Možný trojský kůň v PC

Zpráva

jedlatko · #1 Příspěvek od **jedlatko** » 11 kvě 2020 21:05

: trojan.JPG (50.9 KiB) Zobrazeno 1765 x

Zdravím kluci, potřeboval bych Vaši pomoc. Dnes při stahování souboru jsem byl Windows Defenderem upozorněn, že soubor je vadný a obsahuje trojana. Přes Malware Bytes jsem PC projel, byla detekována jedna hrozba, kterou jsem odstranil. Následně jsem raději projel PC ještě přes Defender jak kompletní kontrolou, tak offline, nic nebylo hlášeno. Přes to v historii hrozeb Defenderu systém píše, že daná hrozba možná nebyla správně vyřízena. Moc děkuji za Vaši pomoc !

Zde zasílám log z FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-05-2020
Ran by Martijn Dansen (administrator) on LENOVO-PC (LENOVO 20382) (11-05-2020 22:16:50)
Running from C:\Users\Martijn Dansen\Documents
Loaded Profiles: Martijn Dansen
Platform: Windows 10 Home Version 1903 18362.778 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

( (Mixbyte Inc -> Freemake) [File not signed]) [File is in use ] C:\Program Files (x86)\Freemake\Freemake Video Converter\FreemakeVC.exe
() [File not signed] C:\Program Files\Lenovo PhoneCompanion\adb.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Autodesk, Inc -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Autodesk, Inc -> Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe <3>
(Autodesk, Inc -> Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
(CyberLink -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Digital Wave Ltd -> Digital Wave Ltd.) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Fortemedia Inc. -> ) C:\Program Files\Realtek\Audio\HDA\FMAPP.exe <2>
(Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express\express.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <30>
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe
(Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Lenovo (Beijing) Limited -> Lenovo) C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe
(Lenovo (Beijing) Limited -> Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
(LENOVO -> LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(LENOVO -> Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Lenovo Information Products (Shenzhen) Co.,Ltd -> Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\password_manager.exe
(Lenovo Information Products (Shenzhen) Co.,Ltd -> Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_desktop.exe
(Lenovo Information Products (Shenzhen) Co.,Ltd -> Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_metro.exe
(Lenovo Information Products (Shenzhen) Co.,Ltd -> Lenovo Group Limited) C:\Program Files\Lenovo\Password Manager\password_manager.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Martijn Dansen\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12624.20368.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.20022.11011.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Program Files\Synaptics\SynFP\Shared\SensorDBSynch.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWbioSyncSvc.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2004.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2004.6-0\NisSrv.exe
(Mixbyte Inc -> ) C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
(Mixbyte Inc -> Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp -> Realtek semiconductor) C:\Windows\RTFTrack.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
Failed to access process -> FreemakeUtilsService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [9308416 2015-06-02] (Realtek Semiconductor Corp -> Realtek semiconductor)
HKLM\...\Run: [PasswordManager] => C:\Program Files\Lenovo\Password Manager\password_manager.exe [1622072 2014-01-10] (Lenovo Information Products (Shenzhen) Co.,Ltd -> Lenovo Group Limited)
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [836592 2014-11-11] (Lenovo (Beijing) Limited -> Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-11-11] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10973168 2014-11-11] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3947704 2015-08-14] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-07] (CyberLink -> CyberLink Corp.)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [721856 2016-07-01] (Autodesk, Inc -> Autodesk, Inc.)
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [241448 2020-04-22] (Mixbyte Inc -> )
HKU\S-1-5-21-16543503-1544822326-733773056-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1283112 2016-02-02] (Autodesk, Inc -> Autodesk, Inc.)
HKU\S-1-5-21-16543503-1544822326-733773056-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-16543503-1544822326-733773056-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30885360 2020-03-04] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-16543503-1544822326-733773056-1001\...\Policies\Explorer: []
HKU\S-1-5-21-16543503-1544822326-733773056-1001\...\MountPoints2: {e5a732bf-adfd-11e8-82b0-f0761c20bf72} - "F:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.138\Installer\chrmstp.exe [2020-05-08] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {07DC8E5A-9A39-4EAC-82AB-AB1A1D036B32} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {0D2AFE2D-E9A0-4883-8428-BE56DB77452F} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe
Task: {1FECB8D8-B052-49C7-B509-9E73B4A18701} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [95192 2013-03-09] (CyberLink Corp. -> CyberLink Corp.)
Task: {348EDD69-40AA-4ECA-9BF2-378F87659660} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [17184 2014-05-30] (LENOVO -> Lenovo)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3DA5E246-B598-4256-8F39-F620A500C7A8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {4042179C-DC27-4B91-9E67-3D13ECA039BD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {51774BAC-F899-447F-A7DA-00D5403CDC9B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-26] (Google Inc -> Google Inc.)
Task: {5A3FB241-0B11-4EA5-BC66-0D9F1B406040} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM => {C8367320-6F85-11E0-A1F0-0800200C9A66} C:\WINDOWS\System32\BthTelemetry.dll [32256 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Task: {5E2DB7D2-CC3A-4854-8F69-03F7777927D1} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {65E071F3-7906-4895-AA35-8B4B1CF81480} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3947704 2015-08-14] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {673EA222-0035-4287-B6D6-25F49356BB19} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [33536 2014-05-22] (LENOVO -> )
Task: {6D902F25-8E1D-47F9-8DA8-260CFEB20EE2} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [9944400 2016-06-02] (LENOVO -> Lenovo)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {73F1D0EC-3A81-4E1A-982E-09E7CBD7BC51} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [1321296 2016-06-02] (LENOVO -> Lenovo)
Task: {74A9C0B4-6302-45CD-A804-5B73121FEB82} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {7BFE30BF-A07A-43D5-BDC5-85E7342A33C9} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {7F60C307-954C-43B7-9B96-4725D80A3AF5} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [307144 2016-01-31] (LENOVO -> Lenovo)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {8903F801-8739-4713-A7EA-86E10A740D25} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MpCmdRun.exe [485944 2020-05-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8D585D88-5FAB-4270-B659-1F38FC4B2E7E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {99158400-A145-4B16-A57C-4D29DD6A1D07} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-26] (Google Inc -> Google Inc.)
Task: {A3AFC7D2-31A6-4C1B-BA69-EB343DF13DB6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MpCmdRun.exe [485944 2020-05-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A7345D3A-B30E-4233-9D41-E61E7697045B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MpCmdRun.exe [485944 2020-05-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B5A19765-7B03-4633-9388-1EBE242AF1CD} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe [3271576 2015-11-03] (McAfee, Inc. -> McAfee, Inc.)
Task: {BF2B8CA8-BD59-492E-8EFF-1A48E97F1870} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {CE3138DF-9E85-4E9D-A107-CE9D2389DEB4} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40432 2020-03-04] (Garmin International, Inc. -> )
Task: {D07886D2-ED4A-4B0F-9F0E-2D21957BC1FE} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {D2DFD664-BE13-4DD5-9E1E-C22602F6DC29} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe [263504 2016-06-02] (LENOVO -> )
Task: {DF63276E-DAED-4DF6-94A3-26802377AB02} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {EDB3A1CB-4709-4527-8D3D-15D01BD2C312} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [9944400 2016-06-02] (LENOVO -> Lenovo)
Task: {F13658BD-7EBA-402E-99F6-C1D54AED7C8D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {FDE37DD9-D751-4D0E-BB5F-3EBA6683A444} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MpCmdRun.exe [485944 2020-05-02] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.1.138
Tcpip\..\Interfaces\{171452f2-2c7b-48be-8038-cefe8a1aaeab}: [DhcpNameServer] 150.100.0.10
Tcpip\..\Interfaces\{fb1c4d5c-43da-4202-a44d-705bef2310c7}: [DhcpNameServer] 10.0.1.138

Internet Explorer:
==================
HKU\S-1-5-21-16543503-1544822326-733773056-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-16543503-1544822326-733773056-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-16543503-1544822326-733773056-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKU\S-1-5-21-16543503-1544822326-733773056-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-16543503-1544822326-733773056-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-16543503-1544822326-733773056-1001 -> {C74E9EB8-715A-4C81-BB87-C099562BB1A5} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2020-02-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-20] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2019-12-17] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-22] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File

FireFox:
========
FF HKLM\...\Firefox\Extensions: [light_plugin_F363A72DD7B6435783A76E5F612C9006@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F363A72DD7B6435783A76E5F612C9006@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi => not found
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-11-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Martijn Dansen\AppData\Local\Google\Chrome\User Data\Default [2020-05-11]
CHR Notifications: Default -> hxxps://67.farcaleniom.com; hxxps://aukro.cz
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentace) - C:\Users\Martijn Dansen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
CHR Extension: (Dokumenty) - C:\Users\Martijn Dansen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Disk Google) - C:\Users\Martijn Dansen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-26]
CHR Extension: (YouTube) - C:\Users\Martijn Dansen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-26]
CHR Extension: (Adobe Acrobat) - C:\Users\Martijn Dansen\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-03-05]
CHR Extension: (Tabulky) - C:\Users\Martijn Dansen\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14]
CHR Extension: (Lenovo Password Manager) - C:\Users\Martijn Dansen\AppData\Local\Google\Chrome\User Data\Default\Extensions\geempcnjhccnoepfmahaeemnnfnignab [2016-03-26]
CHR Extension: (Dokumenty Google offline) - C:\Users\Martijn Dansen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Martijn Dansen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-08]
CHR Extension: (Gmail) - C:\Users\Martijn Dansen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-06]
CHR Extension: (Chrome Media Router) - C:\Users\Martijn Dansen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-18]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [geempcnjhccnoepfmahaeemnnfnignab] - C:\Program Files (x86)\Lenovo\Password Manager\chrome_npapi_extension.crx [2014-01-10]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

"MpKslece94296" => service could not be unlocked. <==== ATTENTION
HKLM\SYSTEM\ControlSet001\Services\MpKslece94296 => \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9D21A0A4-65DF-4742-8E53-A5FBCD63BBD6}\MpKslece94296.sys <==== ATTENTION (Rootkit!/Locked Service)

R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1295376 2016-07-01] (Autodesk, Inc -> Autodesk Inc.)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2015-12-24] (Digital Wave Ltd -> Digital Wave Ltd.) [File not signed]
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [81280 2019-10-10] (Mixbyte Inc -> Freemake)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [330144 2015-09-09] (Intel Corporation - pGFX -> Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel® Trusted Connect Service -> Intel(R) Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (LENOVO -> Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-22] (LENOVO -> LENOVO INCORPORATED.)
R2 LenovoSetSvr; C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe [389680 2014-11-11] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-11-11] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-06-02] (LENOVO -> Lenovo)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-05-11] (Malwarebytes Inc -> Malwarebytes)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [288240 2014-11-11] (Lenovo (Beijing) Limited -> Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [305136 2014-11-11] (Lenovo (Beijing) Limited -> Lenovo)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] (CyberLink -> )
R2 RtkBtManServ; C:\WINDOWS\RtkBtManServ.exe [709168 2019-05-20] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.)
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [86544 2016-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R2 valWbioSyncSvc; C:\WINDOWS\system32\valWbioSyncSvc.exe [56848 2016-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\NisSrv.exe [3304992 2020-05-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MsMpEng.exe [103376 2020-05-02] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-10-27] (Microsoft Corporation) [File not signed]
R2 LubFsFlt; C:\windows\System32\Drivers\LubFsFlt.sys [27384 2014-02-22] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
R0 LubSec; C:\WINDOWS\System32\Drivers\LubSec.sys [45304 2014-02-22] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [214496 2020-05-11] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-05-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-05-11] (Malwarebytes Inc -> Malwarebytes)
R1 MpKslDrv; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9D21A0A4-65DF-4742-8E53-A5FBCD63BBD6}\MpKslDrv.sys [43232 2020-05-11] (Microsoft Windows -> Microsoft Corporation)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-05] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-07-22] (Realtek Semiconductor Corp -> Realtek )
R3 RtkBtFilter; C:\WINDOWS\System32\drivers\RtkBtfilter.sys [779104 2019-05-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3057920 2015-06-02] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R3 RTWlanE01; C:\WINDOWS\System32\drivers\rtwlane01.sys [8169472 2019-03-19] (Microsoft Windows -> Realtek Semiconductor Corporation )
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [44216 2015-08-14] (Synaptics Incorporated -> Synaptics Incorporated)
R1 SMIDriver; C:\WINDOWS\system32\DRIVERS\smi.sys [39488 2016-07-13] (Synaptics Inc. -> Synaptics Incorporated)
S3 tbhsd; C:\WINDOWS\system32\drivers\tbhsd.sys [57648 2018-11-19] (Audials AG -> RapidSolution Software AG)
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [87568 2013-07-02] (Intel Corporation - Client Components Group -> Intel Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45960 2020-05-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [394680 2020-05-02] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64944 2020-05-02] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] (CyberLink -> "CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-05-11 22:16 - 2020-05-11 22:21 - 000030248 _____ C:\Users\Martijn Dansen\Documents\FRST.txt
2020-05-11 22:15 - 2020-05-11 22:15 - 000000000 ____D C:\Users\Martijn Dansen\Documents\FRST-OlderVersion
2020-05-11 16:27 - 2020-05-11 16:27 - 000001400 _____ C:\Users\Public\Desktop\Freemake Video Converter.lnk
2020-05-11 16:27 - 2020-05-11 16:27 - 000000000 ____D C:\Users\Martijn Dansen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2020-05-11 16:27 - 2020-05-11 16:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2020-05-11 16:21 - 2020-05-11 16:35 - 000000000 ____D C:\Users\Martijn Dansen\Documents\Freemake Video Converter 4.1.11.17 + Patch Full Version
2020-05-11 16:18 - 2020-05-11 16:19 - 051173019 _____ C:\Users\Martijn Dansen\Documents\Freemake Video Converter 4.1.11.17 + Patch Full Version.rar
2020-05-11 15:44 - 2020-05-11 15:44 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-05-11 15:44 - 2020-05-11 15:44 - 000214496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-05-11 15:20 - 2020-05-11 15:20 - 000002044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-05-11 15:20 - 2020-05-11 15:20 - 000002032 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-05-11 15:19 - 2020-05-11 15:18 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-05-11 15:19 - 2020-05-11 15:17 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-05-11 15:16 - 2020-05-11 15:16 - 000000000 ____D C:\Program Files\Malwarebytes
2020-05-11 14:45 - 2020-05-11 14:45 - 000000000 ____D C:\Users\Martijn Dansen\.fontconfig
2020-05-11 14:41 - 2020-05-11 14:41 - 000000000 ____D C:\Users\Martijn Dansen\AppData\Local\converter
2020-05-11 14:38 - 2020-05-11 14:41 - 000000000 ____D C:\Users\Martijn Dansen\AppData\Local\Movavi
2020-05-11 14:38 - 2020-05-11 14:38 - 000000000 ____D C:\Users\Martijn Dansen\AppData\Local\ConverterAgent
2020-05-11 14:38 - 2020-05-11 14:38 - 000000000 ____D C:\ProgramData\movavi
2020-05-11 14:36 - 2020-05-11 14:36 - 000012734 _____ C:\ProgramData\ziwxpjps.faw
2020-05-11 14:36 - 2020-05-11 14:36 - 000000016 _____ C:\ProgramData\mntemp
2020-05-11 14:26 - 2020-05-11 14:27 - 000000000 ____D C:\Users\Martijn Dansen\Documents\Freemake
2020-05-11 14:24 - 2020-05-11 16:27 - 000000000 ____D C:\Program Files (x86)\Freemake
2020-05-11 14:22 - 2020-05-11 14:22 - 001012168 _____ (Mixbyte Inc. ) C:\Users\Martijn Dansen\Documents\FreemakeVideoConverterSetup_ae5767de-1a3c-908f-f77f-ec28646a07cc.exe
2020-05-11 14:19 - 2020-05-11 17:28 - 2159418702 _____ C:\Users\Martijn Dansen\Downloads\Policie Modrava I - 1.díl Za lepších okolností dvd.rip@.mkv
2020-05-11 13:57 - 2020-05-11 13:57 - 000000000 ___HD C:\OneDriveTemp
2020-04-22 22:25 - 2020-04-22 22:25 - 000000000 ____D C:\Users\Martijn Dansen\.QtWebEngineProcess
2020-04-22 22:25 - 2020-04-22 22:25 - 000000000 ____D C:\Users\Martijn Dansen\.LSC
2020-04-17 21:56 - 2020-04-17 21:56 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-04-17 21:56 - 2020-04-17 21:56 - 019812864 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-04-17 21:56 - 2020-04-17 21:56 - 004129624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-04-17 21:56 - 2020-04-17 21:56 - 002951832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-04-17 21:56 - 2020-04-17 21:56 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-04-17 21:56 - 2020-04-17 21:56 - 001870408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-04-17 21:56 - 2020-04-17 21:56 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-04-17 21:56 - 2020-04-17 21:56 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2020-04-17 21:56 - 2020-04-17 21:56 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-04-17 21:56 - 2020-04-17 21:56 - 001013000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-04-17 21:56 - 2020-04-17 21:56 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2020-04-17 21:56 - 2020-04-17 21:56 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-04-17 21:56 - 2020-04-17 21:56 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-04-17 21:56 - 2020-04-17 21:56 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2020-04-17 21:56 - 2020-04-17 21:56 - 000420152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2020-04-17 21:56 - 2020-04-17 21:56 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2020-04-17 21:56 - 2020-04-17 21:56 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbadmin.exe
2020-04-17 21:56 - 2020-04-17 21:56 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.XamlHost.dll
2020-04-17 21:56 - 2020-04-17 21:56 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.XamlHost.dll
2020-04-17 21:56 - 2020-04-17 21:56 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-04-17 21:55 - 2020-04-17 21:56 - 007017472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 022636544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 019850240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 018027520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 008013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 007756800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 006523048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 005910016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 004611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 003742544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 003512320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSAT.exe
2020-04-17 21:55 - 2020-04-17 21:55 - 002800128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-04-17 21:55 - 2020-04-17 21:55 - 002180408 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 001665216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 001545216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2020-04-17 21:55 - 2020-04-17 21:55 - 001477112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 001413840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 001397576 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-04-17 21:55 - 2020-04-17 21:55 - 001310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 001081856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 001077064 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-04-17 21:55 - 2020-04-17 21:55 - 001009152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 001008128 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowsperformancerecordercontrol.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000785920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-04-17 21:55 - 2020-04-17 21:55 - 000775696 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-04-17 21:55 - 2020-04-17 21:55 - 000768528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000686080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000673704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000673464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-04-17 21:55 - 2020-04-17 21:55 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000647680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2020-04-17 21:55 - 2020-04-17 21:55 - 000538160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2020-04-17 21:55 - 2020-04-17 21:55 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2020-04-17 21:55 - 2020-04-17 21:55 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2020-04-17 21:55 - 2020-04-17 21:55 - 000415760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000381440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\es.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-04-17 21:55 - 2020-04-17 21:55 - 000268008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasrad.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000190048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000187392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasrad.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000185952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000123952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2020-04-17 21:55 - 2020-04-17 21:55 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000093712 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000089336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasacct.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000084280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2020-04-17 21:55 - 2020-04-17 21:55 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Custom.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasacct.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumapi.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumapi.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\iaspolcy.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iaspolcy.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ias.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ias.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000021520 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Custom.ps.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-04-17 21:55 - 2020-04-17 21:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-04-17 21:55 - 2020-04-17 21:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-04-17 21:55 - 2020-04-17 21:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-04-17 21:55 - 2020-04-17 21:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-04-17 21:55 - 2020-04-17 21:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-04-17 21:55 - 2020-04-17 21:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-04-17 21:55 - 2020-04-17 21:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-04-17 21:55 - 2020-04-17 21:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-04-17 21:55 - 2020-04-17 21:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-04-17 21:55 - 2020-04-17 21:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-04-17 21:55 - 2020-04-17 21:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-04-17 21:54 - 2020-04-17 21:54 - 014818816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 009930552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-04-17 21:54 - 2020-04-17 21:54 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 005040640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 003802624 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 003753472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-04-17 21:54 - 2020-04-17 21:54 - 002767928 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 002086656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 001999960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 001729024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 001646048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 001484384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 001368576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 001368576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 001300280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2020-04-17 21:54 - 2020-04-17 21:54 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 001245184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 001153024 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 001055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000993280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000982840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000912896 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000892416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-04-17 21:54 - 2020-04-17 21:54 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2020-04-17 21:54 - 2020-04-17 21:54 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FlightSettings.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000629760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000628616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000618296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-04-17 21:54 - 2020-04-17 21:54 - 000515600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000513576 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000510792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000507152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000491008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000487784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-04-17 21:54 - 2020-04-17 21:54 - 000456504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2020-04-17 21:54 - 2020-04-17 21:54 - 000410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpr.exe
2020-04-17 21:54 - 2020-04-17 21:54 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-04-17 21:54 - 2020-04-17 21:54 - 000277864 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2020-04-17 21:54 - 2020-04-17 21:54 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000259776 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000251704 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000178192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2020-04-17 21:54 - 2020-04-17 21:54 - 000147696 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2020-04-17 21:54 - 2020-04-17 21:54 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3api.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3msm.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000066624 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000058880 _____ C:\WINDOWS\system32\runexehelper.exe
2020-04-17 21:54 - 2020-04-17 21:54 - 000050544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2020-04-17 21:54 - 2020-04-17 21:54 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2020-04-17 21:54 - 2020-04-17 21:54 - 000033080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hwpolicy.sys
2020-04-17 21:54 - 2020-04-17 21:54 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprtPS.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2020-04-17 21:54 - 2020-04-17 21:54 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wksprtPS.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsunattend.exe
2020-04-17 21:54 - 2020-04-17 21:54 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2020-04-17 21:54 - 2020-04-17 21:54 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-04-17 21:53 - 2020-04-17 21:54 - 001243648 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 007849216 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 006168064 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 004563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-04-17 21:53 - 2020-04-17 21:53 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-04-17 21:53 - 2020-04-17 21:53 - 003708928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 003587384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-04-17 21:53 - 2020-04-17 21:53 - 003547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 003109376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 002871608 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2020-04-17 21:53 - 2020-04-17 21:53 - 002717184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-04-17 21:53 - 2020-04-17 21:53 - 002453504 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 002114560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 001960448 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 001945600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 001918976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 001783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 001764336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 001757096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-04-17 21:53 - 2020-04-17 21:53 - 001726264 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 001656904 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 001612800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 001603584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 001512832 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-04-17 21:53 - 2020-04-17 21:53 - 001497600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 001480192 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-04-17 21:53 - 2020-04-17 21:53 - 001427456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 001378528 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 001318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 001261808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 001136128 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 001083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 001011200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000974336 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000915192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-04-17 21:53 - 2020-04-17 21:53 - 000840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000811320 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000759272 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000747320 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000684560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000638480 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-04-17 21:53 - 2020-04-17 21:53 - 000604984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-04-17 21:53 - 2020-04-17 21:53 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000524264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2020-04-17 21:53 - 2020-04-17 21:53 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000465208 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000459688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-04-17 21:53 - 2020-04-17 21:53 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-04-17 21:53 - 2020-04-17 21:53 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\es.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000339304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000231912 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000164368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2020-04-17 21:53 - 2020-04-17 21:53 - 000152408 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000142544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
2020-04-17 21:53 - 2020-04-17 21:53 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000127280 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000115120 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2020-04-17 21:53 - 2020-04-17 21:53 - 000102216 _____ (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe
2020-04-17 21:53 - 2020-04-17 21:53 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Custom.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-04-17 21:53 - 2020-04-17 21:53 - 000071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\keepaliveprovider.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2020-04-17 21:53 - 2020-04-17 21:53 - 000047000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-04-17 21:53 - 2020-04-17 21:53 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
2020-04-17 21:53 - 2020-04-17 21:53 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2020-04-17 21:53 - 2020-04-17 21:53 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Custom.ps.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbservicetrigger.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2020-04-17 21:52 - 2020-04-17 21:53 - 017790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-04-17 21:52 - 2020-04-17 21:52 - 002131456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2020-04-17 21:52 - 2020-04-17 21:52 - 002126144 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2020-04-17 21:52 - 2020-04-17 21:52 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-04-17 21:52 - 2020-04-17 21:52 - 001762816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-04-17 21:52 - 2020-04-17 21:52 - 001719808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2020-04-17 21:52 - 2020-04-17 21:52 - 001413704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2020-04-17 21:52 - 2020-04-17 21:52 - 001263856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2020-04-17 21:52 - 2020-04-17 21:52 - 001127424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2020-04-17 21:52 - 2020-04-17 21:52 - 001071616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2020-04-17 21:52 - 2020-04-17 21:52 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2020-04-17 21:52 - 2020-04-17 21:52 - 000879616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2020-04-17 21:52 - 2020-04-17 21:52 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-04-17 21:52 - 2020-04-17 21:52 - 000722072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2020-04-17 21:52 - 2020-04-17 21:52 - 000654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2020-04-17 21:52 - 2020-04-17 21:52 - 000637240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2020-04-17 21:52 - 2020-04-17 21:52 - 000589384 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2020-04-17 21:52 - 2020-04-17 21:52 - 000437560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2020-04-17 21:52 - 2020-04-17 21:52 - 000416016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2020-04-17 21:52 - 2020-04-17 21:52 - 000355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcApi.dll
2020-04-17 21:52 - 2020-04-17 21:52 - 000297272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2020-04-17 21:52 - 2020-04-17 21:52 - 000278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2020-04-17 21:52 - 2020-04-17 21:52 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2020-04-17 21:52 - 2020-04-17 21:52 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-04-17 21:52 - 2020-04-17 21:52 - 000193848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2020-04-17 21:52 - 2020-04-17 21:52 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2020-04-17 21:52 - 2020-04-17 21:52 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2020-04-17 21:52 - 2020-04-17 21:52 - 000151352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys
2020-04-17 21:52 - 2020-04-17 21:52 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe
2020-04-17 21:52 - 2020-04-17 21:52 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-04-17 21:52 - 2020-04-17 21:52 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2020-04-17 21:52 - 2020-04-17 21:52 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2020-04-17 21:52 - 2020-04-17 21:52 - 000089912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2020-04-17 21:52 - 2020-04-17 21:52 - 000088352 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2020-04-17 21:52 - 2020-04-17 21:52 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2020-04-17 21:52 - 2020-04-17 21:52 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-04-17 21:52 - 2020-04-17 21:52 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2020-04-17 21:52 - 2020-04-17 21:52 - 000059192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2020-04-17 21:52 - 2020-04-17 21:52 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2020-04-17 21:52 - 2020-04-17 21:52 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2020-04-17 21:52 - 2020-04-17 21:52 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcProxyStubs.dll
2020-04-17 21:52 - 2020-04-17 21:52 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-04-17 21:52 - 2020-04-17 21:52 - 000028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\flpydisk.sys
2020-04-17 21:52 - 2020-04-17 21:52 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sfloppy.sys
2020-04-17 21:08 - 2020-03-17 05:57 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-04-17 21:08 - 2020-03-17 05:56 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-04-14 12:29 - 2020-04-14 12:29 - 000000000 ____D C:\Users\Martijn Dansen\Documents\Vlastní šablony Office

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-05-11 22:19 - 2018-10-10 18:01 - 000000000 ____D C:\FRST
2020-05-11 22:15 - 2018-10-10 17:58 - 002285568 _____ (Farbar) C:\Users\Martijn Dansen\Documents\FRST64.exe
2020-05-11 22:07 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-05-11 21:46 - 2019-10-27 05:06 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-05-11 15:56 - 2018-10-10 10:11 - 000000000 ____D C:\Users\Martijn Dansen\AppData\Roaming\PhotoScape
2020-05-11 15:55 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2020-05-11 15:47 - 2015-12-22 08:02 - 000000000 ___RD C:\Users\Martijn Dansen\OneDrive
2020-05-11 15:45 - 2015-12-22 07:56 - 000000000 __SHD C:\Users\Martijn Dansen\IntelGraphicsProfiles
2020-05-11 15:43 - 2019-10-27 11:34 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-05-11 15:43 - 2017-07-24 00:35 - 000000000 ____D C:\ProgramData\Synaptics
2020-05-11 15:41 - 2019-03-19 06:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-05-11 15:19 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-05-11 14:50 - 2020-02-02 17:16 - 000000000 ____D C:\Users\Martijn Dansen\AppData\Local\cache
2020-05-11 14:46 - 2017-08-14 12:13 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2020-05-11 14:45 - 2019-10-27 05:21 - 000000000 ____D C:\Users\Martijn Dansen
2020-05-11 14:15 - 2015-12-21 17:31 - 000000000 ____D C:\Users\Martijn Dansen\Documents\House music
2020-05-11 14:11 - 2020-04-07 22:52 - 000000000 ____D C:\Users\Martijn Dansen\Documents\Trance
2020-05-08 23:42 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-05-08 23:42 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-05-08 22:42 - 2016-03-26 01:04 - 000002312 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-05-08 22:33 - 2020-03-23 22:49 - 000001500 _____ C:\Users\Martijn Dansen\Desktop\Nainstalovat produkt Kaspersky Secure Connection verze 20.0.14.1085.lnk
2020-05-06 19:49 - 2019-10-28 18:54 - 000000000 ____D C:\Users\Martijn Dansen\Desktop\úprava fotek
2020-05-06 11:50 - 2019-02-06 20:20 - 000021504 ____H C:\Users\Martijn Dansen\Desktop\photothumb.db
2020-05-02 21:50 - 2018-03-05 22:37 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-04-26 10:25 - 2020-02-01 19:28 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-04-22 22:28 - 2015-12-21 15:29 - 000000000 ____D C:\Users\Martijn Dansen\AppData\Local\Lenovo
2020-04-22 22:25 - 2016-07-27 11:13 - 000000000 ____D C:\Users\Martijn Dansen\AppData\Roaming\Lenovo
2020-04-18 19:33 - 2019-10-27 05:35 - 001693640 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-04-18 19:33 - 2019-03-19 13:55 - 000718198 _____ C:\WINDOWS\system32\perfh005.dat
2020-04-18 19:33 - 2019-03-19 13:55 - 000145242 _____ C:\WINDOWS\system32\perfc005.dat
2020-04-18 19:26 - 2019-10-27 05:06 - 000581592 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-04-17 23:14 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-04-17 23:14 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2020-04-17 23:14 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-04-17 23:14 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-04-17 23:14 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\Provisioning
2020-04-17 23:14 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-04-17 22:22 - 2013-08-22 15:25 - 000000167 _____ C:\WINDOWS\win.ini
2020-04-17 22:08 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-04-16 22:22 - 2019-10-27 11:34 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-16543503-1544822326-733773056-1001
2020-04-16 22:21 - 2019-10-27 05:21 - 000002395 _____ C:\Users\Martijn Dansen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

==================== Files in the root of some directories ========

2015-11-15 01:32 - 2015-12-22 08:03 - 000012959 _____ () C:\Users\Martijn Dansen\AppData\Roaming\AbsoluteReminder.xml
2015-12-22 08:02 - 2015-12-22 08:02 - 000076976 _____ () C:\Users\Martijn Dansen\AppData\Roaming\LoJackSetup.exe
2015-11-08 11:49 - 2015-12-22 02:56 - 000043222 _____ () C:\Users\Martijn Dansen\AppData\Local\BTServer.log
2018-11-22 14:19 - 2018-11-22 14:22 - 000012800 _____ () C:\Users\Martijn Dansen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-12-22 08:09 - 2015-12-22 08:09 - 008041312 _____ (Absolute Software Corp.) C:\Users\Martijn Dansen\AppData\Local\Setup.exe

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-05-2020
Ran by Martijn Dansen (11-05-2020 22:26:27)
Running from C:\Users\Martijn Dansen\Documents
Windows 10 Home Version 1903 18362.778 (X64) (2019-10-27 09:36:24)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-16543503-1544822326-733773056-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-16543503-1544822326-733773056-503 - Limited - Disabled)
Guest (S-1-5-21-16543503-1544822326-733773056-501 - Limited - Disabled)
Martijn Dansen (S-1-5-21-16543503-1544822326-733773056-1001 - Administrator - Enabled) => C:\Users\Martijn Dansen
WDAGUtilityAccount (S-1-5-21-16543503-1544822326-733773056-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

A360 Desktop (HKLM\...\{7758802D-9486-4883-9927-CCAC366A3BA4}) (Version: 7.2.3.1800 - Autodesk)
ACA & MEP 2017 Object Enabler (HKLM\...\{28B89EEF-0004-0000-5102-CF3F3A09B77D}) (Version: 7.9.45.0 - Autodesk) Hidden
ACAD Private (HKLM\...\{28B89EEF-0001-0000-3102-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 31.0.0.96 - Adobe Systems Incorporated)
ANT Drivers Installer x64 (HKLM\...\{9A9FF300-3725-4934-A0D7-86F109A88ACF}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Audacity 2.3.0 (HKLM-x32\...\Audacity_is1) (Version: 2.3.0 - Audacity Team)
AutoCAD 2017 – Čeština (Czech) (HKLM\...\{28B89EEF-0001-0405-2102-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
AutoCAD 2017 (HKLM\...\{28B89EEF-0001-0000-0102-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
AutoCAD 2017 Language Pack – Čeština (Czech) (HKLM\...\{28B89EEF-0001-0405-1102-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2017 (HKLM-x32\...\{8ED2ED41-4455-449D-993C-751C039089B9}) (Version: 15.11.3.0 - Autodesk)
Autodesk App Manager 2016-2017 (HKLM-x32\...\{C0954809-F5DC-426C-847E-8409DE14E4C0}) (Version: 2.2.0 - Autodesk)
Autodesk AutoCAD 2017 – Čeština (Czech) (HKLM\...\AutoCAD 2017 – Čeština (Czech)) (Version: 21.0.52.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.5 (HKLM-x32\...\{8600F844-9AA5-412E-B6F2-F9C6CBCFD268}) (Version: 1.2.5.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2017 Add-in 64 bit (HKLM\...\{276A67E0-71EB-4827-B5F7-2ACF02BC1A5B}) (Version: 4.37.6853 - Autodesk)
Autodesk License Service (x64) - 3.1 (HKLM\...\{EB6FE58F-8576-4272-BB9C-6B47D9EDFA4D}) (Version: 3.1.26.0 - Autodesk)
Autodesk Material Library 2017 (HKLM-x32\...\{8FB9F735-D64C-4991-8D91-4CDDAB1ABDEE}) (Version: 15.11.3.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2017 (HKLM-x32\...\{3FBFBC43-9882-43FA-B979-2D53896747B3}) (Version: 15.11.3.0 - Autodesk)
Autodesk ReCap 360 (HKLM\...\{5F0F7049-0000-1033-0102-73A6DA3D7FA6}) (Version: 3.0.0.52 - Autodesk) Hidden
Autodesk ReCap 360 (HKLM\...\Autodesk ReCap 360) (Version: 3.0.0.52 - Autodesk)
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Canon MP280 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP280_series) (Version: - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
CyberLink PowerDirector 10 (HKLM\...\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dependency Package Update (HKLM\...\{0788641D-D31A-478D-BB34-C41564AE9F93}) (Version: 1.6.38.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{5252431C-288E-409D-ADCF-24407E0E6F70}) (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{FFED38DF-94DC-4FF9-96C1-A6990EDA6B03}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden
DJ Intro version 1.2.3 (HKLM-x32\...\{36625871-9D4B-4046-A837-677974F51CAC}_is1) (Version: 1.2.3 - Serato Audio Research)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
Elevated Installer (HKLM-x32\...\{9427DAC2-91FD-418E-87D4-8914B437CC06}) (Version: 6.21.0.0 - Garmin Ltd or its subsidiaries) Hidden
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.16 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.16 - Lenovo)
FARO LS 1.1.505.0 (64bit) (HKLM-x32\...\{8834451B-6209-4E02-9EF4-4EF9E3C1F70F}) (Version: 5.5.0.44203 - FARO Scanner Production)
FL Studio 20 (HKLM-x32\...\FL Studio 20) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
FotoMix version 9.2.7 (HKLM-x32\...\{10A0255E-0B73-4397-AB4E-E3667EDA70E4}_is1) (Version: 9.2.7 - Digital Photo Software)
Free Video Flip and Rotate (HKLM-x32\...\Free Video Flip and Rotate_is1) (Version: 2.2.13.1225 - DVDVideoSoft Ltd.)
Freemake Video Converter verze 4.1.11 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.11 - Mixbyte Inc.)
Garmin Express (HKLM-x32\...\{0934EADA-3DAF-4A21-829D-1BB3C315DCB4}) (Version: 6.21.0.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{d3b4366e-9163-44f4-a381-d431031c2841}) (Version: 6.21.0.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 81.0.4044.138 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Hightail for Lenovo (HKLM\...\{2F10E937-F6D7-4174-8AB9-B299E8FC5CEC}) (Version: 2.4.97.2857 - Hightail, Inc.)
Import souborů SketchUp 2016-2017 (HKLM-x32\...\{063925DB-9D8C-48E2-8F04-1B7038B6C783}) (Version: 2.2.0 - Autodesk)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1050 - Intel Corporation)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.25.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10260 - Realtek Semiconductor Corp.)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11103 - Realtek Semiconductor Corp.)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 1.1.12.0 - Lenovo)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2326 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2326 - CyberLink Corp.)
Lenovo Password Manager (HKLM-x32\...\{70EE2BAA-F82A-4B8A-950E-649EFD64D5B9}) (Version: 1.10.8.0 - Lenovo Group Limited)
Lenovo PhoneCompanion (HKLM-x32\...\{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.0 - Lenovo) Hidden
Lenovo PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.0 - Lenovo)
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.) Hidden
Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5108.52 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5108.52 - CyberLink Corp.)
Lenovo Security Suite (HKLM-x32\...\{184F6D30-2A4C-4BDD-85FF-BE4ABBB4232C}) (Version: 1.0.1.15 - Lenovo)
Lenovo Settings (HKLM-x32\...\{42F8AFC3-7944-46CC-9689-94FF9869D0A7}) (Version: 1.0.0.42 - Lenovo) Hidden
Lenovo Settings (HKLM-x32\...\InstallShield_{42F8AFC3-7944-46CC-9689-94FF9869D0A7}) (Version: 1.0.0.42 - Lenovo)
Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 2.0.5.0 - Lenovo Group Limited)
Lenovo Solution Center (HKLM\...\{C1FC707B-AE6B-4DC4-89A5-6628A01F8103}) (Version: 3.3.003.00 - Lenovo)
Lenovo USB Blocker (HKLM-x32\...\{18706F18-ACE4-4510-A59C-104693E7978B}) (Version: 1.0.0.37 - Lenovo) Hidden
Lenovo USB Blocker (HKLM-x32\...\InstallShield_{18706F18-ACE4-4510-A59C-104693E7978B}) (Version: 1.0.0.37 - Lenovo)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-16543503-1544822326-733773056-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Pioneer DDJ_WeGO Driver (HKLM-x32\...\Pioneer DDJ_WeGO ASIO) (Version: 1.100.000.001 - Pioneer DJ Corporation.)
Počítačová aplikace Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 6.2.0.174 - Autodesk)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.)
QuickTime Alternative 3.2.2 (HKLM-x32\...\QuicktimeAlt_is1) (Version: 3.2.2 - )
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.810.812.040814 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.29071 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7525 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.243 - REALTEK Semiconductor Corp.)
rekordbox 4.0.8 (HKLM-x32\...\Pioneer rekordbox 4.0.8) (Version: 4.0.8.0007 - Pioneer DJ)
Serato DJ Pro (HKLM\...\{6D9C225C-C53B-4BD1-84F1-8C601ED422F7}) (Version: 2.0.2.1516 - Serato Limited) Hidden
Serato DJ Pro (HKLM-x32\...\{d0bdbe13-141f-4dc1-bee9-12750c4cab21}) (Version: 2.0.2.1516 - Serato Limited)
Speciální aplikace Autodesk 2016-2017 (HKLM-x32\...\{27C15055-713B-4D0E-881F-19598A2DFD59}) (Version: 2.2.0 - Autodesk)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.7 - Synaptics Incorporated)
Update for Skype for Business 2016 (KB4484286) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{5F64605A-1F38-44BE-BB99-1799A6D11A62}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB4484286) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{5F64605A-1F38-44BE-BB99-1799A6D11A62}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB4484286) 64-Bit Edition (HKLM\...\{90160000-012B-0405-1000-0000000FF1CE}_Office16.PROPLUS_{5F64605A-1F38-44BE-BB99-1799A6D11A62}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
Validity WBF DDK 5011 (HKLM\...\{4D70781C-36A9-4335-9568-565C6F61B5EB}) (Version: 4.5.247.0 - )
Validity WBF DDK 5011 (HKLM\...\{B38B22CB-F5BA-4803-BE59-EDD70D71CB2F}) (Version: 4.5.247.0 - Validity Sensors, Inc.)
Vegas Pro 13.0 (64-bit) (HKLM-x32\...\Vegas Pro 13.0 (64-bit)) (Version: 13.0 (64-bit) - Exµs ™)
VirtualDJ 8 (HKLM-x32\...\{84F87EDF-9361-4B11-ACEC-0D60F744E642}) (Version: 8.2.4291.0 - Atomix Productions)
Windows Driver Package - Lenovo (ACPIVPC) System (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
Windows Movie Maker 2016 (HKLM-x32\...\{3CC29C1A-B5FE-457B-8F22-32A2videowin}}_is1) (Version: - videowinsoft.com)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-07] (Autodesk Inc.)
Dailymotion -> C:\Program Files\WindowsApps\DailymotionSA.Dailymotion_10.2004.10.0_x64__6dqnvyezrysvy [2020-04-30] (Dailymotion)
Evernote -> C:\Program Files\WindowsApps\Evernote.Evernote_6.24.8919.0_x86__q4d96b2w5wcc2 [2020-03-15] (Evernote)
Hightail for Lenovo -> C:\Program Files\WindowsApps\YouSendIt.HighTailForLenovo_1.3.0.1278_neutral__069rkrpjefrbc [2015-12-21] (Hightail)
Lenovo Support -> C:\Program Files\WindowsApps\E046963F.LenovoSupport_2.0.5.0_x86__k1h2ywk1493x8 [2015-12-21] (Lenovo, INC.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2003.10.0_x64__k1h2ywk1493x8 [2020-03-26] (LENOVO INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-04] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-04] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-26] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.5012.0_x64__8wekyb3d8bbwe [2020-05-05] (Microsoft Studios) [MS Ad]
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-12-21] (Microsoft Corporation) [MS Ad]
MSN Gurmánský svět -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-12-21] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-26] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-26] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-26] (Microsoft Corporation) [MS Ad]
MSN Zdraví a fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-12-21] (Microsoft Corporation) [MS Ad]
Phone Companion -> C:\Program Files\WindowsApps\E0469640.DeviceCollaboration_2.0.0.9_x64__5grkq8ppsgwt4 [2015-12-21] (LENOVO INC)
PowerDVD for Lenovo Idea -> C:\Program Files\WindowsApps\CyberLinkCorp.id.PowerDVDforLenovoIdea_1.1.2618.24808_x86__hgg5mn3xps74a [2015-12-21] (CYBERLINK COM CORPORATION)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2020-03-21] (Microsoft Corporation)
The Weather Channel for Lenovo -> C:\Program Files\WindowsApps\Weather.TheWeatherChannelforLenovo_2015.1013.1.0_x64__t3yemqpq4kp7p [2015-12-22] (The Weather Channel.)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2019-08-02] (Microsoft Corporation)
TripAdvisor Hotels Flights Restaurants -> C:\Program Files\WindowsApps\TripAdvisorLLC.TripAdvisorHotelsFlightsRestaurants_1.5.10.0_x64__qj0v5chwq8f2g [2016-11-18] (TripAdvisor LLC)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-14] (Twitter Inc.)
Zinio -> C:\Program Files\WindowsApps\ZinioLLC.Zinio_2.1.0.317_x64__0q6dqzpp40p2e [2015-12-21] (Zinio LLC)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-16543503-1544822326-733773056-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive - Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}0
CustomCLSID: HKU\S-1-5-21-16543503-1544822326-733773056-1001_Classes\CLSID\{0D327DA6-B4DF-4842-B833-2CFF84F0948F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2017\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-16543503-1544822326-733773056-1001_Classes\CLSID\{720DB9AF-D62C-4ED0-A377-429C22312852}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2017\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-16543503-1544822326-733773056-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-16543503-1544822326-733773056-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2017\cs-CZ\acadficn.dll (Autodesk Development Sarl -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2016-02-07] (Autodesk, Inc -> Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2016-02-07] (Autodesk, Inc -> Autodesk)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-04-24] (Lenovo) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-05-11] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [000LenovoFoldersContextMenu] -> {D2DB7BAA-9E12-4640-825C-B1EB36A3809A} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-04-24] (Lenovo) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2015-09-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-05-11] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [msacm.clmp3enc] => C:\Program Files (x86)\Lenovo\Power2Go\CLMP3Enc.ACM [217088 2005-05-14] (CyberLink Corp.) [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2019-09-09 08:13 - 2019-09-09 08:13 - 001364992 _____ ( () [File not signed]) [File is in use ] C:\Program Files (x86)\Garmin\Express\CefSharp.Core.dll
2020-03-04 12:22 - 2020-03-04 12:22 - 000073216 _____ ( () [File not signed]) [File is in use ] C:\Program Files (x86)\Garmin\Express\FixBootSector.dll
2017-05-08 10:35 - 2017-05-08 10:35 - 000325632 _____ ( () [File not signed]) [File is in use ] C:\Program Files (x86)\Garmin\Express\GpsImgWrapper.dll
2020-03-04 12:22 - 2020-03-04 12:22 - 002711552 _____ ( (Garmin International) [File not signed]) [File is in use ] C:\Program Files (x86)\Garmin\Express\legacyio.dll
2016-10-24 22:20 - 2014-09-03 02:29 - 000950272 _____ () [File not signed] C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\ffmpegsumo.dll
2016-10-24 22:20 - 2014-09-03 02:29 - 000134144 _____ () [File not signed] C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\libegl.dll
2016-10-24 22:20 - 2014-09-03 02:29 - 000912384 _____ () [File not signed] C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\libglesv2.dll
2020-05-11 16:26 - 2018-07-30 11:43 - 014447630 _____ () [File not signed] C:\Program Files (x86)\Freemake\COM\1.1\avcodec-54.dll
2020-05-11 16:26 - 2018-07-30 11:43 - 003028494 _____ () [File not signed] C:\Program Files (x86)\Freemake\COM\1.1\avformat-54.dll
2020-05-11 16:26 - 2018-07-30 11:43 - 000138766 _____ () [File not signed] C:\Program Files (x86)\Freemake\COM\1.1\avresample-1.dll
2020-05-11 16:26 - 2018-07-30 11:43 - 000190990 _____ () [File not signed] C:\Program Files (x86)\Freemake\COM\1.1\avutil-52.dll
2020-05-11 16:26 - 2018-07-30 11:43 - 000054182 _____ () [File not signed] C:\Program Files (x86)\Freemake\COM\1.1\libdvdcss-2.dll
2020-05-11 16:26 - 2018-07-30 11:43 - 000234717 _____ () [File not signed] C:\Program Files (x86)\Freemake\COM\1.1\libdvdnav.dll
2020-05-11 16:26 - 2018-07-30 11:43 - 000333838 _____ () [File not signed] C:\Program Files (x86)\Freemake\COM\1.1\swscale-2.dll
2020-05-11 16:26 - 2018-07-30 11:43 - 001078557 _____ () [File not signed] C:\Program Files (x86)\Freemake\COM\1.1\xvidcore.dll
2019-07-27 09:57 - 2019-07-27 09:57 - 096071680 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\libcef.dll
2020-03-04 12:22 - 2020-03-04 12:22 - 001976832 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Garmin\Express\XercesLib.dll
2018-10-10 20:37 - 2015-12-25 20:19 - 000044392 _____ (Digital Wave Ltd -> ) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2018-10-10 20:37 - 2015-12-25 20:19 - 000104296 _____ (Digital Wave Ltd -> ) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2018-10-10 20:37 - 2015-12-25 20:19 - 000020328 _____ (Digital Wave Ltd -> ) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2018-10-10 20:37 - 2015-12-24 17:34 - 000253800 _____ (Digital Wave Ltd -> ) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2018-10-10 20:37 - 2015-12-25 20:19 - 000295272 _____ (Digital Wave Ltd -> ) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2018-10-10 20:37 - 2015-12-25 20:19 - 000110952 _____ (Digital Wave Ltd -> ) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2018-10-10 20:37 - 2015-12-24 17:34 - 000290152 _____ (Digital Wave Ltd -> DVDVideoSoft Ltd.) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\dlmgr.dll
2018-10-10 20:37 - 2015-12-25 20:19 - 000125288 _____ (Digital Wave Ltd -> DVDVideoSoft Ltd.) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\tier0.dll
2018-10-10 20:37 - 2015-12-24 16:13 - 000196968 _____ (Digital Wave Ltd -> DVDVideoSoft Ltd.) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\updhelperlib.dll
2018-10-10 20:38 - 2015-12-24 17:34 - 000771432 _____ (Digital Wave Ltd -> Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\MSVCR100.dll
2018-10-10 20:37 - 2015-12-24 17:34 - 000286056 _____ (Digital Wave Ltd -> The cURL library, hxxp://curl.haxx.se/) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\libcurl.dll
2018-10-10 20:37 - 2015-12-24 17:34 - 001160552 _____ (Digital Wave Ltd -> The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\LIBEAY32.dll
2018-10-10 20:37 - 2015-12-24 17:34 - 000272232 _____ (Digital Wave Ltd -> The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\SSLEAY32.dll
2020-03-04 12:25 - 2020-03-04 12:25 - 000234496 _____ (Dynastream Innovations Inc.) [File not signed] C:\Program Files (x86)\Garmin\Express\ANT_WrappedLib.dll
2017-05-08 10:35 - 2017-05-08 10:35 - 000343552 _____ (Garmin International, Inc.) [File not signed] C:\Program Files (x86)\Garmin\Express\IMG_GPSMAP.dll
2020-03-04 12:22 - 2020-03-04 12:22 - 000425472 _____ (Garmin) [File not signed] C:\Program Files (x86)\Garmin\Express\XMLdll.dll
2014-11-11 16:54 - 2014-11-11 16:54 - 000096256 _____ (Google, inc) [File not signed] C:\Program Files\Lenovo PhoneCompanion\AdbWinApi.dll
2014-11-11 16:54 - 2014-11-11 16:54 - 000060928 _____ (Google, inc) [File not signed] C:\Program Files\Lenovo PhoneCompanion\AdbWinUsbApi.dll
2020-05-11 16:26 - 2018-07-30 11:43 - 000573440 _____ (hxxp://www.id3lib.org/) [File not signed] C:\Program Files (x86)\Freemake\COM\1.1\id3lib.dll
2014-11-11 16:35 - 2014-04-24 03:04 - 000094208 _____ (Lenovo) [File not signed] C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll
2020-05-11 16:27 - 2017-12-23 16:18 - 004594176 _____ (MediaArea.net) [File not signed] C:\Program Files (x86)\Freemake\Freemake Video Converter\mediainfo.DLL
2014-11-11 16:50 - 2014-11-11 16:50 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Lenovo\PowerDVD10\MSVCR71.dll
2020-03-04 12:23 - 2020-03-04 12:23 - 000090112 _____ (Silicon Laboratories, Inc.) [File not signed] C:\Program Files (x86)\Garmin\Express\DSI_SiUSBXp_3_1.DLL
2019-07-27 09:57 - 2019-07-27 09:57 - 000762368 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Garmin\Express\chrome_elf.dll
2016-10-24 22:20 - 2014-09-03 02:29 - 009994752 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\icudt.dll
2020-05-11 16:26 - 2018-07-30 11:43 - 000105016 _____ (Un4seen Developments) [File not signed] C:\Program Files (x86)\Freemake\COM\1.1\BASS.dll
2020-05-11 16:26 - 2018-07-30 11:43 - 000421888 _____ (www.freemake.com) [File not signed] C:\Program Files (x86)\Freemake\COM\1.1\FMMediaFormats.DLL
2020-05-11 16:26 - 2018-07-30 11:45 - 000831488 _____ (www.freemake.com) [File not signed] C:\Program Files (x86)\Freemake\COM\1.1\FMMediaSource.dll
2020-05-11 16:26 - 2018-07-30 11:47 - 000311808 _____ (www.freemake.com) [File not signed] C:\Program Files (x86)\Freemake\COM\1.1\FMMediaUtils.dll
2020-05-11 16:26 - 2018-07-30 11:47 - 000223744 _____ (www.freemake.com) [File not signed] C:\Program Files (x86)\Freemake\COM\1.1\FMPlayerLib.dll
2020-05-11 16:26 - 2018-07-30 11:44 - 000466944 _____ (www.freemake.com) [File not signed] C:\Program Files (x86)\Freemake\COM\1.1\FMTransformBase.DLL
2020-05-11 16:26 - 2018-07-30 11:46 - 002557952 _____ (www.freemake.com) [File not signed] C:\Program Files (x86)\Freemake\COM\1.1\FMVideoConverter.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-16543503-1544822326-733773056-1001\Software\Classes\.scr: AutoCADScriptFile =>

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Lenovo\FusionEngine;C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin;C:\Program Files (x86)\Lenovo\Password Manager\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\QuickTime Alternative\QTSystem
HKU\S-1-5-21-16543503-1544822326-733773056-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Martijn Dansen\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 10.0.1.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{333B43E8-02B4-486B-8580-DBF56F72C44C}C:\program files (x86)\pioneer\rekordbox 4.0.8\rekordbox.exe] => (Block) C:\program files (x86)\pioneer\rekordbox 4.0.8\rekordbox.exe (Pioneer DJ Corporation -> Pioneer DJ Corporation)
FirewallRules: [TCP Query User{9EFA7C47-A890-4A20-931C-2404FC9A6744}C:\program files (x86)\pioneer\rekordbox 4.0.8\rekordbox.exe] => (Block) C:\program files (x86)\pioneer\rekordbox 4.0.8\rekordbox.exe (Pioneer DJ Corporation -> Pioneer DJ Corporation)
FirewallRules: [UDP Query User{1EE190B0-30AC-4A35-B4C1-0E63CF6D788C}C:\program files (x86)\pioneer\rekordbox 4.0.8\psvlinksysmgr.exe] => (Block) C:\program files (x86)\pioneer\rekordbox 4.0.8\psvlinksysmgr.exe (Pioneer DJ Corporation -> Pioneer DJ Corporation.)
FirewallRules: [TCP Query User{88706FAD-940C-4A6C-8BFC-BCC46CB144A1}C:\program files (x86)\pioneer\rekordbox 4.0.8\psvlinksysmgr.exe] => (Block) C:\program files (x86)\pioneer\rekordbox 4.0.8\psvlinksysmgr.exe (Pioneer DJ Corporation -> Pioneer DJ Corporation.)
FirewallRules: [UDP Query User{CF2BC994-18E1-4EF3-BCE0-FA46ABE08E0A}C:\program files (x86)\pioneer\rekordbox 4.0.8\psvnfsd.exe] => (Block) C:\program files (x86)\pioneer\rekordbox 4.0.8\psvnfsd.exe (Pioneer DJ Corporation -> Pioneer Corporation.)
FirewallRules: [TCP Query User{62C58CDD-4E89-41B2-BB6C-594C9158AD91}C:\program files (x86)\pioneer\rekordbox 4.0.8\psvnfsd.exe] => (Block) C:\program files (x86)\pioneer\rekordbox 4.0.8\psvnfsd.exe (Pioneer DJ Corporation -> Pioneer Corporation.)
FirewallRules: [{0E4E6EA4-C2D9-4A43-A861-C2E72CBC83CE}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)
FirewallRules: [{BD6D5100-2C28-43F4-A417-14D7E1126892}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)
FirewallRules: [{BCCA17C0-86B3-489C-A76A-C54AF7806301}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{93B6D3C4-3FFF-4486-9510-96D5B0137D84}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{301C6BDF-FAEF-4785-9FDB-A42642A43C04}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{77389479-7DEB-454F-9749-DC95CD358DFB}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{E8F36E7B-DA3B-489B-9E77-6A814F66D902}] => (Allow) LPort=55100
FirewallRules: [{10DA5D2C-367C-4E26-BA81-41BA9DA0DD4B}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe (Lenovo (Beijing) Limited -> Lenovo)
FirewallRules: [{08D73FE4-46A6-4310-82F0-A014A48820E2}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{74F8FB32-5EB3-4951-AC4B-BF2FBA3CF46D}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{676F7BF2-5363-4EFD-9F2B-B525D8E0BC9D}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C2D77245-6AE5-4B00-A20A-C82848F47D6C}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{C53F9BE2-C622-4A66-86BA-666DE28BC031}C:\program files\openshot video editor\launch.exe] => (Block) C:\program files\openshot video editor\launch.exe () [File not signed]
FirewallRules: [UDP Query User{2F7B48E7-2CA6-46A4-B104-13AE04984FEF}C:\program files\openshot video editor\launch.exe] => (Block) C:\program files\openshot video editor\launch.exe () [File not signed]
FirewallRules: [{26D0F16B-CA73-48D5-8BC6-331C08DE67DC}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6391054D-EBB5-4BA7-8E28-D373D21BEA98}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8C0BE24B-4B31-45DA-BD66-BFB457F5A0E7}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8CBB64FD-EE23-4384-876E-3F4314A18E4A}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{15059945-FEF6-434A-A52A-DB7A22A9ED1B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

28-04-2020 21:31:07 Naplánovaný kontrolní bod
09-05-2020 10:13:03 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (05/11/2020 10:09:58 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5212,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/11/2020 07:48:23 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (11112,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/11/2020 05:01:04 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3320,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/11/2020 04:48:11 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (708,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/11/2020 04:27:54 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4740,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/11/2020 03:43:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FreemakeUtilsService.exe, verze: 1.0.0.0, časové razítko: 0x5d9eba8a
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.18362.778, časové razítko: 0x692cf0ab
Kód výjimky: 0xe0434352
Posun chyby: 0x00114192
ID chybujícího procesu: 0xc2c
Čas spuštění chybující aplikace: 0x01d6279a33de7d56
Cesta k chybující aplikaci: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 7bfe7347-18ff-4cb7-af01-56700e5cf54f
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/11/2020 03:43:51 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: FreemakeUtilsService.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.IO.FileNotFoundException
na FreemakeUtilsService.Program.Main(System.String[])

Error: (05/11/2020 03:41:17 PM) (Source: BiometricSensorDataSynchronization) (EventID: 1) (User: )
Description: BiometricSensorDataSynchronization EvtOpenChannelConfig failed with 00000139f

System errors:
=============
Error: (05/11/2020 03:47:48 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {784E29F4-5EBE-4279-9948-1E8FE941646D} se v daném časovém limitu neregistroval u služby DCOM.

Error: (05/11/2020 03:45:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (05/11/2020 03:45:10 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Windows Presentation Foundation Font Cache 3.0.0.0 bylo dosaženo časového limitu (30000 ms).

Error: (05/11/2020 03:44:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Freemake Improver neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (05/11/2020 03:44:05 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Freemake Improver bylo dosaženo časového limitu (45000 ms).

Error: (05/11/2020 03:41:02 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Windows Update se po přijetí pokynu pro vypnutí neukončila správně.

Error: (05/11/2020 03:40:46 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Propojená uživatelská prostředí a telemetrie se po přijetí pokynu pro vypnutí neukončila správně.

Error: (05/11/2020 02:40:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Freemake Improver neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Windows Defender:
===================================
Date: 2020-05-11 15:06:35.667
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.D!ml
ID: 2147749373
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: containerfile:_C:\Users\Martijn Dansen\Documents\setup_movavi video suite 20_7447927388.iso; file:_C:\Users\Martijn Dansen\Documents\setup_movavi video suite 20_7447927388.iso->setup_movavi video suite 20_7447927388.exe; webfile:_C:\Users\Martijn Dansen\Documents\setup_movavi video suite 20_7447927388.iso|https://cuviqoy.live/31465c0ae32b39c47c ... 8408883161
Původ detekce: Internet
Typ detekce: FastPath
Zdroj detekce: Soubory ke stažení a přílohy
Uživatel: Lenovo-PC\Martijn Dansen
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.315.374.0, AS: 1.315.374.0, NIS: 1.315.374.0
Verze modulu: AM: 1.1.17000.7, NIS: 1.1.17000.7

Date: 2020-04-27 14:57:06.748
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {47CC0290-FBDA-4B63-B774-A368F2BA7C8D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-04-14 11:25:49.017
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {30D71C16-95C0-428D-BFA8-0774D286F01E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-03-05 13:29:50.189
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {A39BE47D-2CB3-42D1-B255-89D1C35E69C8}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-02-23 20:52:07.946
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {B042FF34-8758-417B-9ACD-CE6316CF53C3}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-04-27 14:25:45.707
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.313.2410.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16900.4
Kód chyby: 0x80240022
Popis chyby: V daném programu nelze zkontrolovat aktualizace definic.

Date: 2020-04-27 14:25:45.705
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.313.2410.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16900.4
Kód chyby: 0x80240022
Popis chyby: V daném programu nelze zkontrolovat aktualizace definic.

Date: 2020-04-26 10:31:55.817
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.313.2267.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16900.4
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2020-04-21 22:53:51.505
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.313.1895.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16900.4
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2020-04-21 22:53:51.502
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.313.1895.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16900.4
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

CodeIntegrity:
===================================

Date: 2020-05-11 20:44:28.966
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Autodesk\Autodesk Sync\AdSyncNamespace.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-05-11 20:44:28.706
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Autodesk\Autodesk Sync\AdSyncNamespace.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-05-11 20:44:28.655
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Autodesk\Autodesk Sync\AdSyncNamespace.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-05-11 20:44:28.530
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Autodesk\Autodesk Sync\AdSyncNamespace.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-05-11 15:34:08.597
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Autodesk\Autodesk Sync\AdSyncNamespace.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-05-11 15:34:07.888
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Autodesk\Autodesk Sync\AdSyncNamespace.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-05-11 15:34:07.116
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Autodesk\Autodesk Sync\AdSyncNamespace.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-05-11 15:34:06.756
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Autodesk\Autodesk Sync\AdSyncNamespace.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

BIOS: LENOVO 9CCN27WW(V2.05) 08/29/2014
Motherboard: LENOVO Lenovo B50-30
Processor: Intel(R) Celeron(R) CPU N2840 @ 2.16GHz
Percentage of memory in use: 86%
Total physical RAM: 3978.19 MB
Available physical RAM: 552.77 MB
Total Virtual: 5706.19 MB
Available Virtual: 863.63 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:424.48 GB) (Free:34.29 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:21.79 GB) NTFS

\\?\Volume{ee41a75a-e715-4fe8-99af-dadd67dabd2e}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.68 GB) NTFS
\\?\Volume{5ec9c95a-fbbf-41a1-b7f9-ad4e6dc9ff54}\ (PBR_DRV) (Fixed) (Total:13.95 GB) (Free:4.58 GB) NTFS
\\?\Volume{2a4504a6-1a8a-4340-93c1-4eadc880353a}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 7DB55890)

Partition: GPT.

==================== End of Addition.txt =======================

#2 Příspěvek od **Conder** » 12 kvě 2020 00:08

Ahoj

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

Uloz na plochu a ukonci vsetky programy
Spusti AdwCleaner ako spravca
Odsuhlas licencne podmienky
Klikni na Spustit skenovani a pockaj na dokoncenie
V pripade nalezov nechaj vsetky nalezy oznacene a klikni na Karantena (ak nie su ziadne nalezy, tak na Spustit zakladni opravu)
V pripade, ze sa detekuje aj "predinstalovany software", tieto programy mozes, ale nemusis zmazat (toto nie su skodlive programy, ale iba zbytocnosti)
Potvrd vyzvu, pockaj na dokoncenie a potvrd restartovanie PC
Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
Otvori sa log, jeho obsah skopiruj a vloz do dalsej odpovede

jedlatko · #3 Příspěvek od **jedlatko** » 12 kvě 2020 07:34

Zdravím, zasílám log z ADW:

# -------------------------------
# Malwarebytes AdwCleaner 8.0.4.0
# -------------------------------
# Build: 04-03-2020
# Database: 2020-04-08.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-12-2020
# Duration: 00:00:32
# OS: Windows 10 Home
# Cleaned: 7
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Seznam.cz
Deleted C:\Users\Martijn Dansen\AppData\Roaming\Seznam.cz
Deleted C:\Windows\ServiceProfiles\LocalService\AppData\Local\Pokki
Deleted C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Pokki

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Seznam.cz
Deleted HKCU\Software\Sunisoft
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|ProductUpdater

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2690 octets] - [10/10/2018 18:47:11]
AdwCleaner[C00].txt - [2564 octets] - [10/10/2018 18:51:28]
AdwCleaner[S01].txt - [8077 octets] - [12/05/2020 08:22:27]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

#4 Příspěvek od **Conder** » 12 kvě 2020 20:45

Poprosim o obidva nove logy z FRST.

jedlatko · #5 Příspěvek od **jedlatko** » 12 kvě 2020 21:45

Ahoj,

zasílám log z FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-05-2020
Ran by Martijn Dansen (administrator) on LENOVO-PC (LENOVO 20382) (12-05-2020 22:24:24)
Running from C:\Users\Martijn Dansen\Documents
Loaded Profiles: Martijn Dansen
Platform: Windows 10 Home Version 1903 18362.778 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\Lenovo PhoneCompanion\adb.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Autodesk, Inc -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Autodesk, Inc -> Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe <3>
(Autodesk, Inc -> Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
(CyberLink -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Digital Wave Ltd -> Digital Wave Ltd.) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Fortemedia Inc. -> ) C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express\express.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <16>
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe
(Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Lenovo (Beijing) Limited -> Lenovo) C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe
(Lenovo (Beijing) Limited -> Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
(LENOVO -> LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(LENOVO -> Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Lenovo Information Products (Shenzhen) Co.,Ltd -> Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\password_manager.exe
(Lenovo Information Products (Shenzhen) Co.,Ltd -> Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_desktop.exe
(Lenovo Information Products (Shenzhen) Co.,Ltd -> Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_metro.exe
(Lenovo Information Products (Shenzhen) Co.,Ltd -> Lenovo Group Limited) C:\Program Files\Lenovo\Password Manager\password_manager.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Martijn Dansen\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12624.20368.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.20022.11011.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Program Files\Synaptics\SynFP\Shared\SensorDBSynch.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWbioSyncSvc.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2004.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2004.6-0\NisSrv.exe
(Mixbyte Inc -> Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp -> Realtek semiconductor) C:\Windows\RTFTrack.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [9308416 2015-06-02] (Realtek Semiconductor Corp -> Realtek semiconductor)
HKLM\...\Run: [PasswordManager] => C:\Program Files\Lenovo\Password Manager\password_manager.exe [1622072 2014-01-10] (Lenovo Information Products (Shenzhen) Co.,Ltd -> Lenovo Group Limited)
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [836592 2014-11-11] (Lenovo (Beijing) Limited -> Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-11-11] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10973168 2014-11-11] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3947704 2015-08-14] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-07] (CyberLink -> CyberLink Corp.)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [721856 2016-07-01] (Autodesk, Inc -> Autodesk, Inc.)
HKU\S-1-5-21-16543503-1544822326-733773056-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1283112 2016-02-02] (Autodesk, Inc -> Autodesk, Inc.)
HKU\S-1-5-21-16543503-1544822326-733773056-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-16543503-1544822326-733773056-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30885360 2020-03-04] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-16543503-1544822326-733773056-1001\...\Policies\Explorer: []
HKU\S-1-5-21-16543503-1544822326-733773056-1001\...\MountPoints2: {e5a732bf-adfd-11e8-82b0-f0761c20bf72} - "F:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.138\Installer\chrmstp.exe [2020-05-08] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {07DC8E5A-9A39-4EAC-82AB-AB1A1D036B32} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {0D2AFE2D-E9A0-4883-8428-BE56DB77452F} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe
Task: {1FECB8D8-B052-49C7-B509-9E73B4A18701} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [95192 2013-03-09] (CyberLink Corp. -> CyberLink Corp.)
Task: {348EDD69-40AA-4ECA-9BF2-378F87659660} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [17184 2014-05-30] (LENOVO -> Lenovo)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3DA5E246-B598-4256-8F39-F620A500C7A8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {4042179C-DC27-4B91-9E67-3D13ECA039BD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {51774BAC-F899-447F-A7DA-00D5403CDC9B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-26] (Google Inc -> Google Inc.)
Task: {5A3FB241-0B11-4EA5-BC66-0D9F1B406040} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM => {C8367320-6F85-11E0-A1F0-0800200C9A66} C:\WINDOWS\System32\BthTelemetry.dll [32256 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Task: {5E2DB7D2-CC3A-4854-8F69-03F7777927D1} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {65E071F3-7906-4895-AA35-8B4B1CF81480} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3947704 2015-08-14] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {673EA222-0035-4287-B6D6-25F49356BB19} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [33536 2014-05-22] (LENOVO -> )
Task: {6D902F25-8E1D-47F9-8DA8-260CFEB20EE2} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [9944400 2016-06-02] (LENOVO -> Lenovo)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {73F1D0EC-3A81-4E1A-982E-09E7CBD7BC51} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [1321296 2016-06-02] (LENOVO -> Lenovo)
Task: {74A9C0B4-6302-45CD-A804-5B73121FEB82} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {7BFE30BF-A07A-43D5-BDC5-85E7342A33C9} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {7F60C307-954C-43B7-9B96-4725D80A3AF5} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [307144 2016-01-31] (LENOVO -> Lenovo)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {8903F801-8739-4713-A7EA-86E10A740D25} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MpCmdRun.exe [485944 2020-05-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8D585D88-5FAB-4270-B659-1F38FC4B2E7E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {99158400-A145-4B16-A57C-4D29DD6A1D07} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-26] (Google Inc -> Google Inc.)
Task: {A3AFC7D2-31A6-4C1B-BA69-EB343DF13DB6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MpCmdRun.exe [485944 2020-05-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A7345D3A-B30E-4233-9D41-E61E7697045B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MpCmdRun.exe [485944 2020-05-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B5A19765-7B03-4633-9388-1EBE242AF1CD} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe [3271576 2015-11-03] (McAfee, Inc. -> McAfee, Inc.)
Task: {BF2B8CA8-BD59-492E-8EFF-1A48E97F1870} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {CE3138DF-9E85-4E9D-A107-CE9D2389DEB4} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40432 2020-03-04] (Garmin International, Inc. -> )
Task: {D07886D2-ED4A-4B0F-9F0E-2D21957BC1FE} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {D2DFD664-BE13-4DD5-9E1E-C22602F6DC29} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe [263504 2016-06-02] (LENOVO -> )
Task: {DF63276E-DAED-4DF6-94A3-26802377AB02} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {EDB3A1CB-4709-4527-8D3D-15D01BD2C312} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [9944400 2016-06-02] (LENOVO -> Lenovo)
Task: {F13658BD-7EBA-402E-99F6-C1D54AED7C8D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {FDE37DD9-D751-4D0E-BB5F-3EBA6683A444} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MpCmdRun.exe [485944 2020-05-02] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.1.138
Tcpip\..\Interfaces\{171452f2-2c7b-48be-8038-cefe8a1aaeab}: [DhcpNameServer] 150.100.0.10
Tcpip\..\Interfaces\{fb1c4d5c-43da-4202-a44d-705bef2310c7}: [DhcpNameServer] 10.0.1.138

Internet Explorer:
==================
HKU\S-1-5-21-16543503-1544822326-733773056-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-16543503-1544822326-733773056-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-16543503-1544822326-733773056-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKU\S-1-5-21-16543503-1544822326-733773056-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-16543503-1544822326-733773056-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-16543503-1544822326-733773056-1001 -> {C74E9EB8-715A-4C81-BB87-C099562BB1A5} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2020-02-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-20] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2019-12-17] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-22] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File

FireFox:
========
FF HKLM\...\Firefox\Extensions: [light_plugin_F363A72DD7B6435783A76E5F612C9006@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F363A72DD7B6435783A76E5F612C9006@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi => not found
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-11-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Martijn Dansen\AppData\Local\Google\Chrome\User Data\Default [2020-05-12]
CHR Notifications: Default -> hxxps://67.farcaleniom.com; hxxps://aukro.cz
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentace) - C:\Users\Martijn Dansen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
CHR Extension: (Dokumenty) - C:\Users\Martijn Dansen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Disk Google) - C:\Users\Martijn Dansen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-26]
CHR Extension: (YouTube) - C:\Users\Martijn Dansen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-26]
CHR Extension: (Adobe Acrobat) - C:\Users\Martijn Dansen\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-03-05]
CHR Extension: (Tabulky) - C:\Users\Martijn Dansen\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14]
CHR Extension: (Lenovo Password Manager) - C:\Users\Martijn Dansen\AppData\Local\Google\Chrome\User Data\Default\Extensions\geempcnjhccnoepfmahaeemnnfnignab [2016-03-26]
CHR Extension: (Dokumenty Google offline) - C:\Users\Martijn Dansen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Martijn Dansen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-08]
CHR Extension: (Gmail) - C:\Users\Martijn Dansen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-06]
CHR Extension: (Chrome Media Router) - C:\Users\Martijn Dansen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-18]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [geempcnjhccnoepfmahaeemnnfnignab] - C:\Program Files (x86)\Lenovo\Password Manager\chrome_npapi_extension.crx [2014-01-10]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1295376 2016-07-01] (Autodesk, Inc -> Autodesk Inc.)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2015-12-24] (Digital Wave Ltd -> Digital Wave Ltd.) [File not signed]
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [81280 2019-10-10] (Mixbyte Inc -> Freemake)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [330144 2015-09-09] (Intel Corporation - pGFX -> Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel® Trusted Connect Service -> Intel(R) Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (LENOVO -> Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-22] (LENOVO -> LENOVO INCORPORATED.)
R2 LenovoSetSvr; C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe [389680 2014-11-11] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-11-11] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-06-02] (LENOVO -> Lenovo)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-05-11] (Malwarebytes Inc -> Malwarebytes)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [288240 2014-11-11] (Lenovo (Beijing) Limited -> Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [305136 2014-11-11] (Lenovo (Beijing) Limited -> Lenovo)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] (CyberLink -> )
R2 RtkBtManServ; C:\WINDOWS\RtkBtManServ.exe [709168 2019-05-20] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.)
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [86544 2016-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R2 valWbioSyncSvc; C:\WINDOWS\system32\valWbioSyncSvc.exe [56848 2016-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\NisSrv.exe [3304992 2020-05-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MsMpEng.exe [103376 2020-05-02] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-10-27] (Microsoft Corporation) [File not signed]
R2 LubFsFlt; C:\windows\System32\Drivers\LubFsFlt.sys [27384 2014-02-22] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
R0 LubSec; C:\WINDOWS\System32\Drivers\LubSec.sys [45304 2014-02-22] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [214496 2020-05-12] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-05-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-05-12] (Malwarebytes Inc -> Malwarebytes)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-05] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-07-22] (Realtek Semiconductor Corp -> Realtek )
R3 RtkBtFilter; C:\WINDOWS\System32\drivers\RtkBtfilter.sys [779104 2019-05-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3057920 2015-06-02] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R3 RTWlanE01; C:\WINDOWS\System32\drivers\rtwlane01.sys [8169472 2019-03-19] (Microsoft Windows -> Realtek Semiconductor Corporation )
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [44216 2015-08-14] (Synaptics Incorporated -> Synaptics Incorporated)
R1 SMIDriver; C:\WINDOWS\system32\DRIVERS\smi.sys [39488 2016-07-13] (Synaptics Inc. -> Synaptics Incorporated)
S3 tbhsd; C:\WINDOWS\system32\drivers\tbhsd.sys [57648 2018-11-19] (Audials AG -> RapidSolution Software AG)
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [87568 2013-07-02] (Intel Corporation - Client Components Group -> Intel Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45960 2020-05-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [394680 2020-05-02] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64944 2020-05-02] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] (CyberLink -> "CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-05-12 08:30 - 2020-05-12 08:30 - 000214496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-05-12 08:29 - 2020-05-12 08:29 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-05-12 08:23 - 2020-05-12 08:23 - 000000000 ___HD C:\OneDriveTemp
2020-05-12 08:18 - 2020-05-12 08:18 - 008196784 _____ (Malwarebytes) C:\Users\Martijn Dansen\Desktop\adwcleaner_8.0.4.exe
2020-05-11 22:16 - 2020-05-12 22:27 - 000029086 _____ C:\Users\Martijn Dansen\Documents\FRST.txt
2020-05-11 22:15 - 2020-05-11 22:15 - 000000000 ____D C:\Users\Martijn Dansen\Documents\FRST-OlderVersion
2020-05-11 16:27 - 2020-05-11 16:27 - 000001400 _____ C:\Users\Public\Desktop\Freemake Video Converter.lnk
2020-05-11 16:27 - 2020-05-11 16:27 - 000000000 ____D C:\Users\Martijn Dansen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2020-05-11 16:27 - 2020-05-11 16:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2020-05-11 16:21 - 2020-05-11 16:35 - 000000000 ____D C:\Users\Martijn Dansen\Documents\Freemake Video Converter 4.1.11.17 + Patch Full Version
2020-05-11 16:18 - 2020-05-11 16:19 - 051173019 _____ C:\Users\Martijn Dansen\Documents\Freemake Video Converter 4.1.11.17 + Patch Full Version.rar
2020-05-11 15:20 - 2020-05-11 15:20 - 000002044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-05-11 15:20 - 2020-05-11 15:20 - 000002032 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-05-11 15:19 - 2020-05-11 15:18 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-05-11 15:19 - 2020-05-11 15:17 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-05-11 15:16 - 2020-05-11 15:16 - 000000000 ____D C:\Program Files\Malwarebytes
2020-05-11 14:45 - 2020-05-11 14:45 - 000000000 ____D C:\Users\Martijn Dansen\.fontconfig
2020-05-11 14:41 - 2020-05-11 14:41 - 000000000 ____D C:\Users\Martijn Dansen\AppData\Local\converter
2020-05-11 14:38 - 2020-05-11 14:41 - 000000000 ____D C:\Users\Martijn Dansen\AppData\Local\Movavi
2020-05-11 14:38 - 2020-05-11 14:38 - 000000000 ____D C:\Users\Martijn Dansen\AppData\Local\ConverterAgent
2020-05-11 14:38 - 2020-05-11 14:38 - 000000000 ____D C:\ProgramData\movavi
2020-05-11 14:36 - 2020-05-11 14:36 - 000012734 _____ C:\ProgramData\ziwxpjps.faw
2020-05-11 14:36 - 2020-05-11 14:36 - 000000016 _____ C:\ProgramData\mntemp
2020-05-11 14:26 - 2020-05-11 14:27 - 000000000 ____D C:\Users\Martijn Dansen\Documents\Freemake
2020-05-11 14:24 - 2020-05-11 16:27 - 000000000 ____D C:\Program Files (x86)\Freemake
2020-05-11 14:22 - 2020-05-11 14:22 - 001012168 _____ (Mixbyte Inc. ) C:\Users\Martijn Dansen\Documents\FreemakeVideoConverterSetup_ae5767de-1a3c-908f-f77f-ec28646a07cc.exe
2020-05-11 14:19 - 2020-05-11 17:28 - 2159418702 _____ C:\Users\Martijn Dansen\Downloads\Policie Modrava I - 1.díl Za lepších okolností dvd.rip@.mkv
2020-04-22 22:25 - 2020-04-22 22:25 - 000000000 ____D C:\Users\Martijn Dansen\.QtWebEngineProcess
2020-04-22 22:25 - 2020-04-22 22:25 - 000000000 ____D C:\Users\Martijn Dansen\.LSC
2020-04-17 21:56 - 2020-04-17 21:56 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-04-17 21:56 - 2020-04-17 21:56 - 019812864 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-04-17 21:56 - 2020-04-17 21:56 - 004129624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-04-17 21:56 - 2020-04-17 21:56 - 002951832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-04-17 21:56 - 2020-04-17 21:56 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-04-17 21:56 - 2020-04-17 21:56 - 001870408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-04-17 21:56 - 2020-04-17 21:56 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-04-17 21:56 - 2020-04-17 21:56 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2020-04-17 21:56 - 2020-04-17 21:56 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-04-17 21:56 - 2020-04-17 21:56 - 001013000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-04-17 21:56 - 2020-04-17 21:56 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2020-04-17 21:56 - 2020-04-17 21:56 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-04-17 21:56 - 2020-04-17 21:56 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-04-17 21:56 - 2020-04-17 21:56 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2020-04-17 21:56 - 2020-04-17 21:56 - 000420152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2020-04-17 21:56 - 2020-04-17 21:56 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2020-04-17 21:56 - 2020-04-17 21:56 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbadmin.exe
2020-04-17 21:56 - 2020-04-17 21:56 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.XamlHost.dll
2020-04-17 21:56 - 2020-04-17 21:56 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.XamlHost.dll
2020-04-17 21:56 - 2020-04-17 21:56 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-04-17 21:55 - 2020-04-17 21:56 - 007017472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 022636544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 019850240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 018027520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 008013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 007756800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 006523048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 005910016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 004611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 003742544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 003512320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSAT.exe
2020-04-17 21:55 - 2020-04-17 21:55 - 002800128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-04-17 21:55 - 2020-04-17 21:55 - 002180408 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 001665216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 001545216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2020-04-17 21:55 - 2020-04-17 21:55 - 001477112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 001413840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 001397576 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-04-17 21:55 - 2020-04-17 21:55 - 001310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 001081856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 001077064 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-04-17 21:55 - 2020-04-17 21:55 - 001009152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 001008128 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowsperformancerecordercontrol.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000785920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-04-17 21:55 - 2020-04-17 21:55 - 000775696 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-04-17 21:55 - 2020-04-17 21:55 - 000768528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000686080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000673704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000673464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-04-17 21:55 - 2020-04-17 21:55 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000647680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2020-04-17 21:55 - 2020-04-17 21:55 - 000538160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2020-04-17 21:55 - 2020-04-17 21:55 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2020-04-17 21:55 - 2020-04-17 21:55 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2020-04-17 21:55 - 2020-04-17 21:55 - 000415760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000381440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\es.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-04-17 21:55 - 2020-04-17 21:55 - 000268008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasrad.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000190048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000187392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasrad.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000185952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000123952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2020-04-17 21:55 - 2020-04-17 21:55 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000093712 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000089336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasacct.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000084280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2020-04-17 21:55 - 2020-04-17 21:55 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Custom.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasacct.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumapi.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumapi.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\iaspolcy.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iaspolcy.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ias.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ias.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000021520 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Custom.ps.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-04-17 21:55 - 2020-04-17 21:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-04-17 21:55 - 2020-04-17 21:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-04-17 21:55 - 2020-04-17 21:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-04-17 21:55 - 2020-04-17 21:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-04-17 21:55 - 2020-04-17 21:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-04-17 21:55 - 2020-04-17 21:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-04-17 21:55 - 2020-04-17 21:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-04-17 21:55 - 2020-04-17 21:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-04-17 21:55 - 2020-04-17 21:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-04-17 21:55 - 2020-04-17 21:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-04-17 21:55 - 2020-04-17 21:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-04-17 21:55 - 2020-04-17 21:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-04-17 21:54 - 2020-04-17 21:54 - 014818816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 009930552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-04-17 21:54 - 2020-04-17 21:54 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 005040640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 003802624 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 003753472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-04-17 21:54 - 2020-04-17 21:54 - 002767928 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 002086656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 001999960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 001729024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 001646048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 001484384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 001368576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 001368576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 001300280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2020-04-17 21:54 - 2020-04-17 21:54 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 001245184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 001153024 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 001055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000993280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000982840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000912896 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000892416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-04-17 21:54 - 2020-04-17 21:54 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2020-04-17 21:54 - 2020-04-17 21:54 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FlightSettings.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000629760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000628616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000618296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-04-17 21:54 - 2020-04-17 21:54 - 000515600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000513576 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000510792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000507152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000491008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000487784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-04-17 21:54 - 2020-04-17 21:54 - 000456504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2020-04-17 21:54 - 2020-04-17 21:54 - 000410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpr.exe
2020-04-17 21:54 - 2020-04-17 21:54 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-04-17 21:54 - 2020-04-17 21:54 - 000277864 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2020-04-17 21:54 - 2020-04-17 21:54 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000259776 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000251704 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000178192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2020-04-17 21:54 - 2020-04-17 21:54 - 000147696 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2020-04-17 21:54 - 2020-04-17 21:54 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3api.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3msm.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000066624 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000058880 _____ C:\WINDOWS\system32\runexehelper.exe
2020-04-17 21:54 - 2020-04-17 21:54 - 000050544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2020-04-17 21:54 - 2020-04-17 21:54 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2020-04-17 21:54 - 2020-04-17 21:54 - 000033080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hwpolicy.sys
2020-04-17 21:54 - 2020-04-17 21:54 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprtPS.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2020-04-17 21:54 - 2020-04-17 21:54 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wksprtPS.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsunattend.exe
2020-04-17 21:54 - 2020-04-17 21:54 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2020-04-17 21:54 - 2020-04-17 21:54 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-04-17 21:54 - 2020-04-17 21:54 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-04-17 21:53 - 2020-04-17 21:54 - 001243648 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 007849216 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 006168064 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 004563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-04-17 21:53 - 2020-04-17 21:53 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-04-17 21:53 - 2020-04-17 21:53 - 003708928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 003587384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-04-17 21:53 - 2020-04-17 21:53 - 003547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 003109376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 002871608 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2020-04-17 21:53 - 2020-04-17 21:53 - 002717184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-04-17 21:53 - 2020-04-17 21:53 - 002453504 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 002114560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 001960448 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 001945600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 001918976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 001783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 001764336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 001757096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-04-17 21:53 - 2020-04-17 21:53 - 001726264 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 001656904 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 001612800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 001603584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 001512832 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-04-17 21:53 - 2020-04-17 21:53 - 001497600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 001480192 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-04-17 21:53 - 2020-04-17 21:53 - 001427456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 001378528 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 001318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 001261808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 001136128 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 001083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 001011200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000974336 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000915192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-04-17 21:53 - 2020-04-17 21:53 - 000840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000811320 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000759272 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000747320 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000684560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000638480 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-04-17 21:53 - 2020-04-17 21:53 - 000604984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-04-17 21:53 - 2020-04-17 21:53 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000524264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2020-04-17 21:53 - 2020-04-17 21:53 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000465208 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000459688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-04-17 21:53 - 2020-04-17 21:53 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-04-17 21:53 - 2020-04-17 21:53 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\es.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000339304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000231912 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000164368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2020-04-17 21:53 - 2020-04-17 21:53 - 000152408 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000142544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
2020-04-17 21:53 - 2020-04-17 21:53 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000127280 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000115120 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2020-04-17 21:53 - 2020-04-17 21:53 - 000102216 _____ (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe
2020-04-17 21:53 - 2020-04-17 21:53 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Custom.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-04-17 21:53 - 2020-04-17 21:53 - 000071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\keepaliveprovider.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2020-04-17 21:53 - 2020-04-17 21:53 - 000047000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-04-17 21:53 - 2020-04-17 21:53 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
2020-04-17 21:53 - 2020-04-17 21:53 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2020-04-17 21:53 - 2020-04-17 21:53 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Custom.ps.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbservicetrigger.dll
2020-04-17 21:53 - 2020-04-17 21:53 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2020-04-17 21:52 - 2020-04-17 21:53 - 017790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-04-17 21:52 - 2020-04-17 21:52 - 002131456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2020-04-17 21:52 - 2020-04-17 21:52 - 002126144 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2020-04-17 21:52 - 2020-04-17 21:52 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-04-17 21:52 - 2020-04-17 21:52 - 001762816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-04-17 21:52 - 2020-04-17 21:52 - 001719808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2020-04-17 21:52 - 2020-04-17 21:52 - 001413704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2020-04-17 21:52 - 2020-04-17 21:52 - 001263856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2020-04-17 21:52 - 2020-04-17 21:52 - 001127424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2020-04-17 21:52 - 2020-04-17 21:52 - 001071616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2020-04-17 21:52 - 2020-04-17 21:52 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2020-04-17 21:52 - 2020-04-17 21:52 - 000879616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2020-04-17 21:52 - 2020-04-17 21:52 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-04-17 21:52 - 2020-04-17 21:52 - 000722072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2020-04-17 21:52 - 2020-04-17 21:52 - 000654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2020-04-17 21:52 - 2020-04-17 21:52 - 000637240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2020-04-17 21:52 - 2020-04-17 21:52 - 000589384 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2020-04-17 21:52 - 2020-04-17 21:52 - 000437560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2020-04-17 21:52 - 2020-04-17 21:52 - 000416016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2020-04-17 21:52 - 2020-04-17 21:52 - 000355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcApi.dll
2020-04-17 21:52 - 2020-04-17 21:52 - 000297272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2020-04-17 21:52 - 2020-04-17 21:52 - 000278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2020-04-17 21:52 - 2020-04-17 21:52 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2020-04-17 21:52 - 2020-04-17 21:52 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-04-17 21:52 - 2020-04-17 21:52 - 000193848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2020-04-17 21:52 - 2020-04-17 21:52 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2020-04-17 21:52 - 2020-04-17 21:52 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2020-04-17 21:52 - 2020-04-17 21:52 - 000151352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys
2020-04-17 21:52 - 2020-04-17 21:52 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe
2020-04-17 21:52 - 2020-04-17 21:52 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-04-17 21:52 - 2020-04-17 21:52 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2020-04-17 21:52 - 2020-04-17 21:52 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2020-04-17 21:52 - 2020-04-17 21:52 - 000089912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2020-04-17 21:52 - 2020-04-17 21:52 - 000088352 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2020-04-17 21:52 - 2020-04-17 21:52 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2020-04-17 21:52 - 2020-04-17 21:52 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-04-17 21:52 - 2020-04-17 21:52 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2020-04-17 21:52 - 2020-04-17 21:52 - 000059192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2020-04-17 21:52 - 2020-04-17 21:52 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2020-04-17 21:52 - 2020-04-17 21:52 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2020-04-17 21:52 - 2020-04-17 21:52 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcProxyStubs.dll
2020-04-17 21:52 - 2020-04-17 21:52 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-04-17 21:52 - 2020-04-17 21:52 - 000028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\flpydisk.sys
2020-04-17 21:52 - 2020-04-17 21:52 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sfloppy.sys
2020-04-17 21:08 - 2020-03-17 05:57 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-04-17 21:08 - 2020-03-17 05:56 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-04-14 12:29 - 2020-04-14 12:29 - 000000000 ____D C:\Users\Martijn Dansen\Documents\Vlastní šablony Office

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-05-12 22:26 - 2018-10-10 18:01 - 000000000 ____D C:\FRST
2020-05-12 22:21 - 2015-12-22 08:02 - 000000000 ___RD C:\Users\Martijn Dansen\OneDrive
2020-05-12 22:18 - 2015-12-22 07:56 - 000000000 __SHD C:\Users\Martijn Dansen\IntelGraphicsProfiles
2020-05-12 12:04 - 2018-10-10 10:11 - 000000000 ____D C:\Users\Martijn Dansen\AppData\Roaming\PhotoScape
2020-05-12 11:56 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-05-12 11:35 - 2019-10-28 18:54 - 000000000 ____D C:\Users\Martijn Dansen\Desktop\úprava fotek
2020-05-12 11:13 - 2019-02-06 20:20 - 000021504 ____H C:\Users\Martijn Dansen\Desktop\photothumb.db
2020-05-12 08:29 - 2019-10-27 11:34 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-05-12 08:29 - 2017-07-24 00:35 - 000000000 ____D C:\ProgramData\Synaptics
2020-05-12 08:28 - 2019-03-19 06:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-05-12 08:22 - 2019-10-27 11:34 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-16543503-1544822326-733773056-1001
2020-05-12 08:22 - 2019-10-27 05:21 - 000002395 _____ C:\Users\Martijn Dansen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-05-11 22:37 - 2019-10-27 05:06 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-05-11 22:33 - 2018-10-10 18:06 - 000056406 _____ C:\Users\Martijn Dansen\Documents\Addition.txt
2020-05-11 22:15 - 2018-10-10 17:58 - 002285568 _____ (Farbar) C:\Users\Martijn Dansen\Documents\FRST64.exe
2020-05-11 15:55 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2020-05-11 15:19 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-05-11 14:50 - 2020-02-02 17:16 - 000000000 ____D C:\Users\Martijn Dansen\AppData\Local\cache
2020-05-11 14:46 - 2017-08-14 12:13 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2020-05-11 14:45 - 2019-10-27 05:21 - 000000000 ____D C:\Users\Martijn Dansen
2020-05-11 14:15 - 2015-12-21 17:31 - 000000000 ____D C:\Users\Martijn Dansen\Documents\House music
2020-05-11 14:11 - 2020-04-07 22:52 - 000000000 ____D C:\Users\Martijn Dansen\Documents\Trance
2020-05-08 23:42 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-05-08 23:42 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-05-08 22:42 - 2016-03-26 01:04 - 000002312 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-05-08 22:33 - 2020-03-23 22:49 - 000001500 _____ C:\Users\Martijn Dansen\Desktop\Nainstalovat produkt Kaspersky Secure Connection verze 20.0.14.1085.lnk
2020-05-02 21:50 - 2018-03-05 22:37 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-04-26 10:25 - 2020-02-01 19:28 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-04-22 22:28 - 2015-12-21 15:29 - 000000000 ____D C:\Users\Martijn Dansen\AppData\Local\Lenovo
2020-04-22 22:25 - 2016-07-27 11:13 - 000000000 ____D C:\Users\Martijn Dansen\AppData\Roaming\Lenovo
2020-04-18 19:33 - 2019-10-27 05:35 - 001693640 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-04-18 19:33 - 2019-03-19 13:55 - 000718198 _____ C:\WINDOWS\system32\perfh005.dat
2020-04-18 19:33 - 2019-03-19 13:55 - 000145242 _____ C:\WINDOWS\system32\perfc005.dat
2020-04-18 19:26 - 2019-10-27 05:06 - 000581592 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-04-17 23:14 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-04-17 23:14 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2020-04-17 23:14 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-04-17 23:14 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-04-17 23:14 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\Provisioning
2020-04-17 23:14 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-04-17 22:22 - 2013-08-22 15:25 - 000000167 _____ C:\WINDOWS\win.ini
2020-04-17 22:08 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp

==================== Files in the root of some directories ========

2015-11-15 01:32 - 2015-12-22 08:03 - 000012959 _____ () C:\Users\Martijn Dansen\AppData\Roaming\AbsoluteReminder.xml
2015-12-22 08:02 - 2015-12-22 08:02 - 000076976 _____ () C:\Users\Martijn Dansen\AppData\Roaming\LoJackSetup.exe
2015-11-08 11:49 - 2015-12-22 02:56 - 000043222 _____ () C:\Users\Martijn Dansen\AppData\Local\BTServer.log
2018-11-22 14:19 - 2018-11-22 14:22 - 000012800 _____ () C:\Users\Martijn Dansen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-12-22 08:09 - 2015-12-22 08:09 - 008041312 _____ (Absolute Software Corp.) C:\Users\Martijn Dansen\AppData\Local\Setup.exe

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-05-2020
Ran by Martijn Dansen (12-05-2020 22:31:09)
Running from C:\Users\Martijn Dansen\Documents
Windows 10 Home Version 1903 18362.778 (X64) (2019-10-27 09:36:24)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-16543503-1544822326-733773056-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-16543503-1544822326-733773056-503 - Limited - Disabled)
Guest (S-1-5-21-16543503-1544822326-733773056-501 - Limited - Disabled)
Martijn Dansen (S-1-5-21-16543503-1544822326-733773056-1001 - Administrator - Enabled) => C:\Users\Martijn Dansen
WDAGUtilityAccount (S-1-5-21-16543503-1544822326-733773056-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

A360 Desktop (HKLM\...\{7758802D-9486-4883-9927-CCAC366A3BA4}) (Version: 7.2.3.1800 - Autodesk)
ACA & MEP 2017 Object Enabler (HKLM\...\{28B89EEF-0004-0000-5102-CF3F3A09B77D}) (Version: 7.9.45.0 - Autodesk) Hidden
ACAD Private (HKLM\...\{28B89EEF-0001-0000-3102-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 31.0.0.96 - Adobe Systems Incorporated)
ANT Drivers Installer x64 (HKLM\...\{9A9FF300-3725-4934-A0D7-86F109A88ACF}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Audacity 2.3.0 (HKLM-x32\...\Audacity_is1) (Version: 2.3.0 - Audacity Team)
AutoCAD 2017 – Čeština (Czech) (HKLM\...\{28B89EEF-0001-0405-2102-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
AutoCAD 2017 (HKLM\...\{28B89EEF-0001-0000-0102-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
AutoCAD 2017 Language Pack – Čeština (Czech) (HKLM\...\{28B89EEF-0001-0405-1102-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2017 (HKLM-x32\...\{8ED2ED41-4455-449D-993C-751C039089B9}) (Version: 15.11.3.0 - Autodesk)
Autodesk App Manager 2016-2017 (HKLM-x32\...\{C0954809-F5DC-426C-847E-8409DE14E4C0}) (Version: 2.2.0 - Autodesk)
Autodesk AutoCAD 2017 – Čeština (Czech) (HKLM\...\AutoCAD 2017 – Čeština (Czech)) (Version: 21.0.52.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.5 (HKLM-x32\...\{8600F844-9AA5-412E-B6F2-F9C6CBCFD268}) (Version: 1.2.5.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2017 Add-in 64 bit (HKLM\...\{276A67E0-71EB-4827-B5F7-2ACF02BC1A5B}) (Version: 4.37.6853 - Autodesk)
Autodesk License Service (x64) - 3.1 (HKLM\...\{EB6FE58F-8576-4272-BB9C-6B47D9EDFA4D}) (Version: 3.1.26.0 - Autodesk)
Autodesk Material Library 2017 (HKLM-x32\...\{8FB9F735-D64C-4991-8D91-4CDDAB1ABDEE}) (Version: 15.11.3.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2017 (HKLM-x32\...\{3FBFBC43-9882-43FA-B979-2D53896747B3}) (Version: 15.11.3.0 - Autodesk)
Autodesk ReCap 360 (HKLM\...\{5F0F7049-0000-1033-0102-73A6DA3D7FA6}) (Version: 3.0.0.52 - Autodesk) Hidden
Autodesk ReCap 360 (HKLM\...\Autodesk ReCap 360) (Version: 3.0.0.52 - Autodesk)
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Canon MP280 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP280_series) (Version: - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
CyberLink PowerDirector 10 (HKLM\...\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dependency Package Update (HKLM\...\{0788641D-D31A-478D-BB34-C41564AE9F93}) (Version: 1.6.38.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{5252431C-288E-409D-ADCF-24407E0E6F70}) (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{FFED38DF-94DC-4FF9-96C1-A6990EDA6B03}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden
DJ Intro version 1.2.3 (HKLM-x32\...\{36625871-9D4B-4046-A837-677974F51CAC}_is1) (Version: 1.2.3 - Serato Audio Research)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
Elevated Installer (HKLM-x32\...\{9427DAC2-91FD-418E-87D4-8914B437CC06}) (Version: 6.21.0.0 - Garmin Ltd or its subsidiaries) Hidden
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.16 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.16 - Lenovo)
FARO LS 1.1.505.0 (64bit) (HKLM-x32\...\{8834451B-6209-4E02-9EF4-4EF9E3C1F70F}) (Version: 5.5.0.44203 - FARO Scanner Production)
FL Studio 20 (HKLM-x32\...\FL Studio 20) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
FotoMix version 9.2.7 (HKLM-x32\...\{10A0255E-0B73-4397-AB4E-E3667EDA70E4}_is1) (Version: 9.2.7 - Digital Photo Software)
Free Video Flip and Rotate (HKLM-x32\...\Free Video Flip and Rotate_is1) (Version: 2.2.13.1225 - DVDVideoSoft Ltd.)
Freemake Video Converter verze 4.1.11 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.11 - Mixbyte Inc.)
Garmin Express (HKLM-x32\...\{0934EADA-3DAF-4A21-829D-1BB3C315DCB4}) (Version: 6.21.0.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{d3b4366e-9163-44f4-a381-d431031c2841}) (Version: 6.21.0.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 81.0.4044.138 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Hightail for Lenovo (HKLM\...\{2F10E937-F6D7-4174-8AB9-B299E8FC5CEC}) (Version: 2.4.97.2857 - Hightail, Inc.)
Import souborů SketchUp 2016-2017 (HKLM-x32\...\{063925DB-9D8C-48E2-8F04-1B7038B6C783}) (Version: 2.2.0 - Autodesk)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1050 - Intel Corporation)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.25.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10260 - Realtek Semiconductor Corp.)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11103 - Realtek Semiconductor Corp.)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 1.1.12.0 - Lenovo)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2326 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2326 - CyberLink Corp.)
Lenovo Password Manager (HKLM-x32\...\{70EE2BAA-F82A-4B8A-950E-649EFD64D5B9}) (Version: 1.10.8.0 - Lenovo Group Limited)
Lenovo PhoneCompanion (HKLM-x32\...\{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.0 - Lenovo) Hidden
Lenovo PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.0 - Lenovo)
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.) Hidden
Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5108.52 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5108.52 - CyberLink Corp.)
Lenovo Security Suite (HKLM-x32\...\{184F6D30-2A4C-4BDD-85FF-BE4ABBB4232C}) (Version: 1.0.1.15 - Lenovo)
Lenovo Settings (HKLM-x32\...\{42F8AFC3-7944-46CC-9689-94FF9869D0A7}) (Version: 1.0.0.42 - Lenovo) Hidden
Lenovo Settings (HKLM-x32\...\InstallShield_{42F8AFC3-7944-46CC-9689-94FF9869D0A7}) (Version: 1.0.0.42 - Lenovo)
Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 2.0.5.0 - Lenovo Group Limited)
Lenovo Solution Center (HKLM\...\{C1FC707B-AE6B-4DC4-89A5-6628A01F8103}) (Version: 3.3.003.00 - Lenovo)
Lenovo USB Blocker (HKLM-x32\...\{18706F18-ACE4-4510-A59C-104693E7978B}) (Version: 1.0.0.37 - Lenovo) Hidden
Lenovo USB Blocker (HKLM-x32\...\InstallShield_{18706F18-ACE4-4510-A59C-104693E7978B}) (Version: 1.0.0.37 - Lenovo)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-16543503-1544822326-733773056-1001\...\OneDriveSetup.exe) (Version: 20.052.0311.0011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Pioneer DDJ_WeGO Driver (HKLM-x32\...\Pioneer DDJ_WeGO ASIO) (Version: 1.100.000.001 - Pioneer DJ Corporation.)
Počítačová aplikace Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 6.2.0.174 - Autodesk)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.)
QuickTime Alternative 3.2.2 (HKLM-x32\...\QuicktimeAlt_is1) (Version: 3.2.2 - )
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.810.812.040814 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.29071 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7525 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.243 - REALTEK Semiconductor Corp.)
rekordbox 4.0.8 (HKLM-x32\...\Pioneer rekordbox 4.0.8) (Version: 4.0.8.0007 - Pioneer DJ)
Serato DJ Pro (HKLM\...\{6D9C225C-C53B-4BD1-84F1-8C601ED422F7}) (Version: 2.0.2.1516 - Serato Limited) Hidden
Serato DJ Pro (HKLM-x32\...\{d0bdbe13-141f-4dc1-bee9-12750c4cab21}) (Version: 2.0.2.1516 - Serato Limited)
Speciální aplikace Autodesk 2016-2017 (HKLM-x32\...\{27C15055-713B-4D0E-881F-19598A2DFD59}) (Version: 2.2.0 - Autodesk)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.7 - Synaptics Incorporated)
Update for Skype for Business 2016 (KB4484286) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{5F64605A-1F38-44BE-BB99-1799A6D11A62}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB4484286) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{5F64605A-1F38-44BE-BB99-1799A6D11A62}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB4484286) 64-Bit Edition (HKLM\...\{90160000-012B-0405-1000-0000000FF1CE}_Office16.PROPLUS_{5F64605A-1F38-44BE-BB99-1799A6D11A62}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
Validity WBF DDK 5011 (HKLM\...\{4D70781C-36A9-4335-9568-565C6F61B5EB}) (Version: 4.5.247.0 - )
Validity WBF DDK 5011 (HKLM\...\{B38B22CB-F5BA-4803-BE59-EDD70D71CB2F}) (Version: 4.5.247.0 - Validity Sensors, Inc.)
Vegas Pro 13.0 (64-bit) (HKLM-x32\...\Vegas Pro 13.0 (64-bit)) (Version: 13.0 (64-bit) - Exµs ™)
VirtualDJ 8 (HKLM-x32\...\{84F87EDF-9361-4B11-ACEC-0D60F744E642}) (Version: 8.2.4291.0 - Atomix Productions)
Windows Driver Package - Lenovo (ACPIVPC) System (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
Windows Movie Maker 2016 (HKLM-x32\...\{3CC29C1A-B5FE-457B-8F22-32A2videowin}}_is1) (Version: - videowinsoft.com)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-07] (Autodesk Inc.)
Dailymotion -> C:\Program Files\WindowsApps\DailymotionSA.Dailymotion_10.2004.10.0_x64__6dqnvyezrysvy [2020-04-30] (Dailymotion)
Evernote -> C:\Program Files\WindowsApps\Evernote.Evernote_6.24.8919.0_x86__q4d96b2w5wcc2 [2020-03-15] (Evernote)
Hightail for Lenovo -> C:\Program Files\WindowsApps\YouSendIt.HighTailForLenovo_1.3.0.1278_neutral__069rkrpjefrbc [2015-12-21] (Hightail)
Lenovo Support -> C:\Program Files\WindowsApps\E046963F.LenovoSupport_2.0.5.0_x86__k1h2ywk1493x8 [2015-12-21] (Lenovo, INC.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2003.10.0_x64__k1h2ywk1493x8 [2020-03-26] (LENOVO INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-04] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-04] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-26] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.5012.0_x64__8wekyb3d8bbwe [2020-05-05] (Microsoft Studios) [MS Ad]
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-12-21] (Microsoft Corporation) [MS Ad]
MSN Gurmánský svět -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-12-21] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-26] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-26] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-26] (Microsoft Corporation) [MS Ad]
MSN Zdraví a fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-12-21] (Microsoft Corporation) [MS Ad]
Phone Companion -> C:\Program Files\WindowsApps\E0469640.DeviceCollaboration_2.0.0.9_x64__5grkq8ppsgwt4 [2015-12-21] (LENOVO INC)
PowerDVD for Lenovo Idea -> C:\Program Files\WindowsApps\CyberLinkCorp.id.PowerDVDforLenovoIdea_1.1.2618.24808_x86__hgg5mn3xps74a [2015-12-21] (CYBERLINK COM CORPORATION)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2020-03-21] (Microsoft Corporation)
The Weather Channel for Lenovo -> C:\Program Files\WindowsApps\Weather.TheWeatherChannelforLenovo_2015.1013.1.0_x64__t3yemqpq4kp7p [2015-12-22] (The Weather Channel.)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2019-08-02] (Microsoft Corporation)
TripAdvisor Hotels Flights Restaurants -> C:\Program Files\WindowsApps\TripAdvisorLLC.TripAdvisorHotelsFlightsRestaurants_1.5.10.0_x64__qj0v5chwq8f2g [2016-11-18] (TripAdvisor LLC)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-14] (Twitter Inc.)
Zinio -> C:\Program Files\WindowsApps\ZinioLLC.Zinio_2.1.0.317_x64__0q6dqzpp40p2e [2015-12-21] (Zinio LLC)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-16543503-1544822326-733773056-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive - Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}0
CustomCLSID: HKU\S-1-5-21-16543503-1544822326-733773056-1001_Classes\CLSID\{0D327DA6-B4DF-4842-B833-2CFF84F0948F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2017\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-16543503-1544822326-733773056-1001_Classes\CLSID\{720DB9AF-D62C-4ED0-A377-429C22312852}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2017\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-16543503-1544822326-733773056-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-16543503-1544822326-733773056-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2017\cs-CZ\acadficn.dll (Autodesk Development Sarl -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2016-02-07] (Autodesk, Inc -> Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2016-02-07] (Autodesk, Inc -> Autodesk)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-04-24] (Lenovo) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-05-11] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [000LenovoFoldersContextMenu] -> {D2DB7BAA-9E12-4640-825C-B1EB36A3809A} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-04-24] (Lenovo) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2015-09-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-05-11] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [msacm.clmp3enc] => C:\Program Files (x86)\Lenovo\Power2Go\CLMP3Enc.ACM [217088 2005-05-14] (CyberLink Corp.) [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2019-09-09 08:13 - 2019-09-09 08:13 - 001364992 _____ ( () [File not signed]) [File is in use ] C:\Program Files (x86)\Garmin\Express\CefSharp.Core.dll
2020-03-04 12:22 - 2020-03-04 12:22 - 000073216 _____ ( () [File not signed]) [File is in use ] C:\Program Files (x86)\Garmin\Express\FixBootSector.dll
2017-05-08 10:35 - 2017-05-08 10:35 - 000325632 _____ ( () [File not signed]) [File is in use ] C:\Program Files (x86)\Garmin\Express\GpsImgWrapper.dll
2020-03-04 12:22 - 2020-03-04 12:22 - 002711552 _____ ( (Garmin International) [File not signed]) [File is in use ] C:\Program Files (x86)\Garmin\Express\legacyio.dll
2016-10-24 22:20 - 2014-09-03 02:29 - 000950272 _____ () [File not signed] C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\ffmpegsumo.dll
2016-10-24 22:20 - 2014-09-03 02:29 - 000134144 _____ () [File not signed] C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\libegl.dll
2016-10-24 22:20 - 2014-09-03 02:29 - 000912384 _____ () [File not signed] C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\libglesv2.dll
2019-07-27 09:57 - 2019-07-27 09:57 - 096071680 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\libcef.dll
2020-03-04 12:22 - 2020-03-04 12:22 - 001976832 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Garmin\Express\XercesLib.dll
2018-10-10 20:37 - 2015-12-25 20:19 - 000044392 _____ (Digital Wave Ltd -> ) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2018-10-10 20:37 - 2015-12-25 20:19 - 000104296 _____ (Digital Wave Ltd -> ) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2018-10-10 20:37 - 2015-12-25 20:19 - 000020328 _____ (Digital Wave Ltd -> ) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2018-10-10 20:37 - 2015-12-24 17:34 - 000253800 _____ (Digital Wave Ltd -> ) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2018-10-10 20:37 - 2015-12-25 20:19 - 000295272 _____ (Digital Wave Ltd -> ) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2018-10-10 20:37 - 2015-12-25 20:19 - 000110952 _____ (Digital Wave Ltd -> ) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2018-10-10 20:37 - 2015-12-24 17:34 - 000290152 _____ (Digital Wave Ltd -> DVDVideoSoft Ltd.) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\dlmgr.dll
2018-10-10 20:37 - 2015-12-25 20:19 - 000125288 _____ (Digital Wave Ltd -> DVDVideoSoft Ltd.) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\tier0.dll
2018-10-10 20:37 - 2015-12-24 16:13 - 000196968 _____ (Digital Wave Ltd -> DVDVideoSoft Ltd.) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\updhelperlib.dll
2018-10-10 20:38 - 2015-12-24 17:34 - 000771432 _____ (Digital Wave Ltd -> Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\MSVCR100.dll
2018-10-10 20:37 - 2015-12-24 17:34 - 000286056 _____ (Digital Wave Ltd -> The cURL library, hxxp://curl.haxx.se/) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\libcurl.dll
2018-10-10 20:37 - 2015-12-24 17:34 - 001160552 _____ (Digital Wave Ltd -> The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\LIBEAY32.dll
2018-10-10 20:37 - 2015-12-24 17:34 - 000272232 _____ (Digital Wave Ltd -> The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\SSLEAY32.dll
2020-03-04 12:25 - 2020-03-04 12:25 - 000234496 _____ (Dynastream Innovations Inc.) [File not signed] C:\Program Files (x86)\Garmin\Express\ANT_WrappedLib.dll
2017-05-08 10:35 - 2017-05-08 10:35 - 000343552 _____ (Garmin International, Inc.) [File not signed] C:\Program Files (x86)\Garmin\Express\IMG_GPSMAP.dll
2020-03-04 12:22 - 2020-03-04 12:22 - 000425472 _____ (Garmin) [File not signed] C:\Program Files (x86)\Garmin\Express\XMLdll.dll
2014-11-11 16:54 - 2014-11-11 16:54 - 000096256 _____ (Google, inc) [File not signed] C:\Program Files\Lenovo PhoneCompanion\AdbWinApi.dll
2014-11-11 16:54 - 2014-11-11 16:54 - 000060928 _____ (Google, inc) [File not signed] C:\Program Files\Lenovo PhoneCompanion\AdbWinUsbApi.dll
2014-11-11 16:50 - 2014-11-11 16:50 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Lenovo\PowerDVD10\MSVCR71.dll
2020-03-04 12:23 - 2020-03-04 12:23 - 000090112 _____ (Silicon Laboratories, Inc.) [File not signed] C:\Program Files (x86)\Garmin\Express\DSI_SiUSBXp_3_1.DLL
2019-07-27 09:57 - 2019-07-27 09:57 - 000762368 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Garmin\Express\chrome_elf.dll
2016-10-24 22:20 - 2014-09-03 02:29 - 009994752 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\icudt.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-16543503-1544822326-733773056-1001\Software\Classes\.scr: AutoCADScriptFile =>

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Lenovo\FusionEngine;C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin;C:\Program Files (x86)\Lenovo\Password Manager\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\QuickTime Alternative\QTSystem
HKU\S-1-5-21-16543503-1544822326-733773056-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Martijn Dansen\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 10.0.1.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{333B43E8-02B4-486B-8580-DBF56F72C44C}C:\program files (x86)\pioneer\rekordbox 4.0.8\rekordbox.exe] => (Block) C:\program files (x86)\pioneer\rekordbox 4.0.8\rekordbox.exe (Pioneer DJ Corporation -> Pioneer DJ Corporation)
FirewallRules: [TCP Query User{9EFA7C47-A890-4A20-931C-2404FC9A6744}C:\program files (x86)\pioneer\rekordbox 4.0.8\rekordbox.exe] => (Block) C:\program files (x86)\pioneer\rekordbox 4.0.8\rekordbox.exe (Pioneer DJ Corporation -> Pioneer DJ Corporation)
FirewallRules: [UDP Query User{1EE190B0-30AC-4A35-B4C1-0E63CF6D788C}C:\program files (x86)\pioneer\rekordbox 4.0.8\psvlinksysmgr.exe] => (Block) C:\program files (x86)\pioneer\rekordbox 4.0.8\psvlinksysmgr.exe (Pioneer DJ Corporation -> Pioneer DJ Corporation.)
FirewallRules: [TCP Query User{88706FAD-940C-4A6C-8BFC-BCC46CB144A1}C:\program files (x86)\pioneer\rekordbox 4.0.8\psvlinksysmgr.exe] => (Block) C:\program files (x86)\pioneer\rekordbox 4.0.8\psvlinksysmgr.exe (Pioneer DJ Corporation -> Pioneer DJ Corporation.)
FirewallRules: [UDP Query User{CF2BC994-18E1-4EF3-BCE0-FA46ABE08E0A}C:\program files (x86)\pioneer\rekordbox 4.0.8\psvnfsd.exe] => (Block) C:\program files (x86)\pioneer\rekordbox 4.0.8\psvnfsd.exe (Pioneer DJ Corporation -> Pioneer Corporation.)
FirewallRules: [TCP Query User{62C58CDD-4E89-41B2-BB6C-594C9158AD91}C:\program files (x86)\pioneer\rekordbox 4.0.8\psvnfsd.exe] => (Block) C:\program files (x86)\pioneer\rekordbox 4.0.8\psvnfsd.exe (Pioneer DJ Corporation -> Pioneer Corporation.)
FirewallRules: [{0E4E6EA4-C2D9-4A43-A861-C2E72CBC83CE}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)
FirewallRules: [{BD6D5100-2C28-43F4-A417-14D7E1126892}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)
FirewallRules: [{BCCA17C0-86B3-489C-A76A-C54AF7806301}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{93B6D3C4-3FFF-4486-9510-96D5B0137D84}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{301C6BDF-FAEF-4785-9FDB-A42642A43C04}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{77389479-7DEB-454F-9749-DC95CD358DFB}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{E8F36E7B-DA3B-489B-9E77-6A814F66D902}] => (Allow) LPort=55100
FirewallRules: [{10DA5D2C-367C-4E26-BA81-41BA9DA0DD4B}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe (Lenovo (Beijing) Limited -> Lenovo)
FirewallRules: [{08D73FE4-46A6-4310-82F0-A014A48820E2}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{74F8FB32-5EB3-4951-AC4B-BF2FBA3CF46D}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{676F7BF2-5363-4EFD-9F2B-B525D8E0BC9D}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C2D77245-6AE5-4B00-A20A-C82848F47D6C}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{C53F9BE2-C622-4A66-86BA-666DE28BC031}C:\program files\openshot video editor\launch.exe] => (Block) C:\program files\openshot video editor\launch.exe () [File not signed]
FirewallRules: [UDP Query User{2F7B48E7-2CA6-46A4-B104-13AE04984FEF}C:\program files\openshot video editor\launch.exe] => (Block) C:\program files\openshot video editor\launch.exe () [File not signed]
FirewallRules: [{26D0F16B-CA73-48D5-8BC6-331C08DE67DC}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6391054D-EBB5-4BA7-8E28-D373D21BEA98}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8C0BE24B-4B31-45DA-BD66-BFB457F5A0E7}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8CBB64FD-EE23-4384-876E-3F4314A18E4A}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{15059945-FEF6-434A-A52A-DB7A22A9ED1B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

28-04-2020 21:31:07 Naplánovaný kontrolní bod
09-05-2020 10:13:03 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (05/12/2020 10:28:34 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2372,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/12/2020 10:59:43 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9108,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/12/2020 10:27:22 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10280,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/12/2020 10:21:05 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4868,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/12/2020 09:16:46 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (532,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/12/2020 08:43:10 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4580,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/12/2020 08:18:48 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (05/12/2020 08:18:42 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10812,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

System errors:
=============
Error: (05/12/2020 10:22:02 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {784E29F4-5EBE-4279-9948-1E8FE941646D} se v daném časovém limitu neregistroval u služby DCOM.

Error: (05/12/2020 12:07:02 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)
Description: Server Microsoft.OneConnect_5.2002.431.0_x64__8wekyb3d8bbwe!App.AppXe8pdgw5syxe8pgccbk3mcn5hanwamr0e.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (05/12/2020 12:07:02 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)
Description: Server Microsoft.MicrosoftOfficeHub_18.2004.1162.0_x64__8wekyb3d8bbwe!Microsoft.MicrosoftOfficeHub.AppXt4mh7c9swwc5cmd5jgmtmwcfmvkddpn1.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (05/12/2020 10:18:22 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {784E29F4-5EBE-4279-9948-1E8FE941646D} se v daném časovém limitu neregistroval u služby DCOM.

Error: (05/12/2020 08:33:00 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {784E29F4-5EBE-4279-9948-1E8FE941646D} se v daném časovém limitu neregistroval u služby DCOM.

Error: (05/12/2020 08:27:05 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Freemake Improver byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/12/2020 08:27:05 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Autodesk Desktop App Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/12/2020 08:27:05 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Digital Wave Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Windows Defender:
===================================
Date: 2020-05-11 15:06:35.667
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.D!ml
ID: 2147749373
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: containerfile:_C:\Users\Martijn Dansen\Documents\setup_movavi video suite 20_7447927388.iso; file:_C:\Users\Martijn Dansen\Documents\setup_movavi video suite 20_7447927388.iso->setup_movavi video suite 20_7447927388.exe; webfile:_C:\Users\Martijn Dansen\Documents\setup_movavi video suite 20_7447927388.iso|https://cuviqoy.live/31465c0ae32b39c47c ... 8408883161
Původ detekce: Internet
Typ detekce: FastPath
Zdroj detekce: Soubory ke stažení a přílohy
Uživatel: Lenovo-PC\Martijn Dansen
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.315.374.0, AS: 1.315.374.0, NIS: 1.315.374.0
Verze modulu: AM: 1.1.17000.7, NIS: 1.1.17000.7

Date: 2020-04-27 14:57:06.748
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {47CC0290-FBDA-4B63-B774-A368F2BA7C8D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-04-14 11:25:49.017
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {30D71C16-95C0-428D-BFA8-0774D286F01E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-03-05 13:29:50.189
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {A39BE47D-2CB3-42D1-B255-89D1C35E69C8}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-02-23 20:52:07.946
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {B042FF34-8758-417B-9ACD-CE6316CF53C3}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-04-27 14:25:45.707
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.313.2410.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16900.4
Kód chyby: 0x80240022
Popis chyby: V daném programu nelze zkontrolovat aktualizace definic.

Date: 2020-04-27 14:25:45.705
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.313.2410.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16900.4
Kód chyby: 0x80240022
Popis chyby: V daném programu nelze zkontrolovat aktualizace definic.

Date: 2020-04-26 10:31:55.817
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.313.2267.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16900.4
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2020-04-21 22:53:51.505
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.313.1895.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16900.4
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2020-04-21 22:53:51.502
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.313.1895.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16900.4
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

CodeIntegrity:
===================================

Date: 2020-05-11 20:44:28.966
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Autodesk\Autodesk Sync\AdSyncNamespace.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-05-11 20:44:28.706
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Autodesk\Autodesk Sync\AdSyncNamespace.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-05-11 20:44:28.655
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Autodesk\Autodesk Sync\AdSyncNamespace.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-05-11 20:44:28.530
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Autodesk\Autodesk Sync\AdSyncNamespace.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-05-11 15:34:08.597
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Autodesk\Autodesk Sync\AdSyncNamespace.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-05-11 15:34:07.888
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Autodesk\Autodesk Sync\AdSyncNamespace.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-05-11 15:34:07.116
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Autodesk\Autodesk Sync\AdSyncNamespace.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-05-11 15:34:06.756
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Autodesk\Autodesk Sync\AdSyncNamespace.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

BIOS: LENOVO 9CCN27WW(V2.05) 08/29/2014
Motherboard: LENOVO Lenovo B50-30
Processor: Intel(R) Celeron(R) CPU N2840 @ 2.16GHz
Percentage of memory in use: 85%
Total physical RAM: 3978.19 MB
Available physical RAM: 593.34 MB
Total Virtual: 5706.19 MB
Available Virtual: 1781.8 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:424.48 GB) (Free:32.35 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:21.79 GB) NTFS

\\?\Volume{ee41a75a-e715-4fe8-99af-dadd67dabd2e}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.68 GB) NTFS
\\?\Volume{5ec9c95a-fbbf-41a1-b7f9-ad4e6dc9ff54}\ (PBR_DRV) (Fixed) (Total:13.95 GB) (Free:4.58 GB) NTFS
\\?\Volume{2a4504a6-1a8a-4340-93c1-4eadc880353a}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 7DB55890)

Partition: GPT.

==================== End of Addition.txt =======================

#6 Příspěvek od **Conder** » 14 kvě 2020 00:49

Otvor poznamkovy blok (Win+R -> notepad -> enter)

Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
VirusTotal: C:\ProgramData\ziwxpjps.faw
File: C:\Program Files\Lenovo PhoneCompanion\adb.exe
Folder: C:\Users\Martijn Dansen\AppData\Local\converter
Folder: C:\Users\Martijn Dansen\AppData\Local\Movavi
Folder: C:\Users\Martijn Dansen\AppData\Local\ConverterAgent
Folder: C:\ProgramData\movavi
File: C:\ProgramData\ziwxpjps.faw
File: C:\Users\Martijn Dansen\Documents\FreemakeVideoConverterSetup_ae5767de-1a3c-908f-f77f-ec28646a07cc.exe

HKU\S-1-5-21-16543503-1544822326-733773056-1001\...\Policies\Explorer: [] 
HKU\S-1-5-21-16543503-1544822326-733773056-1001\...\MountPoints2: {e5a732bf-adfd-11e8-82b0-f0761c20bf72} - "F:\HiSuiteDownLoader.exe" 
Task: {B5A19765-7B03-4633-9388-1EBE242AF1CD} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe [3271576 2015-11-03] (McAfee, Inc. -> McAfee, Inc.)
HKU\S-1-5-21-16543503-1544822326-733773056-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-16543503-1544822326-733773056-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-16543503-1544822326-733773056-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKU\S-1-5-21-16543503-1544822326-733773056-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-16543503-1544822326-733773056-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-16543503-1544822326-733773056-1001 -> {C74E9EB8-715A-4C81-BB87-C099562BB1A5} URL = 
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
2020-05-11 14:41 - 2020-05-11 14:41 - 000000000 ____D C:\Users\Martijn Dansen\AppData\Local\converter
2020-05-11 14:38 - 2020-05-11 14:41 - 000000000 ____D C:\Users\Martijn Dansen\AppData\Local\Movavi
2020-05-11 14:38 - 2020-05-11 14:38 - 000000000 ____D C:\Users\Martijn Dansen\AppData\Local\ConverterAgent
2020-05-11 14:38 - 2020-05-11 14:38 - 000000000 ____D C:\ProgramData\movavi
2020-05-11 14:36 - 2020-05-11 14:36 - 000012734 _____ C:\ProgramData\ziwxpjps.faw
2020-05-11 14:36 - 2020-05-11 14:36 - 000000016 _____ C:\ProgramData\mntemp
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
C:\Users\Martijn Dansen\Documents\setup_movavi video suite 20_7447927388.iso

Hosts:
EmptyTemp:
End

Uloz na plochu s nazvom fixlist.txt
Spusti znovu FRST a klikni na Fix
Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

jedlatko · #7 Příspěvek od **jedlatko** » 14 kvě 2020 10:27

Zde je log:

Fix result of Farbar Recovery Scan Tool (x64) Version: 13-05-2020 01
Ran by Martijn Dansen (14-05-2020 11:12:31) Run:2
Running from C:\Users\Martijn Dansen\Desktop
Loaded Profiles: Martijn Dansen
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
VirusTotal: C:\ProgramData\ziwxpjps.faw
File: C:\Program Files\Lenovo PhoneCompanion\adb.exe
Folder: C:\Users\Martijn Dansen\AppData\Local\converter
Folder: C:\Users\Martijn Dansen\AppData\Local\Movavi
Folder: C:\Users\Martijn Dansen\AppData\Local\ConverterAgent
Folder: C:\ProgramData\movavi
File: C:\ProgramData\ziwxpjps.faw
File: C:\Users\Martijn Dansen\Documents\FreemakeVideoConverterSetup_ae5767de-1a3c-908f-f77f-ec28646a07cc.exe

HKU\S-1-5-21-16543503-1544822326-733773056-1001\...\Policies\Explorer: []
HKU\S-1-5-21-16543503-1544822326-733773056-1001\...\MountPoints2: {e5a732bf-adfd-11e8-82b0-f0761c20bf72} - "F:\HiSuiteDownLoader.exe"
Task: {B5A19765-7B03-4633-9388-1EBE242AF1CD} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe [3271576 2015-11-03] (McAfee, Inc. -> McAfee, Inc.)
HKU\S-1-5-21-16543503-1544822326-733773056-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-16543503-1544822326-733773056-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-16543503-1544822326-733773056-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKU\S-1-5-21-16543503-1544822326-733773056-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-16543503-1544822326-733773056-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-16543503-1544822326-733773056-1001 -> {C74E9EB8-715A-4C81-BB87-C099562BB1A5} URL =
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
2020-05-11 14:41 - 2020-05-11 14:41 - 000000000 ____D C:\Users\Martijn Dansen\AppData\Local\converter
2020-05-11 14:38 - 2020-05-11 14:41 - 000000000 ____D C:\Users\Martijn Dansen\AppData\Local\Movavi
2020-05-11 14:38 - 2020-05-11 14:38 - 000000000 ____D C:\Users\Martijn Dansen\AppData\Local\ConverterAgent
2020-05-11 14:38 - 2020-05-11 14:38 - 000000000 ____D C:\ProgramData\movavi
2020-05-11 14:36 - 2020-05-11 14:36 - 000012734 _____ C:\ProgramData\ziwxpjps.faw
2020-05-11 14:36 - 2020-05-11 14:36 - 000000016 _____ C:\ProgramData\mntemp
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
C:\Users\Martijn Dansen\Documents\setup_movavi video suite 20_7447927388.iso

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========

Count : 315
Average :
Sum : 3028247707
Maximum :
Minimum :
Property : Length

========= End of Powershell: =========

VirusTotal: C:\ProgramData\ziwxpjps.faw => https://www.virustotal.com/file/8ea9135 ... 589447676/

========================= File: C:\Program Files\Lenovo PhoneCompanion\adb.exe ========================

C:\Program Files\Lenovo PhoneCompanion\adb.exe
File not signed
MD5: 5787E5DF1A68E7AFEA82D58E5F0D6549
Creation and modification date: 2014-11-11 16:54 - 2014-11-11 16:54
Size: 000815104
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: https://www.virustotal.com/file/c30394c ... 589212160/

====== End of File: ======

========================= Folder: C:\Users\Martijn Dansen\AppData\Local\converter ========================

2020-05-11 14:41 - 2020-05-11 14:41 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Martijn Dansen\AppData\Local\converter\Movavi
2020-05-11 14:41 - 2020-05-11 15:21 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Martijn Dansen\AppData\Local\converter\Movavi\videoconverter 20.1.2
2020-05-11 15:21 - 2020-05-11 15:21 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Users\Martijn Dansen\AppData\Local\converter\Movavi\videoconverter 20.1.2\converter.ini

====== End of Folder: ======

========================= Folder: C:\Users\Martijn Dansen\AppData\Local\Movavi ========================

2020-05-11 14:38 - 2020-05-11 16:45 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Martijn Dansen\AppData\Local\Movavi\Logs
2020-05-11 14:41 - 2020-05-11 14:41 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Martijn Dansen\AppData\Local\Movavi\Video Converter
2020-05-11 14:41 - 2020-05-11 14:41 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Martijn Dansen\AppData\Local\Movavi\Video Converter Premium
2020-05-11 14:41 - 2020-05-11 14:41 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Users\Martijn Dansen\AppData\Local\Movavi\Video Converter Premium\Log.txt
2020-05-11 14:41 - 2020-05-11 14:41 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Martijn Dansen\AppData\Local\Movavi\Video Converter Premium\cache
2020-05-11 14:41 - 2020-05-11 14:41 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Martijn Dansen\AppData\Local\Movavi\Video Converter Premium\cache\2110e97fb2f8b1b2cc4fe1e16e83a9b4
2020-05-11 14:41 - 2020-05-11 15:21 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Martijn Dansen\AppData\Local\Movavi\Video Converter Premium\cache\2110e97fb2f8b1b2cc4fe1e16e83a9b4\20.1.2.0
2020-05-11 14:41 - 2020-05-11 14:42 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Martijn Dansen\AppData\Local\Movavi\Video Converter Premium\cache\NagsCache
2020-05-11 14:42 - 2020-05-11 14:42 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Martijn Dansen\AppData\Local\Movavi\Video Converter Premium\cache\NagsCache\3e
2020-05-11 14:42 - 2020-05-11 14:42 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Martijn Dansen\AppData\Local\Movavi\Video Converter Premium\cache\NagsCache\3e\d7
2020-05-11 14:42 - 2020-05-11 14:42 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Martijn Dansen\AppData\Local\Movavi\Video Converter Premium\cache\NagsCache\3e\d7\eb8c7e43bb909f1d2cd7cfa43d82
2020-05-11 14:41 - 2020-03-26 06:36 - 000011620 ____A [4ABE076DAE441E642060F59C6EBFE0D7] () C:\Users\Martijn Dansen\AppData\Local\Movavi\Video Converter Premium\cache\NagsCache\3e\d7\eb8c7e43bb909f1d2cd7cfa43d82\1585197370_email_dialog.zip
2020-05-11 14:42 - 2020-05-11 14:42 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Martijn Dansen\AppData\Local\Movavi\Video Converter Premium\cache\NagsCache\50
2020-05-11 14:42 - 2020-05-11 14:42 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Martijn Dansen\AppData\Local\Movavi\Video Converter Premium\cache\NagsCache\50\e7
2020-05-11 14:42 - 2020-05-11 14:42 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Martijn Dansen\AppData\Local\Movavi\Video Converter Premium\cache\NagsCache\50\e7\0d81c161f16557a5fcbdc97b6713
2020-05-11 14:41 - 2018-03-28 06:55 - 001555211 ____A [D84C72B85A8817DAD12F38BDB40C6589] () C:\Users\Martijn Dansen\AppData\Local\Movavi\Video Converter Premium\cache\NagsCache\50\e7\0d81c161f16557a5fcbdc97b6713\1522212909_one_day_left_in_trial_mode.zip
2020-05-11 14:41 - 2020-05-11 14:42 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Martijn Dansen\AppData\Local\Movavi\Video Converter Premium\cache\qmlcache
2020-05-11 14:42 - 2020-05-11 14:42 - 000009792 ____A [DE2BF1ED2F161A86C5C64F5E6C7AF998] () C:\Users\Martijn Dansen\AppData\Local\Movavi\Video Converter Premium\cache\qmlcache\0afa3359c0b0203750bcc553ab18cca7d0a4e74a.qmlc
2020-05-11 14:42 - 2020-05-11 14:42 - 000035528 ____A [CF05C36A397EDB249B3B9B135D63E159] () C:\Users\Martijn Dansen\AppData\Local\Movavi\Video Converter Premium\cache\qmlcache\0b3c91431c196eee1e536bce5fbc9f8ceac55e65.qmlc
2020-05-11 14:41 - 2020-05-11 14:41 - 000022320 ____A [D0C29C3C0F6023AC2766E7932051BA71] () C:\Users\Martijn Dansen\AppData\Local\Movavi\Video Converter Premium\cache\qmlcache\0d665be3ea0d1ff897780de262f4383b59438c45.qmlc
2020-05-11 14:41 - 2020-05-11 14:41 - 000006728 ____A [43F541037BA87E32D9BF489A3B0FA801] () C:\Users\Martijn Dansen\AppData\Local\Movavi\Video Converter Premium\cache\qmlcache\13bdc269fed8831bab8959239a70e497e9761483.qmlc
2020-05-11 14:41 - 2020-05-11 14:41 - 000000740 ____A [C163453B6E75A754C4B4189F5AC1F41F] () C:\Users\Martijn Dansen\AppData\Local\Movavi\Video Converter Premium\cache\qmlcache\16d3c3f03d514e7c5945a886a54b0b76491d439c.qmlc
2020-05-11 14:41 - 2020-05-11 14:41 - 000003600 ____A [26F76F3BBE675642B0AEAC5553C528E8] () C:\Users\Martijn Dansen\AppData\Local\Movavi\Video Converter Premium\cache\qmlcache\1a1aee82ce7b1fde712339112cde52c5634bb5b6.jsc
2020-05-11 14:41 - 2020-05-11 14:41 - 000001000 ____A [14DF51361A05740ABF8A9F2E0A877A78] () C:\Users\Martijn Dansen\AppData\Local\Movavi\Video Converter Premium\cache\qmlcache\1f6c7935604a06bf4440187fd59d1a9b6cdd710f.jsc
2020-05-11 14:41 - 2020-05-11 14:41 - 000021108 ____A [6EE8220B08CC2FDE89DA752C85ED89E5] () C:\Users\Martijn Dansen\AppData\Local\Movavi\Video Converter Premium\cache\qmlcache\24ef99c73c519cd1b4db16758f5b3e7115dbd76e.qmlc
2020-05-11 14:41 - 2020-05-11 14:41 - 000000812 ____A [0790F85887BC7F4AF1302856F1125D0D] () C:\Users\Martijn Dansen\AppData\Local\Movavi\Video Converter Premium\cache\qmlcache\28a53864d93f33e91af3bc04eb2be15b0965572f.qmlc
2020-05-11 14:41 - 2020-05-11 14:41 - 000004116 ____A [0D2CFFD05C3EB54CC32C9860BBF918B6] () C:\Users\Martijn Dansen\AppData\Local\Movavi\Video Converter Premium\cache\qmlcache\2a8afbf94b4e3a84ce7a1bf1a18234bc650f7308.qmlc
2020-05-11 14:41 - 2020-05-11 14:41 - 000001884 ____A [C45371832903B234BB38378BD95D2FC9] () C:\Users\Martijn Dansen\AppData\Local\Movavi\Video Converter Premium\cache\qmlcache\31fde8cac6dea51776a3bbc86d3ce7013a1b1eb6.qmlc
2020-05-11 14:42 - 2020-05-11 14:42 - 000001968 ____A [38B5B4559324CFA6D92B595782C04C2D] () C:\Users\Martijn Dansen\AppData\Local\Movavi\Video Converter Premium\cache\qmlcache\370d305c0f4e010cc11a87b8b4b7d63f614d8ca1.qmlc
2020-05-11 14:41 - 2020-05-11 14:41 - 000000740 ____A [FA44E14CEF1E769EAF73E20403054AD9] () C:\Users\Martijn Dansen\AppData\Local\Movavi\Video Converter Premium\cache\qmlcache\391e84e5fa8da806db71d4fef1c56f47e39e4a38.qmlc
2020-05-11 14:41 - 2020-05-11 14:41 - 000016936 ____A [DD2780298BA541FBDFE5706ED40CB08A] () C:\Users\Martijn Dansen\AppData\Local\Movavi\Video Converter Premium\cache\qmlcache\45b996caff6dc0b8883e4a0acbf06edf2d325b42.qmlc
2020-05-11 14:41 - 2020-05-11 14:41 - 000001464 ____A [844BBAFC1EE278F5423E0162FA3C0BC0] () C:\Users\Martijn Dansen\AppData\Local\Movavi\Video Converter Premium\cache\qmlcache\548b065f5f57a989ee8cf10f4c8413832ad81b6c.jsc
2020-05-11 14:41 - 2020-05-11 14:41 - 000004920 ____A [31BE49C880E8B5550AC6D63D41B23BEF] () C:\Users\Martijn Dansen\AppData\Local\Movavi\Video Converter Premium\cache\qmlcache\5ae7aecd7f1ba85f39d0086414703d3ff7f969be.qmlc
2020-05-11 14:41 - 2020-05-11 14:41 - 000001308 ____A [141C2A305AB01E41813D2037A27388BB] () C:\Users\Martijn Dansen\AppData\Local\Movavi\Video Converter Premium\cache\qmlcache\646d2c1357a6dd7252f6fe31ade111f6c21f4c98.qmlc
2020-05-11 14:41 - 2020-05-11 14:41 - 000002848 ____A [6D91BA0BAD7D7392DFF624FD94235E1B] () C:\Users\Martijn Dansen\AppData\Local\Movavi\Video Converter Premium\cache\qmlcache\6f36b15df6a8d4aee397dfc0991bec31f0c735e0.qmlc
2020-05-11 14:41 - 2020-05-11 14:41 - 000000812 ____A [8623DF0B49CEA3F1A9D3669D0A9453EE] () C:\Users\Martijn Dansen\AppData\Local\Movavi\Video Converter Premium\cache\qmlcache\7036496c643ae8e475b04468e3f9a633c0fd0598.qmlc
2020-05-11 14:42 - 2020-05-11 14:42 - 000015060 ____A [DED2E63273B239FD83A8AEBFE75892A8] () C:\Users\Martijn Dansen\AppData\Local\Movavi\Video Converter Premium\cache\qmlcache\7b71e6f5c0a2559e5cd8f3ecd03ff96874ce0128.qmlc
2020-05-11 14:42 - 2020-05-11 14:42 - 000005164 ____A [84EB20E9AA969D3C130B38495F213D50] () C:\Users\Martijn Dansen\AppData\Local\Movavi\Video Converter Premium\cache\qmlcache\8112e1e5b5f7e42c5c5bfef3d1940dee27543a8b.qmlc
2020-05-11 14:41 - 2020-05-11 14:41 - 000002656 ____A [6448740648E42816491679255376C99A] () C:\Users\Martijn Dansen\AppData\Local\Movavi\Video Converter Premium\cache\qmlcache\8709b55ffc7d25c519c924b5abcd63b91f99e224.qmlc
2020-05-11 14:42 - 2020-05-11 14:42 - 000012176 ____A [03232767200146D14E8BB796F0221171] () C:\Users\Martijn Dansen\AppData\Local\Movavi\Video Converter Premium\cache\qmlcache\8e5af85a0aac9772360f36ffe2bc9faaa64b3234.qmlc
2020-05-11 14:41 - 2020-05-11 14:41 - 000025496 ____A [A263FFDAFB9ECE72293D321681181623] () C:\Users\Martijn Dansen\AppData\Local\Movavi\Video Converter Premium\cache\qmlcache\9019f564f129dbf45566627a207c150cc2f15dcb.qmlc
2020-05-11 14:42 - 2020-05-11 14:42 - 000016912 ____A [3F92D2AEC1E895C9CB5828011D4E22D8] () C:\Users\Martijn Dansen\AppData\Local\Movavi\Video Converter Premium\cache\qmlcache\94386a8c03fa8fbcd2e4109f5c7a268d9df18796.qmlc
2020-05-11 14:42 - 2020-05-11 14:42 - 000016584 ____A [01C1C2F47F808489EBFB6F3F8E852ABB] () C:\Users\Martijn Dansen\AppData\Local\Movavi\Video Converter Premium\cache\qmlcache\9a6d29a2c84a263bb34686098790b9e7ad404bbb.qmlc
2020-05-11 14:41 - 2020-05-11 14:41 - 000020500 ____A [D8C4A72038BD456F698CB2ECB52DF489] () C:\Users\Martijn Dansen\AppData\Local\Movavi\Video Converter Premium\cache\qmlcache\a4c31cc2f56f1d7fc769611364735a1afaaa5aba.qmlc
2020-05-11 14:42 - 2020-05-11 14:42 - 000021760 ____A [AFAAFE77C6C1945020D3AEB0AA5634E4] () C:\Users\Martijn Dansen\AppData\Local\Movavi\Video Converter Premium\cache\qmlcache\a5a764c4d42936d17522b80d476828cb5905e5e7.jsc
2020-05-11 14:42 - 2020-05-11 14:42 - 000007832 ____A [A530F45AFD45DFAD39065398E1508927] () C:\Users\Martijn Dansen\AppData\Local\Movavi\Video Converter Premium\cache\qmlcache\ab8f4b99b31b6cc6063cbbc7b71f41c33d59ed56.qmlc
2020-05-11 14:41 - 2020-05-11 14:41 - 000022884 ____A [B506891E2DD28661D4C41ACCF32DD5F1] () C:\Users\Martijn Dansen\AppData\Local\Movavi\Video Converter Premium\cache\qmlcache\b1d6f6bf9fd482dc81b78a2444fc3d9ca104920d.qmlc
2020-05-11 14:41 - 2020-05-11 14:41 - 000003056 ____A [37634D874F3BF0D623C9017FF487DB88] () C:\Users\Martijn Dansen\AppData\Local\Movavi\Video Converter Premium\cache\qmlcache\b41bad08280d018b09eb366b3b60e696b1423b00.jsc
2020-05-11 14:41 - 2020-05-11 14:41 - 000014664 ____A [0DFCFF9EB0A2E15A9A0F53C36C0A03BF] () C:\Users\Martijn Dansen\AppData\Local\Movavi\Video Converter Premium\cache\qmlcache\b43412170b88f0e6b5bd252c470c8b3a146dca6d.qmlc
2020-05-11 14:42 - 2020-05-11 14:42 - 000003272 ____A [036A3A882582A1A872F59B9CC2EE71DE] () C:\Users\Martijn Dansen\AppData\Local\Movavi\Video Converter Premium\cache\qmlcache\b756ca363039c48fe2091a430fda3f100df57b6c.jsc
2020-05-11 14:41 - 2020-05-11 14:41 - 000015620 ____A [7119943222CD704C3D7A48C00FDDF3C2] () C:\Users\Martijn Dansen\AppData\Local\Movavi\Video Converter Premium\cache\qmlcache\b8f725a64f72c24b22ce6e28903cfd0d0afaa3da.qmlc
2020-05-11 14:41 - 2020-05-11 14:41 - 000003820 ____A [7B4E13B8493D3C87EFACDE6B4687CE5F] () C:\Users\Martijn Dansen\AppData\Local\Movavi\Video Converter Premium\cache\qmlcache\bf34cbcdaea28e57c837d5bd914611d66211acdb.qmlc
2020-05-11 14:41 - 2020-05-11 14:41 - 000006592 ____A [7C69F05FFB0FBA77DA535A882D6267A3] () C:\Users\Martijn Dansen\AppData\Local\Movavi\Video Converter Premium\cache\qmlcache\ceccd6b708509c07f8234680076bb7a5fc515173.qmlc
2020-05-11 14:41 - 2020-05-11 14:41 - 000016596 ____A [2DEAE92B61782D9D8A6B6545BF1FF933] () C:\Users\Martijn Dansen\AppData\Local\Movavi\Video Converter Premium\cache\qmlcache\d15ab43dbd4947b43ef08d2f9e4a7a764369651f.qmlc
2020-05-11 14:41 - 2020-05-11 14:41 - 000001868 ____A [00DC58319509BC3A1CF2617511492E02] () C:\Users\Martijn Dansen\AppData\Local\Movavi\Video Converter Premium\cache\qmlcache\d1a1e2546155602f2d20c713df3488265bb6835d.qmlc
2020-05-11 14:41 - 2020-05-11 14:41 - 000001932 ____A [36CE7AECFFF6EF819723CE69FBD2E319] () C:\Users\Martijn Dansen\AppData\Local\Movavi\Video Converter Premium\cache\qmlcache\d289b96a3cd809a786557daa4f69beebbd358e5e.qmlc
2020-05-11 14:41 - 2020-05-11 14:41 - 000002152 ____A [286522ABAEF7D622846F5B9BAE40A399] () C:\Users\Martijn Dansen\AppData\Local\Movavi\Video Converter Premium\cache\qmlcache\de248cb5367ce3ac2a23769757979337530f8df3.jsc
2020-05-11 14:41 - 2020-05-11 14:41 - 000000860 ____A [C491C73D74F237E426507EB795C980E7] () C:\Users\Martijn Dansen\AppData\Local\Movavi\Video Converter Premium\cache\qmlcache\ef2fa76f38aa6f833f40d15030003419f0f99907.qmlc
2020-05-11 14:41 - 2020-05-11 14:41 - 000005528 ____A [CCEC55336F688E4DBEE8B479352F9391] () C:\Users\Martijn Dansen\AppData\Local\Movavi\Video Converter Premium\cache\qmlcache\f94c810b68cc3d8a055ff23a185b828bfcca49fd.qmlc
2020-05-11 14:41 - 2020-05-11 14:41 - 000020264 ____A [158668713C0C2BECBF6009AB212363EB] () C:\Users\Martijn Dansen\AppData\Local\Movavi\Video Converter Premium\cache\qmlcache\fa4e102e7113a0ba351b8ba8fc931f7d14b417b1.qmlc
2020-05-11 14:41 - 2020-05-11 14:41 - 000002620 ____A [87DAF628A4F4C3CE82B076477CECA37F] () C:\Users\Martijn Dansen\AppData\Local\Movavi\Video Converter Premium\cache\qmlcache\fc993e99c28fd4aa2125831e8dfe34c8be14c730.qmlc
2020-05-11 14:41 - 2020-05-11 14:41 - 000000788 ____A [BFC2568485C7D99D9B93E76B334877FC] () C:\Users\Martijn Dansen\AppData\Local\Movavi\Video Converter Premium\cache\qmlcache\ff0055e9e612d1d4ad0a654ad94584398bcd2c14.qmlc

====== End of Folder: ======

========================= Folder: C:\Users\Martijn Dansen\AppData\Local\ConverterAgent ========================

2020-05-11 14:38 - 2020-05-11 14:38 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Martijn Dansen\AppData\Local\ConverterAgent\Movavi
2020-05-11 14:38 - 2020-05-11 15:47 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Martijn Dansen\AppData\Local\ConverterAgent\Movavi\videoconverter 20.1.2
2020-05-11 15:47 - 2020-05-11 15:47 - 000000038 ____A [E51A61BAE5CFCD6B01EFC1F330D7A694] () C:\Users\Martijn Dansen\AppData\Local\ConverterAgent\Movavi\videoconverter 20.1.2\ConverterAgent.ini

====== End of Folder: ======

========================= Folder: C:\ProgramData\movavi ========================

2020-05-11 14:37 - 2020-05-11 14:37 - 000005734 ____A [60FF0A416DBF28DC2692E8A0864E5694] () C:\ProgramData\movavi\fonts.conf

====== End of Folder: ======

========================= File: C:\ProgramData\ziwxpjps.faw ========================

C:\ProgramData\ziwxpjps.faw
File not signed
MD5: 2A463FFB4218B61D80177258FB2E6A4D
Creation and modification date: 2020-05-11 14:36 - 2020-05-11 14:36
Size: 000012734
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: 0

====== End of File: ======

========================= File: C:\Users\Martijn Dansen\Documents\FreemakeVideoConverterSetup_ae5767de-1a3c-908f-f77f-ec28646a07cc.exe ========================

C:\Users\Martijn Dansen\Documents\FreemakeVideoConverterSetup_ae5767de-1a3c-908f-f77f-ec28646a07cc.exe
File is digitally signed
MD5: 84CD7ABA9C3681F231D8611B6E7E5B88
Creation and modification date: 2020-05-11 14:22 - 2020-05-11 14:22
Size: 001012168
Attributes: ----A
Company Name: Mixbyte Inc -> Mixbyte Inc.
Internal Name:
Original Name:
Product: Freemake Video Converter
Description: Freemake Video Converter Setup
File Version: 4.1.11.25
Product Version: 4.1.11
Copyright:
VirusTotal: 0

====== End of File: ======

"HKU\S-1-5-21-16543503-1544822326-733773056-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\" => removed successfully
HKU\S-1-5-21-16543503-1544822326-733773056-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e5a732bf-adfd-11e8-82b0-f0761c20bf72} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B5A19765-7B03-4633-9388-1EBE242AF1CD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B5A19765-7B03-4633-9388-1EBE242AF1CD}" => removed successfully
C:\WINDOWS\System32\Tasks\McAfee Remediation (Prepare) => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\McAfee Remediation (Prepare)" => removed successfully
HKU\S-1-5-21-16543503-1544822326-733773056-1001\Software\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKU\S-1-5-21-16543503-1544822326-733773056-1001\Software\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
"HKU\S-1-5-21-16543503-1544822326-733773056-1001\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages" => removed successfully
"HKU\S-1-5-21-16543503-1544822326-733773056-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-16543503-1544822326-733773056-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKU\S-1-5-21-16543503-1544822326-733773056-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C74E9EB8-715A-4C81-BB87-C099562BB1A5} => removed successfully
HKLM\Software\Classes\PROTOCOLS\Handler\sacore => removed successfully
C:\Users\Martijn Dansen\AppData\Local\converter => moved successfully
C:\Users\Martijn Dansen\AppData\Local\Movavi => moved successfully
C:\Users\Martijn Dansen\AppData\Local\ConverterAgent => moved successfully
C:\ProgramData\movavi => moved successfully
C:\ProgramData\ziwxpjps.faw => moved successfully
C:\ProgramData\mntemp => moved successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
"C:\Users\Martijn Dansen\Documents\setup_movavi video suite 20_7447927388.iso" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 9461760 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 139133113 B
Java, Flash, Steam htmlcache => 343 B
Windows/system/drivers => 1661068 B
Edge => 24589 B
Chrome => 420570165 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 11184 B
Martijn Dansen => 105235036 B

RecycleBin => 3316735120 B
EmptyTemp: => 3.7 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 11:17:45 ====

#8 Příspěvek od **Conder** » 15 kvě 2020 01:17

Poprosim o log z toho Malwarebytes skenu, v ktorom bola detekovana 1 hrozba. Logy z Malwarebytes sa daju ziskat takto: na uvodnej obrazovke klikni na Vyhledavac (nie na modre tlacitko Sken) a potom na Zpravy. Dvojklikom otvor spravu z daneho skenu a klikni na Export -> Kopirovat do schranky. Skopirovany log posli v dalsej odpovedi.

Preistotu urob v Malwarebytes este raz rychly sken - na uvodnej obrazovke klikni na modre tlacitko Sken. V pripade nalezov posli aj log. AK nebudu ziadne nalezy, log netreba, iba napis vysledok.

Ako to vyzera s PC?

jedlatko · #9 Příspěvek od **jedlatko** » 15 kvě 2020 07:21

Zde je log z Malwarebytes, kdy byla hrozba detekována:

Malwarebytes
http://www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 11.05.20
Čas skenování: 15:22
Logovací soubor: 6a06a940-938a-11ea-80a8-f0761c20bf72.json

-Informace o softwaru-
Verze: 4.1.0.56
Verze komponentů: 1.0.896
Aktualizovat verzi balíku komponent: 1.0.23664
Licence: Bezplatná

-Systémová informace-
OS: Windows 10 (Build 18362.778)
CPU: x64
Systém souborů: NTFS
Uživatel: LENOVO-PC\Martijn Dansen

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 318888
Zjištěné hrozby: 1
Hrozby umístěné do karantény: 1
Uplynulý čas: 14 min, 54 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 1
RiskWare.BitCoinMiner, C:\WINDOWS\CONHOSTE.EXE, V karanténě, 854, 516573, 1.0.23664, , ame,

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

WMI: 0
(Nebyly zjištěny žádné škodlivé položky)

(end)

Sken z Malwarebytes čistý. PC pracuje v pořádku.

#10 Příspěvek od **Conder** » 15 kvě 2020 22:17

OK. PC uz vyzera aj podla logov v poriadku.

Ak uz nie su ziadne problemy, tak este upraceme po pouzitych nastrojoch:

Stiahni DelFix: https://toolslib.net/downloads/finish/2-delfix/
Uloz na plochu a spusti
Nechaj oznacenu moznost "Remove disinfection tools"
Klikni na "Run"

VIRY.CZ

Možný trojský kůň v PC

Možný trojský kůň v PC

Re: Možný trojský kůň v PC

Re: Možný trojský kůň v PC

Re: Možný trojský kůň v PC

Re: Možný trojský kůň v PC

Re: Možný trojský kůň v PC

Re: Možný trojský kůň v PC

Re: Možný trojský kůň v PC

Re: Možný trojský kůň v PC

Re: Možný trojský kůň v PC