VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Pomalý NTB Lenovo.

https://forum.viry.cz:443/viewtopic.php?t=156902

Stránka 1 z 1

Pomalý NTB Lenovo.

Napsal: 03 bře 2020 14:02
od Bramby
Zdravím. Chtěl bych poprosit o kontrolu logu. V poslední době se mi extrémě zpomalil ntb. Aplikace se otvírají strašně dlouho, sekají se atd. Předem děkuji. R
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\System32\SASrv.exe
(Conexant Systems, Inc.) [File not signed] C:\Program Files\CONEXANT\SAII\CxUtilSvc.exe
(Conexant Systems, Inc.) [File not signed] C:\Windows\SysWOW64\UIUSrv.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD14\PDVD14Serv.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Fortemedia Inc -> ) C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.442\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.442\GoogleCrashHandler64.exe
(Google LLC -> Google) C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\SwReporter\80.229.200\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\SwReporter\80.229.200\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\SwReporter\80.229.200\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\SwReporter\80.229.200\software_reporter_tool.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_8c1fc948b5a01c52\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_8c1fc948b5a01c52\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_8c1fc948b5a01c52\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_8c1fc948b5a01c52\IntelCpHeciSvc.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\avp.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\avpui.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_tray.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 4.0\ksde.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 4.0\ksdeui.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(LENOVO -> Lenovo(beijing) Limited) C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\lenovo\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.10-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.10-0\NisSrv.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\AdminService.exe
(SweetLabs Inc. -> SweetLabs, Inc) C:\Users\lenovo\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [602968 2015-12-07] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [LenovoUtility] => C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe [911272 2017-07-27] (LENOVO -> Lenovo(beijing) Limited)
HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [849920 2017-03-07] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1831768 2016-08-29] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)
HKU\S-1-5-21-2987764013-1811657783-4270173989-1001\...\Run: [eM Client] => C:\Program Files (x86)\eM Client\MailClient.exe [22625232 2019-10-11] (eM Client, s.r.o. -> eM Client s.r.o.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.122\Installer\chrmstp.exe [2020-02-25] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0D4F1C1C-2CE8-443C-B26C-5ABAFFB1E256} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\MpCmdRun.exe [473544 2020-03-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1787E68D-118F-48D3-AA57-B0F20143E25C} - System32\Tasks\App Explorer => C:\Users\lenovo\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [7470248 2020-01-07] (SweetLabs Inc. -> SweetLabs, Inc) <==== ATTENTION
Task: {22CA428B-C034-4683-9766-00CC2A319D67} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [791232 2019-12-19] (Kaspersky Lab -> AO Kaspersky Lab)
Task: {275A584C-F07C-42DB-9E92-36E332BA8DED} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115024 2020-02-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {27B931E6-71D6-4C32-8B55-FB4CA5B79BF7} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\882c544a-3838-42b3-832a-3b087b3d596d => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [77208 2019-09-23] (Lenovo -> Lenovo Group Ltd.)
Task: {2A7C0ECE-8A16-41F2-8998-8D52CB90A7D8} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\3732e6d8-3dec-4192-833e-96daf273d46d => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [77208 2019-09-23] (Lenovo -> Lenovo Group Ltd.)
Task: {2BE0178C-ED14-4BFB-BEEB-F705C077E68C} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [190744 2016-10-07] (CyberLink Corp. -> CyberLink)
Task: {33425D68-DF5C-4BD1-A9CB-38020359F8BA} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [54144 2019-09-23] (Lenovo -> Lenovo Group Ltd.)
Task: {33BCA483-26CC-46A2-95DF-163A652E7B25} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24568696 2020-02-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {3E67B93F-3B42-4CD6-B457-D0BB2E1AB3EB} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1448840 2020-02-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {4F61BEBF-9507-4B88-A6E6-1EC9EB452A44} - System32\Tasks\PDVDServ14 Task => C:\Program Files (x86)\CyberLink\PowerDVD14\PDVD14Serv.exe [88344 2016-07-14] (CyberLink Corp. -> CyberLink Corp.)
Task: {54AB97AF-F0B7-479B-89AE-4DF9E96AD17F} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {55BC935E-EFB1-4702-B4FC-D8D57CFE627D} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1353616 2020-02-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {5C0C85C6-568C-4C07-9E4C-B2DF1067D574} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115024 2020-02-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {7B3C9920-0D04-4239-B88F-BA549FC81A17} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => "%windir%\system32\WindowsPowerShell\v1.0\PowerShell.exe" "powershell -executionpolicy bypass -file %ProgramData%\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\data\Maintenance.ps1"
Task: {8D34CA55-0CE7-419D-88D6-18718EC06C32} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-12] (Google Inc -> Google Inc.)
Task: {9D485BA4-EB58-43B2-869D-D5502FC22829} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\MpCmdRun.exe [473544 2020-03-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A19FCA02-5EB9-4C05-9087-277895B1F2BC} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24568696 2020-02-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {A31DADED-D0EE-406B-A81C-ACDA3FF40F6C} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\Lenovo\Power2Go\CLVDLauncher.exe [347416 2016-09-20] (CyberLink Corp. -> CyberLink Corp.)
Task: {A5DD6156-32E4-4EDD-B7A3-CBB9E6C63D9E} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1353616 2020-02-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {AAD0E179-5AD4-4CB9-B4E1-58F5F7329BD9} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => %windir%\system32\sc.exe START ImControllerService
Task: {B9E0A73A-CD87-4ECD-BCF8-CF8BA31C8C3E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\MpCmdRun.exe [473544 2020-03-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BB4EA0CD-248F-4F35-BA88-7A6BAE32C969} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\dea9b77d-82aa-4680-883b-bc9d28cb8317 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [77208 2019-09-23] (Lenovo -> Lenovo Group Ltd.)
Task: {C86C7CDC-E6A2-4326-8C7F-175723C9C24B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\MpCmdRun.exe [473544 2020-03-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C9548F13-BF21-4B7E-9F61-C3DE047931C0} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {DB4D42FE-4752-4CB9-B048-8587E7727C34} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-12] (Google Inc -> Google Inc.)
Task: {E0780C2B-E959-42AA-A645-073BC9A6E60B} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [909112 2016-07-27] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
Task: {EAD42ACE-80F4-427E-B486-FD874D4F1AF1} - System32\Tasks\kpm_tray.exe => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_tray.exe [629864 2020-02-21] (Kaspersky Lab -> AO Kaspersky Lab)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{85e412d5-1652-4deb-8c65-a990ccfb7449}: [DhcpNameServer] 212.158.128.3 212.158.128.36
Tcpip\..\Interfaces\{bca026cc-45d0-4794-8c07-24434d784adf}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{f331a896-8f06-48d8-b310-a4d91ca4fa32}: [NameServer] 8.8.8.8,8.8.4.4

Internet Explorer:
==================
HKU\S-1-5-21-2987764013-1811657783-4270173989-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-2987764013-1811657783-4270173989-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-2987764013-1811657783-4270173989-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO: Kaspersky Protection -> {9F904093-6E18-4536-BF5F-B03689CF00F0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\IEExt\ie_plugin.dll [2020-01-16] (Kaspersky Lab -> AO Kaspersky Lab)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Kaspersky Protection -> {9F904093-6E18-4536-BF5F-B03689CF00F0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\IEExt\ie_plugin.dll [2020-01-16] (Kaspersky Lab -> AO Kaspersky Lab)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM - Kaspersky Protection Toolbar - {EF293C5A-9F37-49FD-91C4-2B867063FC54} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\IEExt\ie_plugin.dll [2020-01-16] (Kaspersky Lab -> AO Kaspersky Lab)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {EF293C5A-9F37-49FD-91C4-2B867063FC54} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\IEExt\ie_plugin.dll [2020-01-16] (Kaspersky Lab -> AO Kaspersky Lab)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)

Edge:
======
DownloadDir:

FireFox:
========
FF HKLM\...\Firefox\Extensions: [light_plugin_F363A72DD7B6435783A76E5F612C9006@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F363A72DD7B6435783A76E5F612C9006@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi => not found
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2017-10-17] (CANON INC.) [File not signed]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default [2020-03-03]
CHR Notifications: Default -> hxxps://www.kontakto.cz; hxxps://www.letgo.cz
CHR Extension: (Prezentace) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-06-13]
CHR Extension: (YouTube) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-06-13]
CHR Extension: (Elektronický podpis ČSOB) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahecpanklnlonjjlojnjjcigcbflego [2019-09-30]
CHR Extension: (Ochrana Kaspersky) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\elhpdacimkjpccooodognopfhbdgnpbk [2020-03-03]
CHR Extension: (Tabulky) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-09]
CHR Extension: (Gmail) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-03]
CHR Extension: (Chrome Media Router) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-03-03]
CHR Profile: C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-11-06]
CHR Profile: C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\System Profile [2019-11-06]
CHR HKLM\...\Chrome\Extension: [elhpdacimkjpccooodognopfhbdgnpbk] - hxxps://chrome.google.com/webstore/detail/elhpdacimkjpccooodognopfhbdgnpbk
CHR HKLM-x32\...\Chrome\Extension: [elhpdacimkjpccooodognopfhbdgnpbk] - hxxps://chrome.google.com/webstore/detail/elhpdacimkjpccooodognopfhbdgnpbk

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVP20.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\avp.exe [357416 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab)
S2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [688992 2017-02-27] (LENOVO -> Lenovo)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11096648 2020-02-12] (Microsoft Corporation -> Microsoft Corporation)
R2 CxUtilSvc; C:\Program Files\Conexant\SAII\CxUtilSvc.exe [132096 2016-05-12] (Conexant Systems, Inc.) [File not signed]
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [194048 2017-03-07] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [134872 2017-04-12] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [84616 2013-06-28] (Canon Inc. -> )
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [77208 2019-09-23] (Lenovo -> Lenovo Group Ltd.)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [987432 2016-07-27] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-09-15] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 klvssbridge64_20.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\vssbridge64.exe [438928 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab)
S3 kpm_launch_service; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_service.exe [354152 2020-02-21] (Kaspersky Lab -> AO Kaspersky Lab)
R2 KSDE4.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 4.0\ksde.exe [619752 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab)
R2 SAService; C:\WINDOWS\system32\SAsrv.exe [431960 2015-09-15] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11969880 2019-07-03] (TeamViewer GmbH -> TeamViewer GmbH)
R2 UIUService; C:\WINDOWS\SysWOW64\UIUSrv.exe [105984 2019-10-15] (Conexant Systems, Inc.) [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\NisSrv.exe [3285864 2020-03-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\MsMpEng.exe [103168 2020-03-03] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [79120 2016-03-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [246912 2019-02-16] (Kaspersky Lab -> AO Kaspersky Lab)
R3 ETDSMBus; C:\WINDOWS\system32\DRIVERS\ETDSMBus.sys [32328 2017-04-12] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [79768 2020-02-10] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [145504 2020-02-10] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [93312 2019-03-12] (Kaspersky Lab -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [37816 2019-01-24] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [251512 2019-10-29] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klgse; C:\WINDOWS\System32\DRIVERS\klgse.sys [586496 2020-01-27] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [1163216 2020-01-24] (Kaspersky Lab -> AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [998296 2020-02-10] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [58192 2019-03-19] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [79184 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [59512 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [51328 2019-03-13] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [45904 2019-03-10] (Kaspersky Lab -> AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [48592 2018-03-16] (AnchorFree Inc -> The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [251256 2019-10-15] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [99152 2019-03-13] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [306248 2019-10-17] (Kaspersky Lab -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [119744 2019-10-17] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [204520 2019-10-15] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [105600 2019-03-05] (Kaspersky Lab -> AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [211048 2020-01-16] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [232272 2019-03-19] (Kaspersky Lab -> AO Kaspersky Lab)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [943112 2016-08-22] (Realtek Semiconductor Corp. -> Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [427520 2016-11-16] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3150344 2016-10-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45960 2020-03-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [376544 2020-03-03] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2020-03-03] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] (CyberLink -> "CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-03-03 13:33 - 2020-03-03 13:36 - 000031002 _____ C:\Users\lenovo\Downloads\FRST.txt
2020-03-03 13:33 - 2020-03-03 13:35 - 000000000 ____D C:\FRST
2020-03-03 13:31 - 2020-03-03 13:31 - 002279424 _____ (Farbar) C:\Users\lenovo\Downloads\FRST64.exe
2020-03-03 13:08 - 2020-03-03 13:08 - 000000017 _____ C:\Users\lenovo\AppData\Local\resmon.resmoncfg
2020-02-25 08:42 - 2020-02-25 08:42 - 000717824 _____ C:\Users\lenovo\Desktop\FORMÁTOVÁNÍ komoda.xls
2020-02-20 08:37 - 2020-02-20 08:37 - 000316334 _____ C:\Users\lenovo\Documents\IMG_20200220_0001.pdf
2020-02-19 13:14 - 2020-02-19 13:14 - 000129169 _____ C:\Users\lenovo\Desktop\Ceník Kastamonu od1.3.2020výroba.pdf
2020-02-19 07:36 - 2020-02-19 07:37 - 000718848 _____ C:\Users\lenovo\Desktop\FORMÁTOVÁNÍ Trojanovi.oprava..xls
2020-02-18 19:01 - 2020-02-18 19:01 - 000138752 _____ C:\Users\lenovo\Desktop\Objednávka pro řezání Košler..xls
2020-02-18 18:43 - 2020-02-18 18:43 - 000139264 _____ C:\Users\lenovo\Desktop\Objednávka pro řezání Trojanovi..xls
2020-02-18 18:30 - 2020-02-18 18:30 - 000719360 _____ C:\Users\lenovo\Desktop\FORMÁTOVÁNÍ Trojanovi..xls
2020-02-14 11:02 - 2020-02-14 11:02 - 000862835 _____ C:\Users\lenovo\Documents\IMG_20200214_0009.pdf
2020-02-14 11:02 - 2020-02-14 11:02 - 000516493 _____ C:\Users\lenovo\Documents\IMG_20200214_0008.pdf
2020-02-14 11:01 - 2020-02-14 11:01 - 000436408 _____ C:\Users\lenovo\Documents\IMG_20200214_0007.pdf
2020-02-14 11:01 - 2020-02-14 11:01 - 000213562 _____ C:\Users\lenovo\Documents\IMG_20200214_0006.pdf
2020-02-14 11:00 - 2020-02-14 11:00 - 000918354 _____ C:\Users\lenovo\Documents\IMG_20200214_0005.pdf
2020-02-14 10:59 - 2020-02-14 10:59 - 000459312 _____ C:\Users\lenovo\Documents\IMG_20200214_0004.pdf
2020-02-14 08:33 - 2020-02-14 08:33 - 000241082 _____ C:\Users\lenovo\Documents\IMG_20200214_0003.pdf
2020-02-14 08:30 - 2020-02-14 08:30 - 000003192 _____ C:\WINDOWS\system32\Tasks\kpm_tray.exe
2020-02-14 08:30 - 2020-02-14 08:30 - 000001310 _____ C:\Users\Public\Desktop\Kaspersky Password Manager.lnk
2020-02-14 08:30 - 2020-02-14 08:30 - 000000000 ____D C:\Users\lenovo\AppData\Local\Kaspersky Lab
2020-02-14 08:30 - 2020-02-14 08:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Password Manager
2020-02-13 20:03 - 2020-02-03 21:56 - 000835688 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-02-13 20:03 - 2020-02-03 21:56 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-02-13 19:58 - 2020-02-13 19:58 - 000000000 ____D C:\ProgramData\ssh
2020-02-13 18:36 - 2020-02-13 18:36 - 000156113 _____ C:\Users\lenovo\Documents\IMG_20200213_0001.pdf
2020-02-13 17:44 - 2020-02-13 17:44 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 019850240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 019813376 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 018026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 008013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 007017472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 006284800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 005912064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 005502464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 004470272 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2020-02-13 17:44 - 2020-02-13 17:44 - 004348616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 004308480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 003820032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 003525592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 003484672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2020-02-13 17:44 - 2020-02-13 17:44 - 003243080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-02-13 17:44 - 2020-02-13 17:44 - 002493720 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 002314952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 002230232 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 001835128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 001541632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2020-02-13 17:44 - 2020-02-13 17:44 - 001489064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 001417760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 001272360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 001105776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 001080832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 001000960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 000996352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 000890368 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 000805376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 000537608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 000486400 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 000476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 000450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2020-02-13 17:44 - 2020-02-13 17:44 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2020-02-13 17:44 - 2020-02-13 17:44 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapisrv.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2020-02-13 17:44 - 2020-02-13 17:44 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapisrv.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\srrstr.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdsdwmdr.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\recdisc.exe
2020-02-13 17:44 - 2020-02-13 17:44 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2020-02-13 17:44 - 2020-02-13 17:44 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWSD.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dfrgui.exe
2020-02-13 17:44 - 2020-02-13 17:44 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdSSDP.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SrTasks.exe
2020-02-13 17:44 - 2020-02-13 17:44 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-02-13 17:44 - 2020-02-13 17:44 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedssync.exe
2020-02-13 17:43 - 2020-02-13 17:44 - 000366416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 025900032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 022635008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 009929016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-02-13 17:43 - 2020-02-13 17:43 - 007754752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 007259648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 006519752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 006435840 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 006083832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 005112320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 005041664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 004856832 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 004575232 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 004562896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-02-13 17:43 - 2020-02-13 17:43 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 003967888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-02-13 17:43 - 2020-02-13 17:43 - 003792384 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 003372440 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 002988552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-02-13 17:43 - 2020-02-13 17:43 - 002861568 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 002800128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-02-13 17:43 - 2020-02-13 17:43 - 002773776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 002766088 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-02-13 17:43 - 2020-02-13 17:43 - 002703872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 002584008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 002260176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 002225160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 002084576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 002032128 _____ C:\WINDOWS\system32\rdpnano.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 001999960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 001916744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 001858560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 001743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 001693184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 001687040 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 001664696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 001664680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 001562424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 001482040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-02-13 17:43 - 2020-02-13 17:43 - 001412096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 001398584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-02-13 17:43 - 2020-02-13 17:43 - 001394168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 001300280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2020-02-13 17:43 - 2020-02-13 17:43 - 001284096 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 001283592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2020-02-13 17:43 - 2020-02-13 17:43 - 001273856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 001218120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2020-02-13 17:43 - 2020-02-13 17:43 - 001216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2020-02-13 17:43 - 2020-02-13 17:43 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 001213752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 001195008 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 001170960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 001154448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 001097216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 001083392 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 001077264 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-02-13 17:43 - 2020-02-13 17:43 - 001051448 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000928120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-02-13 17:43 - 2020-02-13 17:43 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000913408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000904504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000892488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000891736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000875448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000857088 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2020-02-13 17:43 - 2020-02-13 17:43 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000824848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000788992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000784384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-02-13 17:43 - 2020-02-13 17:43 - 000774664 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-02-13 17:43 - 2020-02-13 17:43 - 000768488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000704512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000679368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000673080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-02-13 17:43 - 2020-02-13 17:43 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000661816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-02-13 17:43 - 2020-02-13 17:43 - 000637440 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000629760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000617784 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000597816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000587064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2020-02-13 17:43 - 2020-02-13 17:43 - 000568120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000542288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000518456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2020-02-13 17:43 - 2020-02-13 17:43 - 000512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000510768 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2020-02-13 17:43 - 2020-02-13 17:43 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2020-02-13 17:43 - 2020-02-13 17:43 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000494080 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-02-13 17:43 - 2020-02-13 17:43 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000467952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000453432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2020-02-13 17:43 - 2020-02-13 17:43 - 000443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000441072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000422008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000416056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2020-02-13 17:43 - 2020-02-13 17:43 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\DispBroker.Desktop.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000405632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-02-13 17:43 - 2020-02-13 17:43 - 000399360 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000375504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-02-13 17:43 - 2020-02-13 17:43 - 000335448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-02-13 17:43 - 2020-02-13 17:43 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpviewerax.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000311096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000300392 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\msutb.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000274464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BCP47Langs.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpviewerax.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFMCP.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000259984 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2020-02-13 17:43 - 2020-02-13 17:43 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2020-02-13 17:43 - 2020-02-13 17:43 - 000220984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-02-13 17:43 - 2020-02-13 17:43 - 000217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msutb.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-02-13 17:43 - 2020-02-13 17:43 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\regapi.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-02-13 17:43 - 2020-02-13 17:43 - 000193800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000190464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regapi.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000190256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000186880 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe
2020-02-13 17:43 - 2020-02-13 17:43 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000179720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-02-13 17:43 - 2020-02-13 17:43 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000165832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2020-02-13 17:43 - 2020-02-13 17:43 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Winlangdb.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWSD.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000150536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2020-02-13 17:43 - 2020-02-13 17:43 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatialAudioLicenseSrv.exe
2020-02-13 17:43 - 2020-02-13 17:43 - 000143160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000133464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BCP47mrm.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000132624 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetDriverInstall.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdSSDP.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000107832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000106808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfrgui.exe
2020-02-13 17:43 - 2020-02-13 17:43 - 000099712 _____ (Microsoft Corporation) C:\WINDOWS\system32\FsIso.exe
2020-02-13 17:43 - 2020-02-13 17:43 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\compstui.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\globinputhost.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000093496 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2020-02-13 17:43 - 2020-02-13 17:43 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\keyiso.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000089328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000084496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2020-02-13 17:43 - 2020-02-13 17:43 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetDriverInstall.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000072816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\keyiso.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\findnetprinters.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.exe
2020-02-13 17:43 - 2020-02-13 17:43 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtutils.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000063288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-02-13 17:43 - 2020-02-13 17:43 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.exe
2020-02-13 17:43 - 2020-02-13 17:43 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000059221 _____ C:\WINDOWS\system32\srms.dat
2020-02-13 17:43 - 2020-02-13 17:43 - 000058880 _____ C:\WINDOWS\system32\runexehelper.exe
2020-02-13 17:43 - 2020-02-13 17:43 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtutils.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Websocket.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguageProfileCallback.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000042512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2020-02-13 17:43 - 2020-02-13 17:43 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcicda.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Websocket.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2020-02-13 17:43 - 2020-02-13 17:43 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mciwave.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mciseq.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000021520 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000020944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000019768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2020-02-13 17:43 - 2020-02-13 17:43 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsunattend.exe
2020-02-13 17:43 - 2020-02-13 17:43 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-02-13 17:43 - 2020-02-13 17:43 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe
2020-02-13 17:43 - 2020-02-13 17:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-02-13 17:43 - 2020-02-13 17:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-02-13 17:43 - 2020-02-13 17:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-02-13 17:43 - 2020-02-13 17:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-02-13 17:43 - 2020-02-13 17:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-02-13 17:43 - 2020-02-13 17:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-02-13 17:43 - 2020-02-13 17:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-02-13 17:43 - 2020-02-13 17:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-02-13 17:43 - 2020-02-13 17:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-02-13 17:43 - 2020-02-13 17:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-02-13 17:43 - 2020-02-13 17:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-02-13 17:43 - 2020-02-13 17:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-02-13 17:42 - 2020-02-13 17:43 - 003550208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 017787904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 007905208 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 006231200 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 006167552 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 004615376 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-02-13 17:42 - 2020-02-13 17:42 - 004470784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 004005888 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 003728896 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-02-13 17:42 - 2020-02-13 17:42 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 003590968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-02-13 17:42 - 2020-02-13 17:42 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 003110400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 002870272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 002714624 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-02-13 17:42 - 2020-02-13 17:42 - 002284544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 002125904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 002071552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 001942016 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 001841152 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 001830200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 001757096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-02-13 17:42 - 2020-02-13 17:42 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 001726480 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 001655880 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 001602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 001512320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-02-13 17:42 - 2020-02-13 17:42 - 001505592 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 001481216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 001480192 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-02-13 17:42 - 2020-02-13 17:42 - 001413912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 001372160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-02-13 17:42 - 2020-02-13 17:42 - 001182232 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2020-02-13 17:42 - 2020-02-13 17:42 - 001149928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-02-13 17:42 - 2020-02-13 17:42 - 001084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 001083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 001026792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 001009664 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000974336 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthSSO.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-02-13 17:42 - 2020-02-13 17:42 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-02-13 17:42 - 2020-02-13 17:42 - 000804872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2020-02-13 17:42 - 2020-02-13 17:42 - 000803840 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000782848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000758800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000747320 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000737280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000732200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntime.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntimewindows.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000678928 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000642008 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000637968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2020-02-13 17:42 - 2020-02-13 17:42 - 000605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-02-13 17:42 - 2020-02-13 17:42 - 000589592 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2020-02-13 17:42 - 2020-02-13 17:42 - 000558592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-02-13 17:42 - 2020-02-13 17:42 - 000545432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000516648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2020-02-13 17:42 - 2020-02-13 17:42 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2020-02-13 17:42 - 2020-02-13 17:42 - 000465208 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000459896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-02-13 17:42 - 2020-02-13 17:42 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-02-13 17:42 - 2020-02-13 17:42 - 000437776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2020-02-13 17:42 - 2020-02-13 17:42 - 000415808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-02-13 17:42 - 2020-02-13 17:42 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000369504 _____ (Microsoft Corporation) C:\WINDOWS\system32\BCP47Langs.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SpeechPrivacy.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000324616 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000296760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2020-02-13 17:42 - 2020-02-13 17:42 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-02-13 17:42 - 2020-02-13 17:42 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-02-13 17:42 - 2020-02-13 17:42 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Winlangdb.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000194064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2020-02-13 17:42 - 2020-02-13 17:42 - 000186672 _____ (Microsoft Corporation) C:\WINDOWS\system32\BCP47mrm.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AarSvc.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2020-02-13 17:42 - 2020-02-13 17:42 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AppExecutionAlias.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_BackgroundApps.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\globinputhost.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000128528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2020-02-13 17:42 - 2020-02-13 17:42 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000127280 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationControlCSP.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000117264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2020-02-13 17:42 - 2020-02-13 17:42 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairingExperienceMEM.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000089912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2020-02-13 17:42 - 2020-02-13 17:42 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-02-13 17:42 - 2020-02-13 17:42 - 000088352 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthSystray.exe
2020-02-13 17:42 - 2020-02-13 17:42 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-02-13 17:42 - 2020-02-13 17:42 - 000071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2020-02-13 17:42 - 2020-02-13 17:42 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguageProfileCallback.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcicda.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000047208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-02-13 17:42 - 2020-02-13 17:42 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000037392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2020-02-13 17:42 - 2020-02-13 17:42 - 000034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mciwave.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mciseq.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\bindflt.dll
2020-02-13 17:42 - 2020-02-13 17:42 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dstokenclean.exe
2020-02-13 17:16 - 2020-01-16 06:07 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-02-13 17:16 - 2020-01-16 05:23 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-02-10 15:55 - 2020-02-10 15:55 - 001562537 _____ C:\Users\lenovo\Documents\IMG_20200210_0001.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-03-03 13:33 - 2017-06-23 07:24 - 000000000 ____D C:\Users\lenovo\AppData\Roaming\eM Client
2020-03-03 13:31 - 2017-06-10 09:34 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2020-03-03 13:20 - 2019-10-15 09:06 - 001693640 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-03-03 13:20 - 2019-03-19 12:55 - 000718198 _____ C:\WINDOWS\system32\perfh005.dat
2020-03-03 13:20 - 2019-03-19 12:55 - 000145242 _____ C:\WINDOWS\system32\perfc005.dat
2020-03-03 13:20 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-03-03 13:19 - 2018-06-18 13:42 - 000000000 ____D C:\Users\lenovo\AppData\Local\Host App Service
2020-03-03 13:16 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-03-03 13:14 - 2017-06-11 01:05 - 000000000 __SHD C:\Users\lenovo\IntelGraphicsProfiles
2020-03-03 13:12 - 2019-10-15 09:14 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-03-03 13:12 - 2017-12-28 12:05 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-03-03 13:11 - 2019-03-19 05:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-03-03 13:09 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-03-03 13:09 - 2018-06-19 07:45 - 000000000 ____D C:\Users\lenovo\AppData\Local\D3DSCache
2020-03-03 13:09 - 2018-05-15 08:14 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-03-03 12:58 - 2019-10-15 08:44 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-03-02 11:37 - 2019-10-15 09:14 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2020-03-02 08:25 - 2017-06-13 08:10 - 000000000 ____D C:\ProgramData\CanonIJPLM
2020-02-27 17:02 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-02-27 17:02 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-02-25 17:07 - 2017-12-14 09:45 - 000000000 ____D C:\Users\lenovo\AppData\Local\Packages
2020-02-25 08:36 - 2017-06-12 16:33 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-02-25 08:36 - 2017-06-12 16:33 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-02-25 08:25 - 2017-03-10 11:56 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-02-21 09:31 - 2019-10-15 09:14 - 000003382 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2987764013-1811657783-4270173989-1001
2020-02-21 09:31 - 2019-10-15 08:54 - 000002375 _____ C:\Users\lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-02-21 09:31 - 2017-06-10 09:10 - 000000000 ___RD C:\Users\lenovo\OneDrive
2020-02-14 08:30 - 2017-06-10 09:34 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2020-02-13 20:04 - 2017-12-14 10:05 - 000000000 ___RD C:\Users\lenovo\3D Objects
2020-02-13 20:04 - 2016-07-29 18:27 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-02-13 20:02 - 2019-10-15 08:44 - 000638160 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-02-13 19:58 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2020-02-13 19:58 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-02-13 19:58 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2020-02-13 19:58 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-02-13 19:58 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-02-13 19:58 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2020-02-13 19:58 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2020-02-13 19:58 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2020-02-13 19:58 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-02-13 19:58 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-02-13 19:58 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-02-13 19:58 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-02-13 19:58 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\servicing
2020-02-13 17:56 - 2017-06-13 11:01 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-02-13 17:52 - 2017-06-13 11:01 - 120407888 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-02-10 16:13 - 2019-03-19 05:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2020-02-10 16:11 - 2019-03-19 02:01 - 000079768 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klbackupdisk.sys
2020-02-10 16:11 - 2018-06-18 13:03 - 000998296 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2020-02-10 16:11 - 2017-12-24 11:38 - 000145504 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klbackupflt.sys
2020-02-05 11:24 - 2019-10-15 09:14 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-02-05 11:24 - 2019-10-15 09:14 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore

==================== Files in the root of some directories ========

2020-03-03 13:08 - 2020-03-03 13:08 - 000000017 _____ () C:\Users\lenovo\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Re: Pomalý NTB Lenovo.

Napsal: 03 bře 2020 16:04
od Rudy
Zdravím!
Přidejte ještě log Addition i s hlavičkou logu. Pro nás je důležitá. Najdete ho ve stejném adresáři, jako FRST v souboru addition.txt

Re: Pomalý NTB Lenovo.

Napsal: 03 bře 2020 16:55
od Bramby
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-02-2020
Ran by lenovo (administrator) on LAPTOP-NL9RU6CL (LENOVO 80SM) (03-03-2020 13:33:50)
Running from C:\Users\lenovo\Downloads
Loaded Profiles: lenovo (Available Profiles: defaultuser0 & lenovo)
Platform: Windows 10 Home Version 1903 18362.657 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

Re: Pomalý NTB Lenovo.

Napsal: 03 bře 2020 17:06
od Rudy
Bramby píše:Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-02-2020
Ran by lenovo (administrator) on LAPTOP-NL9RU6CL (LENOVO 80SM) (03-03-2020 13:33:50)
Running from C:\Users\lenovo\Downloads
Loaded Profiles: lenovo (Available Profiles: defaultuser0 & lenovo)
Platform: Windows 10 Home Version 1903 18362.657 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
Toto není celý log, jen hlavička. Log Addition vypadá nějak takto: https://forum.viry.cz/viewtopic.php?f=1 ... 0#p1530049 .

Re: Pomalý NTB Lenovo.

Napsal: 03 bře 2020 17:42
od Bramby
Omlouvám se. Špatně jsem to pochopil. Tak teď už snad.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-02-2020
Ran by lenovo (03-03-2020 13:38:30)
Running from C:\Users\lenovo\Downloads
Windows 10 Home Version 1903 18362.657 (X64) (2019-10-15 08:16:15)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2987764013-1811657783-4270173989-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2987764013-1811657783-4270173989-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2987764013-1811657783-4270173989-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-2987764013-1811657783-4270173989-501 - Limited - Disabled)
lenovo (S-1-5-21-2987764013-1811657783-4270173989-1001 - Administrator - Enabled) => C:\Users\lenovo
WDAGUtilityAccount (S-1-5-21-2987764013-1811657783-4270173989-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Internet Security (Disabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Kaspersky Internet Security (Disabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {32888857-01C3-7AB6-E095-11CC1854D0A3}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Bonjour (HKLM\...\{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}) (Version: 2.0.4.0 - Apple Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.5.14 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.2.0 - Canon Inc.)
Canon MX470 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX470_series) (Version: 1.01 - Canon Inc.)
Canon MX470 series On-screen Manual (HKLM-x32\...\Canon MX470 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Nástroj pro rychlou volbu (HKLM-x32\...\Speed Dial Utility) (Version: 1.6.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
Conexant SmartAudio (HKLM\...\SAII) (Version: 6.0.273.0 - Conexant Systems)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.7007 - CyberLink Corp.)
CyberLink PowerDVD 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.1.6714 - CyberLink Corp.)
Dolby Audio X2 Windows API SDK (HKLM\...\{82C288CC-A96D-43E3-9119-944DABF5DD61}) (Version: 0.8.0.74 - Dolby Laboratories, Inc.)
Dolby Audio X2 Windows APP (HKLM\...\{9207D68E-666A-49C7-A900-9F5B2FF289E4}) (Version: 0.8.0.71 - Dolby Laboratories, Inc.)
eM Client (HKLM-x32\...\{1450D779-8650-468B-9136-CA836C0A744C}) (Version: 7.2.36908.0 - eM Client Inc.)
eTRADER MetaTrader 5 (HKLM\...\eTRADER MetaTrader 5) (Version: 5.00 - MetaQuotes Software Corp.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.122 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{226be6c3-8e08-4d52-bd3a-d361008448c5}) (Version: 10.1.1.37 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1030 - Intel Corporation)
Kaspersky Internet Security (HKLM-x32\...\{D891550B-ACFE-4797-B368-BCFC434BBEB1}) (Version: 20.0.14.1085 - Kaspersky) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{D891550B-ACFE-4797-B368-BCFC434BBEB1}) (Version: 20.0.14.1085 - Kaspersky)
Kaspersky Password Manager (HKLM-x32\...\{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}) (Version: 9.0.2.767 - Kaspersky Lab) Hidden
Kaspersky Password Manager (HKLM-x32\...\InstallWIX_{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}) (Version: 9.0.2.767 - Kaspersky Lab)
Kaspersky Secure Connection (HKLM-x32\...\{145AE349-477A-45E5-A57C-5F5BF2BB5775}) (Version: 20.0.14.1085 - Kaspersky) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{145AE349-477A-45E5-A57C-5F5BF2BB5775}) (Version: 20.0.14.1085 - Kaspersky)
Lenovo App Explorer (HKU\S-1-5-21-2987764013-1811657783-4270173989-1001\...\Host App Service) (Version: 0.273.3.730 - SweetLabs for Lenovo)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.)
LibreOffice 6.2.7.1 (HKLM\...\{4DEFF29A-B682-4B51-B1DD-F040F1618B26}) (Version: 6.2.7.1 - The Document Foundation)
Microsoft Office 2016 pro domácnosti - cs-cz (HKLM\...\HomeStudentRetail - cs-cz) (Version: 16.0.12430.20288 - Microsoft Corporation)
Microsoft Office 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.12430.20288 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2987764013-1811657783-4270173989-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0008 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12430.20288 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12430.20288 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12430.20264 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.12430.20288 - Microsoft Corporation) Hidden
OpenOffice 4.1.5 (HKLM-x32\...\{2FEA9841-64DE-4FA5-A36F-1CD23E2790EB}) (Version: 4.15.9789 - Apache Software Foundation)
Polar FlowSync verze 3.0.0.1337 (HKLM-x32\...\{A1538F5C-7B65-4DB6-9FFB-FFC0DF2E85D8}_is1) (Version: 3.0.0.1337 - Polar Electro Oy)
Polar ProTrainer (HKLM-x32\...\{DF7DBA84-0A55-11D6-A0A6-6A7573736972}) (Version: 5.40.170 - )
Registrace uživatele zařízení Canon MX470 series (HKLM-x32\...\Registrace uživatele zařízení Canon MX470 series) (Version: - ‭Canon Inc.)
STORMWARE POHODA CZ Jazz (HKLM-x32\...\{97D5878D-AEA1-4F9D-86A9-3D860435D2F6}) (Version: 11700.156 - STORMWARE)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.4.2669 - TeamViewer)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{F49D6A65-1AB6-4728-9FDA-DB5BAB631CF6}) (Version: 1.23.0.0 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-11] (Autodesk Inc.)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_2.8.0.1_neutral__6e5tt8cgb93ep [2019-05-23] (Canon Inc.)
Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_4.8.1.3_x86__h6adky7gbf63m [2020-02-13] (Gameloft.)
Hex Editor Pro -> C:\Program Files\WindowsApps\AFF540DC.HexEditorPro_1.0.7.16_neutral__v7353qx4kg3sa [2019-02-15] (Jujuba Software)
Lenovo Settings -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoSettings_3.177.0.0_x86__4642shxvsv8s2 [2017-12-28] (LENOVO INCORPORATED.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2001.12.0_x64__k1h2ywk1493x8 [2020-02-27] (LENOVO INC.)
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_4.6.1.1_x86__h6adky7gbf63m [2020-02-21] (Gameloft SE)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2019-10-15] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-13] (Microsoft Studios) [MS Ad]
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.35.20273.0_x64__8wekyb3d8bbwe [2020-02-07] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2020-01-02] (Microsoft Corporation) [MS Ad]
Prezentace -> C:\Program Files\WindowsApps\4953SharewareSavant.PresentationPros_1.1.0.0_x86__kv19hzp40spmg [2017-12-28] (Shareware Savant)
Royal Revolt 2 -> C:\Program Files\WindowsApps\flaregamesGmbH.RoyalRevolt2_5.4.0.0_x86__g0q0z3kw54rap [2020-01-20] (flaregames GmbH)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-09] (Twitter Inc.)
Uživatelský portál Lenovo -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2017-06-12] (LENOVO INCORPORATED.)
Xbox 360 SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxCompanion_1.4.3.0_x64__8wekyb3d8bbwe [2017-10-30] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2016-10-07] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\ShellEx.dll [2019-12-19] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2016-10-07] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers2: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\ShellEx.dll [2019-12-19] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers4: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\ShellEx.dll [2019-12-19] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_8c1fc948b5a01c52\igfxDTCM.dll [2019-01-22] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\ShellEx.dll [2019-12-19] (Kaspersky Lab -> AO Kaspersky Lab)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2019-12-10 09:13 - 2019-05-28 14:06 - 001021440 _____ () [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\LenovoWiFiSecurityPlugin\x86\x86\e_sqlite3.dll
2019-10-15 09:28 - 2016-07-14 08:58 - 001155072 _____ (Conexant Systems, Inc.) [File not signed] C:\Program Files\Conexant\SAII\CxHDAudioAPI.dll
2019-11-29 08:53 - 2019-10-27 05:36 - 001261568 _____ (Robert Simpson, et al.) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\GenericMessagingPlugin\x86\x86\SQLite.Interop.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 12:47 - 2016-07-16 12:45 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2018-06-18 08:40 - 2018-06-18 08:46 - 000000444 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2987764013-1811657783-4270173989-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
DNS Servers: 192.168.8.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{36516617-46E7-4A74-9F38-0CF0AA22FC3D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{3CB71B2A-A720-4248-A469-137C21814678}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{CB167D99-BB54-4013-B003-D46870AFE1D1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{D4349B9F-F36E-417F-AC19-14AEEFED5686}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{D859F64C-B7DA-4702-B7E8-E02B6AD4CB73}] => (Allow) LPort=5354
FirewallRules: [{A8B5A69B-FF45-4926-9B57-1F52AFF5CFB1}] => (Allow) LPort=5354
FirewallRules: [{64ED054B-A27F-44F3-AA3D-A9BDA5E33BCB}] => (Allow) LPort=5354
FirewallRules: [{F3B2F08A-C5EA-4235-83F5-EF0969895C9B}] => (Allow) LPort=5354
FirewallRules: [{B2607BED-14A6-4053-9146-D0624ACA9AC2}] => (Allow) C:\Program Files\eTRADER MetaTrader 5\metatester64.exe (MetaQuotes Software Corp. -> MetaQuotes Software Corp.)
FirewallRules: [{D5F706C6-8501-4A5D-81AB-04ED32DFA578}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0F0DAF21-F9FD-4BFC-8F0D-CC0588F3C935}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{26DA6270-E2A2-4422-B43A-EDAE1C110118}] => (Allow) LPort=5354
FirewallRules: [{11DDBF96-6B26-4E2F-BCFA-E3CBD466D2C2}] => (Allow) LPort=5354
FirewallRules: [{FF14B752-218B-43F6-9AE0-D41F89D0ED6D}] => (Allow) LPort=5354
FirewallRules: [{E2E05A42-5048-49CE-87E3-E7420D886B67}] => (Allow) LPort=5354
FirewallRules: [{A136FC6A-7411-4B8E-BB67-3DE78B2A9DDE}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{74EA5CA0-9661-4A3A-B48B-A8AF410A1858}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe No File
FirewallRules: [{BF55867D-0C69-4191-A289-97BD23EB629F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe No File
FirewallRules: [{44C845AD-5DD1-4B21-AF10-6067F4803F2B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{981732FA-FC07-4B6D-94BB-9290E965FC2C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{5D7E4C4C-9192-48D3-8483-FA65ED128D15}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{7BC1F25F-E1EF-47C7-8AA5-7D88FA4FC2D7}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{DB51392E-D039-4F74-A42C-C51EBCFC2456}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{32035CCF-B821-467F-B665-8921998000B6}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{46CD5D87-5DD6-42C9-9129-26129B46BBAA}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{F7B75800-EBA7-43E5-8AF7-102651C792C9}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{D57E9474-C46D-4DE1-83ED-49D739984F3E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4D0E8CE9-2D78-4255-982F-E3D332E25457}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

13-02-2020 17:14:58 Windows Update
21-02-2020 16:02:25 Naplánovaný kontrolní bod
02-03-2020 12:13:28 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/03/2020 01:34:42 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5752,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/03/2020 01:11:01 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (03/03/2020 01:11:01 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (03/03/2020 01:11:01 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (03/03/2020 01:11:01 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (03/03/2020 12:34:36 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8072,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/03/2020 12:25:29 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/03/2020 12:18:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program WindowsInternal.ComposableShell.Experiences.TextInput.InputApp. verze 10.0.18362.329 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 30fc

Čas spuštění: 01d5e31cf02ca9a4

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe

ID hlášení: 4f315865-0c77-4b51-a276-517a6f269683

Úplný název balíčku s chybou: InputApp_1000.18362.449.0_neutral_neutral_cw5n1h2txyewy

ID aplikace relativní podle balíčku s chybou: App

Typ zablokování: Quiesce


System errors:
=============
Error: (03/03/2020 01:14:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (03/03/2020 01:14:23 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Windows Presentation Foundation Font Cache 3.0.0.0 bylo dosaženo časového limitu (30000 ms).

Error: (03/03/2020 01:13:53 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Služba Conexant SmartAudio service ohlásila neplatný současný stav 14.

Error: (03/03/2020 12:34:36 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-NL9RU6CL)
Description: Server Microsoft.Windows.ContentDeliveryManager_10.0.18362.449_neutral_neutral_cw5n1h2txyewy!Windows.Networking.BackgroundTransfer.Internal.NetworkChangeTask.ClassId.1 se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/03/2020 12:34:32 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-NL9RU6CL)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/03/2020 12:34:32 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-NL9RU6CL)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/03/2020 12:34:31 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-NL9RU6CL)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/03/2020 12:34:30 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-NL9RU6CL)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
===================================
Date: 2019-11-14 08:32:20.485
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {FE17BD7F-9491-4E0E-9709-F561554851DC}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-11-12 12:25:03.916
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files (x86)\Canon\IJ Scan Utility\SCANUTILITY.exe možnost upravit %userprofile%\Documents\.
Čas detekce: 2019-11-12T11:25:03.915Z
Uživatel: LAPTOP-NL9RU6CL\lenovo
Cesta: %userprofile%\Documents\
Název procesu: C:\Program Files (x86)\Canon\IJ Scan Utility\SCANUTILITY.exe
Verze bezpečnostních informací: 1.305.1910.0
Verze modulu: 1.1.16500.1
Verze produktu: 4.18.1910.4

Date: 2019-11-12 12:24:05.342
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files (x86)\Canon\IJ Scan Utility\SCANUTILITY.exe možnost upravit %userprofile%\Documents\.
Čas detekce: 2019-11-12T11:24:05.341Z
Uživatel: LAPTOP-NL9RU6CL\lenovo
Cesta: %userprofile%\Documents\
Název procesu: C:\Program Files (x86)\Canon\IJ Scan Utility\SCANUTILITY.exe
Verze bezpečnostních informací: 1.305.1910.0
Verze modulu: 1.1.16500.1
Verze produktu: 4.18.1910.4

Date: 2019-11-12 12:16:23.750
Description:
Řízený přístup ke složkám zablokoval pro C:\Users\lenovo\AppData\Local\Temp\win-mx470-1_1-mcd\win\DL_FOLDER\QUICK_DL\QUICK_DL\qm__-win-2_8_5-ea31_2\Setup.exe možnost upravit %common_desktop%\.
Čas detekce: 2019-11-12T11:16:23.749Z
Uživatel: LAPTOP-NL9RU6CL\lenovo
Cesta: %common_desktop%\
Název procesu: C:\Users\lenovo\AppData\Local\Temp\win-mx470-1_1-mcd\win\DL_FOLDER\QUICK_DL\QUICK_DL\qm__-win-2_8_5-ea31_2\Setup.exe
Verze bezpečnostních informací: 1.305.1910.0
Verze modulu: 1.1.16500.1
Verze produktu: 4.18.1910.4

Date: 2019-11-12 12:16:08.386
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files (x86)\Canon\Quick Menu\uninst.exe možnost upravit %common_desktop%\.
Čas detekce: 2019-11-12T11:16:08.384Z
Uživatel: LAPTOP-NL9RU6CL\lenovo
Cesta: %common_desktop%\
Název procesu: C:\Program Files (x86)\Canon\Quick Menu\uninst.exe
Verze bezpečnostních informací: 1.305.1910.0
Verze modulu: 1.1.16500.1
Verze produktu: 4.18.1910.4

Date: 2020-03-02 08:40:20.510
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.311.383.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16800.2
Kód chyby: 0x8050a003
Popis chyby: Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.

Date: 2020-03-02 08:40:20.509
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.311.383.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16800.2
Kód chyby: 0x8050a003
Popis chyby: Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.

Date: 2020-03-02 08:40:20.509
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.311.383.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16800.2
Kód chyby: 0x8050a003
Popis chyby: Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.

Date: 2020-01-06 16:30:51.050
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.307.1823.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16600.7
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2019-12-19 08:06:14.718
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.307.741.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16600.7
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===================================

Date: 2020-03-03 13:17:49.803
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2020-03-03 13:16:25.787
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2020-03-03 13:16:25.734
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2020-03-03 13:10:24.771
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2020-03-03 13:10:22.733
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2020-03-03 13:10:20.702
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2020-03-03 13:10:18.669
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2020-03-03 13:10:09.692
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

==================== Memory info ===========================

BIOS: LENOVO 0XCN39WW 01/10/2017
Motherboard: LENOVO Toronto 5A2
Processor: Intel(R) Core(TM) i3-6006U CPU @ 2.00GHz
Percentage of memory in use: 79%
Total physical RAM: 4001.91 MB
Available physical RAM: 821.89 MB
Total Virtual: 7329.91 MB
Available Virtual: 3558.1 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:885.63 GB) (Free:826.76 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:23.74 GB) NTFS

\\?\Volume{2cb5aa8f-537a-4e3e-a131-dc909062a254}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.5 GB) NTFS
\\?\Volume{afb5df3f-347d-4942-9204-e22177d7d74a}\ (LENOVO_PART) (Fixed) (Total:18.66 GB) (Free:7.29 GB) NTFS
\\?\Volume{7f43af30-0aad-473f-9631-3b4b6b8c9679}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 27D154C1)

Partition: GPT.

==================== End of Addition.txt =======================

Re: Pomalý NTB Lenovo.

Napsal: 03 bře 2020 17:53
od Rudy
Teď je to OK. Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Re: Pomalý NTB Lenovo.

Napsal: 03 bře 2020 18:08
od Bramby
# -------------------------------
# Malwarebytes AdwCleaner 8.0.3.0
# -------------------------------
# Build: 03-02-2020
# Database: 2020-03-02.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 03-03-2020
# Duration: 00:00:22
# OS: Windows 10 Home
# Scanned: 31902
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner[S00].txt - [5411 octets] - [03/03/2020 15:59:31]
AdwCleaner[S01].txt - [5472 octets] - [03/03/2020 16:04:09]
AdwCleaner[C01].txt - [5593 octets] - [03/03/2020 16:07:23]
AdwCleaner[S02].txt - [1589 octets] - [03/03/2020 18:04:36]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S03].txt ##########

Re: Pomalý NTB Lenovo.

Napsal: 03 bře 2020 18:13
od Bramby
Já to MB projel ještě než jsem vám psal, ale moc se to nezlepšilo. Tady je ten první log.
# -------------------------------
# Malwarebytes AdwCleaner 8.0.3.0
# -------------------------------
# Build: 03-02-2020
# Database: 2020-03-02.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 03-03-2020
# Duration: 00:00:22
# OS: Windows 10 Home
# Scanned: 31902
# Detected: 36


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

Adware.pokki C:\ProgramData\Host App Service
Adware.pokki C:\Users\Default\AppData\Local\Host App Service
Adware.pokki C:\Users\defaultuser0\AppData\Local\Host App Service
Adware.pokki C:\Users\lenovo\AppData\Local\Host App Service
Adware.pokki C:\Windows\ServiceProfiles\LocalService\AppData\Local\Host App Service
Adware.pokki C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Host App Service

***** [ Files ] *****

Adware.pokki C:\Windows\System32\Tasks_Migrated\App Explorer

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

Adware.pokki C:\Windows\System32\Tasks\APP EXPLORER

***** [ Registry ] *****

Adware.pokki HKCU\Software\App Host Service
Adware.pokki HKCU\Software\Host App Service
Adware.pokki HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Adware.pokki HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1787E68D-118F-48D3-AA57-B0F20143E25C}
Adware.pokki HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\App Explorer
PUP.Optional.Legacy HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\solvusoft.com
PUP.Optional.Legacy HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.solvusoft.com
PUP.Optional.Legacy HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\solvusoft.com
PUP.Optional.Legacy HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.solvusoft.com

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.CyberLinkShellExtension Registry HKLM\Software\Classes\CLSID\{3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2}
Preinstalled.LenovoCCSDK Folder C:\Program Files (x86)\LENOVO\CCSDK
Preinstalled.LenovoCCSDK Folder C:\ProgramData\LENOVO\CCSDK
Preinstalled.LenovoCCSDK Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{67827BB6-4B05-6181-921A-E49FC484E859}
Preinstalled.LenovoIMController Folder C:\Program Files (x86)\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\Program Files\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\ProgramData\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\Users\lenovo\AppData\Local\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\Windows\System32\drivers\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1
Preinstalled.LenovoPower2Go Folder C:\Program Files (x86)\LENOVO\POWER2GO
Preinstalled.LenovoPower2Go Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A31DADED-D0EE-406B-A81C-ACDA3FF40F6C}
Preinstalled.LenovoPower2Go Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CLVDLauncher
Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}
Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}
Preinstalled.LenovoPower2Go Task C:\Windows\System32\Tasks\CLVDLAUNCHER
Preinstalled.LenovoUtility Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|LenovoUtility
Preinstalled.LenovoUtility Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|LenovoUtility


AdwCleaner[S00].txt - [5411 octets] - [03/03/2020 15:59:31]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########

Re: Pomalý NTB Lenovo.

Napsal: 03 bře 2020 19:04
od Rudy
OK. Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [{74EA5CA0-9661-4A3A-B48B-A8AF410A1858}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe No File
FirewallRules: [{5D7E4C4C-9192-48D3-8483-FA65ED128D15}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{7BC1F25F-E1EF-47C7-8AA5-7D88FA4FC2D7}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{DB51392E-D039-4F74-A42C-C51EBCFC2456}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{32035CCF-B821-467F-B665-8921998000B6}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{46CD5D87-5DD6-42C9-9129-26129B46BBAA}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{F7B75800-EBA7-43E5-8AF7-102651C792C9}] => (Allow) %systemroot%\system32\alg.exe No File
Task: {54AB97AF-F0B7-479B-89AE-4DF9E96AD17F} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {8D34CA55-0CE7-419D-88D6-18718EC06C32} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-12] (Google Inc -> Google Inc.)
Task: {DB4D42FE-4752-4CB9-B048-8587E7727C34} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-12] (Google Inc -> Google Inc.)
HKU\S-1-5-21-2987764013-1811657783-4270173989-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
End
Uložte do C:\Users\lenovo\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Pomalý NTB Lenovo.

Napsal: 03 bře 2020 19:23
od Bramby
Fix result of Farbar Recovery Scan Tool (x64) Version: 26-02-2020
Ran by lenovo (03-03-2020 19:11:14) Run:1
Running from C:\Users\lenovo\Downloads
Loaded Profiles: lenovo (Available Profiles: defaultuser0 & lenovo)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [{74EA5CA0-9661-4A3A-B48B-A8AF410A1858}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe No File
FirewallRules: [{5D7E4C4C-9192-48D3-8483-FA65ED128D15}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{7BC1F25F-E1EF-47C7-8AA5-7D88FA4FC2D7}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{DB51392E-D039-4F74-A42C-C51EBCFC2456}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{32035CCF-B821-467F-B665-8921998000B6}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{46CD5D87-5DD6-42C9-9129-26129B46BBAA}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{F7B75800-EBA7-43E5-8AF7-102651C792C9}] => (Allow) %systemroot%\system32\alg.exe No File
Task: {54AB97AF-F0B7-479B-89AE-4DF9E96AD17F} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {8D34CA55-0CE7-419D-88D6-18718EC06C32} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-12] (Google Inc -> Google Inc.)
Task: {DB4D42FE-4752-4CB9-B048-8587E7727C34} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-12] (Google Inc -> Google Inc.)
HKU\S-1-5-21-2987764013-1811657783-4270173989-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{74EA5CA0-9661-4A3A-B48B-A8AF410A1858}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5D7E4C4C-9192-48D3-8483-FA65ED128D15}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7BC1F25F-E1EF-47C7-8AA5-7D88FA4FC2D7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DB51392E-D039-4F74-A42C-C51EBCFC2456}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{32035CCF-B821-467F-B665-8921998000B6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{46CD5D87-5DD6-42C9-9129-26129B46BBAA}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F7B75800-EBA7-43E5-8AF7-102651C792C9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{54AB97AF-F0B7-479B-89AE-4DF9E96AD17F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{54AB97AF-F0B7-479B-89AE-4DF9E96AD17F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8D34CA55-0CE7-419D-88D6-18718EC06C32}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8D34CA55-0CE7-419D-88D6-18718EC06C32}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DB4D42FE-4752-4CB9-B048-8587E7727C34}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DB4D42FE-4752-4CB9-B048-8587E7727C34}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKU\S-1-5-21-2987764013-1811657783-4270173989-1001\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages" => removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found

=========== EmptyTemp: ==========

BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 28531346 B
Java, Flash, Steam htmlcache => 1183 B
Windows/system/drivers => 9050431 B
Edge => 5071642 B
Chrome => 512445210 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 57050 B
NetworkService => 12279632 B
defaultuser0 => 12279632 B
lenovo => 689948438 B

RecycleBin => 95777771 B
EmptyTemp: => 1.3 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:14:21 ====

Re: Pomalý NTB Lenovo.

Napsal: 03 bře 2020 19:57
od Rudy
Smazáno. Nastala nějaká změna?

Re: Pomalý NTB Lenovo.

Napsal: 03 bře 2020 20:04
od Bramby
Díky moc. Vypadá to, že to docela kmitá. Ještě jednou díky.

Re: Pomalý NTB Lenovo.

Napsal: 03 bře 2020 20:49
od Rudy
Rádo se stalo! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz