Prosím o preventivní kontrolu logu. FRST

[chikoryba]

Dobrý večer pánové (a dámy).

Moc prosím o kontrolu logu, poslední dobou nemám vůbec dobrý pocit z notebooku. Jsem zvědav, jestli se moje neblahé tušení projeví.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-02-2020
Ran by Michal (administrator) on RYBA (Hewlett-Packard HP 350 G2) (26-02-2020 22:47:16)
Running from C:\Users\Michal\Desktop
Loaded Profiles: Michal (Available Profiles: Michal & Mamina)
Platform: Windows 10 Home Version 1903 18362.657 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(McAfee, LLC -> McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12002.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20012.133.0_x64__8wekyb3d8bbwe\YourPhoneServer\YourPhoneServer.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.20011.10711.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.20011.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> ) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(Softex Inc.) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8466960 2015-04-29] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3962936 2014-03-28] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-28] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-28] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1169880 2014-09-03] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [653576 2015-06-29] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [270912 2015-06-17] (Canon Inc. -> CANON INC.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3507090519-2906103732-331209134-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-15] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-3507090519-2906103732-331209134-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91511144 2020-01-24] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-3507090519-2906103732-331209134-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [365160 2020-02-05] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-3507090519-2906103732-331209134-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\SEISMO~1.SCR
HKU\S-1-5-18\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-15] (Piriform Software Ltd -> Piriform Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.122\Installer\chrmstp.exe [2020-02-24] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{538C240D-3DEE-4032-AB4C-08A3A6EB0861}] -> C:\Program Files (x86)\CyberLink\YouCam\CLCredProv\x64\CLCredProv.dll [2014-09-02] (CyberLink Corp. -> CyberLink)
HKLM\Software\...\Authentication\Credential Providers: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2014-03-28] (Softex Inc..) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2014-03-28] (Softex Inc..) [File not signed]

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0E66EC4F-4116-4F19-98AC-278F50217183} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {0EEB9A1C-DFE5-423D-AECA-082D251DBCF6} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {11E019A3-7FBA-4418-A614-1589C37DC7A2} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {14113A54-12C6-4A24-B544-804447AA4256} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {1891926E-817F-4D86-B229-3BAE6FB98FFF} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {20EBDB21-98CE-4162-8C53-DEDB28D1D0AD} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {229EB9FF-0F79-44DE-99D0-5C07086A597F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [545080 2014-08-21] (Hewlett-Packard Company -> Hewlett-Packard Company)
Task: {28AB2EA2-A4F3-4FD2-94D8-1C9C1D795DEB} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2014-09-02] (CyberLink Corp. -> CyberLink Corp.)
Task: {28FFB77F-BEC4-40B6-B2D9-1048ED0CD573} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [339008 2013-03-12] (CyberLink Corp. -> CyberLink Corp.)
Task: {33EB5F1D-E5B8-4E09-AE48-885CEBE2DE4F} - System32\Tasks\SystemSettingss => mshta vbscript:CreateObject("Wscript.Shell").Run("powershell.exe -WindowStyle hidden -ep bypass -nop -c $e=(Get-ItemProperty HKLM:\Software\WOW6432Node\a);Select-Object -ExpandProperty Shell;Invoke-Expression $e",0,True)(window.close)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {389F14DA-25F4-41F7-B068-8F2EF89B09E2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-10-22] (Google Inc -> Google Inc.)
Task: {4571B6EB-14F6-4DDB-AEA9-2A99725693D9} - System32\Tasks\HPCeeScheduleForMichal => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [95800 2011-07-15] (Hewlett-Packard Company -> Hewlett-Packard)
Task: {59A04B62-1808-43FC-90C3-DF2F5F6CC914} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {5A3FB241-0B11-4EA5-BC66-0D9F1B406040} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM => {C8367320-6F85-11E0-A1F0-0800200C9A66} C:\WINDOWS\System32\BthTelemetry.dll [32256 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Task: {5E035BFB-51C2-4ABA-912F-7ADB3D389C32} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {5E504DF8-A739-47C0-BD5F-8E86C220497A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFReport.exe [88120 2016-02-18] (Hewlett-Packard Company -> Hewlett-Packard)
Task: {5F8DC1EA-9EE2-4AE0-B8A5-0EA9C6CADA2D} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {76E0D64F-FD07-4E33-AADE-B3B292FF0F16} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [208760 2018-06-27] (HP Inc. -> HP Inc.)
Task: {7BF07046-6D69-4CD6-A5D0-4B7FC0CAD2C5} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {80E183E6-F78D-42EE-92FD-A4A13D4BB897} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {8D6F4E05-EFAF-4C31-A792-F92DBD1C9639} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-10-22] (Google Inc -> Google Inc.)
Task: {8D79EEC8-44D1-449E-8E27-CBFA81E2C47E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {8EF5AFB4-6E9D-45BF-8E9C-53C37C48F2A4} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {8F708773-C599-40ED-9DA1-2DBF98CE2D3E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [651400 2017-09-20] (Hewlett Packard -> HP Inc.)
Task: {8FDADCB4-14BB-4ED9-AFDA-8EF52B9E748B} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel(R) Update Manager -> Intel Corporation)
Task: {9340A28F-2EE8-476A-85F3-9EF16693EF4E} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {9E542791-F97A-4C0A-B5BC-D78887354A8D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {A195E130-D903-4571-892A-FD0F1BBC18DF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-15] (Piriform Software Ltd -> Piriform Ltd)
Task: {BBC1BB12-5517-415C-924B-9AB267428391} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {C80225A4-C0FB-4ADA-AD99-6E09607FD619} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {CBC3A65B-81BA-4D95-BE3A-FFE99863B57C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D6F92BF3-3852-49FD-A7B2-02944E203806} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-15] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {E30FBE16-3FF9-4403-AC56-6EF1803B96EC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [545080 2014-08-21] (Hewlett-Packard Company -> Hewlett-Packard Company)
Task: {EA46B3AB-EB24-47EF-B856-8FAE9AEDC9EF} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {F7ABB7EA-FB37-4733-99A7-FF06560DED0C} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {FBF04E67-E5F8-484D-B787-20334305590B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {FD545351-8BB6-4640-B4EC-A1532949D117} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1354552 2014-05-19] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
Task: {FDFA13B1-0B59-499C-9FE8-A610DD9FE0DE} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel(R) Update Manager -> Intel Corporation)
Task: {FF2A2907-F23E-43C2-B536-33EFA547B943} - \Microsoft\Windows\Setup\EOONotify -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\HPCeeScheduleForMichal.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{b0528dd8-667c-4a56-965b-dfaf08ba581d}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMDTDFJS
HKU\S-1-5-21-3507090519-2906103732-331209134-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMDTDFJS
SearchScopes: HKLM-x32 -> {D1610673-605F-4DA5-B0AF-DB7C0478B484} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-3507090519-2906103732-331209134-1001 -> {D1610673-605F-4DA5-B0AF-DB7C0478B484} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2020-02-22] (McAfee, LLC -> McAfee, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard Company -> Hewlett-Packard)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-10-11] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2020-02-22] (McAfee, LLC -> McAfee, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-10-11] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard Company -> Hewlett-Packard)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2020-02-22]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-09-03] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-09-03] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-10-11] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-10-11] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default [2020-02-26]
CHR Notifications: Default -> hxxps://chairgaubsy.com; hxxps://cz.pinterest.com; hxxps://www.mall.tv; hxxps://www.topserialy.to; hxxps://y99.in
CHR HomePage: Default -> hxxps://google.com/
CHR Extension: (Prezentace) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-15]
CHR Extension: (Flash Video Downloader) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc [2019-10-04]
CHR Extension: (Dokumenty) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-15]
CHR Extension: (Disk Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-22]
CHR Extension: (Vyhledávání Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29]
CHR Extension: (Tabulky) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-16]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-02-22]
CHR Extension: (Auto Replay for YouTube™) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\kanbnempkjnhadplbfgdaagijdbdbjeb [2019-11-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-23]
CHR Extension: (Chrome Media Router) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-02-06]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [94936 2014-07-04] (Realtek Semiconductor Corp -> )
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4506728 2020-02-05] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [602888 2015-06-29] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [365040 2017-10-20] (Intel(R) pGFX -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel® Trusted Connect Service -> Intel(R) Corporation)
S3 intelsba; C:\Program Files\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [58280 2015-11-16] (Intel(R) SBA -> Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel(R) Update Manager -> Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-09-03] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [920656 2020-02-22] (McAfee, LLC -> McAfee, Inc.)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-28] (Softex Inc.) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2015-10-26] (Even Balance, Inc. -> )
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [295440 2015-04-29] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor)
R2 RtkBtManServ; C:\WINDOWS\RtkBtManServ.exe [726600 2019-06-25] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-08-18] (Synaptics Incorporated -> Synaptics Incorporated)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S2 HuaweiHiSuiteService64.exe; "C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe" -/service [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Accelerometer; C:\WINDOWS\System32\drivers\Accelerometer.sys [53904 2019-07-22] (HP Inc. -> HP)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2020-02-05] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2020-02-05] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R0 hpdskflt; C:\WINDOWS\System32\drivers\hpdskflt.sys [41104 2019-07-22] (HP Inc. -> HP)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2019-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 IntcAzAudAddService; C:\WINDOWS\system32\drivers\RTKVHD64.sys [4454928 2015-04-29] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.)
S3 MarvinBus; C:\WINDOWS\System32\drivers\MarvinBus64.sys [261120 2005-09-23] (Pinnacle Systems GmbH) [File not signed]
R1 MpKsldb1c577f; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{37BB8955-95F1-462C-B826-ACC48FAA4D03}\MpKsldb1c577f.sys [58120 2020-02-19] (Microsoft Corporation -> Microsoft Corporation)
R3 RtkBtFilter; C:\WINDOWS\System32\drivers\RtkBtfilter.sys [796560 2019-06-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
S3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [751632 2015-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Realsil Semiconductor Corporation)
R3 RTWlanE02; C:\WINDOWS\System32\drivers\rtwlane02.sys [9607464 2019-03-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation )
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [31472 2014-04-11] (Synaptics Incorporated -> Synaptics Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [34944 2018-05-11] (HP Inc. -> HP)
S2 npf; \??\C:\WINDOWS\system32\drivers\npf.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-02-26 22:47 - 2020-02-26 22:50 - 000033662 _____ C:\Users\Michal\Desktop\FRST.txt
2020-02-26 22:46 - 2020-02-26 22:49 - 000000000 ____D C:\FRST
2020-02-26 22:44 - 2020-02-26 22:44 - 002279424 _____ (Farbar) C:\Users\Michal\Desktop\FRST64.exe
2020-02-26 16:11 - 2020-02-26 16:11 - 002177512 _____ (Rational Intellectual Holdings Ltd.) C:\Users\Michal\Downloads\PokerStarsInstallUK.exe
2020-02-25 23:39 - 2020-02-25 23:39 - 000000003 _____ C:\WINDOWS\Systemcall.exe
2020-02-24 18:40 - 2020-02-24 18:51 - 000000000 ____D C:\Users\Michal\AppData\LocalLow\uTorrent
2020-02-24 18:31 - 2020-02-24 19:15 - 000000000 ____D C:\Users\Michal\Downloads\6 Underground (2019) [WEBRip] [1080p] [YTS.LT]
2020-02-24 18:26 - 2020-02-24 18:26 - 000000000 ____D C:\ProgramData\boost_interprocess
2020-02-24 00:22 - 2020-02-24 00:22 - 000000000 ____D C:\Users\Michal\Downloads\The.Good.Doctor.S02E13.HDTV.x264-KILLERS[ettv]
2020-02-17 00:15 - 2020-02-17 01:17 - 1005789034 _____ C:\Users\Michal\Downloads\show-must-go-on-4-graffiti-dvdrip-x264-getback-pres-MultiLoad.cz.mp4
2020-02-14 09:46 - 2020-02-26 16:09 - 000000000 ____D C:\Users\Michal\AppData\Local\Deployment
2020-02-14 00:44 - 2020-02-03 20:56 - 000835688 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-02-14 00:44 - 2020-02-03 20:56 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-02-14 00:38 - 2020-02-14 00:38 - 000000000 ____D C:\ProgramData\ssh
2020-02-13 23:31 - 2020-02-13 23:31 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-02-13 23:31 - 2020-02-13 23:31 - 019813376 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-02-13 23:31 - 2020-02-13 23:31 - 005502464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2020-02-13 23:31 - 2020-02-13 23:31 - 004470272 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2020-02-13 23:31 - 2020-02-13 23:31 - 004308480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2020-02-13 23:31 - 2020-02-13 23:31 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-02-13 23:31 - 2020-02-13 23:31 - 003525592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2020-02-13 23:31 - 2020-02-13 23:31 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2020-02-13 23:31 - 2020-02-13 23:31 - 002493720 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-02-13 23:31 - 2020-02-13 23:31 - 002314952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2020-02-13 23:31 - 2020-02-13 23:31 - 002230232 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2020-02-13 23:31 - 2020-02-13 23:31 - 001835128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2020-02-13 23:31 - 2020-02-13 23:31 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-02-13 23:31 - 2020-02-13 23:31 - 001541632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2020-02-13 23:31 - 2020-02-13 23:31 - 001489064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2020-02-13 23:31 - 2020-02-13 23:31 - 001417760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2020-02-13 23:31 - 2020-02-13 23:31 - 001272360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2020-02-13 23:31 - 2020-02-13 23:31 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-02-13 23:31 - 2020-02-13 23:31 - 001105776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2020-02-13 23:31 - 2020-02-13 23:31 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-02-13 23:31 - 2020-02-13 23:31 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2020-02-13 23:31 - 2020-02-13 23:31 - 000890368 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2020-02-13 23:31 - 2020-02-13 23:31 - 000537608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2020-02-13 23:31 - 2020-02-13 23:31 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 025900032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 022635008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 019850240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 018026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 008013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 007754752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 007259648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 007017472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 006519752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 006284800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 006083832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 005912064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 004856832 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 004575232 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 004348616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 003820032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 003484672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 003243080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 002800128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-02-13 23:30 - 2020-02-13 23:30 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-02-13 23:30 - 2020-02-13 23:30 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-02-13 23:30 - 2020-02-13 23:30 - 002584008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 002260176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 002225160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 002032128 _____ C:\WINDOWS\system32\rdpnano.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 001693184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 001664696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 001562424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 001398584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-02-13 23:30 - 2020-02-13 23:30 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 001284096 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 001283592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2020-02-13 23:30 - 2020-02-13 23:30 - 001273856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 001218120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2020-02-13 23:30 - 2020-02-13 23:30 - 001216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2020-02-13 23:30 - 2020-02-13 23:30 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 001213752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 001195008 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 001083392 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 001080832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 001077264 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-02-13 23:30 - 2020-02-13 23:30 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 001000960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000996352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000892488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000805376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000788992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000784384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-02-13 23:30 - 2020-02-13 23:30 - 000774664 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-02-13 23:30 - 2020-02-13 23:30 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000679368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-02-13 23:30 - 2020-02-13 23:30 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000597816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000568120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000542288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000510768 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2020-02-13 23:30 - 2020-02-13 23:30 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2020-02-13 23:30 - 2020-02-13 23:30 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000494080 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000486400 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000453432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2020-02-13 23:30 - 2020-02-13 23:30 - 000450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2020-02-13 23:30 - 2020-02-13 23:30 - 000441072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000422008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2020-02-13 23:30 - 2020-02-13 23:30 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\DispBroker.Desktop.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000405632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000399360 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000366416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-02-13 23:30 - 2020-02-13 23:30 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-02-13 23:30 - 2020-02-13 23:30 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapisrv.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000300392 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000274464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BCP47Langs.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpviewerax.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2020-02-13 23:30 - 2020-02-13 23:30 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFMCP.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapisrv.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\srrstr.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2020-02-13 23:30 - 2020-02-13 23:30 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2020-02-13 23:30 - 2020-02-13 23:30 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdsdwmdr.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-02-13 23:30 - 2020-02-13 23:30 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-02-13 23:30 - 2020-02-13 23:30 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\recdisc.exe
2020-02-13 23:30 - 2020-02-13 23:30 - 000193800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000190256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2020-02-13 23:30 - 2020-02-13 23:30 - 000186880 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe
2020-02-13 23:30 - 2020-02-13 23:30 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Winlangdb.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWSD.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000150536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2020-02-13 23:30 - 2020-02-13 23:30 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000133464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BCP47mrm.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWSD.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdSSDP.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfrgui.exe
2020-02-13 23:30 - 2020-02-13 23:30 - 000099712 _____ (Microsoft Corporation) C:\WINDOWS\system32\FsIso.exe
2020-02-13 23:30 - 2020-02-13 23:30 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\compstui.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\globinputhost.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000093496 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dfrgui.exe
2020-02-13 23:30 - 2020-02-13 23:30 - 000089328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdSSDP.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000084496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2020-02-13 23:30 - 2020-02-13 23:30 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\keyiso.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.exe
2020-02-13 23:30 - 2020-02-13 23:30 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000059221 _____ C:\WINDOWS\system32\srms.dat
2020-02-13 23:30 - 2020-02-13 23:30 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SrTasks.exe
2020-02-13 23:30 - 2020-02-13 23:30 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtutils.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguageProfileCallback.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000042512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2020-02-13 23:30 - 2020-02-13 23:30 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Websocket.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2020-02-13 23:30 - 2020-02-13 23:30 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000021520 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2020-02-13 23:30 - 2020-02-13 23:30 - 000019768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2020-02-13 23:30 - 2020-02-13 23:30 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe
2020-02-13 23:30 - 2020-02-13 23:30 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedssync.exe
2020-02-13 23:30 - 2020-02-13 23:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-02-13 23:30 - 2020-02-13 23:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-02-13 23:30 - 2020-02-13 23:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-02-13 23:30 - 2020-02-13 23:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-02-13 23:30 - 2020-02-13 23:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-02-13 23:30 - 2020-02-13 23:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-02-13 23:30 - 2020-02-13 23:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-02-13 23:30 - 2020-02-13 23:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-02-13 23:30 - 2020-02-13 23:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-02-13 23:30 - 2020-02-13 23:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-02-13 23:30 - 2020-02-13 23:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-02-13 23:30 - 2020-02-13 23:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-02-13 23:29 - 2020-02-13 23:29 - 017787904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 009929016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-02-13 23:29 - 2020-02-13 23:29 - 007905208 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 006435840 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 006231200 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 006167552 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 005112320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 005041664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 004615376 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-02-13 23:29 - 2020-02-13 23:29 - 004562896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-02-13 23:29 - 2020-02-13 23:29 - 004470784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 004005888 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 003967888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-02-13 23:29 - 2020-02-13 23:29 - 003792384 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 003728896 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-02-13 23:29 - 2020-02-13 23:29 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 003590968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-02-13 23:29 - 2020-02-13 23:29 - 003550208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 003372440 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 003110400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 002988552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-02-13 23:29 - 2020-02-13 23:29 - 002870272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 002861568 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 002773776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 002766088 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 002714624 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-02-13 23:29 - 2020-02-13 23:29 - 002703872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 002284544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 002084576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 002071552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 001999960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 001942016 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 001916744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 001858560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 001841152 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 001830200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 001757096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-02-13 23:29 - 2020-02-13 23:29 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 001743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 001726480 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 001687040 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 001664680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 001655880 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 001602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 001512320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-02-13 23:29 - 2020-02-13 23:29 - 001505592 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 001482040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-02-13 23:29 - 2020-02-13 23:29 - 001481216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 001480192 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-02-13 23:29 - 2020-02-13 23:29 - 001412096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 001394168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 001372160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-02-13 23:29 - 2020-02-13 23:29 - 001300280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2020-02-13 23:29 - 2020-02-13 23:29 - 001182232 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2020-02-13 23:29 - 2020-02-13 23:29 - 001170960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 001154448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 001149928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-02-13 23:29 - 2020-02-13 23:29 - 001097216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 001084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 001083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 001051448 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 001026792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 001009664 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000974336 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthSSO.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000928120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-02-13 23:29 - 2020-02-13 23:29 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000913408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000904504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000891736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000875448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-02-13 23:29 - 2020-02-13 23:29 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000857088 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2020-02-13 23:29 - 2020-02-13 23:29 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-02-13 23:29 - 2020-02-13 23:29 - 000824848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000803840 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000782848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000768488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000758800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000747320 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000737280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000732200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000704512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000678928 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000673080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000661816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-02-13 23:29 - 2020-02-13 23:29 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000642008 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000637968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2020-02-13 23:29 - 2020-02-13 23:29 - 000637440 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000629760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000617784 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-02-13 23:29 - 2020-02-13 23:29 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000589592 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2020-02-13 23:29 - 2020-02-13 23:29 - 000587064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2020-02-13 23:29 - 2020-02-13 23:29 - 000558592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-02-13 23:29 - 2020-02-13 23:29 - 000545432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000518456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2020-02-13 23:29 - 2020-02-13 23:29 - 000516648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2020-02-13 23:29 - 2020-02-13 23:29 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2020-02-13 23:29 - 2020-02-13 23:29 - 000512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-02-13 23:29 - 2020-02-13 23:29 - 000467952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000465208 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000459896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-02-13 23:29 - 2020-02-13 23:29 - 000443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-02-13 23:29 - 2020-02-13 23:29 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000416056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2020-02-13 23:29 - 2020-02-13 23:29 - 000415808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-02-13 23:29 - 2020-02-13 23:29 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-02-13 23:29 - 2020-02-13 23:29 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000375504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000369504 _____ (Microsoft Corporation) C:\WINDOWS\system32\BCP47Langs.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SpeechPrivacy.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000335448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000324616 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpviewerax.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000311096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\msutb.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000259984 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-02-13 23:29 - 2020-02-13 23:29 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-02-13 23:29 - 2020-02-13 23:29 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Winlangdb.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000220984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-02-13 23:29 - 2020-02-13 23:29 - 000217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msutb.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\regapi.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000190464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regapi.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000186672 _____ (Microsoft Corporation) C:\WINDOWS\system32\BCP47mrm.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000179720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-02-13 23:29 - 2020-02-13 23:29 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2020-02-13 23:29 - 2020-02-13 23:29 - 000165832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2020-02-13 23:29 - 2020-02-13 23:29 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AppExecutionAlias.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_BackgroundApps.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatialAudioLicenseSrv.exe
2020-02-13 23:29 - 2020-02-13 23:29 - 000143160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000132624 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\globinputhost.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000128528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2020-02-13 23:29 - 2020-02-13 23:29 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000127280 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000117264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2020-02-13 23:29 - 2020-02-13 23:29 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetDriverInstall.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000107832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairingExperienceMEM.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000106808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2020-02-13 23:29 - 2020-02-13 23:29 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\keyiso.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-02-13 23:29 - 2020-02-13 23:29 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthSystray.exe
2020-02-13 23:29 - 2020-02-13 23:29 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetDriverInstall.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-02-13 23:29 - 2020-02-13 23:29 - 000072816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2020-02-13 23:29 - 2020-02-13 23:29 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\findnetprinters.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.exe
2020-02-13 23:29 - 2020-02-13 23:29 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtutils.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000063288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-02-13 23:29 - 2020-02-13 23:29 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguageProfileCallback.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000058880 _____ C:\WINDOWS\system32\runexehelper.exe
2020-02-13 23:29 - 2020-02-13 23:29 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000047208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-02-13 23:29 - 2020-02-13 23:29 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Websocket.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcicda.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000037392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2020-02-13 23:29 - 2020-02-13 23:29 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mciwave.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mciseq.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000020944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsunattend.exe
2020-02-13 23:29 - 2020-02-13 23:29 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\bindflt.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-02-13 23:29 - 2020-02-13 23:29 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dstokenclean.exe
2020-02-13 23:28 - 2020-02-13 23:29 - 002125904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2020-02-13 23:28 - 2020-02-13 23:28 - 001413912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2020-02-13 23:28 - 2020-02-13 23:28 - 000804872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2020-02-13 23:28 - 2020-02-13 23:28 - 000727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntime.dll
2020-02-13 23:28 - 2020-02-13 23:28 - 000716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntimewindows.dll
2020-02-13 23:28 - 2020-02-13 23:28 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2020-02-13 23:28 - 2020-02-13 23:28 - 000437776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2020-02-13 23:28 - 2020-02-13 23:28 - 000296760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2020-02-13 23:28 - 2020-02-13 23:28 - 000194064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2020-02-13 23:28 - 2020-02-13 23:28 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AarSvc.dll
2020-02-13 23:28 - 2020-02-13 23:28 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationControlCSP.dll
2020-02-13 23:28 - 2020-02-13 23:28 - 000089912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2020-02-13 23:28 - 2020-02-13 23:28 - 000088352 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2020-02-13 23:28 - 2020-02-13 23:28 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcicda.dll
2020-02-13 23:28 - 2020-02-13 23:28 - 000034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mciwave.dll
2020-02-13 23:28 - 2020-02-13 23:28 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mciseq.dll
2020-02-13 23:00 - 2020-01-16 05:07 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-02-13 23:00 - 2020-01-16 04:23 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-02-11 09:06 - 2020-02-11 09:09 - 001295910 _____ C:\Users\Michal\Documents\IMG_20200211_0001.pdf
2020-02-10 17:04 - 2020-02-15 11:36 - 000000000 ____D C:\Users\Michal\Desktop\Ověření pokerstars
2020-02-06 00:19 - 2020-02-06 00:19 - 000000000 ____D C:\ProgramData\IObit
2020-02-05 12:53 - 2020-02-05 12:53 - 000001898 _____ C:\Users\Public\Desktop\Call of Duty(R) 2 Singleplayer.lnk
2020-02-05 12:53 - 2020-02-05 12:53 - 000001898 _____ C:\Users\Public\Desktop\Call of Duty(R) 2 Multiplayer.lnk
2020-02-05 12:53 - 2020-02-05 12:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision
2020-02-05 12:47 - 2020-02-05 12:47 - 000000000 ____D C:\Program Files (x86)\Activision
2020-02-05 12:37 - 2020-02-05 12:37 - 000059360 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtliteusbbus.sys
2020-02-05 12:37 - 2020-02-05 12:37 - 000042256 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtlitescsibus.sys
2020-02-05 12:37 - 2020-02-05 12:37 - 000000841 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2020-02-05 12:37 - 2020-02-05 12:37 - 000000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2020-02-05 12:37 - 2020-02-05 12:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\DAEMON Tools Lite
2020-02-05 12:36 - 2020-02-05 12:37 - 000000000 ____D C:\Program Files\DAEMON Tools Lite
2020-02-05 12:16 - 2020-02-05 13:52 - 000000000 ____D C:\Users\Michal\Desktop\CoD 2 (Fragmovie)
2020-02-05 12:03 - 2020-02-05 12:03 - 000000000 ____D C:\Users\Michal\Apple
2020-02-05 11:48 - 2020-02-05 11:48 - 000000000 ____D C:\ProgramData\Apple Computer
2020-02-05 10:54 - 2020-02-05 12:10 - 000000000 ____D C:\Users\Michal\Downloads\Call of Duty 2
2020-01-31 00:40 - 2020-01-31 00:40 - 000000000 ____D C:\Users\Michal\Desktop\received_10208834434840651.jpeg
2020-01-30 12:07 - 2020-01-30 12:07 - 000000000 ____D C:\Users\Michal\Downloads\Horgasm

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-02-26 22:48 - 2019-08-17 00:04 - 000004190 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{CABECE84-86C6-43C6-8717-6B4734068859}
2020-02-26 22:40 - 2019-03-19 04:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-02-26 22:21 - 2019-08-16 23:29 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-02-26 18:13 - 2020-01-08 13:04 - 000000000 ____D C:\Program Files (x86)\PokerStars.UK
2020-02-26 18:13 - 2019-03-09 10:03 - 000000000 ____D C:\Users\Michal\AppData\Local\PokerStars.CZ
2020-02-26 17:44 - 2020-01-08 13:04 - 000000000 ____D C:\Users\Michal\AppData\Local\PokerStars.UK
2020-02-26 16:03 - 2019-03-09 10:03 - 000000000 ____D C:\Program Files (x86)\PokerStars.CZ
2020-02-26 15:58 - 2015-10-15 16:44 - 000000000 ____D C:\Users\Michal\AppData\Roaming\uTorrent
2020-02-26 15:57 - 2019-03-19 04:50 - 000000000 ____D C:\WINDOWS\INF
2020-02-26 15:33 - 2017-04-17 14:34 - 000001279 _____ C:\Users\Michal\Desktop\Nový textový dokument.txt
2020-02-26 14:43 - 2019-08-17 00:04 - 000003242 _____ C:\WINDOWS\system32\Tasks\HPCeeScheduleForMichal
2020-02-26 14:43 - 2019-05-24 15:39 - 000000346 _____ C:\WINDOWS\Tasks\HPCeeScheduleForMichal.job
2020-02-26 12:37 - 2020-01-16 03:07 - 000000000 ____D C:\Users\Michal\Documents\Youcam
2020-02-26 12:34 - 2017-07-18 17:18 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2020-02-26 12:34 - 2015-10-15 10:58 - 000000000 __SHD C:\Users\Michal\IntelGraphicsProfiles
2020-02-26 00:04 - 2019-03-19 04:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-02-26 00:04 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-02-26 00:03 - 2017-12-01 14:51 - 000000000 ____D C:\Users\Michal\AppData\Local\Packages
2020-02-24 22:31 - 2015-10-22 16:50 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-02-24 18:40 - 2019-05-09 19:41 - 000000000 ____D C:\Users\Michal\AppData\Local\BitTorrentHelper
2020-02-24 18:30 - 2015-10-15 16:28 - 000000000 ____D C:\Users\Michal\Downloads\Torrents
2020-02-21 12:44 - 2019-12-01 12:31 - 000010378 _____ C:\Users\Michal\Desktop\pw.xlsx
2020-02-20 00:16 - 2019-03-19 04:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-02-19 23:00 - 2019-11-29 17:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2020-02-19 11:08 - 2019-08-16 23:52 - 001843996 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-02-19 11:08 - 2019-03-19 11:55 - 000752246 _____ C:\WINDOWS\system32\perfh005.dat
2020-02-19 11:08 - 2019-03-19 11:55 - 000162686 _____ C:\WINDOWS\system32\perfc005.dat
2020-02-19 11:03 - 2019-08-17 00:04 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-02-19 11:02 - 2019-03-19 04:37 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2020-02-14 10:26 - 2020-01-08 19:00 - 000000000 ____D C:\Users\Michal\Downloads\Knives.Out.2019.DVDScr.XVID.AC3.HQ.Hive-CM8
2020-02-14 00:45 - 2017-12-01 15:17 - 000000000 ___RD C:\Users\Michal\3D Objects
2020-02-14 00:45 - 2015-10-15 09:47 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-02-14 00:42 - 2019-08-16 23:29 - 005208232 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-02-14 00:38 - 2019-03-19 04:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2020-02-14 00:38 - 2019-03-19 04:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-02-14 00:38 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2020-02-14 00:38 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-02-14 00:38 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-02-14 00:38 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2020-02-14 00:38 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2020-02-14 00:38 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2020-02-14 00:38 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-02-14 00:38 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-02-14 00:38 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-02-14 00:38 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-02-14 00:38 - 2019-03-19 04:37 - 000000000 ____D C:\WINDOWS\servicing
2020-02-14 00:02 - 2015-10-22 17:27 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-02-13 23:44 - 2015-10-22 17:27 - 120407888 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-02-11 09:09 - 2019-11-25 14:14 - 000000000 ____D C:\ProgramData\CanonIJPLM
2020-02-10 16:18 - 2018-05-23 00:09 - 000000000 ____D C:\Users\Michal\AppData\Local\PlaceholderTileLogoFolder
2020-02-10 15:02 - 2019-08-17 00:04 - 000003358 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3507090519-2906103732-331209134-1001
2020-02-10 15:01 - 2019-08-16 23:40 - 000002406 _____ C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-02-10 15:01 - 2015-10-15 11:07 - 000000000 ___RD C:\Users\Michal\OneDrive
2020-02-08 01:57 - 2020-01-22 12:55 - 000000000 ____D C:\Users\Michal\Downloads\Gemini Man (2019) [WEBRip] [1080p] [YTS.LT]
2020-02-07 01:07 - 2019-02-20 17:44 - 000000000 ____D C:\Users\Michal\AppData\Local\D3DSCache
2020-02-06 00:17 - 2019-08-16 23:40 - 000000000 ____D C:\Users\Michal
2020-02-06 00:07 - 2017-07-18 17:18 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos
2020-02-06 00:07 - 2015-06-06 13:30 - 000000000 ____D C:\ProgramData\CyberLink
2020-02-06 00:07 - 2015-06-06 13:29 - 000000000 ____D C:\Program Files (x86)\CyberLink
2020-02-06 00:07 - 2014-11-21 21:30 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2020-02-06 00:02 - 2014-11-21 21:29 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2020-02-05 23:13 - 2017-09-01 11:31 - 000000000 ____D C:\Users\Michal\AppData\Roaming\DAEMON Tools Lite
2020-02-05 22:33 - 2017-09-08 17:24 - 000000000 ____D C:\Counter-Strike 1.6
2020-02-05 22:31 - 2019-08-17 00:04 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-02-05 12:53 - 2015-10-16 23:09 - 000000293 _____ C:\WINDOWS\game.ini
2020-02-05 12:37 - 2017-09-01 11:30 - 000000000 ____D C:\ProgramData\DAEMON Tools Lite
2020-02-05 11:49 - 2017-12-01 14:48 - 000000000 ____D C:\ProgramData\Apple
2020-02-05 11:47 - 2018-07-10 09:49 - 000000000 ____D C:\ProgramData\Packages
2020-02-05 10:05 - 2019-08-17 00:04 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-02-05 10:05 - 2019-08-17 00:04 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-01-30 11:11 - 2020-01-22 23:04 - 000000000 ____D C:\Users\Michal\Downloads\Alpha (2018) [BluRay] [1080p] [YTS.AM]
2020-01-29 00:04 - 2020-01-22 23:04 - 000000000 ____D C:\Users\Michal\Downloads\Deepwater Horizon (2016) [1080p] [YTS.AG]
2020-01-29 00:04 - 2020-01-22 22:56 - 000000000 ____D C:\Users\Michal\Downloads\Tomb Raider (2018) [BluRay] [1080p] [YTS.AM]
2020-01-29 00:04 - 2020-01-22 12:55 - 000000000 ____D C:\Users\Michal\Downloads\The Irishman (2019) [WEBRip] [1080p] [YTS.LT]
2020-01-29 00:04 - 2020-01-22 12:30 - 000000000 ____D C:\Users\Michal\Downloads\Shoplifters - Manbiki kazoku [2018 - Japan] crime drama

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-02-2020
Ran by Michal (26-02-2020 22:52:42)
Running from C:\Users\Michal\Desktop
Windows 10 Home Version 1903 18362.657 (X64) (2019-08-17 00:06:05)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3507090519-2906103732-331209134-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3507090519-2906103732-331209134-503 - Limited - Disabled)
Guest (S-1-5-21-3507090519-2906103732-331209134-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3507090519-2906103732-331209134-1003 - Limited - Enabled)
Mamina (S-1-5-21-3507090519-2906103732-331209134-1004 - Limited - Enabled) => C:\Users\Mamina
Michal (S-1-5-21-3507090519-2906103732-331209134-1001 - Administrator - Enabled) => C:\Users\Michal
WDAGUtilityAccount (S-1-5-21-3507090519-2906103732-331209134-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3507090519-2906103732-331209134-1001\...\uTorrent) (Version: 3.5.5.45574 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.23) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM-x32\...\Adobe Shockwave Player) (Version: 10.2.0.22 - Adobe Systems, Inc.)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.69.1079 - AB Team, d.o.o.)
Call of Duty(R) 2 (HKLM-x32\...\{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.00.0000 - Activision) Hidden
Call of Duty(R) 2 (HKLM-x32\...\InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.00.0000 - Activision)
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (HKLM-x32\...\InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}) (Version: - ) Hidden
Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.0.19 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.3.1.4 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.1.0 - Canon Inc.)
Canon MG3000 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3000_series) (Version: 1.03 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.44 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Counter-Strike 1.6 v43g (HKU\S-1-5-21-3507090519-2906103732-331209134-1001\...\Counter-Strike 1.6_is1) (Version: - Valve)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.7.4023 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.7.4016 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.5.4502 - CyberLink Corp.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.12.0.1114 - Disc Soft Ltd)
DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.122 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP CoolSense (HKLM-x32\...\{ADE2F6A7-E7BD-4955-BD66-30903B223DDF}) (Version: 2.20.41 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{03D15668-8F54-47C0-BFF2-6F966E4DF052}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7493.4758 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.11 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{904822F1-6C7D-4B91-B936-6A1C0810544C}) (Version: 7.7.34.34 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{8B4EE87E-6D40-4C91-B5E8-0DC77DC412F1}) (Version: 1.4.1 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{A89DE093-1CDB-49D0-A14B-4547C64D507E}) (Version: 2.5.6 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
Inst5675 (HKLM\...\{2DE6247C-7077-451B-8BA7-FFD1A2ABBB47}) (Version: 8.01.11 - Softex Inc.) Hidden
Inst5676 (HKLM\...\{878F6913-7421-4713-97F7-0A736EE2A188}) (Version: 8.01.11 - Softex Inc.) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.28.1006 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3977 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.5.0.1056 - Intel Corporation)
Intel(R) Small Business Advantage (HKLM-x32\...\{6A6D86CD-B004-46b7-8951-7BB75A776F8C}) (Version: 3.1.55.8776 - Intel(R) Corporation)
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{f5d71765-7cd1-4e68-998f-5b379e725da3}) (Version: 10.0.22 - Intel(R) Corporation) Hidden
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.72 - McAfee, LLC.)
Microsoft Office Standard 2013 (HKLM-x32\...\Office15.STANDARD) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3507090519-2906103732-331209134-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0005 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.21 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21260 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.34.617.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7495 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.39 - REALTEK Semiconductor Corp.)
Registrace uživatele zařízení Canon MG3000 series (HKLM-x32\...\Registrace uživatele zařízení Canon MG3000 series) (Version: - ‭Canon Inc.)
Skype verze 8.56 (HKLM-x32\...\Skype_is1) (Version: 8.56 - Skype Technologies S.A.)
SopCast 4.2.0 (HKLM-x32\...\SopCast) (Version: 4.2.0 - http://www.sopcast.com)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
Vegas Pro 13.0 (64-bit) (HKLM-x32\...\Vegas Pro 13.0 (64-bit)) (Version: 13.0 (64-bit) - Exµs ™)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

Packages:
=========
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_2.8.0.1_neutral__6e5tt8cgb93ep [2020-02-06] (Canon Inc.)
HP Registration -> C:\Program Files\WindowsApps\AD2F1837.HPRegistration_1.2.1.166_neutral__v10z8vjag6ke6 [2015-10-16] (Hewlett-Packard Company)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa [2020-02-05] (Apple Inc.) [Startup Task]
McAfee® Central for HP -> C:\Program Files\WindowsApps\2703103D.McAfeeCentral_5.0.177.1_x64__4ehj4w4frejdr [2018-04-03] (.-McAfee Inc-.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-11] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-11] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.35.20273.0_x64__8wekyb3d8bbwe [2020-02-03] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-13] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-17] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-15] (Microsoft Corporation) [MS Ad]
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2019-08-01] (Microsoft Corporation)
Začínáme se systémem Windows 8 -> C:\Program Files\WindowsApps\AD2F1837.GettingStartedwithWindows8_1.6.0.0_neutral__v10z8vjag6ke6 [2015-10-16] (Hewlett-Packard Company)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3507090519-2906103732-331209134-1001_Classes\CLSID\{D9AC5E73-BB10-467b-B884-AA1E475C51F5}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2014-04-17] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2014-04-17] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-02-05] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-02-05] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers4: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-10-20] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2014-03-28 12:31 - 2014-03-28 12:31 - 002110464 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2014-03-28 12:27 - 2014-03-28 12:27 - 000021504 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2014-03-28 12:27 - 2014-03-28 12:27 - 000055296 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2014-03-28 12:27 - 2014-03-28 12:27 - 000035328 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2014-03-28 12:47 - 2014-03-28 12:47 - 000646656 _____ (Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\OpBHO64.dll
2014-03-28 12:29 - 2014-03-28 12:29 - 000692224 _____ (Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\storeng.dll
2014-03-28 12:32 - 2014-03-28 12:32 - 001107968 _____ (Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\userdata.dll
2010-11-18 20:08 - 2010-11-18 20:08 - 000086016 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2014-10-09 12:54 - 2014-10-09 12:54 - 000541696 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2014-10-09 12:54 - 2014-10-09 12:54 - 000297472 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2019-08-17 00:20 - 2019-08-17 00:20 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL
2014-03-28 12:48 - 2014-03-28 12:48 - 000712080 _____ (Softex Incorporated -> ) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2014-03-28 12:48 - 2014-03-28 12:48 - 000367504 _____ (Softex Incorporated -> ) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2014-03-28 12:48 - 2014-03-28 12:48 - 000759184 _____ (Softex Incorporated -> Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\hdddrv.dll
2014-03-28 12:48 - 2014-03-28 12:48 - 001204112 _____ (Softex Incorporated -> Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\Wbf.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 13:25 - 2013-08-22 13:25 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Hewlett-Packard\SimplePass\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Common Files\Autodesk Shared\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3507090519-2906103732-331209134-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Michal\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "IJNetworkScannerSelectorEX2"
HKU\S-1-5-21-3507090519-2906103732-331209134-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3507090519-2906103732-331209134-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-3507090519-2906103732-331209134-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-3507090519-2906103732-331209134-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3507090519-2906103732-331209134-1001\...\StartupApproved\Run: => "Skype for Desktop"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{CE9CDC9C-B7E6-4D52-8479-2FAA8359075C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe No File
FirewallRules: [{9268194B-A64D-436E-A074-C02C4DA2A629}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe No File
FirewallRules: [{E3AE1C80-54EE-452D-BBC4-7C908A5EB18B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe No File
FirewallRules: [{4713DAB8-1F32-4A96-B888-E96702FB345A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe No File
FirewallRules: [UDP Query User{112818A7-04F3-4DD0-AB97-AC97658F1246}C:\users\michal\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\michal\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{06C05E7C-8D5B-401A-A7C8-19202B172C5E}C:\users\michal\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\michal\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{23A1D70B-B161-4304-9E79-671421505022}C:\counter-strike 1.6\hl.exe] => (Allow) C:\counter-strike 1.6\hl.exe (Valve) [File not signed]
FirewallRules: [TCP Query User{5D07D10B-CB1F-46E1-8745-A839AFBB47FE}C:\counter-strike 1.6\hl.exe] => (Allow) C:\counter-strike 1.6\hl.exe (Valve) [File not signed]
FirewallRules: [{ED6B7532-A482-41F0-BC1C-E695F797AE45}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{DBFEA3F5-A1E1-4738-B8F0-4A3C32827F1C}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{53207598-F980-4205-BDD8-AE22456FE3D4}] => (Block) C:\program files (x86)\sopcast\sopcast.exe (http://www.sopcast.com) [File not signed]
FirewallRules: [{1BB0EB0E-2751-4F0A-AC1D-CE789E7B5188}] => (Block) C:\program files (x86)\sopcast\sopcast.exe (http://www.sopcast.com) [File not signed]
FirewallRules: [UDP Query User{5D176640-82F2-4853-89FE-E960D9C911A9}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe (http://www.sopcast.com) [File not signed]
FirewallRules: [TCP Query User{9030080E-6BDB-43A1-8A80-CE8FE1BF3A82}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe (http://www.sopcast.com) [File not signed]
FirewallRules: [{CCAC49A6-F23F-4795-AF01-51B2730F690F}] => (Allow) C:\Program Files (x86)\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{F29196AF-8F55-414F-8672-E6B756F64EAC}] => (Allow) C:\Program Files (x86)\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{8FA5AED2-2A07-4DA1-A6BC-CC7203A19D76}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{562F4D5C-8CBE-4739-A63C-6FDBF280B199}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{946ED36D-769A-4175-97FD-69C0C8B798B0}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{0C2FDF37-B3B2-41D4-8303-6E8820629E3A}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [TCP Query User{71D5C375-1A5E-476C-B1D4-21A7AB30C1D6}C:\users\michal\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\michal\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{C7DF7CA9-302C-47EF-8EB4-62F3801F5130}C:\users\michal\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\michal\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{2B876774-2A9C-40EF-BD17-A2C9A291C8FA}C:\counter-strike 1.6\hl.exe] => (Allow) C:\counter-strike 1.6\hl.exe (Valve) [File not signed]
FirewallRules: [UDP Query User{6C20FD93-A3E9-4FD3-9B7E-D05ECCFD3E57}C:\counter-strike 1.6\hl.exe] => (Allow) C:\counter-strike 1.6\hl.exe (Valve) [File not signed]
FirewallRules: [{60E5623C-564D-4A31-BB52-E4E0F446F047}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{48B5CD41-D6A2-4B45-B5B6-0C149C57253E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{28B30761-A50B-4D00-A6CF-48A9B217312B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{492CBB49-878E-44C9-B561-C00ABBC5E639}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7D731767-E6F5-4552-BCF1-E6B2B3AFD78A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{01619250-21E0-4ACD-B783-8E29ACA2776A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{40F1E06A-93B5-49B6-85E0-411862DAA552}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{313C8F10-A461-40C6-838F-1014F2CBA9A6}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D5745CBF-2C0D-4B3D-8D42-DCB77031C60E}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{46EC117C-8842-4C56-A817-50961081CEEC}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [TCP Query User{41A509E0-0102-4817-8A56-E57864319CF2}C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe] => (Allow) C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe () [File not signed]
FirewallRules: [UDP Query User{F3E73BF9-6685-49CC-A66F-5B98DBCEB548}C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe] => (Allow) C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe () [File not signed]
FirewallRules: [{FEE3422E-3268-41E8-8E0F-3549B130987F}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{35187A2B-CEAE-44F2-AC08-940219FCC55D}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0B1F0866-5357-47D8-9191-E29A7412EB5D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

05-02-2020 11:56:42 Windows Update
13-02-2020 22:59:20 Windows Update
19-02-2020 10:30:13 Instalační služba modulů systému Windows
26-02-2020 18:17:32 Removed Bonjour

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (02/26/2020 08:14:09 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (256,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (02/26/2020 07:06:01 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10292,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (02/26/2020 06:16:07 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8816,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (02/26/2020 05:50:52 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (11048,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (02/26/2020 05:41:18 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (14760,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (02/26/2020 04:48:38 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (11712,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (02/26/2020 04:31:26 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10308,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (02/26/2020 04:14:30 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (14676,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).


System errors:
=============
Error: (02/25/2020 02:42:45 AM) (Source: DCOM) (EventID: 10010) (User: RYBA)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/22/2020 11:25:08 PM) (Source: disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR3.

Error: (02/19/2020 11:09:36 AM) (Source: DCOM) (EventID: 10010) (User: RYBA)
Description: Server Microsoft.Windows.ContentDeliveryManager_10.0.18362.449_neutral_neutral_cw5n1h2txyewy!App.AppXdca9rykvbm0qn1fw9m2dbx828p2w3h8p.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/19/2020 11:03:06 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba npf neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (02/19/2020 11:03:06 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba HuaweiHiSuiteService64.exe neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (02/18/2020 12:29:45 AM) (Source: DCOM) (EventID: 10000) (User: RYBA)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (02/17/2020 12:26:11 PM) (Source: DCOM) (EventID: 10000) (User: RYBA)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (02/17/2020 12:15:56 PM) (Source: DCOM) (EventID: 10000) (User: RYBA)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}


Windows Defender:
===================================
Date: 2020-02-20 12:53:28.784
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {2733FAE7-6BC4-41F0-95A6-E616F80F4270}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-01-28 10:57:05.450
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {EFC53D44-7408-4CF3-B8D6-A41FCF9757BC}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-01-25 23:21:30.443
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {9EBD0933-2E4F-4850-94C1-58EACA3F7163}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-01-25 23:11:32.672
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {23EE0E14-F2FA-4814-9DE8-39C69F6608B7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-01-25 00:04:26.522
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {8FC1F502-AF6D-4A41-BFA6-5063AEA7EA06}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-02-26 12:45:46.670
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.273.1208.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15100.1
Kód chyby: 0x80070645
Popis chyby: Tato akce je platná pouze u produktů, které jsou momentálně nainstalovány.

Date: 2020-02-26 12:45:46.670
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.273.1208.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15100.1
Kód chyby: 0x80070645
Popis chyby: Tato akce je platná pouze u produktů, které jsou momentálně nainstalovány.

Date: 2020-02-26 12:45:46.669
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.273.1208.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15100.1
Kód chyby: 0x80070645
Popis chyby: Tato akce je platná pouze u produktů, které jsou momentálně nainstalovány.

Date: 2020-02-25 23:44:05.546
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.273.1208.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15100.1
Kód chyby: 0x80070645
Popis chyby: Tato akce je platná pouze u produktů, které jsou momentálně nainstalovány.

Date: 2020-02-25 23:44:05.545
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.273.1208.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15100.1
Kód chyby: 0x80070645
Popis chyby: Tato akce je platná pouze u produktů, které jsou momentálně nainstalovány.

CodeIntegrity:
===================================

Date: 2019-08-21 08:29:56.314
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2019-08-21 08:29:56.300
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2019-08-20 19:23:02.493
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2019-08-20 19:23:02.475
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2019-08-20 19:03:15.807
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2019-08-19 17:08:23.902
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2019-08-18 23:15:29.944
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2019-08-18 23:14:16.865
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.

==================== Memory info ===========================

BIOS: Insyde F.12 03/23/2015
Motherboard: Hewlett-Packard 803A
Processor: Intel(R) Core(TM) i3-5010U CPU @ 2.10GHz
Percentage of memory in use: 79%
Total physical RAM: 3995.02 MB
Available physical RAM: 820.79 MB
Total Virtual: 9076.63 MB
Available Virtual: 3699.29 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:446.08 GB) (Free:322.66 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:17.7 GB) (Free:2.02 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{128fa337-982c-440f-9c10-c8b8e4c82ab7}\ (WINRE) (Fixed) (Total:0.63 GB) (Free:0.36 GB) NTFS
\\?\Volume{ee2b1469-60bf-4a22-8bc8-4fef3e25f8bc}\ () (Fixed) (Total:0.96 GB) (Free:0.38 GB) NTFS
\\?\Volume{914f2196-7e1e-4dd4-b59e-6c2f42e9bb5d}\ () (Fixed) (Total:0.25 GB) (Free:0.14 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 1E1F4777)

Partition: GPT.

==================== End of Addition.txt =======================

[JaRon]

ahoj
Tvorba fixlistu pro FRST
•Spustte poznamkovy blok (Start-spustit-notepad)
•Zkopirujte skript >>

Kód: Vybrat vše

Start
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
Task: {0E66EC4F-4116-4F19-98AC-278F50217183} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {0EEB9A1C-DFE5-423D-AECA-082D251DBCF6} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {11E019A3-7FBA-4418-A614-1589C37DC7A2} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {14113A54-12C6-4A24-B544-804447AA4256} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {1891926E-817F-4D86-B229-3BAE6FB98FFF} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {20EBDB21-98CE-4162-8C53-DEDB28D1D0AD} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {5E035BFB-51C2-4ABA-912F-7ADB3D389C32} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {5F8DC1EA-9EE2-4AE0-B8A5-0EA9C6CADA2D} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {80E183E6-F78D-42EE-92FD-A4A13D4BB897} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {8D79EEC8-44D1-449E-8E27-CBFA81E2C47E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {8EF5AFB4-6E9D-45BF-8E9C-53C37C48F2A4} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {C80225A4-C0FB-4ADA-AD99-6E09607FD619} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {EA46B3AB-EB24-47EF-B856-8FAE9AEDC9EF} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {FBF04E67-E5F8-484D-B787-20334305590B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {FF2A2907-F23E-43C2-B536-33EFA547B943} - \Microsoft\Windows\Setup\EOONotify -> No File <==== ATTENTION
S2 HuaweiHiSuiteService64.exe; "C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe" -/service [X]
S2 npf; \??\C:\WINDOWS\system32\drivers\npf.sys [X]
2020-02-06 00:19 - 2020-02-06 00:19 - 000000000 ____D C:\ProgramData\IObit




EmptyTemp:
Reboot:
End

•Ulozte vytvoreny TXT jako fixlist.txt
•Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe
•Kliknete na Fix
•Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

[chikoryba]

Tady fixlog.

Fix result of Farbar Recovery Scan Tool (x64) Version: 26-02-2020
Ran by Michal (28-02-2020 00:12:05) Run:1
Running from C:\Users\Michal\Desktop
Loaded Profiles: Michal (Available Profiles: Michal & Mamina)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
Task: {0E66EC4F-4116-4F19-98AC-278F50217183} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {0EEB9A1C-DFE5-423D-AECA-082D251DBCF6} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {11E019A3-7FBA-4418-A614-1589C37DC7A2} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {14113A54-12C6-4A24-B544-804447AA4256} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {1891926E-817F-4D86-B229-3BAE6FB98FFF} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {20EBDB21-98CE-4162-8C53-DEDB28D1D0AD} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {5E035BFB-51C2-4ABA-912F-7ADB3D389C32} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {5F8DC1EA-9EE2-4AE0-B8A5-0EA9C6CADA2D} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {80E183E6-F78D-42EE-92FD-A4A13D4BB897} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {8D79EEC8-44D1-449E-8E27-CBFA81E2C47E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {8EF5AFB4-6E9D-45BF-8E9C-53C37C48F2A4} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {C80225A4-C0FB-4ADA-AD99-6E09607FD619} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {EA46B3AB-EB24-47EF-B856-8FAE9AEDC9EF} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {FBF04E67-E5F8-484D-B787-20334305590B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {FF2A2907-F23E-43C2-B536-33EFA547B943} - \Microsoft\Windows\Setup\EOONotify -> No File <==== ATTENTION
S2 HuaweiHiSuiteService64.exe; "C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe" -/service [X]
S2 npf; \??\C:\WINDOWS\system32\drivers\npf.sys [X]
2020-02-06 00:19 - 2020-02-06 00:19 - 000000000 ____D C:\ProgramData\IObit




EmptyTemp:
Reboot:
End
*****************

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0E66EC4F-4116-4F19-98AC-278F50217183}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0E66EC4F-4116-4F19-98AC-278F50217183}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0EEB9A1C-DFE5-423D-AECA-082D251DBCF6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0EEB9A1C-DFE5-423D-AECA-082D251DBCF6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{11E019A3-7FBA-4418-A614-1589C37DC7A2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{11E019A3-7FBA-4418-A614-1589C37DC7A2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{14113A54-12C6-4A24-B544-804447AA4256}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{14113A54-12C6-4A24-B544-804447AA4256}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1891926E-817F-4D86-B229-3BAE6FB98FFF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1891926E-817F-4D86-B229-3BAE6FB98FFF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-Weekend" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{20EBDB21-98CE-4162-8C53-DEDB28D1D0AD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{20EBDB21-98CE-4162-8C53-DEDB28D1D0AD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5E035BFB-51C2-4ABA-912F-7ADB3D389C32}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5E035BFB-51C2-4ABA-912F-7ADB3D389C32}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5F8DC1EA-9EE2-4AE0-B8A5-0EA9C6CADA2D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5F8DC1EA-9EE2-4AE0-B8A5-0EA9C6CADA2D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{80E183E6-F78D-42EE-92FD-A4A13D4BB897}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{80E183E6-F78D-42EE-92FD-A4A13D4BB897}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8D79EEC8-44D1-449E-8E27-CBFA81E2C47E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8D79EEC8-44D1-449E-8E27-CBFA81E2C47E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8EF5AFB4-6E9D-45BF-8E9C-53C37C48F2A4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8EF5AFB4-6E9D-45BF-8E9C-53C37C48F2A4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C80225A4-C0FB-4ADA-AD99-6E09607FD619}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C80225A4-C0FB-4ADA-AD99-6E09607FD619}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EA46B3AB-EB24-47EF-B856-8FAE9AEDC9EF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EA46B3AB-EB24-47EF-B856-8FAE9AEDC9EF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FBF04E67-E5F8-484D-B787-20334305590B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FBF04E67-E5F8-484D-B787-20334305590B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FF2A2907-F23E-43C2-B536-33EFA547B943}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FF2A2907-F23E-43C2-B536-33EFA547B943}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\EOONotify" => removed successfully
HKLM\System\CurrentControlSet\Services\HuaweiHiSuiteService64.exe => removed successfully
HuaweiHiSuiteService64.exe => service removed successfully
HKLM\System\CurrentControlSet\Services\npf => removed successfully
npf => service removed successfully
C:\ProgramData\IObit => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 14796842 B
Java, Flash, Steam htmlcache => 1203 B
Windows/system/drivers => 1787274 B
Edge => 49765 B
Chrome => 401973708 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 17412 B
Michal => 143916115 B
Mamina => 143962769 B

RecycleBin => 0 B
EmptyTemp: => 684 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 00:13:02 ====

[JaRon]

OK, docisti registre CCleanerom + preventivne prescanuj s ADWCleanerom a hotovo