1BEAE-3FBA-4781-8FA3-8DE84671751E}] => (Allow) D:\Gry\Steam\steamapps\common\Awesome\Awesome_DirectToRift.exe () [File not signed]
FirewallRules: [{2ED88CA9-2F3F-4B30-A563-31C71E181C97}] => (Allow) D:\Gry\Steam\steamapps\common\Awesome\Awesome_DirectToRift.exe () [File not signed]
FirewallRules: [{862C20D7-8354-419C-A632-4CD7E84426A6}] => (Allow) D:\Gry\Steam\steamapps\common\Counter-Strike Source\hl2.exe (Valve -> )
FirewallRules: [{2B3452E7-9CDA-48EA-BB4F-B580095E1E17}] => (Allow) D:\Gry\Steam\steamapps\common\Counter-Strike Source\hl2.exe (Valve -> )
FirewallRules: [{7E4C7D70-C1BC-4903-BD35-3B53F23BFE8D}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{1FA4F1DA-AE7F-444B-9058-90FFF1E710BE}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK Computer Inc. -> ASUS)
FirewallRules: [{537814CD-AACD-4D91-AAFA-EC341E82E6FF}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK Computer Inc. -> ASUS)
FirewallRules: [{65D6922C-A5D1-4368-B302-6C6B462ACE76}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{48742514-41DB-4B7D-9DFF-A412FE354FE8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.139.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{80A819B3-0472-41CF-A618-4AFCE65F6979}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.139.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7AC73D31-315A-47C3-B612-3C2FD92B3536}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.139.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{43089748-3C56-4D32-A9DF-DE669A753078}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.139.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{323BA3C3-0B5A-46A7-860A-545EB1561ECF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.139.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A65409A5-B5EC-4547-9D3A-9D6884F6CB06}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.139.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EAF04D66-A848-475A-91C3-CA533E459017}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.139.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{422702E2-E4D6-4F1A-A074-31EA06B9B1FE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.139.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

==================== Restore Points =========================

26-07-2020 20:00:09 Zainstalowany program DirectX
03-08-2020 16:42:47 Zaplanowany punkt kontrolny
10-08-2020 17:27:39 Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (08/11/2020 01:19:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: PlanetZoo.exe, wersja: 1.2.5.63260, sygnatura czasowa: 0x5ee3c211
Nazwa modułu powodującego błąd: ntdll.dll, wersja: 10.0.18362.815, sygnatura czasowa: 0xb29ecf52
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x0000000000078454
Identyfikator procesu powodującego błąd: 0x982c
Godzina uruchomienia aplikacji powodującej błąd: 0x01d66fcd93fdbf0b
Ścieżka aplikacji powodującej błąd: D:\Gry\Steam\steamapps\common\Planet Zoo\PlanetZoo.exe
Ścieżka modułu powodującego błąd: C:\Windows\SYSTEM32\ntdll.dll
Identyfikator raportu: a6bab95b-45ca-4222-a0fe-5f11097499df
Pełna nazwa pakietu powodującego błąd: 
Identyfikator aplikacji względem pakietu powodującego błąd:

Error: (08/11/2020 12:40:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: PlanetZoo.exe, wersja: 1.2.5.63260, sygnatura czasowa: 0x5ee3c211
Nazwa modułu powodującego błąd: ntdll.dll, wersja: 10.0.18362.815, sygnatura czasowa: 0xb29ecf52
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x0000000000078454
Identyfikator procesu powodującego błąd: 0x7dac
Godzina uruchomienia aplikacji powodującej błąd: 0x01d66fcad43f9edf
Ścieżka aplikacji powodującej błąd: D:\Gry\Steam\steamapps\common\Planet Zoo\PlanetZoo.exe
Ścieżka modułu powodującego błąd: C:\Windows\SYSTEM32\ntdll.dll
Identyfikator raportu: 10be30b3-38f8-41ab-8474-c858c76f0149
Pełna nazwa pakietu powodującego błąd: 
Identyfikator aplikacji względem pakietu powodującego błąd:

Error: (08/11/2020 10:17:04 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1218

Error: (08/11/2020 10:17:04 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1218

Error: (08/11/2020 10:17:04 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/10/2020 09:41:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: ROGLiveService.exe, wersja: 1.1.2.0, sygnatura czasowa: 0x5f14eabc
Nazwa modułu powodującego błąd: DeviceHalDetect.dll_unloaded, wersja: 0.0.8.11, sygnatura czasowa: 0x5efef937
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x00000000000266b7
Identyfikator procesu powodującego błąd: 0x13d8
Godzina uruchomienia aplikacji powodującej błąd: 0x01d66f4e3c411304
Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe
Ścieżka modułu powodującego błąd: DeviceHalDetect.dll
Identyfikator raportu: 9df74da8-4bfe-4589-9966-9c1843bfc8d8
Pełna nazwa pakietu powodującego błąd: 
Identyfikator aplikacji względem pakietu powodującego błąd:

Error: (08/10/2020 09:41:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: DtsApo4Service.exe, wersja: 1.0.0.0, sygnatura czasowa: 0x5cf0ee2a
Nazwa modułu powodującego błąd: ucrtbase.dll, wersja: 10.0.18362.815, sygnatura czasowa: 0x32a6df9a
Kod wyjątku: 0xc0000409
Przesunięcie błędu: 0x000000000006db9e
Identyfikator procesu powodującego błąd: 0x1354
Godzina uruchomienia aplikacji powodującej błąd: 0x01d66f4e3c405672
Ścieżka aplikacji powodującej błąd: C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe
Ścieżka modułu powodującego błąd: C:\Windows\System32\ucrtbase.dll
Identyfikator raportu: 2aa55cd9-0f5a-4453-8178-142f67869a5e
Pełna nazwa pakietu powodującego błąd: 
Identyfikator aplikacji względem pakietu powodującego błąd:

Error: (08/10/2020 06:23:46 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program csgo.exe w wersji 0.0.0.0 przestał współpracować z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemów w oknie Zabezpieczenia i konserwacja w Panelu sterowania.

Identyfikator procesu: 4d68

Godzina rozpoczęcia: 01d66f3241b073ee

Godzina zakończenia: 4294967295

Ścieżka aplikacji: D:\Gry\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe

Identyfikator raportu: edcefcac-5d85-4f9a-9f62-f641f9f8710a

Pełna nazwa pakietu powodującego błąd: 

Identyfikator aplikacji powiązanej z pakietem powodującym błąd: 

Typ zawieszenia: Top level window is idle


System errors:
=============
Error: (08/11/2020 12:31:58 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-QS6UT4F)
Description: Serwer {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} nie zarejestrował się w modelu DCOM w wymaganym czasie.

Error: (08/10/2020 09:41:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa ROG Live Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (08/10/2020 09:41:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa DtsApo4Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.

Error: (08/10/2020 09:41:24 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Poprzednie zamknięcie systemu przy 17:58:01 na ‎10.‎08.‎2020 było nieoczekiwane.

Error: (08/10/2020 07:36:04 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Usługa Uncheater for BattleGrounds_GL jest oznaczona jako usługa interakcyjna. System jest jednak skonfigurowany tak, aby nie zezwalać na usługi interakcyjne, dlatego ta usługa może nie działać właściwie.

Error: (08/10/2020 07:35:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa ROG Live Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 2. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (08/10/2020 07:35:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa LightingService niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.

Error: (08/10/2020 07:35:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa ASUS Com Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.


Windows Defender:
===================================
Date: 2020-04-21 21:17:53.540
Description: 
Skanowanie produktu Program antywirusowy Windows Defender zostało zatrzymane przed ukończeniem.
Identyfikator skanowania: {60BF76DB-57F4-4DDA-97B3-CB85D487AB39}
Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem
Parametry skanowania: Szybkie skanowanie
Użytkownik: DESKTOP-QS6UT4F\piter

Date: 2020-04-22 01:19:34.877
Description: 
Agent ochrony w czasie rzeczywistym produktu Program antywirusowy Windows Defender wykrył błąd i jego uruchomienie nie powiodło się.
Funkcja: Monitorowanie zachowania
Kod błędu: 0x80508023
Opis błędu: Program nie znalazł na tym urządzeniu złośliwego oprogramowania ani innego potencjalnie niechcianego oprogramowania. 
Przyczyna: Analiza zabezpieczeń dla oprogramowania chroniącego przed złośliwym kodem przestała działać z nieznanej przyczyny. W niektórych przypadkach problem można rozwiązać, uruchamiając ponownie usługę.

CodeIntegrity:
===================================

Date: 2020-08-11 16:30:22.081
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-08-11 16:30:22.080
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-08-11 16:30:21.423
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-08-11 16:30:21.422
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-08-11 16:29:48.993
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-08-11 16:29:48.992
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-08-11 16:29:48.320
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-08-11 16:29:48.319
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info =========================== 

BIOS: American Megatrends Inc. 2602 08/04/2020
Motherboard: ASUSTeK COMPUTER INC. ROG STRIX X570-E GAMING
Processor: AMD Ryzen 9 3900X 12-Core Processor 
Percentage of memory in use: 33%
Total physical RAM: 32682.05 MB
Available physical RAM: 21814.77 MB
Total Virtual: 37546.05 MB
Available Virtual: 24536.02 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:400 GB) (Free:273.39 GB) NTFS
Drive d: (Aplikacje) (Fixed) (Total:1507.1 GB) (Free:688.8 GB) NTFS
Drive e: (Dane) (Fixed) (Total:5589.01 GB) (Free:4653.83 GB) NTFS
Drive f: (Dane) (Fixed) (Total:931.51 GB) (Free:709.67 GB) NTFS

\\?\Volume{c0fce533-e8b0-45cb-adbf-ba6b1d9175d1}\ (Odzyskiwanie) (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS
\\?\Volume{accfbb39-f6e7-45e4-a45e-75b5bf6d480e}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 5589 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 98CDEB46)

Partition: GPT.

==========================================================
Disk: 2 (Protective MBR) (Size: 1907.7 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

 

Link to post
Share on other sites

Hello dzikimurai,

Thanks for those logs, please in future refrain usind code or quote boxes for submitting logs. Either attach them or copy and paste direct to your reply... Continue:

Please download the attached fixlist.txt file and save it to the Desktop or location where you ran FRST from.

NOTE. It's important that both files, FRST or FRST64, and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system that cannot be undone.

Run FRST or FRST64 and press the Fix button just once and wait.
If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart.
The tool will make a log on the Desktop (Fixlog.txt) or wherever you ran FRST from. Please attach or post it to your next reply.

Note: If the tool warned you about an outdated version please download and run the updated version.

NOTE-1: As part of this fix all temporary files will be removed. If you have any open web pages that have not been bookmarked please make sure you bookmark them now as all open applications will be automatically closed. Also, make sure you know the passwords for all websites as cookies will also be removed.

The following directories are emptied:
 
  • Windows Temp
  • Users Temp folders
  • Edge, IE, FF, Chrome and Opera caches, HTML5 storages, Cookies and History
  • Recently opened files cache
  • Flash Player cache
  • Java cache
  • Steam HTML cache
  • Explorer thumbnail and icon cache
  • BITS transfer queue (qmgr*.dat files)
  • Recycle Bin


Important: items are permanently deleted. They are not moved to quarantine. If you have any questions or concerns please ask before running this fix.

The system will be rebooted after the fix has run.

Next,

Open Malwarebytes, select > "settings" > "security tab"

Scroll down to "Scan Options" ensure Scan for Rootkits and Scan within Archives are both on....

Go back to "DashBoard" select the Blue "Scan Now" tab......

When the scan completes quarantine any found entries...

To get the log from Malwarebytes do the following:
 
  • Single click on the target sight above scanner window.
  • In the new window select Report
  • Double click on the Scan log which shows the Date and time of the scan just performed.
  • Click Export > From export you have two options:
    Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply
    Export toTxt - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply

     
  • Please use "Export to Txt" then attach the log to your reply...


Next,

Download AdwCleaner by Malwarebytes onto your Desktop.

Or from this Mirror
 
  • Right-click on AdwCleaner.exe and select user posted imageRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)
  • Accept the EULA (I accept), then click on Scan
  • Let the scan complete. Once it's done, make sure that every item listed in the different tabs is checked and click on the Quarantine button. This will kill all the active processes
  • Once the cleaning process is complete, AdwCleaner will ask to restart your computer, do it
  • After the restart, a log will open when logging in. Please copy/paste the content of that log in your next reply


Next,

Download "Microsoft's Safety Scanner" and save direct to the desktop

Ensure to get the correct version for your system....

https://docs.microsoft.com/en-us/windows/security/threat-protection/intelligence/safety-scanner-download


Right click on the Tool, select “Run as Administrator” the tool will expand to the options Window
In the "Scan Type" window, select Quick Scan
Perform a scan and Click Finish when the scan is done.


Retrieve the MSRT log as follows, and post it in your next reply:

1) Select the Windows key and R key together to open the "Run" function
2) Type or Copy/Paste the following command to the "Run Line" and Press Enter:

notepad c:\windows\debug\msert.log

The log will include log details for each time MSRT has run, we only need the most recent log by date and time....

Let me see those logs in your reply, also tell me if there are any remaining issues or concerns...

Thank you,

Kevin...

 

 

fixlist.txt

Link to post
Share on other sites

That is good news, continue to clean up:

Right click on FRST here: E:\Pobrane\FRST64.exe and rename uninstall.exe when complete right click on uninstall.exe and select "Run as Administrator"

If you do not see the .exe appended that is because file extensions are hidden, in that case just rename FRST64 to uninstall

That action will remove FRST and all created files and folders...

Next,

Remove all System Restore Points: https://www.tenforums.com/tutorials/33593-delete-system-restore-points-windows-10-a.html#option2

Create clean fresh Restore Point: http://www.thewindowsclub.com/create-system-restore-point

Run Windows Disk Clean Up Utility - https://neosmart.net/wiki/disk-cleanup/

From there you should be good to go...

Next,

Read the following links to fully understand PC Security and Best Practices, you may find them useful....

Answers to Common Security Questions and best Practices

Do I need a Registry Cleaner?

Take care and surf safe

Kevin... user posted image
Link to post
Share on other sites

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Please review the following for Tips to help protect from infection

Thank you

 

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.