Pomalý NTB

[HonzaDC2]

Dobrý den, prosím o kontrolu logu neb NTB je velmi pomalý a má i problémy pracovat v programech se kterými dřív problém neměl. Děkuji předem.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-05-2020 01
Ran by lenovo (administrator) on LAPTOP-RGJV2R1O (LENOVO 80EW) (24-05-2020 18:29:45)
Running from C:\Users\lenovo\Downloads
Loaded Profiles: lenovo
Platform: Windows 10 Home Version 1903 18362.836 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <2>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\83.0.4103.2\remoting_host.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <21>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(ITE Tech. Inc.) [File not signed] C:\Windows\System32\IRMonitor.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(LENOVO -> Lenovo(beijing) Limited) C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe
(LENOVO -> Lenovo) [File not signed] C:\Program Files (x86)\Lenovo\Lenovo Smart Fingerprint\fplmonitor.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Program Files\Synaptics\SynFP\Shared\SensorDBSynch.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWbioSyncSvc.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp -> Realtek semiconductor) C:\Windows\RTFTrack.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Xiaomi Technology Inc -> ) C:\Users\lenovo\AppData\Local\MiPhoneManager\main\MiPhoneHelper.exe
(ZONER software, a.s. -> ZONER software) C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16404224 2015-08-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1408752 2015-08-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1408752 2015-08-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1408752 2015-08-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [5052120 2015-06-01] (Realtek Semiconductor Corp -> Realtek semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-07-22] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [108728 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [LenovoUtility] => C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe [911272 2017-07-27] (LENOVO -> Lenovo(beijing) Limited)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3937448 2015-08-11] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM-x32\...\Run: [Lenovo Smart Fingerprint] => C:\Program Files (x86)\Lenovo\Lenovo Smart Fingerprint\fplmonitor.exe [1758480 2015-07-10] (LENOVO -> Lenovo) [File not signed]
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-1139293016-3686136104-1418621097-1001\...\Run: [MiPhoneManager] => C:\Users\lenovo\AppData\Local\MiPhoneManager\main\MiPhoneHelper.exe [157624 2016-03-11] (Xiaomi Technology Inc -> )
HKU\S-1-5-21-1139293016-3686136104-1418621097-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [365160 2020-03-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-1139293016-3686136104-1418621097-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [563416 2015-07-12] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-1139293016-3686136104-1418621097-1001\...\MountPoints2: {fccf7043-4508-11e6-9bd6-f0761cff62df} - "H:\SETUP.EXE"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.138\Installer\chrmstp.exe [2020-05-10] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0A9C893A-42CE-4222-B72F-D28E70624D6F} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [54424 2020-02-11] (Lenovo -> Lenovo Group Ltd.)
Task: {19DB8C1D-C9F7-4ED9-BAFF-B94B82DC95B5} - System32\Tasks\Lenovo\fplmonitor => C:\Program Files (x86)\Lenovo\Lenovo Smart Fingerprint\fplmonitor.exe [1758480 2015-07-10] (LENOVO -> Lenovo) [File not signed]
Task: {1DF12C8C-41C6-4E9D-9B29-ED48FDA9ECE6} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {2A226519-CB81-4F86-A728-7984D0D2CEFA} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {5773DCC1-E3AA-4632-B978-C84A3FA8D766} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_371_pepper.exe [1454136 2020-05-13] (Adobe Inc. -> Adobe)
Task: {5AB11F63-99E7-438B-B13C-22E60921BCB1} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [158648 2020-03-31] (Lenovo -> Lenovo Group Ltd.)
Task: {62B2F40F-2D04-4405-B4B8-B0725DE217DC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-05-19] (Google Inc -> Google Inc.)
Task: {67F7244F-9420-45C1-9124-609CAC1DA1F0} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3339472 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
Task: {748A3050-FA66-4260-A3B6-0F03A4F2947D} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software)
Task: {8408957C-20D3-4676-89F3-623949EBFA04} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23772552 2020-05-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {87D4EFD3-7A83-4D7F-976D-9609726ED219} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {8EE02F08-3B11-4F85-8971-6ED157633211} - System32\Tasks\irMonitor => C:\WINDOWS\system32\IRMonitor.exe [114688 2017-09-14] (ITE Tech. Inc.) [File not signed]
Task: {929DAA5E-ECDA-4D4C-9866-1F2C27ADC045} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\b02e4141-f203-4483-8a09-3e67fc64fc23 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [80536 2020-02-11] (Lenovo -> Lenovo Group Ltd.)
Task: {92FD2F35-4C83-42C4-9703-F5946AD2B816} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-05-13] (Adobe Inc. -> Adobe)
Task: {99C17CB6-05D0-4655-95D7-2ECAC74B13F0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {A03EBB9F-F324-4499-9AC7-B820DD9A670E} - System32\Tasks\Atbuphplapuing Manager => C:\Program Files (x86)\Choqoght\perfich.exe
Task: {A49584A0-62CE-4CF4-BFD5-75BA9F9D03FD} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\665ebdbc-0057-4bd7-878e-36f3b00b8b6e => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [80536 2020-02-11] (Lenovo -> Lenovo Group Ltd.)
Task: {ABF4AE8E-7EF7-4DBB-ACE2-EAA4805D7470} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124752 2020-05-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {BCBE387C-4CC2-4FBD-90F5-A0C92FEF5A0C} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [16832 2015-07-08] (LENOVO -> Lenovo)
Task: {C2B5E4EE-33EA-4009-9417-01AA2C92D557} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe
Task: {C3FCF0CA-8388-46EF-9E9A-2225A53BD7F8} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe [85432 2015-05-28] (CyberLink Corp. -> CyberLink Corp.)
Task: {CB08E1D9-65C2-4DDB-A7CA-773236364925} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {CF214301-32CB-4190-A484-588941752210} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {D2A34609-EA29-4517-B969-A966D3B58A66} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-05-19] (Google Inc -> Google Inc.)
Task: {D2F4A72C-077C-44A8-9DB2-C93AD3DDEB61} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\3a399078-146c-4329-9fb1-d9040158d8f4 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [80536 2020-02-11] (Lenovo -> Lenovo Group Ltd.)
Task: {D3E5ECED-A86F-4D53-B982-E405FE9E346D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124752 2020-05-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {E06F6408-992B-481B-B76B-FC24EB4738D6} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [287688 2016-05-25] (LENOVO -> Lenovo)
Task: {FAE1E357-9AD1-4449-9A2E-B383F4900BBA} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\e1b99a4b-ddc5-4f94-b3cb-4902e2a73f53 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [80536 2020-02-11] (Lenovo -> Lenovo Group Ltd.)
Task: {FEC20A70-3C19-4F2E-B5AB-DF9469F83EA5} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23772552 2020-05-08] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{b4a3fdb3-28ed-4ddc-8321-0c66ad2703d9}: [NameServer] 1.1.1.1,8.8.8.8
Tcpip\..\Interfaces\{b4a3fdb3-28ed-4ddc-8321-0c66ad2703d9}: [DhcpNameServer] 213.46.172.37 213.46.172.36

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=131400252777839684&GUID=D571825C-C01B-47E7-8492-D4F44B38364D
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1139293016-3686136104-1418621097-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-1139293016-3686136104-1418621097-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.msn.com/?pc=U453&ocid=U453DHP&osmkt=en-us
SearchScopes: HKU\S-1-5-21-1139293016-3686136104-1418621097-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-03-23] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-05-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-05-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-05-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-05-02] (Microsoft Corporation -> Microsoft Corporation)

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-1139293016-3686136104-1418621097-1001 -> hxxp://www.google.com

FireFox:
========
FF ProfilePath: C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\u377v3de.default [2020-04-27]
FF Homepage: Mozilla\Firefox\Profiles\u377v3de.default -> about:home
FF NewTab: Mozilla\Firefox\Profiles\u377v3de.default -> about:newtab
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-03-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-04] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1139293016-3686136104-1418621097-1001: @kb-ext.cz/PKIComponent -> C:\Users\lenovo\AppData\Roaming\KB-ext\lib\x86\npPKIComponentNPAPI-kbext.dll [2020-03-16] (KOMERCNI BANKA A.S. -> Komerční banka, a.s.)

Chrome:
=======
CHR Profile: C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default [2020-05-24]
CHR Notifications: Default -> hxxps://www.letgo.cz; hxxps://www.postazdarma.cz
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentace) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
CHR Extension: (Flash Video Downloader) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc [2019-05-11]
CHR Extension: (Dokumenty) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Disk Google) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-05-19]
CHR Extension: (YouTube) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-19]
CHR Extension: (Adobe Acrobat) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-03-13]
CHR Extension: (Tabulky) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14]
CHR Extension: (Booking.com for Chrome™) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgkeilefmpmbamgcejhjpiecahcbipip [2017-05-20]
CHR Extension: (BMW M Power) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfhaolblehplannlbgaldknldolnniep [2017-05-24]
CHR Extension: (Dokumenty Google offline) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-22]
CHR Extension: (Chrome Remote Desktop) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2019-10-21]
CHR Extension: (Avira SafeSearch Plus) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipmkfpcnmccejididiaagpgchgjfajgp [2019-06-15]
CHR Extension: (Cryptoplus KB - podepisovací modul) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldildmkoeoicfkknedfdpjmgjmpkpooc [2020-03-16]
CHR Extension: (Kontrola e-mailu Google) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2017-05-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-12]
CHR Extension: (Gmail) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-11]
CHR Extension: (Chrome Media Router) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-12]
CHR Profile: C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-10-07]
CHR Profile: C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-12-28]
CHR DefaultSearchURL: Profile 1 -> hxxps://search.avira.com/#web/result?source=omnibar&q={searchTerms}
CHR DefaultSearchKeyword: Profile 1 -> Avira
CHR DefaultSuggestURL: Profile 1 -> hxxps://search.avira.com/suggestions?q={searchTerms}&li=ff&hl=en
CHR Extension: (Prezentace) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-21]
CHR Extension: (Dokumenty) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-21]
CHR Extension: (Disk Google) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-10-07]
CHR Extension: (YouTube) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-10-07]
CHR Extension: (Adobe Acrobat) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-10-07]
CHR Extension: (Avast SafePrice) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-12-27]
CHR Extension: (Tabulky) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-10-07]
CHR Extension: (Avast Online Security) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-10-07]
CHR Extension: (Avira SafeSearch Plus) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ipmkfpcnmccejididiaagpgchgjfajgp [2017-12-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-10-07]
CHR Extension: (Gmail) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-10-07]
CHR Extension: (Chrome Media Router) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-27]
CHR Profile: C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\System Profile [2018-09-30]
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6350752 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [348968 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [58048 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\83.0.4103.2\remoting_host.exe [72176 2020-04-03] (Google LLC -> Google Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [10612592 2020-05-07] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4506728 2020-03-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373752 2017-04-23] (Intel(R) pGFX -> Intel Corporation)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [80536 2020-02-11] (Lenovo -> Lenovo Group Ltd.)
S3 MixedRealityOpenXRSvc; C:\WINDOWS\System32\MixedRealityRuntime.dll [139952 2020-05-17] (Microsoft Windows -> Microsoft Corporation)
S3 MixedRealityOpenXRSvc; C:\WINDOWS\SysWOW64\MixedRealityRuntime.dll [105840 2020-05-17] (Microsoft Windows -> Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-06-12] (Intel Corporation-Wireless Connectivity Solutions -> )
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [86544 2016-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R2 valWbioSyncSvc; C:\WINDOWS\system32\valWbioSyncSvc.exe [56848 2016-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831200 2015-06-12] (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37136 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205880 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [234560 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [178760 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [60480 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16304 2020-02-25] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42784 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [175704 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [501472 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [109272 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84856 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851592 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460992 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [235488 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [319120 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2020-03-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2020-03-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-03-22] (Malwarebytes Corporation -> )
S3 GemCCID; C:\WINDOWS\System32\drivers\GemCCID.sys [139632 2015-07-10] (Microsoft Windows Hardware Compatibility Publisher -> Gemalto)
S3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [92096 2019-10-13] (Malwarebytes Corporation -> Malwarebytes)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3776792 2015-06-22] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2017-08-03] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [337920 2017-05-07] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [895256 2015-06-23] (Realtek Semiconductor Corp -> Realtek )
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3059416 2015-06-11] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [33960 2015-08-11] (Synaptics Incorporated -> Synaptics Incorporated)
R1 SMIDriver; C:\WINDOWS\system32\DRIVERS\smi.sys [39488 2016-07-13] (Synaptics Inc. -> Synaptics Incorporated)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [24576 2019-09-25] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2019-12-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2019-12-16] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-16] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink)
S0 MBAMSwissArmy; system32\drivers\MBAMSwissArmy.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-05-24 18:29 - 2020-05-24 18:32 - 000030901 _____ C:\Users\lenovo\Downloads\FRST.txt
2020-05-24 18:29 - 2020-05-24 18:31 - 000000000 ____D C:\FRST
2020-05-24 18:26 - 2020-05-24 18:26 - 002286592 _____ (Farbar) C:\Users\lenovo\Downloads\FRST64.exe
2020-05-24 14:27 - 2020-05-20 20:29 - 000337560 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2020-05-20 20:29 - 2020-05-20 20:29 - 000235488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2020-05-20 20:29 - 2020-05-20 20:29 - 000175704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2020-05-17 20:22 - 2020-05-17 20:22 - 001539072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2020-05-17 20:22 - 2020-05-17 20:22 - 000736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2020-05-17 20:22 - 2020-05-17 20:22 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2020-05-17 20:22 - 2020-05-17 20:22 - 000466944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2020-05-17 20:22 - 2020-05-17 20:22 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2020-05-17 20:22 - 2020-05-17 20:22 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2020-05-17 20:22 - 2020-05-17 20:22 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2020-05-17 20:22 - 2020-05-17 20:22 - 000350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll
2020-05-17 20:22 - 2020-05-17 20:22 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2020-05-17 20:22 - 2020-05-17 20:22 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbadmin.exe
2020-05-17 20:22 - 2020-05-17 20:22 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConsoleLogon.dll
2020-05-17 20:22 - 2020-05-17 20:22 - 000077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSSessionUX.dll
2020-05-17 20:21 - 2020-05-17 20:21 - 005098352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2020-05-17 20:21 - 2020-05-17 20:21 - 001417760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2020-05-17 20:21 - 2020-05-17 20:21 - 001034752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2020-05-17 20:21 - 2020-05-17 20:21 - 000852992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-05-17 20:21 - 2020-05-17 20:21 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HoloShellRuntime.dll
2020-05-17 20:21 - 2020-05-17 20:21 - 000105840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MixedRealityRuntime.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 025444864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 019851264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 019812352 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 018029056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 008013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 007822888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 007011840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 006291456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 005911040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 003822080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 003513856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-05-17 20:20 - 2020-05-17 20:20 - 002073176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 001835128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 001637376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 001559040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pla.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 001556200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 001525760 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 001507328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pla.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 001382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 001344000 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 001343488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 001336320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 001306112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 001260032 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 001151824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 001107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 001099600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 001071616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000747832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000686080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000540200 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.PredictionUnit.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\MixedReality.Broker.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000442880 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2020-05-17 20:20 - 2020-05-17 20:20 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000410624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\umrdp.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000345016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000301064 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpendp.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000299064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2020-05-17 20:20 - 2020-05-17 20:20 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CXHProvisioningServer.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000273744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkspbroker.exe
2020-05-17 20:20 - 2020-05-17 20:20 - 000262848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpendp.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapi32.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloShellRuntime.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagSvc.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapi32.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdsdwmdr.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2020-05-17 20:20 - 2020-05-17 20:20 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinput.exe
2020-05-17 20:20 - 2020-05-17 20:20 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Clipboard.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000139952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MixedRealityRuntime.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWSD.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkspbrokerAx.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkspbrokerAx.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2020-05-17 20:20 - 2020-05-17 20:20 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpSa.exe
2020-05-17 20:20 - 2020-05-17 20:20 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RdpSa.exe
2020-05-17 20:20 - 2020-05-17 20:20 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpSaProxy.exe
2020-05-17 20:20 - 2020-05-17 20:20 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RdpSaProxy.exe
2020-05-17 20:20 - 2020-05-17 20:20 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\plasrv.exe
2020-05-17 20:19 - 2020-05-17 20:20 - 004612608 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-05-17 20:19 - 2020-05-17 20:19 - 007756800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-05-17 20:19 - 2020-05-17 20:19 - 007267840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-05-17 20:19 - 2020-05-17 20:19 - 004858368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-05-17 20:19 - 2020-05-17 20:19 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2020-05-17 20:19 - 2020-05-17 20:19 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-05-17 20:19 - 2020-05-17 20:19 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-05-17 20:19 - 2020-05-17 20:19 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-05-17 20:19 - 2020-05-17 20:19 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-05-17 20:19 - 2020-05-17 20:19 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 025902080 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 022638592 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 005757872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-05-17 20:18 - 2020-05-17 20:18 - 002259664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 001686016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 001414144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 001397560 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-05-17 20:18 - 2020-05-17 20:18 - 001393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 001284096 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 001195008 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 001125376 _____ (Microsoft Corporation) C:\WINDOWS\system32\CBDHSvc.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-05-17 20:18 - 2020-05-17 20:18 - 000994304 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000943640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000896000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000814080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-05-17 20:18 - 2020-05-17 20:18 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000673456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-05-17 20:18 - 2020-05-17 20:18 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmIndexer.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000614400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000568136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000530944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000466344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000453632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000246584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataExchangeHost.exe
2020-05-17 20:18 - 2020-05-17 20:18 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2020-05-17 20:18 - 2020-05-17 20:18 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netprofm.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsentUxClient.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWSD.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000099104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Display.BrightnessOverride.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\compstui.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.exe
2020-05-17 20:18 - 2020-05-17 20:18 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddrawex.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\npmproxy.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlmproxy.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlmsprep.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-05-17 20:18 - 2020-05-17 20:18 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-05-17 20:18 - 2020-05-17 20:18 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-05-17 20:18 - 2020-05-17 20:18 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-05-17 20:18 - 2020-05-17 20:18 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-05-17 20:18 - 2020-05-17 20:18 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-05-17 20:18 - 2020-05-17 20:18 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-05-17 20:18 - 2020-05-17 20:18 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-05-17 20:18 - 2020-05-17 20:18 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-05-17 20:18 - 2020-05-17 20:18 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-05-17 20:18 - 2020-05-17 20:18 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-05-17 20:18 - 2020-05-17 20:18 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-05-17 20:17 - 2020-05-17 20:17 - 006525936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 002798592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-05-17 20:17 - 2020-05-17 20:17 - 002584008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 001952872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 001665720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 001581056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 001492480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 001477112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 001214264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 001178608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000894016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000683288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000652800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000592944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000553664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000539184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000501200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp_win.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000453944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2020-05-17 20:17 - 2020-05-17 20:17 - 000441584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000418816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000405424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000325432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-05-17 20:17 - 2020-05-17 20:17 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Diagnostics.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PickerPlatform.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000199992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-05-17 20:17 - 2020-05-17 20:17 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000188416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000185952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000176440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Management.Workplace.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Devices.Sensors.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.Compression.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Profile.RetailInfo.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000089328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AI.MachineLearning.Preview.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2020-05-17 20:17 - 2020-05-17 20:17 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2020-05-17 20:16 - 2020-05-17 20:17 - 000268008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 006710272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 006082808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 005340568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 002576896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 001990576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 001975808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 001737216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 001654952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 001461760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 001357312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 001250816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 001081856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 001011712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000891392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000843576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000807936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000801832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000792808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputHost.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000782336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000778552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000776792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000748544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000672944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000655360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000602224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscms.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000600064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000581544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.applicationmodel.datatransfer.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000572200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000564480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000451584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.Phone.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000402944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000354816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneOm.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TaskApis.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Preview.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.NetworkOperators.ESim.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\icm32.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.SystemManagement.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000197432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000188928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000165176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\useractivitybroker.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Energy.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Graphics.Display.DisplayEnhancementManagement.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000124504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\socialapis.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CameraCaptureUI.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000090936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PeopleAPIs.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DiagnosticInvoker.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbussdapi.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Graphics.Display.DisplayColorManagement.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coloradapterclient.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 014819328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 005945856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 005111296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 003974376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-05-17 20:15 - 2020-05-17 20:15 - 003747328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 001934824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 001510912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 001406464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 001375232 _____ (Microsoft Corporation) C:\WINDOWS\system32\APMon.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 001370112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 001306424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 001245696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 001222656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 001213440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 001184256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 001154656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 001068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 001048480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000975360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000911872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000881664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000866304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000861696 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000847872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000813568 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000777840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FlightSettings.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000716800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000701952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000693672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000683848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000673296 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000628024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000594472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000573952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000540160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000526848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000523264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000513024 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000512512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000441856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000435712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000375520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000362496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRClient.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000335360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountWAMExtension.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000310928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RADCUI.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000278080 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2020-05-17 20:15 - 2020-05-17 20:15 - 000266552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SystemSettings.DataModel.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000260328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winsta.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000245336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpmon.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msutb.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000183296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DataExchange.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatialAudioLicenseSrv.exe
2020-05-17 20:15 - 2020-05-17 20:15 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Haptics.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppExtension.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gamingtcui.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000117048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadWamExtension.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VoipRT.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Authentication.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRBroker.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000073024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000068408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceReactivation.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Printers.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000066832 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\findnetprinters.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.exe
2020-05-17 20:15 - 2020-05-17 20:15 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConfigureExpandedStorage.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ffbroker.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000050560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2020-05-17 20:15 - 2020-05-17 20:15 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AssignedAccessRuntime.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-05-17 20:15 - 2020-05-17 20:15 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2020-05-17 20:15 - 2020-05-17 20:15 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsregtask.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\localui.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 009929528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-05-17 20:14 - 2020-05-17 20:14 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 003807232 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 003371416 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-05-17 20:14 - 2020-05-17 20:14 - 002774088 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 002769000 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 002736640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 002147328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 002087168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 001999968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 001646552 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 001393960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 001288648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 001282560 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 001098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000891544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000888352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000879064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000854528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmIndexer.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000847168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2020-05-17 20:14 - 2020-05-17 20:14 - 000822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-05-17 20:14 - 2020-05-17 20:14 - 000819200 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000796904 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000752584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2020-05-17 20:14 - 2020-05-17 20:14 - 000676072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000661816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-05-17 20:14 - 2020-05-17 20:14 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000580608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000543824 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000524208 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000518456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2020-05-17 20:14 - 2020-05-17 20:14 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-05-17 20:14 - 2020-05-17 20:14 - 000467952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-05-17 20:14 - 2020-05-17 20:14 - 000386320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-05-17 20:14 - 2020-05-17 20:14 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000221496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-05-17 20:14 - 2020-05-17 20:14 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000132712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Display.BrightnessOverride.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000058880 _____ C:\WINDOWS\system32\runexehelper.exe
2020-05-17 20:14 - 2020-05-17 20:14 - 000058696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdfLdr.sys
2020-05-17 20:14 - 2020-05-17 20:14 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddrawex.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2020-05-17 20:13 - 2020-05-17 20:13 - 006435328 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-05-17 20:13 - 2020-05-17 20:13 - 001819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
2020-05-17 20:13 - 2020-05-17 20:13 - 001218560 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2020-05-17 20:13 - 2020-05-17 20:13 - 001023128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2020-05-17 20:13 - 2020-05-17 20:13 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2020-05-17 20:13 - 2020-05-17 20:13 - 000639400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2020-05-17 20:13 - 2020-05-17 20:13 - 000638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2020-05-17 20:13 - 2020-05-17 20:13 - 000439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe
2020-05-17 20:13 - 2020-05-17 20:13 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2020-05-17 20:13 - 2020-05-17 20:13 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll
2020-05-17 20:13 - 2020-05-17 20:13 - 000333128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsta.dll
2020-05-17 20:13 - 2020-05-17 20:13 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2020-05-17 20:13 - 2020-05-17 20:13 - 000283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComposerFramework.dll
2020-05-17 20:13 - 2020-05-17 20:13 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msutb.dll
2020-05-17 20:13 - 2020-05-17 20:13 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2020-05-17 20:13 - 2020-05-17 20:13 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2020-05-17 20:13 - 2020-05-17 20:13 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-05-17 20:12 - 2020-05-17 20:12 - 007902912 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 007257816 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 006168576 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 005280192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 004565456 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-05-17 20:12 - 2020-05-17 20:12 - 004012032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 003727360 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-05-17 20:12 - 2020-05-17 20:12 - 003655680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 002854400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 002354688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 002235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 002157056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 002072576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 001945600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 001825280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 001656904 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 001536512 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 001505592 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 001486336 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-05-17 20:12 - 2020-05-17 20:12 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 001428480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 001373184 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 001336832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 001274128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 001158144 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 001150784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputHost.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 001132544 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 001121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 001092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 001085752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 001007104 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 001005056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000979264 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000915192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000859944 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000781312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000742200 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000732160 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000716312 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000685368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000650240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000622592 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-05-17 20:12 - 2020-05-17 20:12 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000569856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-05-17 20:12 - 2020-05-17 20:12 - 000547992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2020-05-17 20:12 - 2020-05-17 20:12 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000513024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Activities.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000474112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000460200 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-05-17 20:12 - 2020-05-17 20:12 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2020-05-17 20:12 - 2020-05-17 20:12 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2020-05-17 20:12 - 2020-05-17 20:12 - 000448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000442880 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneOm.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.NetworkOperators.ESim.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskApis.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000390968 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\PickerPlatform.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Cortana.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000311096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\DesktopSwitcherDataModel.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\PasswordEnrollmentManager.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MtcModel.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000209208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SwitcherDataModel.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.CapturePicker.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000152416 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000142760 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
2020-05-17 20:12 - 2020-05-17 20:12 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\socialapis.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairingExperienceMEM.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredDialogBroker.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CaptureService.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeopleAPIs.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSAssessment.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000107616 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2020-05-17 20:12 - 2020-05-17 20:12 - 000104248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000102216 _____ (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe
2020-05-17 20:12 - 2020-05-17 20:12 - 000089912 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbussdapi.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
2020-05-17 20:12 - 2020-05-17 20:12 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2020-05-17 20:11 - 2020-05-17 20:11 - 009339392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2020-05-17 20:11 - 2020-05-17 20:11 - 000710656 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2020-05-17 20:11 - 2020-05-17 20:11 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Graphics.Display.DisplayEnhancementManagement.dll
2020-05-17 20:11 - 2020-05-17 20:11 - 000091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Graphics.Display.DisplayColorManagement.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 004005376 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 003581752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-05-17 20:10 - 2020-05-17 20:10 - 003109376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 003084800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 002760704 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2020-05-17 20:10 - 2020-05-17 20:10 - 002717184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-05-17 20:10 - 2020-05-17 20:10 - 002504440 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 002448712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 002256384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 001885184 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 001786880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 001498624 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 001391104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 001270784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrSvc.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 001182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 001053696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 001027816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Perception.Stub.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 001007928 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000945192 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000916768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-05-17 20:10 - 2020-05-17 20:10 - 000841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000819696 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.applicationmodel.datatransfer.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000706544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscms.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000629760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000614400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000604160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000495616 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-05-17 20:10 - 2020-05-17 20:10 - 000416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000339824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000290304 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000273208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\icm32.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000238904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Workplace.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Devices.Sensors.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000231912 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\useractivitybroker.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Compression.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CameraCaptureUI.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AI.MachineLearning.Preview.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticInvoker.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000088280 _____ (Microsoft Corporation) C:\WINDOWS\system32\coloradapterclient.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000047000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-05-17 20:10 - 2020-05-17 20:10 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2020-05-17 20:09 - 2020-05-17 20:09 - 007297536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2020-05-17 20:09 - 2020-05-17 20:09 - 002284032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2020-05-17 20:09 - 2020-05-17 20:09 - 002060800 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2020-05-17 20:09 - 2020-05-17 20:09 - 001333248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2020-05-17 20:09 - 2020-05-17 20:09 - 001080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2020-05-17 20:09 - 2020-05-17 20:09 - 000957056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2020-05-17 20:09 - 2020-05-17 20:09 - 000902656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2020-05-17 20:09 - 2020-05-17 20:09 - 000809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2020-05-17 20:09 - 2020-05-17 20:09 - 000793088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2020-05-17 20:09 - 2020-05-17 20:09 - 000738304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2020-05-17 20:09 - 2020-05-17 20:09 - 000732160 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2020-05-17 20:09 - 2020-05-17 20:09 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2020-05-17 20:09 - 2020-05-17 20:09 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2020-05-17 20:09 - 2020-05-17 20:09 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2020-05-17 20:09 - 2020-05-17 20:09 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountWAMExtension.dll
2020-05-17 20:09 - 2020-05-17 20:09 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountExtension.dll
2020-05-17 20:09 - 2020-05-17 20:09 - 000318680 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2020-05-17 20:09 - 2020-05-17 20:09 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataExchange.dll
2020-05-17 20:09 - 2020-05-17 20:09 - 000220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2020-05-17 20:09 - 2020-05-17 20:09 - 000187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Haptics.dll
2020-05-17 20:09 - 2020-05-17 20:09 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppExtension.dll
2020-05-17 20:09 - 2020-05-17 20:09 - 000164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcui.dll
2020-05-17 20:09 - 2020-05-17 20:09 - 000147776 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadWamExtension.dll
2020-05-17 20:09 - 2020-05-17 20:09 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll
2020-05-17 20:09 - 2020-05-17 20:09 - 000071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ffbroker.dll
2020-05-17 20:09 - 2020-05-17 20:09 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessRuntime.dll
2020-05-17 20:08 - 2020-05-17 20:08 - 017791488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-05-17 20:08 - 2020-05-17 20:08 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-05-17 20:08 - 2020-05-17 20:08 - 002289152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-05-17 20:08 - 2020-05-17 20:08 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-05-17 20:08 - 2020-05-17 20:08 - 001500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2020-05-17 20:08 - 2020-05-17 20:08 - 001385176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2020-05-17 20:08 - 2020-05-17 20:08 - 001346048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2020-05-17 20:08 - 2020-05-17 20:08 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-05-17 20:08 - 2020-05-17 20:08 - 001059328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2020-05-17 20:08 - 2020-05-17 20:08 - 000938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2020-05-17 20:08 - 2020-05-17 20:08 - 000768000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2020-05-17 20:08 - 2020-05-17 20:08 - 000759808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2020-05-17 20:08 - 2020-05-17 20:08 - 000559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2020-05-17 20:08 - 2020-05-17 20:08 - 000479744 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRClient.dll
2020-05-17 20:08 - 2020-05-17 20:08 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2020-05-17 20:08 - 2020-05-17 20:08 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2020-05-17 20:08 - 2020-05-17 20:08 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-05-17 20:08 - 2020-05-17 20:08 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2020-05-17 20:08 - 2020-05-17 20:08 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2020-05-17 20:08 - 2020-05-17 20:08 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRBroker.dll
2020-05-17 20:08 - 2020-05-17 20:08 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-05-17 20:08 - 2020-05-17 20:08 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll
2020-05-17 20:07 - 2020-05-17 20:08 - 006232568 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 004624880 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-05-17 20:07 - 2020-05-17 20:07 - 002150232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 001943040 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 001766400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 001745208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 001722880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 001637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 001413712 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 001263616 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 001098240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Signals.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 001072128 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 000999616 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 000826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2020-05-17 20:07 - 2020-05-17 20:07 - 000824832 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 000637480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2020-05-17 20:07 - 2020-05-17 20:07 - 000634680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2020-05-17 20:07 - 2020-05-17 20:07 - 000589384 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2020-05-17 20:07 - 2020-05-17 20:07 - 000534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.UserService.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 000502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 000415808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 000410608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 000399672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DataModel.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 000380632 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialEnrollmentManager.exe
2020-05-17 20:07 - 2020-05-17 20:07 - 000316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-05-17 20:07 - 2020-05-17 20:07 - 000250696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2020-05-17 20:07 - 2020-05-17 20:07 - 000215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Internal.Input.ExpressiveInput.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2020-05-17 20:07 - 2020-05-17 20:07 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VoipRT.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUser.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe
2020-05-17 20:07 - 2020-05-17 20:07 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2020-05-17 20:07 - 2020-05-17 20:07 - 000116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2020-05-17 20:07 - 2020-05-17 20:07 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 000088352 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 000069704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 000060432 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2020-05-17 20:07 - 2020-05-17 20:07 - 000059192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2020-05-17 20:07 - 2020-05-17 20:07 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelineprxy.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsUsbGDCoInstaller.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\TsUsbGD.sys
2020-05-17 20:07 - 2020-05-17 20:07 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSaveTask.exe
2020-05-17 20:07 - 2020-05-17 20:07 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-05-17 20:07 - 2020-05-17 20:07 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregtask.dll
2020-05-17 17:56 - 2020-05-17 17:59 - 000000000 ____D C:\Users\lenovo\Desktop\zkouska
2020-05-16 19:59 - 2020-05-24 14:34 - 000000000 ____D C:\Users\lenovo\Desktop\martas foto
2020-05-10 15:03 - 2020-05-10 15:03 - 010310684 _____ C:\Users\lenovo\Desktop\ZPSSlideshow.pdf
2020-04-24 06:34 - 2020-04-24 06:35 - 000004477 _____ C:\Users\lenovo\Downloads\24.04.(1).kpc
2020-04-24 06:29 - 2020-04-24 06:29 - 000002402 _____ C:\Users\lenovo\Downloads\24.04..kpc

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-05-24 18:12 - 2019-09-25 07:07 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-05-24 18:09 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-05-24 17:39 - 2017-06-10 09:47 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2020-05-24 17:39 - 2016-05-25 18:09 - 000000000 __SHD C:\Users\lenovo\IntelGraphicsProfiles
2020-05-24 17:38 - 2019-09-25 07:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-05-24 17:38 - 2017-06-10 09:47 - 000000000 ____D C:\ProgramData\Synaptics
2020-05-24 17:08 - 2016-05-26 00:07 - 000000000 ____D C:\Users\lenovo\AppData\Roaming\vlc
2020-05-24 16:52 - 2019-09-25 07:51 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-05-24 16:49 - 2017-05-17 19:50 - 000002095 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2020-05-24 16:49 - 2017-05-17 19:50 - 000002083 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2020-05-24 16:46 - 2019-09-25 07:20 - 000000000 ____D C:\Users\lenovo
2020-05-24 16:28 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-05-24 14:27 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-05-24 14:09 - 2016-07-31 16:08 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-05-20 20:29 - 2020-04-21 06:18 - 000501472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2020-05-20 20:29 - 2019-01-17 19:09 - 000234560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2020-05-20 20:29 - 2019-01-09 20:01 - 000178760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2020-05-20 20:29 - 2019-01-09 20:01 - 000060480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2020-05-20 20:29 - 2019-01-09 20:01 - 000037136 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2020-05-20 20:29 - 2018-10-17 20:44 - 000042784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2020-05-20 20:29 - 2017-12-10 22:44 - 000851592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2020-05-20 20:29 - 2017-12-10 22:44 - 000460992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2020-05-20 20:29 - 2017-12-10 22:44 - 000319120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2020-05-20 20:29 - 2017-12-10 22:44 - 000205880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2020-05-20 20:29 - 2017-12-10 22:44 - 000109272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2020-05-20 20:29 - 2017-12-10 22:44 - 000084856 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2020-05-20 20:27 - 2020-03-21 10:03 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1139293016-3686136104-1418621097-1001
2020-05-20 20:27 - 2019-09-25 07:51 - 000004864 _____ C:\WINDOWS\system32\Tasks\Atbuphplapuing Manager
2020-05-20 20:27 - 2019-09-25 07:51 - 000003830 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-05-20 20:27 - 2019-09-25 07:51 - 000003530 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
2020-05-20 20:27 - 2019-09-25 07:51 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-05-20 20:27 - 2019-09-25 07:51 - 000003402 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-05-20 20:27 - 2019-09-25 07:51 - 000003178 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-05-20 20:27 - 2019-09-25 07:51 - 000002420 _____ C:\WINDOWS\system32\Tasks\irMonitor
2020-05-20 20:27 - 2019-09-25 07:51 - 000002274 _____ C:\WINDOWS\system32\Tasks\DolbySelectorTask
2020-05-20 20:27 - 2019-09-25 07:51 - 000002212 _____ C:\WINDOWS\system32\Tasks\PDVDServ12 Task
2020-05-20 20:27 - 2019-09-25 07:51 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2020-05-19 17:30 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-05-19 17:30 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-05-19 15:34 - 2017-05-17 19:11 - 000000000 ____D C:\ProgramData\AVAST Software
2020-05-19 15:31 - 2019-09-25 07:34 - 001693850 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-05-19 15:31 - 2019-03-19 13:55 - 000718198 _____ C:\WINDOWS\system32\perfh005.dat
2020-05-19 15:31 - 2019-03-19 13:55 - 000145242 _____ C:\WINDOWS\system32\perfc005.dat
2020-05-19 15:31 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2020-05-19 15:30 - 2016-05-27 09:13 - 000000000 ___RD C:\Users\lenovo\3D Objects
2020-05-19 15:30 - 2016-02-13 15:12 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-05-19 15:25 - 2019-09-25 07:07 - 000468368 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-05-17 21:17 - 2019-03-19 06:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-05-17 21:14 - 2019-03-19 06:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-05-17 21:14 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\TextInput
2020-05-17 21:14 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-05-17 21:14 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-05-17 21:14 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-05-17 21:14 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-05-17 21:14 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-05-17 21:14 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\Provisioning
2020-05-17 21:14 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-05-17 21:14 - 2019-03-19 06:52 - 000000000 ____D C:\PerfLogs
2020-05-17 20:53 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-05-17 20:48 - 2016-05-25 20:46 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-05-17 20:43 - 2016-05-25 20:46 - 120636720 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-05-17 20:07 - 2019-09-25 07:13 - 002874880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2020-05-16 20:07 - 2015-09-16 11:42 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-05-13 19:24 - 2019-09-25 07:20 - 000002375 _____ C:\Users\lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-05-13 19:24 - 2016-05-25 18:13 - 000000000 ___RD C:\Users\lenovo\OneDrive
2020-05-13 19:04 - 2019-11-14 17:37 - 005177912 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2020-05-13 19:04 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-05-13 19:04 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-05-10 15:39 - 2017-05-19 00:05 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-05-10 15:23 - 2017-05-12 20:50 - 000000000 ____D C:\Users\lenovo\AppData\Local\CrashDumps
2020-05-02 16:33 - 2017-12-11 14:08 - 000000000 ____D C:\Users\lenovo\AppData\Local\Packages

==================== Files in the root of some directories ========

2018-12-12 18:47 - 2018-12-12 18:47 - 000003584 _____ () C:\Users\lenovo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

[HonzaDC2]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-05-2020 01
Ran by lenovo (24-05-2020 18:33:57)
Running from C:\Users\lenovo\Downloads
Windows 10 Home Version 1903 18362.836 (X64) (2019-09-25 05:52:46)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1139293016-3686136104-1418621097-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1139293016-3686136104-1418621097-503 - Limited - Disabled)
Guest (S-1-5-21-1139293016-3686136104-1418621097-501 - Limited - Disabled)
lenovo (S-1-5-21-1139293016-3686136104-1418621097-1001 - Administrator - Enabled) => C:\Users\lenovo
WDAGUtilityAccount (S-1-5-21-1139293016-3686136104-1418621097-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.009.20065 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.371 - Adobe)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.3.2405 - Avast Software)
Bandicam (HKLM-x32\...\Bandicam) (Version: 4.1.0.1362 - Bandicam.com)
Bandicam MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandicam.com)
Camtasia 9 (HKLM\...\{1D09B594-C8B5-4CF1-B927-41D9A487799C}) (Version: 9.0.5.2021 - TechSmith Corporation) Hidden
Camtasia 9 (HKLM-x32\...\{00ce4b8c-0138-4743-b0b8-379b2715eb44}) (Version: 9.0.5.2021 - TechSmith Corporation)
Components (HKLM-x32\...\{1720B0E0-C520-43A6-B677-97A1D80F3B99}) (Version: 1.0.023.00 - Lenovo) Hidden
CryptoPlus KB v1.0 (HKLM-x32\...\CryptoPlus KB v1.0) (Version: 2.1.8 - Monet+,a.s.)
CryptoPlus KB v1.0 x64 (HKLM\...\CryptoPlus KB v1.0) (Version: 2.1.8 - Monet+,a.s.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.12.0.1152 - Disc Soft Ltd)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
EGR-ShellExtension (HKLM-x32\...\EGR-ShellExtension) (Version: 1.2.1.100 - EasternGraphics)
FormApps Signing Extension (HKLM-x32\...\{ACA43D91-8B42-4D42-8C8B-A893BD6AA40D}) (Version: 2.8.2.28 - Software602 a.s.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 81.0.4044.138 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Chrome Remote Desktop Host (HKLM-x32\...\{654C49EB-D47E-4319-B719-DEEC73787B51}) (Version: 83.0.4103.2 - Google Inc.)
Intel(R) Chipset Device Software (HKLM-x32\...\{c6cff78a-cccb-49d5-be68-ae0ec5f0d48a}) (Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1153 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4624 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.2.1088 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{DC5673D2-228D-45BC-B9BB-9610CE67DFC0}) (Version: 17.1.1524.1353 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{d9e230c1-06bb-4b78-a9f1-c1ddce14e6fc}) (Version: 18.11.0 - Intel Corporation)
ISSENEWClient 8.02 - Firefox 6.0.1 (HKLM-x32\...\{7F55769E-39A9-4D48-8018-42865B6244CC}_is1) (Version: - AURA, s.r.o.)
IT9130 Driver v12.2.3.1 (HKLM-x32\...\IT9130 DriverInstaller_12.2.3.1) (Version: - )
Lenovo Business Vantage (HKLM-x32\...\{BAAE4B9C-8D26-44AF-BCE8-181C8F4A8D5B}_is1) (Version: 3.0.2.3 - Lenovo)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 2.0.9.0 - Lenovo)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.4706 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.4706 - CyberLink Corp.)
Lenovo PowerDVD12 (HKLM-x32\...\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5328.55 - CyberLink Corp.) Hidden
Lenovo PowerDVD12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5328.55 - CyberLink Corp.)
Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.019.00 - Lenovo)
Lenovo Smart Fingerprint (HKLM-x32\...\{90C700B4-BC7E-4628-867C-FC8622F0DAD9}_is1) (Version: 1.0.0.44 - Lenovo)
Metric Collection SDK (HKLM-x32\...\{DDAA788F-52E6-44EA-ADB8-92837B11BF26}) (Version: 1.1.0012.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Mi PC Suite (HKU\S-1-5-21-1139293016-3686136104-1418621097-1001\...\MiPhoneManager) (Version: - Xiaomi Inc.)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Language Pack 2013 - Czech/čeština (HKLM\...\Office15.OMUI.cs-cz) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional 2019 - cs-cz (HKLM\...\Professional2019Retail - cs-cz) (Version: 16.0.12730.20270 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1139293016-3686136104-1418621097-1001\...\OneDriveSetup.exe) (Version: 20.052.0311.0011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.8 - F.J. Wechselberger)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12730.20250 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12730.20250 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12730.20250 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.12730.20250 - Microsoft Corporation) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.29094 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7592 - Realtek Semiconductor Corp.)
Room Arranger (64-bit) (HKLM-x32\...\Room Arranger x64) (Version: 9.5 - Jan Adamec)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0100-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{010BF41A-4D78-40C3-90BA-117DF64A0AE2}) (Version: - Microsoft)
Skype verze 8.54 (HKLM-x32\...\Skype_is1) (Version: 8.54 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.7 - Synaptics Incorporated)
Synaptics WBF DDK 5011 (HKLM\...\{4D70781C-36A9-4335-9568-565C6F61B5EB}) (Version: 4.5.289.0 - )
Synaptics WBF DDK 5011 (HKLM\...\{9062E143-DEDB-4F8C-B5B8-30AEC328400C}) (Version: 4.5.289.0 - Synaptics)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.8 - VideoLAN)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.12 - ZONER software)

Packages:
=========
Lenovo Settings -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoSettings_3.177.0.0_x86__4642shxvsv8s2 [2017-12-19] (LENOVO INCORPORATED.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-16] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-16] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.38.21323.0_x64__8wekyb3d8bbwe [2020-05-17] (Microsoft Corporation)
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
Uživatelský portál Lenovo -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2017-04-26] (LENOVO INCORPORATED.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1139293016-3686136104-1418621097-1001_Classes\CLSID\{DEDBE4C9-9E87-40C5-B437-9AAB7EB9C667}\InprocServer32 -> C:\Program Files (x86)\EasternGraphics\EGR-ShellExtension\Win64\egr_se.dll (EasternGraphics GmbH -> EasternGraphics)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-05-20] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-05-20] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1-x32: [MyPhoneExplorer] -> {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => C:\Program Files (x86)\MyPhoneExplorer\DLL\ShellMgr.dll [2010-03-30] (F.J. Wechselberger) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => -> No File
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-03-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-05-20] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-03-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-04-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-05-20] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [msacm.vorbis] => C:\WINDOWS\system32\vorbis.acm [1470976 2015-03-11] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
HKLM\...\Drivers32: [vidc.mjpg] => C:\WINDOWS\system32\bdmjpeg64.dll [75248 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\WINDOWS\system32\bdmpegv64.dll [75272 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\WINDOWS\system32\bdmpega64.acm [75784 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1554944 2015-03-11] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\SysWOW64\bdmjpeg.dll [71152 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\SysWOW64\bdmpegv.dll [71176 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\SysWOW64\bdmpega.acm [71176 2017-01-26] (Bandicam Company -> )

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2016-05-26 18:48 - 2014-09-09 13:30 - 000603648 _____ () [File not signed] C:\Program Files\Zoner\Photo Studio 17\Program32\SpiderMonkey.dll
2015-07-22 19:44 - 2015-07-22 19:44 - 000562688 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2015-07-22 19:44 - 2015-07-22 19:44 - 000285184 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2017-09-14 22:47 - 2017-09-14 22:47 - 000073728 _____ (ITE) [File not signed] C:\WINDOWS\system32\AF9100EX.dll
2020-05-10 14:41 - 2020-04-05 18:36 - 001343488 _____ (Robert Simpson, et al.) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\GenericMessagingPlugin\x86\SQLite.Interop.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-1139293016-3686136104-1418621097-1001\Software\Classes\regfile: regedit.exe "%1" <==== ATTENTION

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1139293016-3686136104-1418621097-1001\...\mojebanka.cz -> hxxps://etrading.mojebanka.cz
IE trusted site: HKU\S-1-5-21-1139293016-3686136104-1418621097-1001\...\mojeplatba.cz -> hxxps://www.mojeplatba.cz

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 13:04 - 2019-01-06 13:18 - 000000342 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 activation.cloud.techsmith.com
127.0.0.1 oscount.techsmith.com
127.0.0.1 65.52.240.48
127.0.0.1 69.167.144.18
127.0.0.1 157.56.8.159
127.0.0.1 69.167.144.15
127.0.0.1 updater.techsmith.com
127.0.0.1 camtasiatudi.techsmith.com
127.0.0.1 tsccloud.cloudapp.net
127.0.0.1 assets.cloud.techsmith.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Lenovo\FusionEngine;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1139293016-3686136104-1418621097-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
DNS Servers: 1.1.1.1 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{A60BCA35-FFDA-45A8-BC18-F3E2635A1700}] => (Block) C:\program files (x86)\mirrorop receiver\mirrorop receiver.exe => No File
FirewallRules: [{8091452D-4AAE-4A01-87EE-06D61D1F2978}] => (Block) C:\program files (x86)\mirrorop receiver\mirrorop receiver.exe => No File
FirewallRules: [UDP Query User{FE325286-AC90-4548-86A9-506347E50973}C:\program files (x86)\mirrorop receiver\mirrorop receiver.exe] => (Allow) C:\program files (x86)\mirrorop receiver\mirrorop receiver.exe => No File
FirewallRules: [TCP Query User{DC1DE24C-FAFF-4693-90FD-F35F5CF3F5F2}C:\program files (x86)\mirrorop receiver\mirrorop receiver.exe] => (Allow) C:\program files (x86)\mirrorop receiver\mirrorop receiver.exe => No File
FirewallRules: [{7EE1D345-9E0D-474A-973A-1C4846DC9E41}] => (Allow) C:\Users\lenovo\AppData\Local\Temp\andy-x64\Setup.exe => No File
FirewallRules: [{0C8D6D0D-E458-44D0-B06B-763DF4FCD2A5}] => (Allow) C:\Users\lenovo\AppData\Local\Temp\andy-x64\Setup.exe => No File
FirewallRules: [{E18A8CEF-7E7C-4771-9AB9-2BAD0E8E40C1}] => (Allow) LPort=8318
FirewallRules: [{73F681E1-1DE3-45F1-9797-651FC789278B}] => (Block) C:\users\lenovo\appdata\local\apps\2.0\oe7652r2.1t6\pdx8m5rv.nvp\sich..tion_dd8fea481d87ab9c_0003.0000_d7234a5a5ac46b11\sichbopvr.exe => No File
FirewallRules: [{CE854CB2-8407-47DF-97F8-C2AE13D50256}] => (Block) C:\users\lenovo\appdata\local\apps\2.0\oe7652r2.1t6\pdx8m5rv.nvp\sich..tion_dd8fea481d87ab9c_0003.0000_d7234a5a5ac46b11\sichbopvr.exe => No File
FirewallRules: [UDP Query User{55FE5C0C-EA5E-4C5E-ACC5-B55525E76149}C:\users\lenovo\appdata\local\apps\2.0\oe7652r2.1t6\pdx8m5rv.nvp\sich..tion_dd8fea481d87ab9c_0003.0000_d7234a5a5ac46b11\sichbopvr.exe] => (Allow) C:\users\lenovo\appdata\local\apps\2.0\oe7652r2.1t6\pdx8m5rv.nvp\sich..tion_dd8fea481d87ab9c_0003.0000_d7234a5a5ac46b11\sichbopvr.exe => No File
FirewallRules: [TCP Query User{B9274B1C-AFFA-4338-84A7-EA3C77632871}C:\users\lenovo\appdata\local\apps\2.0\oe7652r2.1t6\pdx8m5rv.nvp\sich..tion_dd8fea481d87ab9c_0003.0000_d7234a5a5ac46b11\sichbopvr.exe] => (Allow) C:\users\lenovo\appdata\local\apps\2.0\oe7652r2.1t6\pdx8m5rv.nvp\sich..tion_dd8fea481d87ab9c_0003.0000_d7234a5a5ac46b11\sichbopvr.exe => No File
FirewallRules: [UDP Query User{A0DF7EB8-90CB-49FB-8E0D-C813C7B307BB}C:\program files\windowsapps\xbmcfoundation.kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Block) C:\program files\windowsapps\xbmcfoundation.kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe => No File
FirewallRules: [TCP Query User{B87359EE-BB32-4807-9E68-E317BC0A1E42}C:\program files\windowsapps\xbmcfoundation.kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Block) C:\program files\windowsapps\xbmcfoundation.kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe => No File
FirewallRules: [{F06F0A0C-418C-4176-AEF4-EBC1025DAB7F}] => (Block) C:\program files\windowsapps\xbmcfoundation.kodi_17.3.7.0_x86__4n2hpmxwrvr6p\kodi.exe => No File
FirewallRules: [{C0DBA1C5-BE73-4EF2-B903-CC103D749347}] => (Block) C:\program files\windowsapps\xbmcfoundation.kodi_17.3.7.0_x86__4n2hpmxwrvr6p\kodi.exe => No File
FirewallRules: [UDP Query User{29EC61B9-FEE6-4812-821C-5023AB6CECB1}C:\program files\windowsapps\xbmcfoundation.kodi_17.3.7.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_17.3.7.0_x86__4n2hpmxwrvr6p\kodi.exe => No File
FirewallRules: [TCP Query User{D00F2F28-4311-4F28-9B5F-A767BFC44BDC}C:\program files\windowsapps\xbmcfoundation.kodi_17.3.7.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_17.3.7.0_x86__4n2hpmxwrvr6p\kodi.exe => No File
FirewallRules: [{C2295A1E-9885-462B-AD8E-B7E952790EBC}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\rtmpsrv.exe => No File
FirewallRules: [{D66DF037-B1C5-4AF2-A6FC-CF8BE86EC4A5}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\rtmpsrv.exe => No File
FirewallRules: [{51A26104-2AF4-44B4-B2A7-2D01BAFEF6EF}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe => No File
FirewallRules: [{D67416A2-16CB-4492-BCB0-85C8AAAB289F}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe => No File
FirewallRules: [{AC1BD9AA-25EB-43DD-8C3B-2AB3557FE306}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe => No File
FirewallRules: [{BF2DB6BD-41BA-47DE-893E-7AA4DB0237F4}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe => No File
FirewallRules: [{63B565C4-9829-40FC-9811-D49BF02FF43F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe => No File
FirewallRules: [{16EDBE02-BEB0-4733-B9AE-20140F8D8EC7}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe => No File
FirewallRules: [{4641C68F-EDDF-4B56-8623-212C2B335378}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Wireless Connectivity Solutions -> )
FirewallRules: [{9C1057F7-0F84-4549-B3F2-7A07702995C3}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe (ZONER software, a.s. -> ZONER software)
FirewallRules: [TCP Query User{AE1CCA87-819E-44DE-A7C5-AD6BC712EFD9}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Block) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [UDP Query User{4827AD80-3C3F-470A-998D-157153BB1239}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Block) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [{7F5FDC4F-6502-45A7-8EFA-BCD9EE79F639}] => (Allow) D:\KOPLAYER\vbox\VBoxManage.exe => No File
FirewallRules: [{86A2D89D-1203-4347-83DF-42199AB0A417}] => (Allow) D:\KOPLAYER\vbox\VBoxManage.exe => No File
FirewallRules: [{D822028E-10AF-4807-BB46-AE4070C796B9}] => (Allow) D:\KOPLAYER\vbox\VBoxManage.exe => No File
FirewallRules: [{843EF7A9-9EA9-4868-9C01-E2D16E1F347E}] => (Allow) D:\KOPLAYER\vbox\VBoxManage.exe => No File
FirewallRules: [{E9633208-6BE9-4AD8-B8DD-4344AAAA0093}] => (Allow) D:\KOPLAYER\vbox\VBoxHeadless.exe => No File
FirewallRules: [{9A8344BF-8EB2-429B-A7AF-06561BF33AC7}] => (Allow) D:\KOPLAYER\vbox\VBoxHeadless.exe => No File
FirewallRules: [{5203305D-5BB9-4C05-ACE2-4D2DC5C11620}] => (Allow) D:\KOPLAYER\vbox\VBoxHeadless.exe => No File
FirewallRules: [{011FB4C1-FFF3-4CFF-8819-C0FEED8E1207}] => (Allow) D:\KOPLAYER\vbox\VBoxHeadless.exe => No File
FirewallRules: [{3B61F93A-8323-4B44-8696-BCCB06ADB0FE}] => (Allow) C:\Program Files (x86)\MIO\loader\wdcxwd5000lpcx-24c6ht0_wd-wx51a65c55lpc55lp.dat => No File
FirewallRules: [{710E3CAC-CC82-433D-9350-510D563C0672}] => (Allow) C:\Program Files (x86)\MIO\loader\wdcxwd5000lpcx-24c6ht0_wd-wx51a65c55lpc55lp.dat => No File
FirewallRules: [{F986907E-BA35-4770-9535-B90E583EADE2}] => (Allow) C:\Program Files (x86)\Canrain\Application\chrome.exe => No File
FirewallRules: [{E6547A9B-5A5D-42F8-9750-B294B8AB64B0}] => (Allow) C:\Program Files (x86)\Firefox\Firefox.exe => No File
FirewallRules: [{7A43B53F-7364-4F15-98C1-0C0016BA0CCD}] => (Allow) C:\Program Files (x86)\Avira\Scout\Application\scout.exe => No File
FirewallRules: [{EC825FEC-C416-4D82-AE5A-33E021F0AF26}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe => No File
FirewallRules: [{5299B726-523C-4736-A238-44F370AF3F5C}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe => No File
FirewallRules: [{CA514ED5-B672-4887-9C3F-782A7915DF15}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe => No File
FirewallRules: [{2919264E-8CC3-498A-ABF2-0F497B9E982C}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe => No File
FirewallRules: [{FB6F50D2-E44B-4EB8-A99D-5ABDD8DE0708}] => (Allow) C:\Users\lenovo\AppData\Local\MiPhoneManager\main\MiPCSuite.exe (Xiaomi Technology Inc -> Xiaomi.Inc)
FirewallRules: [{4ADA45AE-890E-4DAE-9C7F-6879BCCE830F}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2B2A69C6-B4A6-4C02-BDB8-1FCC4E2B9094}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3EE86918-02AC-4C34-AD60-23736C5DBEDC}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{2503FAB4-C85F-4F15-B774-131921D78CDD}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{99BE45F8-19D3-45F6-B12F-D04E6EA2A238}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{26CCDE3C-5B12-4555-AC96-A0D5184FA65A}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\83.0.4103.2\remoting_host.exe (Google LLC -> Google Inc.)
FirewallRules: [{7BE3C01B-942E-4841-85FA-24CE2BF03D99}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

17-05-2020 10:26:52 Naplánovaný kontrolní bod
24-05-2020 17:50:32 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (05/24/2020 06:34:47 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3032,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/24/2020 06:14:36 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1812,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/24/2020 06:00:49 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3160,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/24/2020 05:22:31 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2352,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/24/2020 05:08:45 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3280,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/24/2020 04:21:22 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7336,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/24/2020 03:35:26 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3104,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/24/2020 03:23:55 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7940,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).


System errors:
=============
Error: (05/24/2020 05:42:51 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Správce stažených map přestala během spouštění reagovat.

Error: (05/24/2020 05:38:25 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (17:25:21, ‎24.‎05.‎2020) bylo neočekávané.

Error: (05/24/2020 04:52:27 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Zprostředkovatel monitorování Ochrany System Guard v režimu runtime přestala během spouštění reagovat.

Error: (05/24/2020 04:50:20 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Správce stažených map přestala během spouštění reagovat.

Error: (05/24/2020 04:45:21 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (15:56:18, ‎24.‎05.‎2020) bylo neočekávané.

Error: (05/24/2020 03:51:19 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Zasílání zpráv o chybách systému Windows bylo dosaženo časového limitu (30000 ms).

Error: (05/24/2020 03:02:18 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-RGJV2R1O)
Description: Server {ED1D0FDF-4414-470A-A56D-CFB68623FC58} se v daném časovém limitu neregistroval u služby DCOM.

Error: (05/24/2020 01:59:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.


Windows Defender:
===================================
Date: 2019-12-17 03:18:12.188
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: VirTool:Win32/DefenderTamperingRestore
ID: 2147741622
Závažnost: Vážné
Kategorie: Nástroj
Cesta: regkeyvalue:_hklm\software\microsoft\windows defender\spynet\\DisableBlockAtFirstSeen
Původ detekce: Neznámý
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.307.577.0, AS: 1.307.577.0, NIS: 1.307.577.0
Verze modulu: AM: 1.1.16600.7, NIS: 1.1.16600.7

Date: 2019-09-26 21:30:08.734
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {E8DB110F-D609-49B9-91CB-A6F2C0496E3B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-09-26 21:15:14.276
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {CA9DFBF0-34E7-4168-96B3-7A4EB1E4368C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-09-26 20:15:02.597
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {0282E3B0-8E86-4AE8-AB06-17DCAA69E696}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-09-26 18:13:50.987
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {28E034B0-8674-4E58-89AC-D6CFE864EEEE}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-12-20 18:31:48.764
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.307.701.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16600.7
Kód chyby: 0x8024001e
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===================================

Date: 2020-05-24 18:35:15.152
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-24 18:35:15.147
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-24 18:34:15.553
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-24 18:34:15.547
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-24 18:30:15.090
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-24 18:30:15.084
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-24 18:30:15.066
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-24 18:30:15.059
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: LENOVO A8CN47WW(V3.00) 07/14/2015
Motherboard: LENOVO Lenovo B50-80
Processor: Intel(R) Pentium(R) CPU 3825U @ 1.90GHz
Percentage of memory in use: 82%
Total physical RAM: 4009.84 MB
Available physical RAM: 711.67 MB
Total Virtual: 8105.84 MB
Available Virtual: 4389.86 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:417.05 GB) (Free:307.81 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:20.98 GB) NTFS

\\?\Volume{a0880f8c-4a61-44ce-8bad-03cc15aebb7b}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.51 GB) NTFS
\\?\Volume{a5a9ba3a-a1d4-4b04-9da7-f2538679639e}\ (LENOVO_PART) (Fixed) (Total:21.48 GB) (Free:8.09 GB) NTFS
\\?\Volume{2dbba5b2-4e09-422f-9ee8-fef81e4e7c79}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 4C51C248)

Partition: GPT.

==================== End of Addition.txt =======================

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[HonzaDC2]

Log z AdwCleaner

# -------------------------------
# Malwarebytes AdwCleaner 8.0.4.0
# -------------------------------
# Build: 04-03-2020
# Database: 2020-05-19.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-24-2020
# Duration: 00:01:05
# OS: Windows 10 Home
# Cleaned: 47
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\XLiPlatform
Deleted C:\Users\lenovo\AppData\Roaming\Seznam.cz

***** [ Files ] *****

Deleted C:\ProgramData\log.binb
Deleted C:\ProgramData\log.ewbb
Deleted C:\ProgramData\log.ewbt

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\System32\Tasks\IRMONITOR

***** [ Registry ] *****

Deleted HKCU\SOFTWARE\9F9D7CB865EACD2C3131922FF5E38FA9
Deleted HKCU\Software\Microsoft\{cc6eb6d8-85b7-435p-8b86-51e4d16ea76d}
Deleted HKCU\Software\Seznam.cz
Deleted HKCU\Software\csastats
Deleted HKLM\SOFTWARE\9F9D7CB865EACD2C3131922FF5E38FA9
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8EE02F08-3B11-4F85-8971-6ED157633211}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\irMonitor
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{F986907E-BA35-4770-9535-B90E583EADE2}
Deleted HKLM\Software\Classes\Installer\Features\436F6625D7B77354DBCD89DDC6CFAB1A
Deleted HKLM\Software\Classes\Installer\Products\436F6625D7B77354DBCD89DDC6CFAB1A
Deleted HKLM\Software\Classes\tsckmna
Deleted HKLM\Software\Microsoft\DMunversion
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\436F6625D7B77354DBCD89DDC6CFAB1A
Deleted HKLM\Software\Wow6432Node\9F9D7CB865EACD2C3131922FF5E38FA9
Deleted HKLM\Software\Wow6432Node\\Microsoft\MediaPlayer\ShimInclusionList\UCBrowser.exe
Deleted HKU\.DEFAULT\Software\Caphyon\Advanced Updater\{F039D4A9-14D3-4425-A4FA-F2F9D5B0E014}
Deleted HKU\S-1-5-18\Software\Caphyon\Advanced Updater\{F039D4A9-14D3-4425-A4FA-F2F9D5B0E014}

***** [ Chromium (and derivatives) ] *****

Deleted Avira SafeSearch Plus - ipmkfpcnmccejididiaagpgchgjfajgp
Deleted Avira SafeSearch Plus - ipmkfpcnmccejididiaagpgchgjfajgp

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.LenovoAcceleratorApplication Folder C:\Program Files (x86)\LENOVO\LENOVOPORTAL
Deleted Preinstalled.LenovoExperienceImprovement Folder C:\Program Files\LENOVO\EXPERIENCEIMPROVEMENT
Deleted Preinstalled.LenovoExperienceImprovement Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\LenovoExperienceImprovement
Deleted Preinstalled.LenovoIMController Folder C:\ProgramData\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Users\lenovo\AppData\Local\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Windows\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1
Deleted Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{1720B0E0-C520-43A6-B677-97A1D80F3B99}
Deleted Preinstalled.LenovoPower2Go Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|CLMLServer_For_P2G8
Deleted Preinstalled.LenovoPower2Go Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|CLVirtualDrive
Deleted Preinstalled.LenovoPowerDVD Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C3FCF0CA-8388-46EF-9E9A-2225A53BD7F8}
Deleted Preinstalled.LenovoPowerDVD Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PDVDServ12 Task
Deleted Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}
Deleted Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}
Deleted Preinstalled.LenovoPowerDVD Task C:\Windows\System32\Tasks\PDVDSERV12 TASK
Deleted Preinstalled.LenovoQuickOptimizer Folder C:\Program Files\LENOVO\QUICKOPTIMIZER
Deleted Preinstalled.LenovoQuickOptimizer Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}
Deleted Preinstalled.LenovoREACHit Folder C:\Program Files (x86)\LENOVO\REACHIT
Deleted Preinstalled.LenovoSHAREit Folder C:\Users\lenovo\AppData\Local\LENOVO\SHAREIT
Deleted Preinstalled.LenovoUtility Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|LenovoUtility
Deleted Preinstalled.LenovoUtility Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|LenovoUtility


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [6092 octets] - [24/05/2020 20:07:03]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

[Rudy]

OK. Dejte nové logy FRST+Addition.

[HonzaDC2]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-05-2020 01
Ran by lenovo (administrator) on LAPTOP-RGJV2R1O (LENOVO 80EW) (24-05-2020 21:05:05)
Running from C:\Users\lenovo\Desktop
Loaded Profiles: lenovo
Platform: Windows 10 Home Version 1903 18362.836 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\83.0.4103.2\remoting_host.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <10>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(LENOVO -> Lenovo) [File not signed] C:\Program Files (x86)\Lenovo\Lenovo Smart Fingerprint\fplmonitor.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12005.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Program Files\Synaptics\SynFP\Shared\SensorDBSynch.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWbioSyncSvc.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp -> Realtek semiconductor) C:\Windows\RTFTrack.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Xiaomi Technology Inc -> ) C:\Users\lenovo\AppData\Local\MiPhoneManager\main\MiPhoneHelper.exe
(ZONER software, a.s. -> ZONER software) C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16404224 2015-08-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1408752 2015-08-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1408752 2015-08-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1408752 2015-08-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [5052120 2015-06-01] (Realtek Semiconductor Corp -> Realtek semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-07-22] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [108728 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3937448 2015-08-11] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM-x32\...\Run: [Lenovo Smart Fingerprint] => C:\Program Files (x86)\Lenovo\Lenovo Smart Fingerprint\fplmonitor.exe [1758480 2015-07-10] (LENOVO -> Lenovo) [File not signed]
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-1139293016-3686136104-1418621097-1001\...\Run: [MiPhoneManager] => C:\Users\lenovo\AppData\Local\MiPhoneManager\main\MiPhoneHelper.exe [157624 2016-03-11] (Xiaomi Technology Inc -> )
HKU\S-1-5-21-1139293016-3686136104-1418621097-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [365160 2020-03-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-1139293016-3686136104-1418621097-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [563416 2015-07-12] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-1139293016-3686136104-1418621097-1001\...\MountPoints2: {fccf7043-4508-11e6-9bd6-f0761cff62df} - "H:\SETUP.EXE"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.138\Installer\chrmstp.exe [2020-05-10] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0A9C893A-42CE-4222-B72F-D28E70624D6F} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {19DB8C1D-C9F7-4ED9-BAFF-B94B82DC95B5} - System32\Tasks\Lenovo\fplmonitor => C:\Program Files (x86)\Lenovo\Lenovo Smart Fingerprint\fplmonitor.exe [1758480 2015-07-10] (LENOVO -> Lenovo) [File not signed]
Task: {1DF12C8C-41C6-4E9D-9B29-ED48FDA9ECE6} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {2A226519-CB81-4F86-A728-7984D0D2CEFA} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {5773DCC1-E3AA-4632-B978-C84A3FA8D766} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_371_pepper.exe [1454136 2020-05-13] (Adobe Inc. -> Adobe)
Task: {5AB11F63-99E7-438B-B13C-22E60921BCB1} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe
Task: {62B2F40F-2D04-4405-B4B8-B0725DE217DC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-05-19] (Google Inc -> Google Inc.)
Task: {67F7244F-9420-45C1-9124-609CAC1DA1F0} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3339472 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
Task: {748A3050-FA66-4260-A3B6-0F03A4F2947D} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software)
Task: {8408957C-20D3-4676-89F3-623949EBFA04} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23772552 2020-05-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {87D4EFD3-7A83-4D7F-976D-9609726ED219} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {929DAA5E-ECDA-4D4C-9866-1F2C27ADC045} - \Lenovo\ImController\TimeBasedEvents\b02e4141-f203-4483-8a09-3e67fc64fc23 -> No File <==== ATTENTION
Task: {92FD2F35-4C83-42C4-9703-F5946AD2B816} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-05-13] (Adobe Inc. -> Adobe)
Task: {99C17CB6-05D0-4655-95D7-2ECAC74B13F0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {A03EBB9F-F324-4499-9AC7-B820DD9A670E} - System32\Tasks\Atbuphplapuing Manager => C:\Program Files (x86)\Choqoght\perfich.exe
Task: {A49584A0-62CE-4CF4-BFD5-75BA9F9D03FD} - \Lenovo\ImController\TimeBasedEvents\665ebdbc-0057-4bd7-878e-36f3b00b8b6e -> No File <==== ATTENTION
Task: {ABF4AE8E-7EF7-4DBB-ACE2-EAA4805D7470} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124752 2020-05-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {BCBE387C-4CC2-4FBD-90F5-A0C92FEF5A0C} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [16832 2015-07-08] (LENOVO -> Lenovo)
Task: {C2B5E4EE-33EA-4009-9417-01AA2C92D557} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe
Task: {CB08E1D9-65C2-4DDB-A7CA-773236364925} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {CF214301-32CB-4190-A484-588941752210} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {D2A34609-EA29-4517-B969-A966D3B58A66} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-05-19] (Google Inc -> Google Inc.)
Task: {D2F4A72C-077C-44A8-9DB2-C93AD3DDEB61} - \Lenovo\ImController\TimeBasedEvents\3a399078-146c-4329-9fb1-d9040158d8f4 -> No File <==== ATTENTION
Task: {D3E5ECED-A86F-4D53-B982-E405FE9E346D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124752 2020-05-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {E06F6408-992B-481B-B76B-FC24EB4738D6} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe
Task: {FAE1E357-9AD1-4449-9A2E-B383F4900BBA} - \Lenovo\ImController\TimeBasedEvents\e1b99a4b-ddc5-4f94-b3cb-4902e2a73f53 -> No File <==== ATTENTION
Task: {FEC20A70-3C19-4F2E-B5AB-DF9469F83EA5} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23772552 2020-05-08] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{b4a3fdb3-28ed-4ddc-8321-0c66ad2703d9}: [NameServer] 1.1.1.1,8.8.8.8
Tcpip\..\Interfaces\{b4a3fdb3-28ed-4ddc-8321-0c66ad2703d9}: [DhcpNameServer] 213.46.172.37 213.46.172.36

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=131400252777839684&GUID=D571825C-C01B-47E7-8492-D4F44B38364D
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1139293016-3686136104-1418621097-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-1139293016-3686136104-1418621097-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.msn.com/?pc=U453&ocid=U453DHP&osmkt=en-us
SearchScopes: HKU\S-1-5-21-1139293016-3686136104-1418621097-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-03-23] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-05-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-05-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-05-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-05-02] (Microsoft Corporation -> Microsoft Corporation)

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-1139293016-3686136104-1418621097-1001 -> hxxp://www.google.com

FireFox:
========
FF ProfilePath: C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\u377v3de.default [2020-04-27]
FF Homepage: Mozilla\Firefox\Profiles\u377v3de.default -> about:home
FF NewTab: Mozilla\Firefox\Profiles\u377v3de.default -> about:newtab
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-03-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-04] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1139293016-3686136104-1418621097-1001: @kb-ext.cz/PKIComponent -> C:\Users\lenovo\AppData\Roaming\KB-ext\lib\x86\npPKIComponentNPAPI-kbext.dll [2020-03-16] (KOMERCNI BANKA A.S. -> Komerční banka, a.s.)

Chrome:
=======
CHR Profile: C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default [2020-05-24]
CHR Notifications: Default -> hxxps://www.letgo.cz; hxxps://www.postazdarma.cz
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentace) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
CHR Extension: (Flash Video Downloader) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc [2019-05-11]
CHR Extension: (Dokumenty) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Disk Google) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-05-19]
CHR Extension: (YouTube) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-19]
CHR Extension: (Adobe Acrobat) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-03-13]
CHR Extension: (Tabulky) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14]
CHR Extension: (Booking.com for Chrome™) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgkeilefmpmbamgcejhjpiecahcbipip [2017-05-20]
CHR Extension: (BMW M Power) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfhaolblehplannlbgaldknldolnniep [2017-05-24]
CHR Extension: (Dokumenty Google offline) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-22]
CHR Extension: (Chrome Remote Desktop) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2019-10-21]
CHR Extension: (Cryptoplus KB - podepisovací modul) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldildmkoeoicfkknedfdpjmgjmpkpooc [2020-03-16]
CHR Extension: (Kontrola e-mailu Google) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2017-05-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-12]
CHR Extension: (Gmail) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-11]
CHR Extension: (Chrome Media Router) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-12]
CHR Profile: C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-10-07]
CHR Profile: C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-12-28]
CHR Extension: (Prezentace) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-21]
CHR Extension: (Dokumenty) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-21]
CHR Extension: (Disk Google) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-10-07]
CHR Extension: (YouTube) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-10-07]
CHR Extension: (Adobe Acrobat) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-10-07]
CHR Extension: (Avast SafePrice) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-12-27]
CHR Extension: (Tabulky) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-10-07]
CHR Extension: (Avast Online Security) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-10-07]
CHR Extension: (Avira SafeSearch Plus) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ipmkfpcnmccejididiaagpgchgjfajgp [2017-12-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-10-07]
CHR Extension: (Gmail) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-10-07]
CHR Extension: (Chrome Media Router) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-27]
CHR Profile: C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\System Profile [2018-09-30]
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6350752 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [348968 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [58048 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\83.0.4103.2\remoting_host.exe [72176 2020-04-03] (Google LLC -> Google Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [10612592 2020-05-07] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4506728 2020-03-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373752 2017-04-23] (Intel(R) pGFX -> Intel Corporation)
S3 MixedRealityOpenXRSvc; C:\WINDOWS\System32\MixedRealityRuntime.dll [139952 2020-05-17] (Microsoft Windows -> Microsoft Corporation)
S3 MixedRealityOpenXRSvc; C:\WINDOWS\SysWOW64\MixedRealityRuntime.dll [105840 2020-05-17] (Microsoft Windows -> Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-06-12] (Intel Corporation-Wireless Connectivity Solutions -> )
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [86544 2016-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R2 valWbioSyncSvc; C:\WINDOWS\system32\valWbioSyncSvc.exe [56848 2016-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831200 2015-06-12] (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation)
S2 ImControllerService; %SystemRoot%\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37136 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205880 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [234560 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [178760 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [60480 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16304 2020-02-25] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42784 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [175704 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [501472 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [109272 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84856 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851592 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460992 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [235488 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [319120 2020-05-20] (Avast Software s.r.o. -> AVAST Software)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2020-03-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2020-03-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-03-22] (Malwarebytes Corporation -> )
S3 GemCCID; C:\WINDOWS\System32\drivers\GemCCID.sys [139632 2015-07-10] (Microsoft Windows Hardware Compatibility Publisher -> Gemalto)
S3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [92096 2019-10-13] (Malwarebytes Corporation -> Malwarebytes)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3776792 2015-06-22] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2017-08-03] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [337920 2017-05-07] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [895256 2015-06-23] (Realtek Semiconductor Corp -> Realtek )
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3059416 2015-06-11] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [33960 2015-08-11] (Synaptics Incorporated -> Synaptics Incorporated)
R1 SMIDriver; C:\WINDOWS\system32\DRIVERS\smi.sys [39488 2016-07-13] (Synaptics Inc. -> Synaptics Incorporated)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [24576 2019-09-25] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2019-12-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2019-12-16] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-16] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink)
S0 MBAMSwissArmy; system32\drivers\MBAMSwissArmy.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-05-24 21:05 - 2020-05-24 21:07 - 000028578 _____ C:\Users\lenovo\Desktop\FRST.txt
2020-05-24 20:05 - 2020-05-24 20:11 - 000000000 ____D C:\AdwCleaner
2020-05-24 20:02 - 2020-05-24 20:02 - 000073867 _____ C:\Users\lenovo\Desktop\Untitled Project1988254b.autosave.tscproj
2020-05-24 20:01 - 2020-05-24 20:01 - 008196784 _____ (Malwarebytes) C:\Users\lenovo\Desktop\adwcleaner_8.0.4.exe
2020-05-24 18:47 - 2020-05-24 18:56 - 000000000 ____D C:\Users\lenovo\Desktop\Martan
2020-05-24 18:33 - 2020-05-24 18:36 - 000040458 _____ C:\Users\lenovo\Downloads\Addition.txt
2020-05-24 18:29 - 2020-05-24 21:06 - 000000000 ____D C:\FRST
2020-05-24 18:29 - 2020-05-24 18:36 - 000136695 _____ C:\Users\lenovo\Downloads\FRST.txt
2020-05-24 18:26 - 2020-05-24 18:26 - 002286592 _____ (Farbar) C:\Users\lenovo\Desktop\FRST64.exe
2020-05-24 14:27 - 2020-05-20 20:29 - 000337560 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2020-05-20 20:29 - 2020-05-20 20:29 - 000235488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2020-05-20 20:29 - 2020-05-20 20:29 - 000175704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2020-05-17 20:22 - 2020-05-17 20:22 - 001539072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2020-05-17 20:22 - 2020-05-17 20:22 - 000736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2020-05-17 20:22 - 2020-05-17 20:22 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2020-05-17 20:22 - 2020-05-17 20:22 - 000466944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2020-05-17 20:22 - 2020-05-17 20:22 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2020-05-17 20:22 - 2020-05-17 20:22 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2020-05-17 20:22 - 2020-05-17 20:22 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2020-05-17 20:22 - 2020-05-17 20:22 - 000350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll
2020-05-17 20:22 - 2020-05-17 20:22 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2020-05-17 20:22 - 2020-05-17 20:22 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbadmin.exe
2020-05-17 20:22 - 2020-05-17 20:22 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConsoleLogon.dll
2020-05-17 20:22 - 2020-05-17 20:22 - 000077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSSessionUX.dll
2020-05-17 20:21 - 2020-05-17 20:21 - 005098352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2020-05-17 20:21 - 2020-05-17 20:21 - 001417760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2020-05-17 20:21 - 2020-05-17 20:21 - 001034752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2020-05-17 20:21 - 2020-05-17 20:21 - 000852992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-05-17 20:21 - 2020-05-17 20:21 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HoloShellRuntime.dll
2020-05-17 20:21 - 2020-05-17 20:21 - 000105840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MixedRealityRuntime.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 025444864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 019851264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 019812352 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 018029056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 008013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 007822888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 007011840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 006291456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 005911040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 003822080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 003513856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-05-17 20:20 - 2020-05-17 20:20 - 002073176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 001835128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 001637376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 001559040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pla.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 001556200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 001525760 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 001507328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pla.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 001382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 001344000 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 001343488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 001336320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 001306112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 001260032 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 001151824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 001107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 001099600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 001071616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000747832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000686080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000540200 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.PredictionUnit.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\MixedReality.Broker.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000442880 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2020-05-17 20:20 - 2020-05-17 20:20 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000410624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\umrdp.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000345016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000301064 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpendp.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000299064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2020-05-17 20:20 - 2020-05-17 20:20 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CXHProvisioningServer.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000273744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkspbroker.exe
2020-05-17 20:20 - 2020-05-17 20:20 - 000262848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpendp.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapi32.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloShellRuntime.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagSvc.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapi32.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdsdwmdr.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2020-05-17 20:20 - 2020-05-17 20:20 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinput.exe
2020-05-17 20:20 - 2020-05-17 20:20 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Clipboard.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000139952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MixedRealityRuntime.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWSD.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkspbrokerAx.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkspbrokerAx.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2020-05-17 20:20 - 2020-05-17 20:20 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpSa.exe
2020-05-17 20:20 - 2020-05-17 20:20 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RdpSa.exe
2020-05-17 20:20 - 2020-05-17 20:20 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpSaProxy.exe
2020-05-17 20:20 - 2020-05-17 20:20 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-05-17 20:20 - 2020-05-17 20:20 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RdpSaProxy.exe
2020-05-17 20:20 - 2020-05-17 20:20 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\plasrv.exe
2020-05-17 20:19 - 2020-05-17 20:20 - 004612608 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-05-17 20:19 - 2020-05-17 20:19 - 007756800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-05-17 20:19 - 2020-05-17 20:19 - 007267840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-05-17 20:19 - 2020-05-17 20:19 - 004858368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-05-17 20:19 - 2020-05-17 20:19 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2020-05-17 20:19 - 2020-05-17 20:19 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-05-17 20:19 - 2020-05-17 20:19 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-05-17 20:19 - 2020-05-17 20:19 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-05-17 20:19 - 2020-05-17 20:19 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-05-17 20:19 - 2020-05-17 20:19 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 025902080 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 022638592 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 005757872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-05-17 20:18 - 2020-05-17 20:18 - 002259664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 001686016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 001414144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 001397560 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-05-17 20:18 - 2020-05-17 20:18 - 001393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 001284096 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 001195008 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 001125376 _____ (Microsoft Corporation) C:\WINDOWS\system32\CBDHSvc.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-05-17 20:18 - 2020-05-17 20:18 - 000994304 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000943640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000896000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000814080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-05-17 20:18 - 2020-05-17 20:18 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000673456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-05-17 20:18 - 2020-05-17 20:18 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmIndexer.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000614400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000568136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000530944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000466344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000453632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000246584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataExchangeHost.exe
2020-05-17 20:18 - 2020-05-17 20:18 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2020-05-17 20:18 - 2020-05-17 20:18 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netprofm.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsentUxClient.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWSD.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000099104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Display.BrightnessOverride.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\compstui.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.exe
2020-05-17 20:18 - 2020-05-17 20:18 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddrawex.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\npmproxy.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlmproxy.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlmsprep.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-05-17 20:18 - 2020-05-17 20:18 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-05-17 20:18 - 2020-05-17 20:18 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-05-17 20:18 - 2020-05-17 20:18 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-05-17 20:18 - 2020-05-17 20:18 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-05-17 20:18 - 2020-05-17 20:18 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-05-17 20:18 - 2020-05-17 20:18 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-05-17 20:18 - 2020-05-17 20:18 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-05-17 20:18 - 2020-05-17 20:18 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-05-17 20:18 - 2020-05-17 20:18 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-05-17 20:18 - 2020-05-17 20:18 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-05-17 20:18 - 2020-05-17 20:18 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-05-17 20:18 - 2020-05-17 20:18 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-05-17 20:17 - 2020-05-17 20:17 - 006525936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 002798592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-05-17 20:17 - 2020-05-17 20:17 - 002584008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 001952872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 001665720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 001581056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 001492480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 001477112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 001214264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 001178608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000894016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000683288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000652800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000592944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000553664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000539184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000501200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp_win.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000453944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2020-05-17 20:17 - 2020-05-17 20:17 - 000441584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000418816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000405424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000325432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-05-17 20:17 - 2020-05-17 20:17 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Diagnostics.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PickerPlatform.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000199992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-05-17 20:17 - 2020-05-17 20:17 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000188416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000185952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000176440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Management.Workplace.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Devices.Sensors.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.Compression.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Profile.RetailInfo.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000089328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AI.MachineLearning.Preview.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2020-05-17 20:17 - 2020-05-17 20:17 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-05-17 20:17 - 2020-05-17 20:17 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2020-05-17 20:16 - 2020-05-17 20:17 - 000268008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 006710272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 006082808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 005340568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 002576896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 001990576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 001975808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 001737216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 001654952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 001461760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 001357312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 001250816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 001081856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 001011712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000891392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000843576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000807936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000801832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000792808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputHost.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000782336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000778552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000776792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000748544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000672944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000655360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000602224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscms.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000600064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000581544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.applicationmodel.datatransfer.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000572200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000564480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000451584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.Phone.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000402944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000354816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneOm.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TaskApis.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Preview.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.NetworkOperators.ESim.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\icm32.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.SystemManagement.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000197432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000188928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000165176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\useractivitybroker.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Energy.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Graphics.Display.DisplayEnhancementManagement.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000124504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\socialapis.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CameraCaptureUI.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000090936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PeopleAPIs.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DiagnosticInvoker.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbussdapi.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Graphics.Display.DisplayColorManagement.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coloradapterclient.dll
2020-05-17 20:16 - 2020-05-17 20:16 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 014819328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 005945856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 005111296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 003974376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-05-17 20:15 - 2020-05-17 20:15 - 003747328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 001934824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 001510912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 001406464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 001375232 _____ (Microsoft Corporation) C:\WINDOWS\system32\APMon.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 001370112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 001306424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 001245696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 001222656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 001213440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 001184256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 001154656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 001068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 001048480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000975360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000911872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000881664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000866304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000861696 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000847872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000813568 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000777840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FlightSettings.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000716800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000701952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000693672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000683848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000673296 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000628024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000594472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000573952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000540160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000526848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000523264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000513024 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000512512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000441856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000435712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000375520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000362496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRClient.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000335360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountWAMExtension.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000310928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RADCUI.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000278080 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2020-05-17 20:15 - 2020-05-17 20:15 - 000266552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SystemSettings.DataModel.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000260328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winsta.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000245336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpmon.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msutb.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000183296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DataExchange.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatialAudioLicenseSrv.exe
2020-05-17 20:15 - 2020-05-17 20:15 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Haptics.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppExtension.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gamingtcui.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000117048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadWamExtension.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VoipRT.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Authentication.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRBroker.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000073024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000068408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceReactivation.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Printers.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000066832 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\findnetprinters.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.exe
2020-05-17 20:15 - 2020-05-17 20:15 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConfigureExpandedStorage.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ffbroker.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000050560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2020-05-17 20:15 - 2020-05-17 20:15 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AssignedAccessRuntime.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-05-17 20:15 - 2020-05-17 20:15 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2020-05-17 20:15 - 2020-05-17 20:15 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsregtask.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\localui.dll
2020-05-17 20:15 - 2020-05-17 20:15 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 009929528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-05-17 20:14 - 2020-05-17 20:14 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 003807232 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 003371416 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-05-17 20:14 - 2020-05-17 20:14 - 002774088 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 002769000 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 002736640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 002147328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 002087168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 001999968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 001646552 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 001393960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 001288648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 001282560 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 001098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000891544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000888352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000879064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000854528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmIndexer.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000847168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2020-05-17 20:14 - 2020-05-17 20:14 - 000822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-05-17 20:14 - 2020-05-17 20:14 - 000819200 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000796904 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000752584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2020-05-17 20:14 - 2020-05-17 20:14 - 000676072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000661816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-05-17 20:14 - 2020-05-17 20:14 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000580608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000543824 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000524208 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000518456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2020-05-17 20:14 - 2020-05-17 20:14 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-05-17 20:14 - 2020-05-17 20:14 - 000467952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-05-17 20:14 - 2020-05-17 20:14 - 000386320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-05-17 20:14 - 2020-05-17 20:14 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000221496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-05-17 20:14 - 2020-05-17 20:14 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000132712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Display.BrightnessOverride.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000058880 _____ C:\WINDOWS\system32\runexehelper.exe
2020-05-17 20:14 - 2020-05-17 20:14 - 000058696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdfLdr.sys
2020-05-17 20:14 - 2020-05-17 20:14 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddrawex.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-05-17 20:14 - 2020-05-17 20:14 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2020-05-17 20:13 - 2020-05-17 20:13 - 006435328 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-05-17 20:13 - 2020-05-17 20:13 - 001819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
2020-05-17 20:13 - 2020-05-17 20:13 - 001218560 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2020-05-17 20:13 - 2020-05-17 20:13 - 001023128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2020-05-17 20:13 - 2020-05-17 20:13 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2020-05-17 20:13 - 2020-05-17 20:13 - 000639400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2020-05-17 20:13 - 2020-05-17 20:13 - 000638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2020-05-17 20:13 - 2020-05-17 20:13 - 000439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe
2020-05-17 20:13 - 2020-05-17 20:13 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2020-05-17 20:13 - 2020-05-17 20:13 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll
2020-05-17 20:13 - 2020-05-17 20:13 - 000333128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsta.dll
2020-05-17 20:13 - 2020-05-17 20:13 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2020-05-17 20:13 - 2020-05-17 20:13 - 000283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComposerFramework.dll
2020-05-17 20:13 - 2020-05-17 20:13 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msutb.dll
2020-05-17 20:13 - 2020-05-17 20:13 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2020-05-17 20:13 - 2020-05-17 20:13 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2020-05-17 20:13 - 2020-05-17 20:13 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-05-17 20:12 - 2020-05-17 20:12 - 007902912 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 007257816 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 006168576 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 005280192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 004565456 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-05-17 20:12 - 2020-05-17 20:12 - 004012032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 003727360 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-05-17 20:12 - 2020-05-17 20:12 - 003655680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 002854400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 002354688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 002235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 002157056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 002072576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 001945600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 001825280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 001656904 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 001536512 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 001505592 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 001486336 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-05-17 20:12 - 2020-05-17 20:12 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 001428480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 001373184 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 001336832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 001274128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 001158144 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 001150784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputHost.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 001132544 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 001121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 001092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 001085752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 001007104 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 001005056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000979264 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000915192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000859944 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000781312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000742200 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000732160 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000716312 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000685368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000650240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000622592 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-05-17 20:12 - 2020-05-17 20:12 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000569856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-05-17 20:12 - 2020-05-17 20:12 - 000547992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2020-05-17 20:12 - 2020-05-17 20:12 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000513024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Activities.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000474112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000460200 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-05-17 20:12 - 2020-05-17 20:12 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2020-05-17 20:12 - 2020-05-17 20:12 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2020-05-17 20:12 - 2020-05-17 20:12 - 000448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000442880 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneOm.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.NetworkOperators.ESim.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskApis.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000390968 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\PickerPlatform.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Cortana.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000311096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\DesktopSwitcherDataModel.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\PasswordEnrollmentManager.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MtcModel.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000209208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SwitcherDataModel.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.CapturePicker.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000152416 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000142760 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
2020-05-17 20:12 - 2020-05-17 20:12 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\socialapis.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairingExperienceMEM.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredDialogBroker.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CaptureService.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeopleAPIs.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSAssessment.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000107616 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2020-05-17 20:12 - 2020-05-17 20:12 - 000104248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000102216 _____ (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe
2020-05-17 20:12 - 2020-05-17 20:12 - 000089912 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbussdapi.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2020-05-17 20:12 - 2020-05-17 20:12 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
2020-05-17 20:12 - 2020-05-17 20:12 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2020-05-17 20:11 - 2020-05-17 20:11 - 009339392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2020-05-17 20:11 - 2020-05-17 20:11 - 000710656 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2020-05-17 20:11 - 2020-05-17 20:11 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Graphics.Display.DisplayEnhancementManagement.dll
2020-05-17 20:11 - 2020-05-17 20:11 - 000091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Graphics.Display.DisplayColorManagement.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 004005376 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 003581752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-05-17 20:10 - 2020-05-17 20:10 - 003109376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 003084800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 002760704 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2020-05-17 20:10 - 2020-05-17 20:10 - 002717184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-05-17 20:10 - 2020-05-17 20:10 - 002504440 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 002448712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 002256384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 001885184 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 001786880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 001498624 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 001391104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 001270784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrSvc.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 001182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 001053696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 001027816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Perception.Stub.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 001007928 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000945192 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000916768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-05-17 20:10 - 2020-05-17 20:10 - 000841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000819696 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.applicationmodel.datatransfer.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000706544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscms.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000629760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000614400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000604160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000495616 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-05-17 20:10 - 2020-05-17 20:10 - 000416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000339824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000290304 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000273208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\icm32.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000238904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Workplace.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Devices.Sensors.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000231912 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\useractivitybroker.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Compression.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CameraCaptureUI.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AI.MachineLearning.Preview.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticInvoker.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000088280 _____ (Microsoft Corporation) C:\WINDOWS\system32\coloradapterclient.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-05-17 20:10 - 2020-05-17 20:10 - 000047000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-05-17 20:10 - 2020-05-17 20:10 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2020-05-17 20:09 - 2020-05-17 20:09 - 007297536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2020-05-17 20:09 - 2020-05-17 20:09 - 002284032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2020-05-17 20:09 - 2020-05-17 20:09 - 002060800 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2020-05-17 20:09 - 2020-05-17 20:09 - 001333248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2020-05-17 20:09 - 2020-05-17 20:09 - 001080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2020-05-17 20:09 - 2020-05-17 20:09 - 000957056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2020-05-17 20:09 - 2020-05-17 20:09 - 000902656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2020-05-17 20:09 - 2020-05-17 20:09 - 000809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2020-05-17 20:09 - 2020-05-17 20:09 - 000793088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2020-05-17 20:09 - 2020-05-17 20:09 - 000738304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2020-05-17 20:09 - 2020-05-17 20:09 - 000732160 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2020-05-17 20:09 - 2020-05-17 20:09 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2020-05-17 20:09 - 2020-05-17 20:09 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2020-05-17 20:09 - 2020-05-17 20:09 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2020-05-17 20:09 - 2020-05-17 20:09 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountWAMExtension.dll
2020-05-17 20:09 - 2020-05-17 20:09 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountExtension.dll
2020-05-17 20:09 - 2020-05-17 20:09 - 000318680 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2020-05-17 20:09 - 2020-05-17 20:09 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataExchange.dll
2020-05-17 20:09 - 2020-05-17 20:09 - 000220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2020-05-17 20:09 - 2020-05-17 20:09 - 000187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Haptics.dll
2020-05-17 20:09 - 2020-05-17 20:09 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppExtension.dll
2020-05-17 20:09 - 2020-05-17 20:09 - 000164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcui.dll
2020-05-17 20:09 - 2020-05-17 20:09 - 000147776 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadWamExtension.dll
2020-05-17 20:09 - 2020-05-17 20:09 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll
2020-05-17 20:09 - 2020-05-17 20:09 - 000071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ffbroker.dll
2020-05-17 20:09 - 2020-05-17 20:09 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessRuntime.dll
2020-05-17 20:08 - 2020-05-17 20:08 - 017791488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-05-17 20:08 - 2020-05-17 20:08 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-05-17 20:08 - 2020-05-17 20:08 - 002289152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-05-17 20:08 - 2020-05-17 20:08 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-05-17 20:08 - 2020-05-17 20:08 - 001500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2020-05-17 20:08 - 2020-05-17 20:08 - 001385176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2020-05-17 20:08 - 2020-05-17 20:08 - 001346048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2020-05-17 20:08 - 2020-05-17 20:08 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-05-17 20:08 - 2020-05-17 20:08 - 001059328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2020-05-17 20:08 - 2020-05-17 20:08 - 000938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2020-05-17 20:08 - 2020-05-17 20:08 - 000768000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2020-05-17 20:08 - 2020-05-17 20:08 - 000759808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2020-05-17 20:08 - 2020-05-17 20:08 - 000559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2020-05-17 20:08 - 2020-05-17 20:08 - 000479744 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRClient.dll
2020-05-17 20:08 - 2020-05-17 20:08 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2020-05-17 20:08 - 2020-05-17 20:08 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2020-05-17 20:08 - 2020-05-17 20:08 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-05-17 20:08 - 2020-05-17 20:08 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2020-05-17 20:08 - 2020-05-17 20:08 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2020-05-17 20:08 - 2020-05-17 20:08 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRBroker.dll
2020-05-17 20:08 - 2020-05-17 20:08 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-05-17 20:08 - 2020-05-17 20:08 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll
2020-05-17 20:07 - 2020-05-17 20:08 - 006232568 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 004624880 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-05-17 20:07 - 2020-05-17 20:07 - 002150232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 001943040 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 001766400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 001745208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 001722880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 001637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 001413712 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 001263616 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 001098240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Signals.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 001072128 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 000999616 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 000826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2020-05-17 20:07 - 2020-05-17 20:07 - 000824832 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 000637480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2020-05-17 20:07 - 2020-05-17 20:07 - 000634680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2020-05-17 20:07 - 2020-05-17 20:07 - 000589384 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2020-05-17 20:07 - 2020-05-17 20:07 - 000534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.UserService.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 000502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 000415808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 000410608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 000399672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DataModel.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 000380632 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialEnrollmentManager.exe
2020-05-17 20:07 - 2020-05-17 20:07 - 000316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-05-17 20:07 - 2020-05-17 20:07 - 000250696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2020-05-17 20:07 - 2020-05-17 20:07 - 000215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Internal.Input.ExpressiveInput.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2020-05-17 20:07 - 2020-05-17 20:07 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VoipRT.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUser.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe
2020-05-17 20:07 - 2020-05-17 20:07 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2020-05-17 20:07 - 2020-05-17 20:07 - 000116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2020-05-17 20:07 - 2020-05-17 20:07 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 000088352 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 000069704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 000060432 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2020-05-17 20:07 - 2020-05-17 20:07 - 000059192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2020-05-17 20:07 - 2020-05-17 20:07 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelineprxy.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsUsbGDCoInstaller.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\TsUsbGD.sys
2020-05-17 20:07 - 2020-05-17 20:07 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSaveTask.exe
2020-05-17 20:07 - 2020-05-17 20:07 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-05-17 20:07 - 2020-05-17 20:07 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-05-17 20:07 - 2020-05-17 20:07 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregtask.dll
2020-05-17 17:56 - 2020-05-17 17:59 - 000000000 ____D C:\Users\lenovo\Desktop\zkouska
2020-05-16 19:59 - 2020-05-24 14:34 - 000000000 ____D C:\Users\lenovo\Desktop\martas foto
2020-05-10 15:03 - 2020-05-10 15:03 - 010310684 _____ C:\Users\lenovo\Desktop\ZPSSlideshow.pdf
2020-04-24 06:34 - 2020-04-24 06:35 - 000004477 _____ C:\Users\lenovo\Downloads\24.04.(1).kpc
2020-04-24 06:29 - 2020-04-24 06:29 - 000002402 _____ C:\Users\lenovo\Downloads\24.04..kpc

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-05-24 21:03 - 2019-09-25 07:07 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-05-24 21:03 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-05-24 20:16 - 2016-05-25 18:09 - 000000000 __SHD C:\Users\lenovo\IntelGraphicsProfiles
2020-05-24 20:15 - 2019-09-25 07:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-05-24 20:15 - 2017-06-10 09:47 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2020-05-24 20:15 - 2017-06-10 09:47 - 000000000 ____D C:\ProgramData\Synaptics
2020-05-24 20:14 - 2019-03-19 06:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-05-24 20:13 - 2019-09-25 07:20 - 000000000 ____D C:\Users\lenovo
2020-05-24 20:13 - 2017-05-17 19:11 - 000000000 ____D C:\ProgramData\AVAST Software
2020-05-24 20:12 - 2020-03-12 23:37 - 000000000 ____D C:\WINDOWS\Lenovo
2020-05-24 20:12 - 2019-09-25 07:51 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2020-05-24 20:12 - 2016-05-25 21:37 - 000000000 ____D C:\Users\lenovo\AppData\Local\Lenovo
2020-05-24 20:12 - 2015-09-16 11:54 - 000000000 ____D C:\ProgramData\Lenovo
2020-05-24 20:12 - 2015-09-16 11:45 - 000000000 ____D C:\Program Files\Lenovo
2020-05-24 20:12 - 2015-09-16 11:40 - 000000000 ____D C:\Program Files (x86)\Lenovo
2020-05-24 19:00 - 2016-05-26 00:07 - 000000000 ____D C:\Users\lenovo\AppData\Roaming\vlc
2020-05-24 16:52 - 2019-09-25 07:51 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-05-24 16:49 - 2017-05-17 19:50 - 000002095 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2020-05-24 16:49 - 2017-05-17 19:50 - 000002083 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2020-05-24 16:28 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-05-24 14:27 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-05-24 14:09 - 2016-07-31 16:08 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-05-20 20:29 - 2020-04-21 06:18 - 000501472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2020-05-20 20:29 - 2019-01-17 19:09 - 000234560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2020-05-20 20:29 - 2019-01-09 20:01 - 000178760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2020-05-20 20:29 - 2019-01-09 20:01 - 000060480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2020-05-20 20:29 - 2019-01-09 20:01 - 000037136 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2020-05-20 20:29 - 2018-10-17 20:44 - 000042784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2020-05-20 20:29 - 2017-12-10 22:44 - 000851592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2020-05-20 20:29 - 2017-12-10 22:44 - 000460992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2020-05-20 20:29 - 2017-12-10 22:44 - 000319120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2020-05-20 20:29 - 2017-12-10 22:44 - 000205880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2020-05-20 20:29 - 2017-12-10 22:44 - 000109272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2020-05-20 20:29 - 2017-12-10 22:44 - 000084856 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2020-05-20 20:27 - 2020-03-21 10:03 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1139293016-3686136104-1418621097-1001
2020-05-20 20:27 - 2019-09-25 07:51 - 000004864 _____ C:\WINDOWS\system32\Tasks\Atbuphplapuing Manager
2020-05-20 20:27 - 2019-09-25 07:51 - 000003830 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-05-20 20:27 - 2019-09-25 07:51 - 000003530 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
2020-05-20 20:27 - 2019-09-25 07:51 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-05-20 20:27 - 2019-09-25 07:51 - 000003402 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-05-20 20:27 - 2019-09-25 07:51 - 000003178 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-05-20 20:27 - 2019-09-25 07:51 - 000002274 _____ C:\WINDOWS\system32\Tasks\DolbySelectorTask
2020-05-20 20:27 - 2019-09-25 07:51 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2020-05-19 17:30 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-05-19 17:30 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-05-19 15:31 - 2019-09-25 07:34 - 001693850 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-05-19 15:31 - 2019-03-19 13:55 - 000718198 _____ C:\WINDOWS\system32\perfh005.dat
2020-05-19 15:31 - 2019-03-19 13:55 - 000145242 _____ C:\WINDOWS\system32\perfc005.dat
2020-05-19 15:31 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2020-05-19 15:30 - 2016-05-27 09:13 - 000000000 ___RD C:\Users\lenovo\3D Objects
2020-05-19 15:30 - 2016-02-13 15:12 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-05-19 15:25 - 2019-09-25 07:07 - 000468368 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-05-17 21:14 - 2019-03-19 06:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-05-17 21:14 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\TextInput
2020-05-17 21:14 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-05-17 21:14 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-05-17 21:14 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-05-17 21:14 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-05-17 21:14 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-05-17 21:14 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\Provisioning
2020-05-17 21:14 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-05-17 21:14 - 2019-03-19 06:52 - 000000000 ____D C:\PerfLogs
2020-05-17 20:53 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-05-17 20:48 - 2016-05-25 20:46 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-05-17 20:43 - 2016-05-25 20:46 - 120636720 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-05-17 20:07 - 2019-09-25 07:13 - 002874880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2020-05-16 20:07 - 2015-09-16 11:42 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-05-13 19:24 - 2019-09-25 07:20 - 000002375 _____ C:\Users\lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-05-13 19:24 - 2016-05-25 18:13 - 000000000 ___RD C:\Users\lenovo\OneDrive
2020-05-13 19:04 - 2019-11-14 17:37 - 005177912 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2020-05-13 19:04 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-05-13 19:04 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-05-10 15:39 - 2017-05-19 00:05 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-05-10 15:23 - 2017-05-12 20:50 - 000000000 ____D C:\Users\lenovo\AppData\Local\CrashDumps
2020-05-02 16:33 - 2017-12-11 14:08 - 000000000 ____D C:\Users\lenovo\AppData\Local\Packages

==================== Files in the root of some directories ========

2018-12-12 18:47 - 2018-12-12 18:47 - 000003584 _____ () C:\Users\lenovo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

[HonzaDC2]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-05-2020 01
Ran by lenovo (24-05-2020 21:09:38)
Running from C:\Users\lenovo\Desktop
Windows 10 Home Version 1903 18362.836 (X64) (2019-09-25 05:52:46)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1139293016-3686136104-1418621097-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1139293016-3686136104-1418621097-503 - Limited - Disabled)
Guest (S-1-5-21-1139293016-3686136104-1418621097-501 - Limited - Disabled)
lenovo (S-1-5-21-1139293016-3686136104-1418621097-1001 - Administrator - Enabled) => C:\Users\lenovo
WDAGUtilityAccount (S-1-5-21-1139293016-3686136104-1418621097-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.009.20065 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.371 - Adobe)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.3.2405 - Avast Software)
Bandicam (HKLM-x32\...\Bandicam) (Version: 4.1.0.1362 - Bandicam.com)
Bandicam MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandicam.com)
Camtasia 9 (HKLM\...\{1D09B594-C8B5-4CF1-B927-41D9A487799C}) (Version: 9.0.5.2021 - TechSmith Corporation) Hidden
Camtasia 9 (HKLM-x32\...\{00ce4b8c-0138-4743-b0b8-379b2715eb44}) (Version: 9.0.5.2021 - TechSmith Corporation)
CryptoPlus KB v1.0 (HKLM-x32\...\CryptoPlus KB v1.0) (Version: 2.1.8 - Monet+,a.s.)
CryptoPlus KB v1.0 x64 (HKLM\...\CryptoPlus KB v1.0) (Version: 2.1.8 - Monet+,a.s.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.12.0.1152 - Disc Soft Ltd)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
EGR-ShellExtension (HKLM-x32\...\EGR-ShellExtension) (Version: 1.2.1.100 - EasternGraphics)
FormApps Signing Extension (HKLM-x32\...\{ACA43D91-8B42-4D42-8C8B-A893BD6AA40D}) (Version: 2.8.2.28 - Software602 a.s.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 81.0.4044.138 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Chrome Remote Desktop Host (HKLM-x32\...\{654C49EB-D47E-4319-B719-DEEC73787B51}) (Version: 83.0.4103.2 - Google Inc.)
Intel(R) Chipset Device Software (HKLM-x32\...\{c6cff78a-cccb-49d5-be68-ae0ec5f0d48a}) (Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1153 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4624 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.2.1088 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{DC5673D2-228D-45BC-B9BB-9610CE67DFC0}) (Version: 17.1.1524.1353 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{d9e230c1-06bb-4b78-a9f1-c1ddce14e6fc}) (Version: 18.11.0 - Intel Corporation)
ISSENEWClient 8.02 - Firefox 6.0.1 (HKLM-x32\...\{7F55769E-39A9-4D48-8018-42865B6244CC}_is1) (Version: - AURA, s.r.o.)
IT9130 Driver v12.2.3.1 (HKLM-x32\...\IT9130 DriverInstaller_12.2.3.1) (Version: - )
Lenovo Business Vantage (HKLM-x32\...\{BAAE4B9C-8D26-44AF-BCE8-181C8F4A8D5B}_is1) (Version: 3.0.2.3 - Lenovo)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.4706 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.4706 - CyberLink Corp.)
Lenovo Smart Fingerprint (HKLM-x32\...\{90C700B4-BC7E-4628-867C-FC8622F0DAD9}_is1) (Version: 1.0.0.44 - Lenovo)
Metric Collection SDK (HKLM-x32\...\{DDAA788F-52E6-44EA-ADB8-92837B11BF26}) (Version: 1.1.0012.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Mi PC Suite (HKU\S-1-5-21-1139293016-3686136104-1418621097-1001\...\MiPhoneManager) (Version: - Xiaomi Inc.)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Language Pack 2013 - Czech/čeština (HKLM\...\Office15.OMUI.cs-cz) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional 2019 - cs-cz (HKLM\...\Professional2019Retail - cs-cz) (Version: 16.0.12730.20270 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1139293016-3686136104-1418621097-1001\...\OneDriveSetup.exe) (Version: 20.052.0311.0011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.8 - F.J. Wechselberger)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12730.20250 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12730.20250 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12730.20250 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.12730.20250 - Microsoft Corporation) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.29094 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7592 - Realtek Semiconductor Corp.)
Room Arranger (64-bit) (HKLM-x32\...\Room Arranger x64) (Version: 9.5 - Jan Adamec)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0100-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{010BF41A-4D78-40C3-90BA-117DF64A0AE2}) (Version: - Microsoft)
Skype verze 8.54 (HKLM-x32\...\Skype_is1) (Version: 8.54 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.7 - Synaptics Incorporated)
Synaptics WBF DDK 5011 (HKLM\...\{4D70781C-36A9-4335-9568-565C6F61B5EB}) (Version: 4.5.289.0 - )
Synaptics WBF DDK 5011 (HKLM\...\{9062E143-DEDB-4F8C-B5B8-30AEC328400C}) (Version: 4.5.289.0 - Synaptics)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.8 - VideoLAN)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.12 - ZONER software)

Packages:
=========
Lenovo Settings -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoSettings_3.177.0.0_x86__4642shxvsv8s2 [2017-12-19] (LENOVO INCORPORATED.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-16] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-16] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.38.21323.0_x64__8wekyb3d8bbwe [2020-05-17] (Microsoft Corporation)
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
Uživatelský portál Lenovo -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2017-04-26] (LENOVO INCORPORATED.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1139293016-3686136104-1418621097-1001_Classes\CLSID\{DEDBE4C9-9E87-40C5-B437-9AAB7EB9C667}\InprocServer32 -> C:\Program Files (x86)\EasternGraphics\EGR-ShellExtension\Win64\egr_se.dll (EasternGraphics GmbH -> EasternGraphics)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-05-20] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-05-20] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1-x32: [MyPhoneExplorer] -> {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => C:\Program Files (x86)\MyPhoneExplorer\DLL\ShellMgr.dll [2010-03-30] (F.J. Wechselberger) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => -> No File
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-03-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-05-20] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-03-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-04-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-05-20] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [msacm.vorbis] => C:\WINDOWS\system32\vorbis.acm [1470976 2015-03-11] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
HKLM\...\Drivers32: [vidc.mjpg] => C:\WINDOWS\system32\bdmjpeg64.dll [75248 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\WINDOWS\system32\bdmpegv64.dll [75272 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\WINDOWS\system32\bdmpega64.acm [75784 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1554944 2015-03-11] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\SysWOW64\bdmjpeg.dll [71152 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\SysWOW64\bdmpegv.dll [71176 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\SysWOW64\bdmpega.acm [71176 2017-01-26] (Bandicam Company -> )

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2016-05-26 18:48 - 2014-09-09 13:30 - 000603648 _____ () [File not signed] C:\Program Files\Zoner\Photo Studio 17\Program32\SpiderMonkey.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-1139293016-3686136104-1418621097-1001\Software\Classes\regfile: regedit.exe "%1" <==== ATTENTION

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1139293016-3686136104-1418621097-1001\...\mojebanka.cz -> hxxps://etrading.mojebanka.cz
IE trusted site: HKU\S-1-5-21-1139293016-3686136104-1418621097-1001\...\mojeplatba.cz -> hxxps://www.mojeplatba.cz

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 13:04 - 2019-01-06 13:18 - 000000342 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 activation.cloud.techsmith.com
127.0.0.1 oscount.techsmith.com
127.0.0.1 65.52.240.48
127.0.0.1 69.167.144.18
127.0.0.1 157.56.8.159
127.0.0.1 69.167.144.15
127.0.0.1 updater.techsmith.com
127.0.0.1 camtasiatudi.techsmith.com
127.0.0.1 tsccloud.cloudapp.net
127.0.0.1 assets.cloud.techsmith.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Lenovo\FusionEngine;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1139293016-3686136104-1418621097-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
DNS Servers: 1.1.1.1 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{A60BCA35-FFDA-45A8-BC18-F3E2635A1700}] => (Block) C:\program files (x86)\mirrorop receiver\mirrorop receiver.exe => No File
FirewallRules: [{8091452D-4AAE-4A01-87EE-06D61D1F2978}] => (Block) C:\program files (x86)\mirrorop receiver\mirrorop receiver.exe => No File
FirewallRules: [UDP Query User{FE325286-AC90-4548-86A9-506347E50973}C:\program files (x86)\mirrorop receiver\mirrorop receiver.exe] => (Allow) C:\program files (x86)\mirrorop receiver\mirrorop receiver.exe => No File
FirewallRules: [TCP Query User{DC1DE24C-FAFF-4693-90FD-F35F5CF3F5F2}C:\program files (x86)\mirrorop receiver\mirrorop receiver.exe] => (Allow) C:\program files (x86)\mirrorop receiver\mirrorop receiver.exe => No File
FirewallRules: [{7EE1D345-9E0D-474A-973A-1C4846DC9E41}] => (Allow) C:\Users\lenovo\AppData\Local\Temp\andy-x64\Setup.exe => No File
FirewallRules: [{0C8D6D0D-E458-44D0-B06B-763DF4FCD2A5}] => (Allow) C:\Users\lenovo\AppData\Local\Temp\andy-x64\Setup.exe => No File
FirewallRules: [{E18A8CEF-7E7C-4771-9AB9-2BAD0E8E40C1}] => (Allow) LPort=8318
FirewallRules: [{73F681E1-1DE3-45F1-9797-651FC789278B}] => (Block) C:\users\lenovo\appdata\local\apps\2.0\oe7652r2.1t6\pdx8m5rv.nvp\sich..tion_dd8fea481d87ab9c_0003.0000_d7234a5a5ac46b11\sichbopvr.exe => No File
FirewallRules: [{CE854CB2-8407-47DF-97F8-C2AE13D50256}] => (Block) C:\users\lenovo\appdata\local\apps\2.0\oe7652r2.1t6\pdx8m5rv.nvp\sich..tion_dd8fea481d87ab9c_0003.0000_d7234a5a5ac46b11\sichbopvr.exe => No File
FirewallRules: [UDP Query User{55FE5C0C-EA5E-4C5E-ACC5-B55525E76149}C:\users\lenovo\appdata\local\apps\2.0\oe7652r2.1t6\pdx8m5rv.nvp\sich..tion_dd8fea481d87ab9c_0003.0000_d7234a5a5ac46b11\sichbopvr.exe] => (Allow) C:\users\lenovo\appdata\local\apps\2.0\oe7652r2.1t6\pdx8m5rv.nvp\sich..tion_dd8fea481d87ab9c_0003.0000_d7234a5a5ac46b11\sichbopvr.exe => No File
FirewallRules: [TCP Query User{B9274B1C-AFFA-4338-84A7-EA3C77632871}C:\users\lenovo\appdata\local\apps\2.0\oe7652r2.1t6\pdx8m5rv.nvp\sich..tion_dd8fea481d87ab9c_0003.0000_d7234a5a5ac46b11\sichbopvr.exe] => (Allow) C:\users\lenovo\appdata\local\apps\2.0\oe7652r2.1t6\pdx8m5rv.nvp\sich..tion_dd8fea481d87ab9c_0003.0000_d7234a5a5ac46b11\sichbopvr.exe => No File
FirewallRules: [UDP Query User{A0DF7EB8-90CB-49FB-8E0D-C813C7B307BB}C:\program files\windowsapps\xbmcfoundation.kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Block) C:\program files\windowsapps\xbmcfoundation.kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe => No File
FirewallRules: [TCP Query User{B87359EE-BB32-4807-9E68-E317BC0A1E42}C:\program files\windowsapps\xbmcfoundation.kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Block) C:\program files\windowsapps\xbmcfoundation.kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe => No File
FirewallRules: [{F06F0A0C-418C-4176-AEF4-EBC1025DAB7F}] => (Block) C:\program files\windowsapps\xbmcfoundation.kodi_17.3.7.0_x86__4n2hpmxwrvr6p\kodi.exe => No File
FirewallRules: [{C0DBA1C5-BE73-4EF2-B903-CC103D749347}] => (Block) C:\program files\windowsapps\xbmcfoundation.kodi_17.3.7.0_x86__4n2hpmxwrvr6p\kodi.exe => No File
FirewallRules: [UDP Query User{29EC61B9-FEE6-4812-821C-5023AB6CECB1}C:\program files\windowsapps\xbmcfoundation.kodi_17.3.7.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_17.3.7.0_x86__4n2hpmxwrvr6p\kodi.exe => No File
FirewallRules: [TCP Query User{D00F2F28-4311-4F28-9B5F-A767BFC44BDC}C:\program files\windowsapps\xbmcfoundation.kodi_17.3.7.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_17.3.7.0_x86__4n2hpmxwrvr6p\kodi.exe => No File
FirewallRules: [{C2295A1E-9885-462B-AD8E-B7E952790EBC}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\rtmpsrv.exe => No File
FirewallRules: [{D66DF037-B1C5-4AF2-A6FC-CF8BE86EC4A5}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\rtmpsrv.exe => No File
FirewallRules: [{51A26104-2AF4-44B4-B2A7-2D01BAFEF6EF}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe => No File
FirewallRules: [{D67416A2-16CB-4492-BCB0-85C8AAAB289F}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe => No File
FirewallRules: [{AC1BD9AA-25EB-43DD-8C3B-2AB3557FE306}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe => No File
FirewallRules: [{BF2DB6BD-41BA-47DE-893E-7AA4DB0237F4}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe => No File
FirewallRules: [{63B565C4-9829-40FC-9811-D49BF02FF43F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe => No File
FirewallRules: [{16EDBE02-BEB0-4733-B9AE-20140F8D8EC7}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe => No File
FirewallRules: [{4641C68F-EDDF-4B56-8623-212C2B335378}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Wireless Connectivity Solutions -> )
FirewallRules: [{9C1057F7-0F84-4549-B3F2-7A07702995C3}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe (ZONER software, a.s. -> ZONER software)
FirewallRules: [TCP Query User{AE1CCA87-819E-44DE-A7C5-AD6BC712EFD9}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Block) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [UDP Query User{4827AD80-3C3F-470A-998D-157153BB1239}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Block) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [{7F5FDC4F-6502-45A7-8EFA-BCD9EE79F639}] => (Allow) D:\KOPLAYER\vbox\VBoxManage.exe => No File
FirewallRules: [{86A2D89D-1203-4347-83DF-42199AB0A417}] => (Allow) D:\KOPLAYER\vbox\VBoxManage.exe => No File
FirewallRules: [{D822028E-10AF-4807-BB46-AE4070C796B9}] => (Allow) D:\KOPLAYER\vbox\VBoxManage.exe => No File
FirewallRules: [{843EF7A9-9EA9-4868-9C01-E2D16E1F347E}] => (Allow) D:\KOPLAYER\vbox\VBoxManage.exe => No File
FirewallRules: [{E9633208-6BE9-4AD8-B8DD-4344AAAA0093}] => (Allow) D:\KOPLAYER\vbox\VBoxHeadless.exe => No File
FirewallRules: [{9A8344BF-8EB2-429B-A7AF-06561BF33AC7}] => (Allow) D:\KOPLAYER\vbox\VBoxHeadless.exe => No File
FirewallRules: [{5203305D-5BB9-4C05-ACE2-4D2DC5C11620}] => (Allow) D:\KOPLAYER\vbox\VBoxHeadless.exe => No File
FirewallRules: [{011FB4C1-FFF3-4CFF-8819-C0FEED8E1207}] => (Allow) D:\KOPLAYER\vbox\VBoxHeadless.exe => No File
FirewallRules: [{3B61F93A-8323-4B44-8696-BCCB06ADB0FE}] => (Allow) C:\Program Files (x86)\MIO\loader\wdcxwd5000lpcx-24c6ht0_wd-wx51a65c55lpc55lp.dat => No File
FirewallRules: [{710E3CAC-CC82-433D-9350-510D563C0672}] => (Allow) C:\Program Files (x86)\MIO\loader\wdcxwd5000lpcx-24c6ht0_wd-wx51a65c55lpc55lp.dat => No File
FirewallRules: [{E6547A9B-5A5D-42F8-9750-B294B8AB64B0}] => (Allow) C:\Program Files (x86)\Firefox\Firefox.exe => No File
FirewallRules: [{7A43B53F-7364-4F15-98C1-0C0016BA0CCD}] => (Allow) C:\Program Files (x86)\Avira\Scout\Application\scout.exe => No File
FirewallRules: [{EC825FEC-C416-4D82-AE5A-33E021F0AF26}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe => No File
FirewallRules: [{5299B726-523C-4736-A238-44F370AF3F5C}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe => No File
FirewallRules: [{CA514ED5-B672-4887-9C3F-782A7915DF15}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe => No File
FirewallRules: [{2919264E-8CC3-498A-ABF2-0F497B9E982C}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe => No File
FirewallRules: [{FB6F50D2-E44B-4EB8-A99D-5ABDD8DE0708}] => (Allow) C:\Users\lenovo\AppData\Local\MiPhoneManager\main\MiPCSuite.exe (Xiaomi Technology Inc -> Xiaomi.Inc)
FirewallRules: [{4ADA45AE-890E-4DAE-9C7F-6879BCCE830F}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2B2A69C6-B4A6-4C02-BDB8-1FCC4E2B9094}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3EE86918-02AC-4C34-AD60-23736C5DBEDC}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{2503FAB4-C85F-4F15-B774-131921D78CDD}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{99BE45F8-19D3-45F6-B12F-D04E6EA2A238}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{26CCDE3C-5B12-4555-AC96-A0D5184FA65A}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\83.0.4103.2\remoting_host.exe (Google LLC -> Google Inc.)
FirewallRules: [{7BE3C01B-942E-4841-85FA-24CE2BF03D99}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

17-05-2020 10:26:52 Naplánovaný kontrolní bod
24-05-2020 17:50:32 Naplánovaný kontrolní bod
24-05-2020 20:10:10 AdwCleaner_BeforeCleaning_24/05/2020_20:10:08

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (05/24/2020 08:54:56 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10464,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/24/2020 08:44:38 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5800,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/24/2020 08:35:00 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3108,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/24/2020 08:13:51 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (05/24/2020 08:13:51 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (05/24/2020 08:13:51 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (05/24/2020 08:13:51 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (05/24/2020 08:08:20 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3880,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).


System errors:
=============
Error: (05/24/2020 08:30:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba System Interface Foundation Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (05/24/2020 08:20:24 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Správce stažených map přestala během spouštění reagovat.

Error: (05/24/2020 08:18:56 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.

Error: (05/24/2020 08:18:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba System Interface Foundation Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (05/24/2020 08:18:22 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Intel(R) Rapid Storage Technology bylo dosaženo časového limitu (30000 ms).

Error: (05/24/2020 08:16:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba System Interface Foundation Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (05/24/2020 08:16:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba System Interface Foundation Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (05/24/2020 08:15:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba System Interface Foundation Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.


Windows Defender:
===================================
Date: 2019-12-17 03:18:12.188
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: VirTool:Win32/DefenderTamperingRestore
ID: 2147741622
Závažnost: Vážné
Kategorie: Nástroj
Cesta: regkeyvalue:_hklm\software\microsoft\windows defender\spynet\\DisableBlockAtFirstSeen
Původ detekce: Neznámý
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.307.577.0, AS: 1.307.577.0, NIS: 1.307.577.0
Verze modulu: AM: 1.1.16600.7, NIS: 1.1.16600.7

Date: 2019-09-26 21:30:08.734
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {E8DB110F-D609-49B9-91CB-A6F2C0496E3B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-09-26 21:15:14.276
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {CA9DFBF0-34E7-4168-96B3-7A4EB1E4368C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-09-26 20:15:02.597
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {0282E3B0-8E86-4AE8-AB06-17DCAA69E696}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-09-26 18:13:50.987
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {28E034B0-8674-4E58-89AC-D6CFE864EEEE}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-12-20 18:31:48.764
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.307.701.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16600.7
Kód chyby: 0x8024001e
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===================================

Date: 2020-05-24 21:09:19.270
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-24 21:09:19.264
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-24 21:09:19.236
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-24 21:09:19.230
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-24 21:08:19.220
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-24 21:08:19.214
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-24 21:05:15.027
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-24 21:05:15.021
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: LENOVO A8CN47WW(V3.00) 07/14/2015
Motherboard: LENOVO Lenovo B50-80
Processor: Intel(R) Pentium(R) CPU 3825U @ 1.90GHz
Percentage of memory in use: 59%
Total physical RAM: 4009.84 MB
Available physical RAM: 1623.55 MB
Total Virtual: 8105.84 MB
Available Virtual: 4759.23 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:417.05 GB) (Free:307.15 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:20.98 GB) NTFS

\\?\Volume{a0880f8c-4a61-44ce-8bad-03cc15aebb7b}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.51 GB) NTFS
\\?\Volume{a5a9ba3a-a1d4-4b04-9da7-f2538679639e}\ (LENOVO_PART) (Fixed) (Total:21.48 GB) (Free:8.09 GB) NTFS
\\?\Volume{2dbba5b2-4e09-422f-9ee8-fef81e4e7c79}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 4C51C248)

Partition: GPT.

==================== End of Addition.txt =======================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
HKU\S-1-5-21-1139293016-3686136104-1418621097-1001\Software\Classes\regfile: regedit.exe "%1"
FirewallRules: [{A60BCA35-FFDA-45A8-BC18-F3E2635A1700}] => (Block) C:\program files (x86)\mirrorop receiver\mirrorop receiver.exe => No File
FirewallRules: [{8091452D-4AAE-4A01-87EE-06D61D1F2978}] => (Block) C:\program files (x86)\mirrorop receiver\mirrorop receiver.exe => No File
FirewallRules: [UDP Query User{FE325286-AC90-4548-86A9-506347E50973}C:\program files (x86)\mirrorop receiver\mirrorop receiver.exe] => (Allow) C:\program files (x86)\mirrorop receiver\mirrorop receiver.exe => No File
FirewallRules: [TCP Query User{DC1DE24C-FAFF-4693-90FD-F35F5CF3F5F2}C:\program files (x86)\mirrorop receiver\mirrorop receiver.exe] => (Allow) C:\program files (x86)\mirrorop receiver\mirrorop receiver.exe => No File
FirewallRules: [{7EE1D345-9E0D-474A-973A-1C4846DC9E41}] => (Allow) C:\Users\lenovo\AppData\Local\Temp\andy-x64\Setup.exe => No File
FirewallRules: [{0C8D6D0D-E458-44D0-B06B-763DF4FCD2A5}] => (Allow) C:\Users\lenovo\AppData\Local\Temp\andy-x64\Setup.exe => No File
FirewallRules: [{73F681E1-1DE3-45F1-9797-651FC789278B}] => (Block) C:\users\lenovo\appdata\local\apps\2.0\oe7652r2.1t6\pdx8m5rv.nvp\sich..tion_dd8fea481d87ab9c_0003.0000_d7234a5a5ac46b11\sichbopvr.exe => No File
FirewallRules: [{CE854CB2-8407-47DF-97F8-C2AE13D50256}] => (Block) C:\users\lenovo\appdata\local\apps\2.0\oe7652r2.1t6\pdx8m5rv.nvp\sich..tion_dd8fea481d87ab9c_0003.0000_d7234a5a5ac46b11\sichbopvr.exe => No File
FirewallRules: [UDP Query User{55FE5C0C-EA5E-4C5E-ACC5-B55525E76149}C:\users\lenovo\appdata\local\apps\2.0\oe7652r2.1t6\pdx8m5rv.nvp\sich..tion_dd8fea481d87ab9c_0003.0000_d7234a5a5ac46b11\sichbopvr.exe] => (Allow) C:\users\lenovo\appdata\local\apps\2.0\oe7652r2.1t6\pdx8m5rv.nvp\sich..tion_dd8fea481d87ab9c_0003.0000_d7234a5a5ac46b11\sichbopvr.exe => No File
FirewallRules: [TCP Query User{B9274B1C-AFFA-4338-84A7-EA3C77632871}C:\users\lenovo\appdata\local\apps\2.0\oe7652r2.1t6\pdx8m5rv.nvp\sich..tion_dd8fea481d87ab9c_0003.0000_d7234a5a5ac46b11\sichbopvr.exe] => (Allow) C:\users\lenovo\appdata\local\apps\2.0\oe7652r2.1t6\pdx8m5rv.nvp\sich..tion_dd8fea481d87ab9c_0003.0000_d7234a5a5ac46b11\sichbopvr.exe => No File
FirewallRules: [UDP Query User{A0DF7EB8-90CB-49FB-8E0D-C813C7B307BB}C:\program files\windowsapps\xbmcfoundation.kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Block) C:\program files\windowsapps\xbmcfoundation.kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe => No File
FirewallRules: [TCP Query User{B87359EE-BB32-4807-9E68-E317BC0A1E42}C:\program files\windowsapps\xbmcfoundation.kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Block) C:\program files\windowsapps\xbmcfoundation.kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe => No File
FirewallRules: [{F06F0A0C-418C-4176-AEF4-EBC1025DAB7F}] => (Block) C:\program files\windowsapps\xbmcfoundation.kodi_17.3.7.0_x86__4n2hpmxwrvr6p\kodi.exe => No File
FirewallRules: [{C0DBA1C5-BE73-4EF2-B903-CC103D749347}] => (Block) C:\program files\windowsapps\xbmcfoundation.kodi_17.3.7.0_x86__4n2hpmxwrvr6p\kodi.exe => No File
FirewallRules: [UDP Query User{29EC61B9-FEE6-4812-821C-5023AB6CECB1}C:\program files\windowsapps\xbmcfoundation.kodi_17.3.7.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_17.3.7.0_x86__4n2hpmxwrvr6p\kodi.exe => No File
FirewallRules: [TCP Query User{D00F2F28-4311-4F28-9B5F-A767BFC44BDC}C:\program files\windowsapps\xbmcfoundation.kodi_17.3.7.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_17.3.7.0_x86__4n2hpmxwrvr6p\kodi.exe => No File
FirewallRules: [{C2295A1E-9885-462B-AD8E-B7E952790EBC}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\rtmpsrv.exe => No File
FirewallRules: [{D66DF037-B1C5-4AF2-A6FC-CF8BE86EC4A5}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\rtmpsrv.exe => No File
FirewallRules: [{51A26104-2AF4-44B4-B2A7-2D01BAFEF6EF}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe => No File
FirewallRules: [{D67416A2-16CB-4492-BCB0-85C8AAAB289F}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe => No File
FirewallRules: [{AC1BD9AA-25EB-43DD-8C3B-2AB3557FE306}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe => No File
FirewallRules: [{BF2DB6BD-41BA-47DE-893E-7AA4DB0237F4}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe => No File
FirewallRules: [{63B565C4-9829-40FC-9811-D49BF02FF43F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe => No File
FirewallRules: [{16EDBE02-BEB0-4733-B9AE-20140F8D8EC7}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe => No File
FirewallRules: [{7F5FDC4F-6502-45A7-8EFA-BCD9EE79F639}] => (Allow) D:\KOPLAYER\vbox\VBoxManage.exe => No File
FirewallRules: [{86A2D89D-1203-4347-83DF-42199AB0A417}] => (Allow) D:\KOPLAYER\vbox\VBoxManage.exe => No File
FirewallRules: [{D822028E-10AF-4807-BB46-AE4070C796B9}] => (Allow) D:\KOPLAYER\vbox\VBoxManage.exe => No File
FirewallRules: [{843EF7A9-9EA9-4868-9C01-E2D16E1F347E}] => (Allow) D:\KOPLAYER\vbox\VBoxManage.exe => No File
FirewallRules: [{E9633208-6BE9-4AD8-B8DD-4344AAAA0093}] => (Allow) D:\KOPLAYER\vbox\VBoxHeadless.exe => No File
FirewallRules: [{9A8344BF-8EB2-429B-A7AF-06561BF33AC7}] => (Allow) D:\KOPLAYER\vbox\VBoxHeadless.exe => No File
FirewallRules: [{5203305D-5BB9-4C05-ACE2-4D2DC5C11620}] => (Allow) D:\KOPLAYER\vbox\VBoxHeadless.exe => No File
FirewallRules: [{011FB4C1-FFF3-4CFF-8819-C0FEED8E1207}] => (Allow) D:\KOPLAYER\vbox\VBoxHeadless.exe => No File
FirewallRules: [{3B61F93A-8323-4B44-8696-BCCB06ADB0FE}] => (Allow) C:\Program Files (x86)\MIO\loader\wdcxwd5000lpcx-24c6ht0_wd-wx51a65c55lpc55lp.dat => No File
FirewallRules: [{710E3CAC-CC82-433D-9350-510D563C0672}] => (Allow) C:\Program Files (x86)\MIO\loader\wdcxwd5000lpcx-24c6ht0_wd-wx51a65c55lpc55lp.dat => No File
FirewallRules: [{E6547A9B-5A5D-42F8-9750-B294B8AB64B0}] => (Allow) C:\Program Files (x86)\Firefox\Firefox.exe => No File
FirewallRules: [{7A43B53F-7364-4F15-98C1-0C0016BA0CCD}] => (Allow) C:\Program Files (x86)\Avira\Scout\Application\scout.exe => No File
FirewallRules: [{EC825FEC-C416-4D82-AE5A-33E021F0AF26}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe => No File
FirewallRules: [{5299B726-523C-4736-A238-44F370AF3F5C}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe => No File
FirewallRules: [{CA514ED5-B672-4887-9C3F-782A7915DF15}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe => No File
FirewallRules: [{2919264E-8CC3-498A-ABF2-0F497B9E982C}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe => No File
hklm\software\microsoft\windows defender\spynet\\DisableBlockAtFirstSeen
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-1139293016-3686136104-1418621097-1001\...\MountPoints2: {fccf7043-4508-11e6-9bd6-f0761cff62df} - "H:\SETUP.EXE"
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {0A9C893A-42CE-4222-B72F-D28E70624D6F} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {2A226519-CB81-4F86-A728-7984D0D2CEFA} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {62B2F40F-2D04-4405-B4B8-B0725DE217DC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-05-19] (Google Inc -> Google Inc.)
Task: {929DAA5E-ECDA-4D4C-9866-1F2C27ADC045} - \Lenovo\ImController\TimeBasedEvents\b02e4141-f203-4483-8a09-3e67fc64fc23 -> No File <==== ATTENTION
Task: {A49584A0-62CE-4CF4-BFD5-75BA9F9D03FD} - \Lenovo\ImController\TimeBasedEvents\665ebdbc-0057-4bd7-878e-36f3b00b8b6e -> No File <==== ATTENTION
Task: {C2B5E4EE-33EA-4009-9417-01AA2C92D557} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe
Task: {CB08E1D9-65C2-4DDB-A7CA-773236364925} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {CF214301-32CB-4190-A484-588941752210} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {D2A34609-EA29-4517-B969-A966D3B58A66} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-05-19] (Google Inc -> Google Inc.)
Task: {D2F4A72C-077C-44A8-9DB2-C93AD3DDEB61} - \Lenovo\ImController\TimeBasedEvents\3a399078-146c-4329-9fb1-d9040158d8f4 -> No File <==== ATTENTION
Task: {FAE1E357-9AD1-4449-9A2E-B383F4900BBA} - \Lenovo\ImController\TimeBasedEvents\e1b99a4b-ddc5-4f94-b3cb-4902e2a73f53 -> No File <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\lenovo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[HonzaDC2]

Fix result of Farbar Recovery Scan Tool (x64) Version: 24-05-2020 01
Ran by lenovo (25-05-2020 10:23:51) Run:1
Running from C:\Users\lenovo\Desktop
Loaded Profiles: lenovo
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
HKU\S-1-5-21-1139293016-3686136104-1418621097-1001\Software\Classes\regfile: regedit.exe "%1"
FirewallRules: [{A60BCA35-FFDA-45A8-BC18-F3E2635A1700}] => (Block) C:\program files (x86)\mirrorop receiver\mirrorop receiver.exe => No File
FirewallRules: [{8091452D-4AAE-4A01-87EE-06D61D1F2978}] => (Block) C:\program files (x86)\mirrorop receiver\mirrorop receiver.exe => No File
FirewallRules: [UDP Query User{FE325286-AC90-4548-86A9-506347E50973}C:\program files (x86)\mirrorop receiver\mirrorop receiver.exe] => (Allow) C:\program files (x86)\mirrorop receiver\mirrorop receiver.exe => No File
FirewallRules: [TCP Query User{DC1DE24C-FAFF-4693-90FD-F35F5CF3F5F2}C:\program files (x86)\mirrorop receiver\mirrorop receiver.exe] => (Allow) C:\program files (x86)\mirrorop receiver\mirrorop receiver.exe => No File
FirewallRules: [{7EE1D345-9E0D-474A-973A-1C4846DC9E41}] => (Allow) C:\Users\lenovo\AppData\Local\Temp\andy-x64\Setup.exe => No File
FirewallRules: [{0C8D6D0D-E458-44D0-B06B-763DF4FCD2A5}] => (Allow) C:\Users\lenovo\AppData\Local\Temp\andy-x64\Setup.exe => No File
FirewallRules: [{73F681E1-1DE3-45F1-9797-651FC789278B}] => (Block) C:\users\lenovo\appdata\local\apps\2.0\oe7652r2.1t6\pdx8m5rv.nvp\sich..tion_dd8fea481d87ab9c_0003.0000_d7234a5a5ac46b11\sichbopvr.exe => No File
FirewallRules: [{CE854CB2-8407-47DF-97F8-C2AE13D50256}] => (Block) C:\users\lenovo\appdata\local\apps\2.0\oe7652r2.1t6\pdx8m5rv.nvp\sich..tion_dd8fea481d87ab9c_0003.0000_d7234a5a5ac46b11\sichbopvr.exe => No File
FirewallRules: [UDP Query User{55FE5C0C-EA5E-4C5E-ACC5-B55525E76149}C:\users\lenovo\appdata\local\apps\2.0\oe7652r2.1t6\pdx8m5rv.nvp\sich..tion_dd8fea481d87ab9c_0003.0000_d7234a5a5ac46b11\sichbopvr.exe] => (Allow) C:\users\lenovo\appdata\local\apps\2.0\oe7652r2.1t6\pdx8m5rv.nvp\sich..tion_dd8fea481d87ab9c_0003.0000_d7234a5a5ac46b11\sichbopvr.exe => No File
FirewallRules: [TCP Query User{B9274B1C-AFFA-4338-84A7-EA3C77632871}C:\users\lenovo\appdata\local\apps\2.0\oe7652r2.1t6\pdx8m5rv.nvp\sich..tion_dd8fea481d87ab9c_0003.0000_d7234a5a5ac46b11\sichbopvr.exe] => (Allow) C:\users\lenovo\appdata\local\apps\2.0\oe7652r2.1t6\pdx8m5rv.nvp\sich..tion_dd8fea481d87ab9c_0003.0000_d7234a5a5ac46b11\sichbopvr.exe => No File
FirewallRules: [UDP Query User{A0DF7EB8-90CB-49FB-8E0D-C813C7B307BB}C:\program files\windowsapps\xbmcfoundation.kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Block) C:\program files\windowsapps\xbmcfoundation.kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe => No File
FirewallRules: [TCP Query User{B87359EE-BB32-4807-9E68-E317BC0A1E42}C:\program files\windowsapps\xbmcfoundation.kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Block) C:\program files\windowsapps\xbmcfoundation.kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe => No File
FirewallRules: [{F06F0A0C-418C-4176-AEF4-EBC1025DAB7F}] => (Block) C:\program files\windowsapps\xbmcfoundation.kodi_17.3.7.0_x86__4n2hpmxwrvr6p\kodi.exe => No File
FirewallRules: [{C0DBA1C5-BE73-4EF2-B903-CC103D749347}] => (Block) C:\program files\windowsapps\xbmcfoundation.kodi_17.3.7.0_x86__4n2hpmxwrvr6p\kodi.exe => No File
FirewallRules: [UDP Query User{29EC61B9-FEE6-4812-821C-5023AB6CECB1}C:\program files\windowsapps\xbmcfoundation.kodi_17.3.7.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_17.3.7.0_x86__4n2hpmxwrvr6p\kodi.exe => No File
FirewallRules: [TCP Query User{D00F2F28-4311-4F28-9B5F-A767BFC44BDC}C:\program files\windowsapps\xbmcfoundation.kodi_17.3.7.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_17.3.7.0_x86__4n2hpmxwrvr6p\kodi.exe => No File
FirewallRules: [{C2295A1E-9885-462B-AD8E-B7E952790EBC}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\rtmpsrv.exe => No File
FirewallRules: [{D66DF037-B1C5-4AF2-A6FC-CF8BE86EC4A5}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\rtmpsrv.exe => No File
FirewallRules: [{51A26104-2AF4-44B4-B2A7-2D01BAFEF6EF}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe => No File
FirewallRules: [{D67416A2-16CB-4492-BCB0-85C8AAAB289F}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe => No File
FirewallRules: [{AC1BD9AA-25EB-43DD-8C3B-2AB3557FE306}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe => No File
FirewallRules: [{BF2DB6BD-41BA-47DE-893E-7AA4DB0237F4}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe => No File
FirewallRules: [{63B565C4-9829-40FC-9811-D49BF02FF43F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe => No File
FirewallRules: [{16EDBE02-BEB0-4733-B9AE-20140F8D8EC7}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe => No File
FirewallRules: [{7F5FDC4F-6502-45A7-8EFA-BCD9EE79F639}] => (Allow) D:\KOPLAYER\vbox\VBoxManage.exe => No File
FirewallRules: [{86A2D89D-1203-4347-83DF-42199AB0A417}] => (Allow) D:\KOPLAYER\vbox\VBoxManage.exe => No File
FirewallRules: [{D822028E-10AF-4807-BB46-AE4070C796B9}] => (Allow) D:\KOPLAYER\vbox\VBoxManage.exe => No File
FirewallRules: [{843EF7A9-9EA9-4868-9C01-E2D16E1F347E}] => (Allow) D:\KOPLAYER\vbox\VBoxManage.exe => No File
FirewallRules: [{E9633208-6BE9-4AD8-B8DD-4344AAAA0093}] => (Allow) D:\KOPLAYER\vbox\VBoxHeadless.exe => No File
FirewallRules: [{9A8344BF-8EB2-429B-A7AF-06561BF33AC7}] => (Allow) D:\KOPLAYER\vbox\VBoxHeadless.exe => No File
FirewallRules: [{5203305D-5BB9-4C05-ACE2-4D2DC5C11620}] => (Allow) D:\KOPLAYER\vbox\VBoxHeadless.exe => No File
FirewallRules: [{011FB4C1-FFF3-4CFF-8819-C0FEED8E1207}] => (Allow) D:\KOPLAYER\vbox\VBoxHeadless.exe => No File
FirewallRules: [{3B61F93A-8323-4B44-8696-BCCB06ADB0FE}] => (Allow) C:\Program Files (x86)\MIO\loader\wdcxwd5000lpcx-24c6ht0_wd-wx51a65c55lpc55lp.dat => No File
FirewallRules: [{710E3CAC-CC82-433D-9350-510D563C0672}] => (Allow) C:\Program Files (x86)\MIO\loader\wdcxwd5000lpcx-24c6ht0_wd-wx51a65c55lpc55lp.dat => No File
FirewallRules: [{E6547A9B-5A5D-42F8-9750-B294B8AB64B0}] => (Allow) C:\Program Files (x86)\Firefox\Firefox.exe => No File
FirewallRules: [{7A43B53F-7364-4F15-98C1-0C0016BA0CCD}] => (Allow) C:\Program Files (x86)\Avira\Scout\Application\scout.exe => No File
FirewallRules: [{EC825FEC-C416-4D82-AE5A-33E021F0AF26}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe => No File
FirewallRules: [{5299B726-523C-4736-A238-44F370AF3F5C}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe => No File
FirewallRules: [{CA514ED5-B672-4887-9C3F-782A7915DF15}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe => No File
FirewallRules: [{2919264E-8CC3-498A-ABF2-0F497B9E982C}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe => No File
hklm\software\microsoft\windows defender\spynet\\DisableBlockAtFirstSeen
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-1139293016-3686136104-1418621097-1001\...\MountPoints2: {fccf7043-4508-11e6-9bd6-f0761cff62df} - "H:\SETUP.EXE"
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {0A9C893A-42CE-4222-B72F-D28E70624D6F} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {2A226519-CB81-4F86-A728-7984D0D2CEFA} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {62B2F40F-2D04-4405-B4B8-B0725DE217DC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-05-19] (Google Inc -> Google Inc.)
Task: {929DAA5E-ECDA-4D4C-9866-1F2C27ADC045} - \Lenovo\ImController\TimeBasedEvents\b02e4141-f203-4483-8a09-3e67fc64fc23 -> No File <==== ATTENTION
Task: {A49584A0-62CE-4CF4-BFD5-75BA9F9D03FD} - \Lenovo\ImController\TimeBasedEvents\665ebdbc-0057-4bd7-878e-36f3b00b8b6e -> No File <==== ATTENTION
Task: {C2B5E4EE-33EA-4009-9417-01AA2C92D557} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe
Task: {CB08E1D9-65C2-4DDB-A7CA-773236364925} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {CF214301-32CB-4190-A484-588941752210} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {D2A34609-EA29-4517-B969-A966D3B58A66} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-05-19] (Google Inc -> Google Inc.)
Task: {D2F4A72C-077C-44A8-9DB2-C93AD3DDEB61} - \Lenovo\ImController\TimeBasedEvents\3a399078-146c-4329-9fb1-d9040158d8f4 -> No File <==== ATTENTION
Task: {FAE1E357-9AD1-4449-9A2E-B383F4900BBA} - \Lenovo\ImController\TimeBasedEvents\e1b99a4b-ddc5-4f94-b3cb-4902e2a73f53 -> No File <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\lenovo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WondershareVideoConverterFileOpreation => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKU\S-1-5-21-1139293016-3686136104-1418621097-1001\Software\Classes\regfile => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A60BCA35-FFDA-45A8-BC18-F3E2635A1700}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8091452D-4AAE-4A01-87EE-06D61D1F2978}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{FE325286-AC90-4548-86A9-506347E50973}C:\program files (x86)\mirrorop receiver\mirrorop receiver.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{DC1DE24C-FAFF-4693-90FD-F35F5CF3F5F2}C:\program files (x86)\mirrorop receiver\mirrorop receiver.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7EE1D345-9E0D-474A-973A-1C4846DC9E41}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0C8D6D0D-E458-44D0-B06B-763DF4FCD2A5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{73F681E1-1DE3-45F1-9797-651FC789278B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CE854CB2-8407-47DF-97F8-C2AE13D50256}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{55FE5C0C-EA5E-4C5E-ACC5-B55525E76149}C:\users\lenovo\appdata\local\apps\2.0\oe7652r2.1t6\pdx8m5rv.nvp\sich..tion_dd8fea481d87ab9c_0003.0000_d7234a5a5ac46b11\sichbopvr.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B9274B1C-AFFA-4338-84A7-EA3C77632871}C:\users\lenovo\appdata\local\apps\2.0\oe7652r2.1t6\pdx8m5rv.nvp\sich..tion_dd8fea481d87ab9c_0003.0000_d7234a5a5ac46b11\sichbopvr.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A0DF7EB8-90CB-49FB-8E0D-C813C7B307BB}C:\program files\windowsapps\xbmcfoundation.kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B87359EE-BB32-4807-9E68-E317BC0A1E42}C:\program files\windowsapps\xbmcfoundation.kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F06F0A0C-418C-4176-AEF4-EBC1025DAB7F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C0DBA1C5-BE73-4EF2-B903-CC103D749347}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{29EC61B9-FEE6-4812-821C-5023AB6CECB1}C:\program files\windowsapps\xbmcfoundation.kodi_17.3.7.0_x86__4n2hpmxwrvr6p\kodi.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D00F2F28-4311-4F28-9B5F-A767BFC44BDC}C:\program files\windowsapps\xbmcfoundation.kodi_17.3.7.0_x86__4n2hpmxwrvr6p\kodi.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C2295A1E-9885-462B-AD8E-B7E952790EBC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D66DF037-B1C5-4AF2-A6FC-CF8BE86EC4A5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{51A26104-2AF4-44B4-B2A7-2D01BAFEF6EF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D67416A2-16CB-4492-BCB0-85C8AAAB289F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AC1BD9AA-25EB-43DD-8C3B-2AB3557FE306}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BF2DB6BD-41BA-47DE-893E-7AA4DB0237F4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{63B565C4-9829-40FC-9811-D49BF02FF43F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{16EDBE02-BEB0-4733-B9AE-20140F8D8EC7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7F5FDC4F-6502-45A7-8EFA-BCD9EE79F639}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{86A2D89D-1203-4347-83DF-42199AB0A417}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D822028E-10AF-4807-BB46-AE4070C796B9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{843EF7A9-9EA9-4868-9C01-E2D16E1F347E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E9633208-6BE9-4AD8-B8DD-4344AAAA0093}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9A8344BF-8EB2-429B-A7AF-06561BF33AC7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5203305D-5BB9-4C05-ACE2-4D2DC5C11620}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{011FB4C1-FFF3-4CFF-8819-C0FEED8E1207}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3B61F93A-8323-4B44-8696-BCCB06ADB0FE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{710E3CAC-CC82-433D-9350-510D563C0672}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E6547A9B-5A5D-42F8-9750-B294B8AB64B0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7A43B53F-7364-4F15-98C1-0C0016BA0CCD}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EC825FEC-C416-4D82-AE5A-33E021F0AF26}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5299B726-523C-4736-A238-44F370AF3F5C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CA514ED5-B672-4887-9C3F-782A7915DF15}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2919264E-8CC3-498A-ABF2-0F497B9E982C}" => removed successfully
hklm\software\microsoft\windows defender\spynet\\DisableBlockAtFirstSeen => Error: No automatic fix found for this entry.
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
HKU\S-1-5-21-1139293016-3686136104-1418621097-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fccf7043-4508-11e6-9bd6-f0761cff62df} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0A9C893A-42CE-4222-B72F-D28E70624D6F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0A9C893A-42CE-4222-B72F-D28E70624D6F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Lenovo iM Controller Monitor" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2A226519-CB81-4F86-A728-7984D0D2CEFA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2A226519-CB81-4F86-A728-7984D0D2CEFA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{62B2F40F-2D04-4405-B4B8-B0725DE217DC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{62B2F40F-2D04-4405-B4B8-B0725DE217DC}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{929DAA5E-ECDA-4D4C-9866-1F2C27ADC045}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{929DAA5E-ECDA-4D4C-9866-1F2C27ADC045}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\b02e4141-f203-4483-8a09-3e67fc64fc23" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A49584A0-62CE-4CF4-BFD5-75BA9F9D03FD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A49584A0-62CE-4CF4-BFD5-75BA9F9D03FD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\665ebdbc-0057-4bd7-878e-36f3b00b8b6e" => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C2B5E4EE-33EA-4009-9417-01AA2C92D557} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C2B5E4EE-33EA-4009-9417-01AA2C92D557} => removed successfully
C:\WINDOWS\System32\Tasks\DolbySelectorTask => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DolbySelectorTask => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CB08E1D9-65C2-4DDB-A7CA-773236364925}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CB08E1D9-65C2-4DDB-A7CA-773236364925}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CF214301-32CB-4190-A484-588941752210}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CF214301-32CB-4190-A484-588941752210}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D2A34609-EA29-4517-B969-A966D3B58A66}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D2A34609-EA29-4517-B969-A966D3B58A66}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D2F4A72C-077C-44A8-9DB2-C93AD3DDEB61}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D2F4A72C-077C-44A8-9DB2-C93AD3DDEB61}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\3a399078-146c-4329-9fb1-d9040158d8f4" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FAE1E357-9AD1-4449-9A2E-B383F4900BBA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FAE1E357-9AD1-4449-9A2E-B383F4900BBA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\e1b99a4b-ddc5-4f94-b3cb-4902e2a73f53" => removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\Users\lenovo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 344850356 B
Java, Flash, Steam htmlcache => 696 B
Windows/system/drivers => 3273071 B
Edge => 1764680 B
Chrome => 363406015 B
Firefox => 7745945 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 152276 B
NetworkService => 5383980 B
lenovo => 41570729 B

RecycleBin => 174547 B
EmptyTemp: => 743 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 10:28:25 ====

[Rudy]

Smazáno. Nastala nějaká změna?

[HonzaDC2]

Super, je o 1000% rychlejší a o něco lépe si poradí s problémovým programem. Mockrát děkuji

[Rudy]

Rádo se stalo!