VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Samovolné zpětování v programech i prohlížečí

https://forum.viry.cz:443/viewtopic.php?t=157561

Stránka 1 z 2

Samovolné zpětování v programech i prohlížečí

Napsal: 09 lis 2020 16:08
od Ivetaru
logy.zip
(31.43 KiB) Staženo 58 x
Prosím podíváte se mi někdo na log, dochází mi k samovolnému zpětování tedy vracení se na předchozí stránky v prohlížeči, nebo v programech přepínání zpět do jiných složek, či jiné přepínání. Antivirus mi nic nenašel, již si nevím rady:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-11-2020
Ran by Iveta (administrator) on IVETA-RUMLEROVA (LENOVO 3259MCG) (09-11-2020 16:00:47)
Running from C:\Users\Iveta\Desktop
Loaded Profiles: Iveta
Platform: Windows 10 Home Version 1903 18362.1139 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Fortemedia Inc -> ) C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Ghisler Software GmbH -> Ghisler Software GmbH) C:\totalcmd\TOTALCMD64.EXE
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <15>
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Lenovo -> ) C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Lenovo -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Lenovo -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tposd.exe
(LENOVO -> Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(LENOVO -> Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\Connect2\Connect2.Service.exe
(Lenovo -> Lenovo) C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
(Lenovo -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\mkrmsg.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2009.4.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files\Norton Security with Backup\Engine\22.20.5.39\nsWscSvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Realtek Semiconductor Corp -> Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Ricoh co.,Ltd.) [File not signed] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Security with Backup\Engine\22.20.5.39\NortonSecurity.exe <2>
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics Incorporated -> Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(TechSmith Corporation -> TechSmith Corporation) C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe
(TechSmith Corporation -> TechSmith Corporation) C:\Program Files\TechSmith\Snagit 2018\Snagit32.exe
(TechSmith Corporation -> TechSmith Corporation) C:\Program Files\TechSmith\Snagit 2018\SnagitEditor.exe
(TechSmith Corporation -> TechSmith Corporation) C:\Program Files\TechSmith\Snagit 2018\SnagPriv.exe
(Western Digital Techologies -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [935104 2014-11-25] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1860120 2016-01-12] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [TechSmithSnagit] => C:\Program Files\TechSmith\Snagit 2018\Snagit32.exe [9182176 2020-01-10] (TechSmith Corporation -> TechSmith Corporation)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM-x32\...\Run: [RotateImage] => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [64000 2012-08-10] (Ricoh co.,Ltd.) [File not signed]
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [132920 2013-05-31] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2042424 2020-03-16] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] (Seznam.cz, a.s. -> )
HKLM-x32\...\Run: [WDDiscovery] => C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe [81376496 2019-11-29] (Western Digital Technologies, Inc. -> Western Digital Corporation)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [2309008 2018-06-01] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WDAppManager] => C:\Program Files (x86)\Western Digital\WD App Manager\AppManagerLauncher.exe [21888 2019-01-02] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [82183912 2019-07-11] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1319208 2019-05-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5866032 2020-10-22] (Adobe Inc. -> Adobe Systems Inc.)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5491248 2020-10-22] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\Run: [Screenshot Captor] => C:\Program Files (x86)\ScreenshotCaptor\ScreenshotCaptor.exe [6852376 2012-07-06] (DONATIONCODER.COM LLC -> DonationCoder) [File not signed]
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Iveta\AppData\Roaming\Seznam.cz\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Iveta\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Iveta\AppData\Local\Microsoft\Teams\Update.exe [1789768 2019-08-26] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [648328 2020-04-13] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\Run: [GoogleChromeAutoLaunch_DD52DC0D6186026AFE712DB9D3450405] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTRAY.EXE [604128 2018-11-01] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIR6E.EXE [418000 2016-07-14] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\RunOnce: [Application Restart #4] => C:\Program Files (x86)\Microsoft\Edge\Temp\scoped_dir14400_1215716017\old_msedge.exe --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --restore-last-session -- microsoft-edge: (the data entry has 138 more characters). <==== ATTENTION
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\MountPoints2: {22986a71-0f7b-11e9-bf30-b888e3de6c61} - "E:\WD Drive Unlock.exe" autoplay=true
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [65496 2020-10-22] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\EPSON L7160 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMBR6E.DLL [182784 2016-08-02] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\WINDOWS\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [File not signed]
HKLM\...\Print\Monitors\PDF Print Monitor BZ101: C:\Program Files\Common Files\STORMWARE\PDF Printer\Ports\STORMWARE\bzpdf.dll [210944 2013-10-04] (Bullzip) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\86.0.4240.183\Installer\chrmstp.exe [2020-11-03] (Google LLC -> Google LLC)
Startup: C:\Users\Iveta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2020-11-03]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\Iveta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TickTick.lnk [2018-07-17]
ShortcutTarget: TickTick.lnk -> C:\Program Files (x86)\TickTick\TickTick.exe (Appest.com) [File not signed]
GroupPolicy: Restriction - Windows Defender <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03D3A8E8-B8E4-426D-AF0C-7247011CEADE} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {083A6183-4AEF-40C6-8424-1484BF42890F} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {08525A1C-9DA5-4DDB-A449-08F8A713D8E4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {119E7BA2-556A-489D-8CFF-C5C3CCC18174} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {14A94EC1-FC51-4C29-8BCB-A639C35C869C} - \Optimize Start Menu Cache Files-S-1-5-21-920122311-1960361517-2308721413-1001 -> No File <==== ATTENTION
Task: {161E9434-7FA6-46E6-BB6D-49D73732FB68} - System32\Tasks\WD Device Agent Task iveta => C:\Program Files (x86)\Western Digital\Discovery\Current\WD Device Agent.exe [720624 2019-11-29] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
Task: {16227D00-6CAF-48F0-89BC-AC89CBF34B22} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [144312 2020-09-15] (Lenovo -> Lenovo Group Ltd.)
Task: {19CD006D-BE44-4D72-9670-7D686C672872} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe [113024 2019-11-12] (Lenovo -> Lenovo)
Task: {1C7267CE-9ECE-4F18-A1E9-D370A3AD8CC6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1341008 2020-09-06] (Adobe Inc. -> Adobe Inc.)
Task: {24C9634F-1033-4204-B624-9EAEDEAE9E70} - System32\Tasks\Nvbackend_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {24D6D92E-6D31-4FB9-A22D-CFC0F57F6C97} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758648 2020-09-08] (Lenovo -> )
Task: {26D35485-0B85-4CEB-841A-717C15C52980} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {2ACB2618-F1F4-4993-9DC0-836F663313E9} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758648 2020-09-08] (Lenovo -> )
Task: {2DC00A47-E966-42FD-ADE1-B1CCD61F4C2D} - System32\Tasks\Norton 360\Norton 360 Autofix => C:\Program Files\Norton Security with Backup\Engine\22.20.5.39\SymErr.exe [117192 2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {2EB752B6-070A-4B9C-B38C-59EA2B90293E} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [233824 2012-06-14] (Intel® Services Manager -> Intel Corporation)
Task: {2EFF15EB-8868-4C5D-97AA-3141DABD16CD} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [127176 2020-05-29] (Mozilla Corporation -> Mozilla Foundation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {40335F53-DAC0-42E3-8C61-F08C76150D44} - \WPD\SqmUpload_S-1-5-21-920122311-1960361517-2308721413-1001 -> No File <==== ATTENTION
Task: {41EB1A5B-C29A-47AC-B28A-654DD9754588} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {42B9CC78-B5D6-4587-8196-534B49454008} - System32\Tasks\Trigger KMS Activation => C:\KMSnano Final\TriggerKMS.exe [54784 2013-02-10] () [File not signed]
Task: {43156E03-5FCD-4416-84F8-12CA7F6C9759} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22939512 2020-10-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {4361DC2E-D5C8-4400-892F-831A101B1A24} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\f45e0707-3310-4006-98d0-0f0f2dbb9d36 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
Task: {43DC4658-8D72-4A73-B798-8F4558D7884B} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {4669933A-F9EE-4175-B560-75F0897C4408} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22939512 2020-10-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {551019E6-E1B8-4A2A-9686-03AA7D22880A} - System32\Tasks\WD Discovery Service Task iveta => C:\Program Files (x86)\Western Digital\Discovery\Current\Service\WDDiscoveryService.exe [75504 2019-11-29] (Western Digital Technologies, Inc. -> )
Task: {5D4D5AA5-8470-43B7-A4AE-21370D58E3FE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-05-04] (Google Inc -> Google Inc.)
Task: {5DE81771-97DA-472A-8DF7-141FEC6403D0} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [667856 2020-10-31] (Mozilla Corporation -> Mozilla Foundation)
Task: {5E0F430B-E8A6-40D0-9A08-CCAAF20079E3} - System32\Tasks\Norton 360\Norton 360 Error Processor => C:\Program Files\Norton Security with Backup\Engine\22.20.5.39\SymErr.exe [117192 2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {6662012F-97B5-41EC-9073-0997FC4ED638} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {66C03512-B15B-4AB4-92DF-691F9F588F51} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {6C6BF952-D309-4CD6-BC20-6C2C37EFAEBF} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgrInst.exe [59776 2019-11-12] (Lenovo -> )
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {72BB16F4-124F-4EB2-BD74-5C1AF90651D6} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton 360\Upgrade.exe [2162328 2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {7B1CCD6F-1080-456E-905A-D4D7723BB571} - System32\Tasks\CupblueUpdateTaskMachineUA => C:\Program Files (x86)\Cupblue\Update\CupblueUpdate.exe
Task: {7D347C14-1456-4C7E-AB13-53AC61C880F1} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {7F53DAB5-ECBC-4AC6-A46D-30B21FF0D547} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\71a64da2-7887-4731-9650-4b8554bf0dbd => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
Task: {8204FCCD-D668-468D-AA4C-AC654161D2D2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {844FB30C-9FAB-480E-80F6-D0F47D6EF0DC} - System32\Tasks\Norton Security with Backup\Norton Security Error Analyzer => C:\Program Files\Norton Security with Backup\Engine\22.20.4.57\SymErr.exe
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {8800B2C7-D6FA-4467-AB97-A87E0E25BAF6} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
Task: {8B53BF56-A87E-4E69-97EB-45297D6C4977} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [117616 2020-10-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {90752D23-4494-4B13-B03C-F7D66BC310BE} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [4222560 2016-10-03] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {92B63E48-2F65-4A9C-AF8D-4F164859C499} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-05-04] (Google Inc -> Google Inc.)
Task: {9D35156C-3DBC-42F0-A311-483A4E00CD7D} - System32\Tasks\Norton Security with Backup\Norton Security Error Processor => C:\Program Files\Norton Security with Backup\Engine\22.20.4.57\SymErr.exe
Task: {9da5907f-f37b-4640-8ddb-881a43c9fe96} - no filepath
Task: {9F55A2EA-005F-4B7A-AA4D-F07A58B9D858} - System32\Tasks\Norton Security with Backup\Norton Security Autofix => C:\Program Files\Norton Security with Backup\Engine\22.20.4.57\SymErr.exe
Task: {A59828F6-B3A5-4F62-9BE9-0DB9C109A85F} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [233824 2012-06-14] (Intel® Services Manager -> Intel Corporation)
Task: {ABEC7406-4233-49E9-A85A-076F0A7CD37F} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {AFB67115-937F-4473-BDD1-90F4081C1023} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {B09A0183-8627-4209-8F91-D59A81543214} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {B16D4493-D4BC-42AC-B681-251F389E1010} - System32\Tasks\Open URL by RoboForm => C:\WINDOWS\system32\rundll32.exe url.dll,FileProtocolHandler "http://www.roboform.com/uninstall.html? ... LIBNKJHIKJ"
Task: {B47C4E46-1133-4552-BAAE-E63DFE3AF896} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1146776 2020-10-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {BA69755F-8E4F-4A2B-A993-18DED861A758} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {BDC865D7-1F68-408D-8BE0-01380142CFF7} - \AdobeAAMUpdater-1.0-Iveta-Rumlerova-Iveta -> No File <==== ATTENTION
Task: {C1E03E35-9879-4363-8CC1-65FDA98A9157} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\d4b4a5af-bf93-4406-8548-afc50aa009e2 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
Task: {C6019B92-B7E9-49C4-9223-64A2471604FC} - System32\Tasks\Lenovo Power Management Driver PnP Task => C:\WINDOWS\System32\ibmpmsvc.exe [949632 2019-12-11] (Lenovo -> Lenovo.)
Task: {C7AFF3F3-A573-4F9A-9F92-48268AE6A8CE} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D2B41DE8-4B69-402D-A8E5-B51C9945F6D9} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {D5F5EB11-CAA8-404C-8885-9320688D9345} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [62280 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
Task: {D8583876-74B2-48D9-B59F-4B6E2807AEFA} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {D9335A1C-9788-4545-9A3A-118112B149C5} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {DE21874B-7B4A-4B6F-B6A4-0DAA6F70C257} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {E30B9646-1B3F-4582-AAA4-328F4D815466} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [16832 2015-07-08] (LENOVO -> Lenovo)
Task: {E396BF4A-BF40-49B0-8663-6E5A5677A19A} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {E5BB7FDE-ACA9-4FDB-81F3-0E48B8364F43} - System32\Tasks\Norton 360\Norton 360 Error Analyzer => C:\Program Files\Norton Security with Backup\Engine\22.20.5.39\SymErr.exe [117192 2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {E862A9B2-D32D-4119-83EB-0F83CF3B1557} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe [676176 2016-05-18] (LENOVO -> Lenovo)
Task: {ECF42CF1-5CA0-4836-BBF3-151FFB249565} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe [676176 2016-05-18] (LENOVO -> Lenovo)
Task: {EE7BCEAE-FEB7-4F10-9407-C25419ED6820} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security with Backup\Engine\22.20.5.39\WSCStub.exe [644608 2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {F31C70BB-659C-4D49-A534-1E3750CD9A82} - System32\Tasks\CupblueUpdateTaskMachineCore => C:\Program Files (x86)\Cupblue\Update\CupblueUpdate.exe
Task: {F320E204-F550-4A83-A789-04EF25859F5E} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {FAA70618-3AB5-4C6A-BB05-263D1AC2261D} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [117616 2020-10-30] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\ Update {700DF5E8-67F4-4B85-AC32-AC27A47931C4}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSR6E.EXE:/EXE:{700DF5E8-67F4-4B85-AC32-AC27A47931C4} /F:UpdateWORKGROUP\IVETA-RUMLEROVA$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 188.75.188.188 8.8.4.4
Tcpip\..\Interfaces\{1cdf01bc-e833-4f90-ba21-62c47bfafa1d}: [DhcpNameServer] 188.75.188.188 8.8.4.4
Tcpip\..\Interfaces\{6085ce70-8b05-4516-ba0b-8a96c4ff09e3}: [DhcpNameServer] 188.75.188.188 8.8.4.4

Edge:
======
DownloadDir: C:\Users\Iveta\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-920122311-1960361517-2308721413-1001 -> hxxp://www.attirerpage.com/?type=hp&ts=1466062 ... D_W7716KR9
Edge Profile: C:\Users\Iveta\AppData\Local\Microsoft\Edge\User Data\Default [2020-10-08]
Edge HomePage: Default -> hxxp://www.attirerpage.com/?type=hp&ts=1466062 ... D_W7716KR9
Edge StartupUrls: Default -> "hxxp://google.com/"

FireFox:
========
FF DefaultProfile: 5cqym3x0.default
FF ProfilePath: C:\Users\Iveta\AppData\Roaming\Mozilla\Firefox\Profiles\014vkure.default-release [2020-08-04]
FF ProfilePath: C:\Users\Iveta\AppData\Roaming\Mozilla\Firefox\Profiles\5cqym3x0.default [2020-11-05]
FF Notifications: Mozilla\Firefox\Profiles\5cqym3x0.default -> hxxps://www.facebook.com
FF NewTabOverride: Mozilla\Firefox\Profiles\5cqym3x0.default -> Enabled: {ea614400-e918-4741-9a97-7a972ff7c30b}
FF Extension: (Seznam pro Firefox - Esko) - C:\Users\Iveta\AppData\Roaming\Mozilla\Firefox\Profiles\5cqym3x0.default\Extensions\sko-extension@firma.seznam.cz.xpi [2017-12-07]
FF Extension: (Seznam pro Firefox - Email) - C:\Users\Iveta\AppData\Roaming\Mozilla\Firefox\Profiles\5cqym3x0.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-10-31]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-05-02]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2020-03-16] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google Inc -> Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-14] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-14] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-09-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2020-10-22] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-10-22] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2020-03-16] (Adobe Inc. -> Adobe Systems)
FF Plugin HKU\S-1-5-21-920122311-1960361517-2308721413-1001: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2016-10-24] (Sony Network Entertainment International LLC) [File not signed]

Chrome:
=======
CHR DefaultProfile: ChromeDefaultData
CHR Profile: C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2020-11-09] <==== ATTENTION
CHR Notifications: ChromeDefaultData -> hxxps://modrokamennabouda.cz; hxxps://www.arttec.cz; hxxps://www.facebook.com
CHR HomePage: ChromeDefaultData -> hxxp://lenovo13-comm.msn.com/
CHR StartupUrls: ChromeDefaultData -> "hxxp://www.nuesearch.com/?type=hp&ts=146676335 ... D_W7716KR9"
CHR Extension: (Překladač Google) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-03-19]
CHR Extension: (Insert Text) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\abmgjcmmphkhndoahbfanhbgeekconmm [2018-09-10]
CHR Extension: (Norton Password Manager) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\admmjipmmciaobhojoghlmleefbicajg [2020-11-09]
CHR Extension: (Dokumenty) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Disk Google) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-26]
CHR Extension: (YouTube) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-31]
CHR Extension: (Flash Player) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\bmimdmkleccdoghpgdhaahkelfhjfhgm [2020-10-08]
CHR Extension: (MozBar) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\eakacpaijcpapndcfffdgphdiccmpknp [2020-11-09]
CHR Extension: (GoFullPage - Full Page Screen Capture) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fdpohaocaechififmbbbbbknoalclacl [2020-09-18]
CHR Extension: (Page Analytics (by Google)) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnbdnhhicmebfgdgglcdacdapkcihcoh [2016-10-10]
CHR Extension: (Norton Safe Web) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnpbeacklnhmkkilekogeiekaglbmmka [2020-11-02]
CHR Extension: (Google Analytics URL Builder) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gaidpiakchgkapdgbnoglpnbccdepnpk [2020-06-08]
CHR Extension: (CircleCount.com) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gfehmiknpngmjkhiieampgfppicbncid [2016-09-22]
CHR Extension: (Dokumenty Google offline) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-10-23]
CHR Extension: (Full Page Screenshot) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\glgomjpomoahpeekneidkinhcfjnnhmb [2018-03-15]
CHR Extension: (Tlačítko „Uložit“ pro Pinterest) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2020-10-05]
CHR Extension: (LinkedIn Sales Navigator) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\hihakjfhbmlmjdnnhegiciffjplmdhin [2019-03-21]
CHR Extension: (Projektový management Gantter) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\himomacamcpodhkahelbnmaddladgjgo [2019-09-12]
CHR Extension: (Rank Checker) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\hnhleeodcddckbbnpedmkkcpbhffpolb [2016-05-31]
CHR Extension: (Norton Identity Safe) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\iikflkcanblccfahdhdonehdalibjnif [2018-02-04]
CHR Extension: (FormApps Extension) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2017-06-15]
CHR Extension: (Google Analytics Debugger) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\jnkmfdileelhofjcijamephohjechhna [2019-08-02]
CHR Extension: (Snap It Button) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\kclagiidcihmjfnlfdboggonemfhcklk [2020-10-19]
CHR Extension: (Tag Assistant (by Google)) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\kejbdjndbnbjgmefkgdddjlbokphdefk [2020-11-02]
CHR Extension: (Loom for Chrome) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\liecbddmkiiihnedobmlmillhodjkdmb [2020-10-23]
CHR Extension: (Norton Safe) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\mpnlkmlkncncpgnnkmkgoobfpnjmblnk [2020-11-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-05]
CHR Extension: (Colour Extractor) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nndpibfappjacgbninhabcokfkdpnmpe [2016-06-20]
CHR Extension: (Image Color Picker - Pick your color online) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ocamglfcdanjnilooepglpjfmjabcgii [2016-06-20]
CHR Extension: (Collabim) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\oinjknlpcckmnnjpodcifmifeghabelo [2016-06-20]
CHR Extension: (Palette Creator) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\oolpphfmdmjbojolagcbgdemojhcnlod [2019-07-03]
CHR Extension: (Social Analytics) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pgckigmaefoaemjpijdepakcghjkggmg [2016-12-27]
CHR Extension: (Gmail) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-10-19]
CHR Profile: C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default [2020-06-18]
CHR HomePage: Default -> hxxp://www.ir-webdesign.com/
CHR Extension: (Překladač Google) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-06-18]
CHR Extension: (Prezentace) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-06-18]
CHR Extension: (Kancelář) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahfpbkogcgkoecgolaojpcijkabngljl [2015-05-04]
CHR Extension: (Dokumenty) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-06-18]
CHR Extension: (Lucidchart Diagrams) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\apboafhkiegglekeafbckfjldecefkhn [2020-06-18]
CHR Extension: (Disk Google) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (Seznam doplněk - Email) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2020-06-18]
CHR Extension: (No Name) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2017-04-08]
CHR Extension: (YouTube) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (chrometheme) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmcjefhelakcgphlgkfebcahbpdbhdpo [2015-05-04]
CHR Extension: (Vyhledávání Google) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (MozBar) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\eakacpaijcpapndcfffdgphdiccmpknp [2020-06-18]
CHR Extension: (Tabulky Google) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-04]
CHR Extension: (Page Analytics (by Google)) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnbdnhhicmebfgdgglcdacdapkcihcoh [2020-06-18]
CHR Extension: (Dokumenty Google offline) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Gantter for Google Drive) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\himomacamcpodhkahelbnmaddladgjgo [2015-05-04]
CHR Extension: (Rank Checker) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnhleeodcddckbbnpedmkkcpbhffpolb [2015-08-24]
CHR Extension: (Snap It Button) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\kclagiidcihmjfnlfdboggonemfhcklk [2020-06-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2020-06-18]
CHR Extension: (Notifications for Instagram) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\opnbmdkdflhjiclaoiiifmheknpccalb [2020-06-18]
CHR Extension: (Gmail) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-04]
CHR Profile: C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\System Profile [2017-04-08]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
CHR HKU\S-1-5-21-920122311-1960361517-2308721413-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig]
CHR HKU\S-1-5-21-920122311-1960361517-2308721413-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [blmojkbhnkkphngknkmgccmlenfaelkd]
CHR HKU\S-1-5-21-920122311-1960361517-2308721413-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <not found>
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\StartMenuInternet\ChromeHTML: -> C:\Program Files (x86)\Cupblue\Application\chrome.exe <==== ATTENTION

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-09-06] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [820280 2020-03-16] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9057136 2020-10-24] (Microsoft Corporation -> Microsoft Corporation)
R2 connect2hotspot; C:\Program Files (x86)\Lenovo\Connect2\Connect2.Service.exe [100680 2016-12-23] (Lenovo -> Lenovo)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [145224 2019-09-18] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2468496 2012-11-15] (Realtek Semiconductor Corp -> Realsil Microelectronics Inc.)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [115184 2014-07-08] (LENOVO -> Lenovo Group Limited)
S2 LPlatSvc; C:\WINDOWS\System32\LPlatSvc.exe [892288 2019-12-11] (Lenovo -> Lenovo.)
R2 NortonSecurity; C:\Program Files\Norton Security with Backup\Engine\22.20.5.39\NortonSecurity.exe [344760 2020-07-24] (Symantec Corporation -> Symantec Corporation)
R2 nsWscSvc; C:\Program Files\Norton Security with Backup\Engine\22.20.5.39\nsWscSvc.exe [1056096 2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155520 2015-06-10] (Sony Mobile Communications AB -> Avanquest Software) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R2 TechSmith Uploader Service; C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe [3658832 2019-06-28] (TechSmith Corporation -> TechSmith Corporation)
S3 WD Backup Drive Helper; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{4AB831D3-8315-414C-8A7A-303105288D0B} [19256 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WD Backup Drive Helper; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{4AB831D3-8315-414C-8A7A-303105288D0B} [19256 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WD Backup Snapshot; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{302480DF-3AC5-4400-BE7B-DD77AF93B6DD} [19256 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WD Backup Snapshot; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{302480DF-3AC5-4400-BE7B-DD77AF93B6DD} [19256 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [524632 2018-03-26] (Western Digital Techologies -> Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 BHDrvx64; C:\Program Files\Norton Security with Backup\NortonData\22.11.2.7\Definitions\BASHDefs\20201103.005\BHDrvx64.sys [1991536 2020-11-03] (Symantec Corporation -> Broadcom)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-09-12] (Microsoft Corporation) [File not signed]
R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\ccSetx64.sys [192248 2020-07-24] (Symantec Corporation -> Symantec Corporation)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [264552 2016-04-14] (ESET, spol. s r.o. -> ESET)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [516960 2020-07-29] (Symantec Corporation -> Broadcom)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [14976 2016-04-14] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [186784 2016-04-14] (ESET, spol. s r.o. -> ESET)
R2 epfwwfpr; C:\WINDOWS\system32\DRIVERS\epfwwfpr.sys [170792 2016-04-14] (ESET, spol. s r.o. -> ESET)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [154464 2020-08-03] (Symantec Corporation -> Broadcom)
R1 IDSVia64; C:\Program Files\Norton Security with Backup\NortonData\22.11.2.7\Definitions\IPSDefs\20201106.061\IDSvia64.sys [1478496 2020-09-17] (Symantec Corporation -> Broadcom)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-06-28] (Malwarebytes Corporation -> Malwarebytes)
R0 PMDRVS; C:\WINDOWS\System32\drivers\pmdrvs.sys [38160 2019-12-11] (Lenovo -> Lenovo.)
R3 RCUVCAVS; C:\WINDOWS\system32\DRIVERS\RCUVCAVS.sys [149632 2012-10-22] (Microsoft Windows Hardware Compatibility Publisher -> Ricoh co.,Ltd.)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-05] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R3 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\SRTSP64.SYS [889704 2020-07-24] (Symantec Corporation -> Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\SRTSPX64.SYS [50920 2020-07-24] (Symantec Corporation -> Symantec Corporation)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\SYMEFASI64.SYS [1964384 2020-07-24] (Symantec Corporation -> Symantec Corporation)
S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\SymELAM.sys [25080 2020-07-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Broadcom Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [100064 2019-04-05] (Symantec Corporation -> Symantec Corporation)
R3 SymEvnt; C:\Program Files\Norton Security with Backup\NortonData\22.11.2.7\SymPlatform\SymEvnt.sys [712368 2020-01-13] (Symantec Corporation -> Symantec Corporation)
R1 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\Ironx64.SYS [316488 2020-07-24] (Symantec Corporation -> Symantec Corporation)
R1 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\symnets.sys [575328 2020-07-24] (Symantec Corporation -> Symantec Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R1 wdfsconnect2017; C:\WINDOWS\system32\drivers\wdfsconnect2017.sys [468112 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R3 wdvpnpbus; C:\WINDOWS\System32\drivers\wdvpnpbus.sys [20624 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.)
R3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation)
R1 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\wpCtrlDrv.sys [1013792 2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-11-09 15:18 - 2020-11-09 15:54 - 000071105 _____ C:\Users\Iveta\Desktop\Addition.txt
2020-11-09 15:12 - 2020-11-09 16:03 - 000053017 _____ C:\Users\Iveta\Desktop\FRST.txt
2020-11-09 15:10 - 2020-11-09 16:02 - 000000000 ____D C:\FRST
2020-11-09 14:58 - 2020-11-09 14:58 - 002298368 _____ (Farbar) C:\Users\Iveta\Desktop\FRST64.exe
2020-11-09 08:03 - 2020-11-09 08:03 - 000000000 ____D C:\WINDOWS\system32\Tasks\Remediation
2020-11-04 12:55 - 2020-11-04 12:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2020-11-04 12:55 - 2020-11-04 12:54 - 000069264 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2020-11-04 12:54 - 2020-11-04 12:54 - 000000000 ____D C:\Program Files\Java
2020-11-04 12:54 - 2020-11-04 12:54 - 000000000 ____D C:\Program Files\Common Files\Oracle
2020-11-04 12:52 - 2020-11-04 12:53 - 167452312 _____ (Oracle Corporation) C:\Users\Iveta\Downloads\jdk-15.0.1_windows-x64_bin.exe
2020-11-04 12:47 - 2020-11-04 12:47 - 000000000 ____D C:\Users\Iveta\AppData\LocalLow\Oracle
2020-11-03 07:52 - 2020-11-09 07:42 - 000000000 ____D C:\Users\Iveta\AppData\Local\NPE
2020-11-02 11:19 - 2020-11-02 11:19 - 000062062 _____ C:\Users\Iveta\Downloads\hiaddtocartbutton_v1.0.10.zip
2020-11-02 11:19 - 2020-11-02 11:19 - 000062062 _____ C:\Users\Iveta\Downloads\hiaddtocartbutton_v1.0.10 (1).zip
2020-10-31 18:03 - 2020-11-05 21:11 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-10-26 16:56 - 2020-10-26 16:56 - 000000216 _____ C:\Users\Iveta\dm_importspecialprices.crt
2020-10-26 11:33 - 2020-10-26 11:33 - 000000000 ____D C:\Users\Iveta\.gnupg
2020-10-26 09:36 - 2020-10-26 09:36 - 000000000 ____D C:\Users\Iveta\AppData\Local\JetBrains
2020-10-26 09:33 - 2020-10-26 09:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetBrains
2020-10-26 09:32 - 2020-10-26 09:32 - 000000763 _____ C:\Users\Public\Desktop\PhpStorm 2020.2.3 x64.lnk
2020-10-26 09:32 - 2020-10-26 09:32 - 000000000 ____D C:\Program Files\JetBrains
2020-10-26 09:30 - 2015-05-04 16:57 - 000092550 _____ C:\ProgramData\PhpStorm2020.2_202.7660.42_Uninstall.exe
2020-10-26 09:28 - 2020-10-26 09:29 - 333723200 _____ C:\Users\Iveta\Downloads\PhpStorm-2020.2.3.exe
2020-10-26 09:27 - 2020-10-26 09:27 - 000004096 _____ C:\Users\Iveta\Downloads\E4AXWUU8GJ.zip
2020-10-23 19:02 - 2020-10-23 19:02 - 000425313 _____ C:\Users\Iveta\Downloads\wpfreeshipping.zip
2020-10-23 19:02 - 2020-10-23 19:02 - 000021051 _____ C:\Users\Iveta\Downloads\wpheadertext.zip
2020-10-23 18:58 - 2020-10-23 18:58 - 000020495 _____ C:\Users\Iveta\Downloads\wppayinstore.zip
2020-10-23 11:51 - 2020-10-23 11:53 - 000000000 ___RD C:\Users\Iveta\Dropbox
2020-10-23 11:13 - 2020-10-23 11:13 - 000670312 _____ (Dropbox, Inc.) C:\Users\Iveta\Downloads\DropboxInstaller.exe
2020-10-23 09:16 - 2020-10-23 09:16 - 000154596 _____ C:\Users\Iveta\Downloads\PTV_TPS_PSB_CZ.pdf
2020-10-22 23:42 - 2020-10-22 23:42 - 000065496 _____ (Adobe Systems Inc) C:\WINDOWS\system32\AdobePDF.dll
2020-10-22 23:42 - 2020-10-22 23:42 - 000036312 _____ (Adobe Systems Inc.) C:\WINDOWS\system32\AdobePDFUI.dll
2020-10-19 07:13 - 2020-10-19 07:13 - 000142758 _____ C:\Users\Iveta\Downloads\tax944663.pdf
2020-10-19 07:12 - 2020-10-19 07:12 - 000067437 _____ C:\Users\Iveta\Downloads\inv2368373.pdf
2020-10-16 14:08 - 2020-10-06 01:13 - 000835472 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-10-16 14:08 - 2020-10-06 01:13 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-10-13 22:29 - 2020-10-13 22:29 - 011630080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2020-10-13 22:29 - 2020-10-13 22:29 - 009728512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2020-10-13 22:28 - 2020-10-13 22:28 - 005507072 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2020-10-13 22:28 - 2020-10-13 22:28 - 004310016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2020-10-13 22:28 - 2020-10-13 22:28 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2020-10-13 22:28 - 2020-10-13 22:28 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2020-10-13 22:28 - 2020-10-13 22:28 - 000839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2020-10-13 22:28 - 2020-10-13 22:28 - 000800576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2020-10-13 22:28 - 2020-10-13 22:28 - 000724992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2020-10-13 22:28 - 2020-10-13 22:28 - 000711168 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2020-10-13 22:28 - 2020-10-13 22:28 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2020-10-13 22:28 - 2020-10-13 22:28 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2020-10-13 22:28 - 2020-10-13 22:28 - 000339456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2020-10-13 22:28 - 2020-10-13 22:28 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2020-10-13 22:28 - 2020-10-13 22:28 - 000093112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2020-10-13 22:27 - 2020-10-13 22:27 - 032928928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 031599448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsRaw.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 025445888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 019852288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 019812864 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 018035200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 008010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 007012864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 006307840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 005008896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 004547072 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 004348928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 003635712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 003525600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 003507200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 003243080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 002950264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 002588688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2020-10-13 22:27 - 2020-10-13 22:27 - 002495248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 002422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2020-10-13 22:27 - 2020-10-13 22:27 - 002315984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 002259192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2020-10-13 22:27 - 2020-10-13 22:27 - 002230224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 002227512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 002138264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2020-10-13 22:27 - 2020-10-13 22:27 - 002133312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 001869696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 001789752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 001783984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 001615360 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 001523712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 001506112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 001298752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 001272160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 001249792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 001218048 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 001139200 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 001099608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 001098728 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 001012784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 001000960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000868352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2fs.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000834560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000776704 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000748384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000692224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000515584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpedit.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000513848 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicRuntimes.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000477696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tracerpt.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000376320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tracerpt.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AnalogShell.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2020-10-13 22:27 - 2020-10-13 22:27 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWSD.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\logman.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\provmigrate.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logman.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdSSDP.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\relog.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\typeperf.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\relog.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\typeperf.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpupdate.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\diskperf.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\diskperf.exe
2020-10-13 22:26 - 2020-10-13 22:27 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 022646784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 007289344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 006525952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 005768256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 004608512 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 002799616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-10-13 22:26 - 2020-10-13 22:26 - 002740736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directml.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 002585024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 002262784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001958072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001686016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001672552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001665728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001617088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001564984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001477120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001459712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001436032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvbvm60.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001421392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001397568 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 001335608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdrecordcpu.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001327616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001285120 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 001214464 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001182744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001077056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 000992256 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2fs.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 000910336 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 000894024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000877056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 000864768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000833344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000784000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 000775480 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 000741696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DismApi.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000693128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000682736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 000675024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000629248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000599864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000593416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpedit.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResourceMapper.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000501000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp_win.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000491008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmdial32.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000488568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000474432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000468944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000453944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 000422000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000405936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\es.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-10-13 22:26 - 2020-10-13 22:26 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000300704 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000285560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000284504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdwriter.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppLockerCSP.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2020-10-13 22:26 - 2020-10-13 22:26 - 000224568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Dism.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000199992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000188224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ifsutil.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000166936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000164352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000164352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWSD.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000150328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 000149304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ulib.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupcln.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinHvEmulation.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 000117208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000111536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdSSDP.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000093512 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000089336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000084280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2020-10-13 22:26 - 2020-10-13 22:26 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptext.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000054720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000051632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel.appcore.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpupdate.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 000021312 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidtel.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shimeng.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3r.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-10-13 22:26 - 2020-10-13 22:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-10-13 22:26 - 2020-10-13 22:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-10-13 22:26 - 2020-10-13 22:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-10-13 22:26 - 2020-10-13 22:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-10-13 22:26 - 2020-10-13 22:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-10-13 22:26 - 2020-10-13 22:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-10-13 22:26 - 2020-10-13 22:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-10-13 22:26 - 2020-10-13 22:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-10-13 22:26 - 2020-10-13 22:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-10-13 22:26 - 2020-10-13 22:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-10-13 22:26 - 2020-10-13 22:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-10-13 22:25 - 2020-10-13 22:25 - 014818304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 009924928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 007604576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 005112320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 003805696 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 003748352 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 002986288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-10-13 22:25 - 2020-10-13 22:25 - 002777184 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 002775688 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 002737664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 002696512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-10-13 22:25 - 2020-10-13 22:25 - 002491032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 002092328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001999440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001916752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001845912 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001698816 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001664688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001653800 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001593344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001408512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001285120 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001271808 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001265152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001246208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001170960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001154440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001053120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001004872 _____ (Microsoft Corporation) C:\WINDOWS\system32\DismApi.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000950272 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000933288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000907072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000890432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000871936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000860160 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2020-10-13 22:25 - 2020-10-13 22:25 - 000845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000844088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000837120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000835672 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000767984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000628416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000628032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000614912 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2020-10-13 22:25 - 2020-10-13 22:25 - 000555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmdial32.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000551624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxs.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000546968 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000518456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-10-13 22:25 - 2020-10-13 22:25 - 000467952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2020-10-13 22:25 - 2020-10-13 22:25 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000437568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2020-10-13 22:25 - 2020-10-13 22:25 - 000375504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000362296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000350208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountWAMExtension.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2020-10-13 22:25 - 2020-10-13 22:25 - 000326656 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcomapi.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000280888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dism.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2020-10-13 22:25 - 2020-10-13 22:25 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppnp.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000222008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000213784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000204104 _____ (Microsoft Corporation) C:\WINDOWS\system32\unattend.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000188208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionQueue.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000176440 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxlib.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeHelper.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000165840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spopk.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupcln.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatialAudioLicenseSrv.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000141632 _____ (Microsoft Corporation) C:\WINDOWS\system32\migisol.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000130112 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000108856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GraphicsCapture.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\MuiUnattend.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2020-10-13 22:25 - 2020-10-13 22:25 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\djoin.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000072824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptext.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000068416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceReactivation.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000063296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\PnPUnattend.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000054272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000035840 _____ C:\WINDOWS\system32\deploymentcsphelper.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2020-10-13 22:25 - 2020-10-13 22:25 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnscacheugc.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxstrace.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2020-10-13 22:25 - 2020-10-13 22:25 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\netbtugc.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\EsdSip.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d8thk.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCertResources.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3r.dll
2020-10-13 22:24 - 2020-10-13 22:25 - 000797456 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 007271752 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 006437376 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 004565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 004140544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 004050944 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 003728384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-10-13 22:24 - 2020-10-13 22:24 - 003581248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-10-13 22:24 - 2020-10-13 22:24 - 003545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 003371168 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 003327776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 003232064 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 002712064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-10-13 22:24 - 2020-10-13 22:24 - 002556224 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 002485248 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 002455928 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 002260832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 002074624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 002007360 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 001947688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 001918976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 001833272 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 001756592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-10-13 22:24 - 2020-10-13 22:24 - 001743688 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 001656904 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 001618704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdrecordcpu.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 001614848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 001512840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 001487360 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 001393952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 001375744 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 001366136 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-10-13 22:24 - 2020-10-13 22:24 - 001259720 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 001182248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 001083704 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 001047040 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2020-10-13 22:24 - 2020-10-13 22:24 - 001024656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 001014784 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000974336 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000961024 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 000916760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000893624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2020-10-13 22:24 - 2020-10-13 22:24 - 000874304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-10-13 22:24 - 2020-10-13 22:24 - 000865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000852280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000782656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000761672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000742720 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000676864 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000639392 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000636856 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxs.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000604992 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000602424 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000598336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000586048 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2020-10-13 22:24 - 2020-10-13 22:24 - 000564736 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000554496 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-10-13 22:24 - 2020-10-13 22:24 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000522688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 000519496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 000492032 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2020-10-13 22:24 - 2020-10-13 22:24 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 000441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-10-13 22:24 - 2020-10-13 22:24 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\es.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000399360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000389440 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000363112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000353752 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000343416 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdwriter.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000328704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsku.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\PushToInstall.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000234992 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000214840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ifsutil.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000205632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2020-10-13 22:24 - 2020-10-13 22:24 - 000201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000192176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbrand.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\spopk.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000180544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2020-10-13 22:24 - 2020-10-13 22:24 - 000180032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ulib.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000160064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\GraphicsCapture.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSAssessment.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000141520 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000102720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000089920 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000067656 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\watchdog.sys
2020-10-13 22:24 - 2020-10-13 22:24 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000058888 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel.appcore.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000057664 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxstrace.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtClient.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidtel.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\applockerfltr.sys
2020-10-13 22:24 - 2020-10-13 22:24 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\shimeng.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 017790976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 003725824 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 003143168 _____ (Microsoft Corporation) C:\WINDOWS\system32\directml.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 002296832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 002125392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 001967104 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 001942016 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 001751552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 001499136 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 001413712 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 001187840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 001182720 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 001150264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-10-13 22:23 - 2020-10-13 22:23 - 001092608 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 001086784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 001077248 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 001029952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 001026800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 001008960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000875400 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000805184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000804672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000722080 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000589392 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2020-10-13 22:23 - 2020-10-13 22:23 - 000495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountWAMExtension.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000437056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000422712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000415816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000381656 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialEnrollmentManager.exe
2020-10-13 22:23 - 2020-10-13 22:23 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2020-10-13 22:23 - 2020-10-13 22:23 - 000222528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ataport.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000183616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000174400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2020-10-13 22:23 - 2020-10-13 22:23 - 000141632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000089928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000088360 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-10-13 22:23 - 2020-10-13 22:23 - 000076952 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialEnrollmentManagerForUser.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\bfsvc.exe
2020-10-13 22:23 - 2020-10-13 22:23 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidspi.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000056640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciidex.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
2020-10-13 22:23 - 2020-10-13 22:23 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2020-10-13 22:23 - 2020-10-13 22:23 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000030016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\atapi.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000019768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelide.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000016704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciide.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCertResources.dll
2020-10-13 21:24 - 2020-10-13 21:25 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-10-13 21:24 - 2020-10-13 21:25 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-11-09 16:03 - 2020-10-06 07:16 - 000000000 ____D C:\Users\Iveta\Documents\Soubory aplikace Outlook
2020-11-09 15:57 - 2019-08-02 09:47 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-11-09 15:55 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-11-09 14:59 - 2019-10-05 19:11 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-11-09 14:54 - 2020-08-03 12:54 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton 360
2020-11-09 14:52 - 2019-08-02 10:08 - 001846928 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-11-09 14:52 - 2019-03-19 12:55 - 000776806 _____ C:\WINDOWS\system32\perfh005.dat
2020-11-09 14:52 - 2019-03-19 12:55 - 000168354 _____ C:\WINDOWS\system32\perfc005.dat
2020-11-09 14:52 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-11-09 14:50 - 2019-03-19 05:37 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2020-11-09 14:47 - 2015-05-04 07:42 - 000000000 __SHD C:\Users\Iveta\IntelGraphicsProfiles
2020-11-09 14:46 - 2019-08-02 10:06 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-11-09 14:46 - 2016-10-12 03:20 - 000000000 ____D C:\ProgramData\NVIDIA
2020-11-09 14:44 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-11-08 14:17 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-11-08 14:17 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-11-06 15:16 - 2020-07-13 14:03 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-11-06 15:16 - 2020-07-13 14:03 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-11-05 21:11 - 2015-05-04 18:03 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-11-05 20:29 - 2015-05-09 11:34 - 000000000 ____D C:\Users\Iveta\Documents\WWW zálohy
2020-11-05 17:38 - 2015-05-04 16:54 - 000000000 ____D C:\Users\Iveta\Documents\Pracovní
2020-11-05 16:35 - 2016-12-08 22:55 - 000000000 ____D C:\Users\Iveta\AppData\LocalLow\Mozilla
2020-11-05 16:32 - 2020-08-04 09:27 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-11-05 16:32 - 2015-08-28 08:26 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-11-05 13:04 - 2016-03-18 11:58 - 000002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2020-11-05 13:04 - 2016-03-18 11:58 - 000002103 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2020-11-05 10:35 - 2015-05-04 19:23 - 000000000 ____D C:\Users\Iveta\AppData\Local\CrashDumps
2020-11-05 07:46 - 2015-05-06 09:23 - 000000000 ____D C:\Program Files (x86)\Java
2020-11-04 12:42 - 2016-04-02 06:25 - 000000000 ____D C:\Program Files (x86)\seoadministrator
2020-11-04 12:42 - 2015-05-05 19:51 - 000000000 ____D C:\Program Files (x86)\Screen Courier
2020-11-04 12:35 - 2019-01-04 17:32 - 000000000 ____D C:\Users\Iveta\AppData\Roaming\WD Discovery
2020-11-04 12:35 - 2019-01-04 17:32 - 000000000 ____D C:\Users\Iveta\.wdc
2020-11-04 09:15 - 2019-01-04 17:32 - 000000000 ____D C:\Program Files\WD Desktop App
2020-11-04 08:19 - 2019-08-02 09:57 - 000000000 ____D C:\Users\Iveta
2020-11-04 08:10 - 2016-10-14 05:50 - 000000000 ____D C:\ProgramData\Norton
2020-11-03 23:34 - 2015-05-04 19:57 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-11-03 15:57 - 2015-05-04 17:27 - 000000000 ____D C:\Users\Iveta\Documents\Smazat
2020-11-03 10:17 - 2015-05-04 16:36 - 000000000 ____D C:\Users\Iveta\Documents\WWW pracovní
2020-11-03 07:26 - 2015-05-04 16:25 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-11-03 07:26 - 2015-05-04 16:25 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-11-02 14:16 - 2019-04-05 17:44 - 001867252 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2020-11-02 09:36 - 2020-03-27 15:17 - 000000000 ____D C:\Users\Iveta\AppData\Roaming\npm-cache
2020-11-02 08:28 - 2020-07-13 14:03 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-11-02 08:28 - 2020-07-13 14:03 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-10-30 22:19 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-10-30 19:47 - 2015-05-04 12:59 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-10-30 09:39 - 2017-12-17 10:14 - 000000000 ____D C:\Users\Iveta\AppData\Local\Packages
2020-10-30 07:27 - 2019-08-02 10:06 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-920122311-1960361517-2308721413-1001
2020-10-30 07:27 - 2019-08-02 09:57 - 000002361 _____ C:\Users\Iveta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-10-30 07:27 - 2015-09-15 19:16 - 000000000 ___RD C:\Users\Iveta\OneDrive
2020-10-27 13:43 - 2018-02-24 12:26 - 000002073 _____ C:\Users\Public\Desktop\Google Slides.lnk
2020-10-27 13:43 - 2018-02-24 12:26 - 000002071 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2020-10-27 13:43 - 2018-02-24 12:26 - 000002061 _____ C:\Users\Public\Desktop\Google Docs.lnk
2020-10-27 13:43 - 2018-02-24 12:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2020-10-26 14:22 - 2015-05-04 16:55 - 000000000 ____D C:\Users\Iveta\Documents\Osobní
2020-10-26 09:44 - 2015-05-04 17:03 - 000000000 ____D C:\Users\Iveta\AppData\Roaming\JetBrains
2020-10-26 09:00 - 2015-05-04 16:36 - 000000000 ____D C:\Users\Iveta\Documents\WWW
2020-10-19 20:43 - 2019-08-02 11:21 - 000045775 ____H C:\Users\Iveta\AppData\Local\IconCache.db.backup
2020-10-17 09:40 - 2015-05-05 18:39 - 000001480 _____ C:\Users\Iveta\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2020-10-16 14:09 - 2016-10-29 22:54 - 000000000 ___RD C:\Users\Iveta\3D Objects
2020-10-16 14:09 - 2015-06-17 11:01 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-10-16 14:09 - 2015-05-04 05:29 - 000000402 ___SH C:\Users\Iveta\Documents\desktop (New).ini
2020-10-16 14:09 - 2015-05-04 05:29 - 000000282 ___RH C:\Users\Iveta\Desktop\desktop (New).ini
2020-10-16 14:07 - 2019-08-02 09:47 - 005370168 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-10-16 13:48 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2020-10-16 13:48 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-10-16 13:47 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-10-16 13:47 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2020-10-16 13:47 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2020-10-16 13:47 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2020-10-16 13:47 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2020-10-16 13:47 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-10-16 13:47 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\es-MX
2020-10-16 13:47 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-10-16 13:47 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\appraiser
2020-10-16 13:46 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2020-10-16 13:46 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-10-16 13:46 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-10-16 13:46 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Provisioning
2020-10-16 13:46 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-10-14 23:12 - 2019-08-02 10:06 - 000003472 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-10-14 23:12 - 2019-08-02 10:06 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-10-13 22:46 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp

==================== Files in the root of some directories ========

2020-10-26 09:30 - 2015-05-04 16:57 - 000092550 _____ () C:\ProgramData\PhpStorm2020.2_202.7660.42_Uninstall.exe
2015-08-24 09:17 - 2015-08-24 10:06 - 000000132 _____ () C:\Users\Iveta\AppData\Roaming\Adobe Formát BMP CS6 – předvolby
2015-09-09 13:50 - 2019-07-23 20:08 - 000000132 _____ () C:\Users\Iveta\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2018-01-20 11:49 - 2020-05-07 15:41 - 000000033 _____ () C:\Users\Iveta\AppData\Roaming\AdobeWLCMCache.dat
2015-08-03 08:36 - 2018-01-12 21:21 - 000000132 _____ () C:\Users\Iveta\AppData\Roaming\Filtr IIIExport Adobe CS6 – předvolby
2015-10-05 20:47 - 2020-10-05 20:10 - 000000128 _____ () C:\Users\Iveta\AppData\Roaming\winscp.rnd
2017-05-08 16:35 - 2017-05-08 16:35 - 000000038 ___SH () C:\Users\Iveta\AppData\Local\3132457594e445968615d80.28999810
2015-05-05 18:39 - 2020-10-17 09:40 - 000001480 _____ () C:\Users\Iveta\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2015-05-04 20:40 - 2017-02-02 09:44 - 000000058 _____ () C:\Users\Iveta\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2018-09-28 07:45 - 2018-09-28 07:45 - 000000000 _____ () C:\Users\Iveta\AppData\Local\oobelibMkey.log
2017-11-09 14:41 - 2017-11-09 14:41 - 000000768 _____ () C:\Users\Iveta\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Re: Samovolné zpětování v programech i prohlížečí

Napsal: 09 lis 2020 16:52
od Rudy
Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Re: Samovolné zpětování v programech i prohlížečí

Napsal: 09 lis 2020 17:22
od Ivetaru
děkuji, log:

# -------------------------------
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build: 10-08-2020
# Database: 2020-09-29.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 11-09-2020
# Duration: 00:01:00
# OS: Windows 10 Home
# Scanned: 31837
# Detected: 58


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.Legacy C:\Windows\SysWOW64\_TSpm
PUP.Optional.Legacy C:\Windows\SysWOW64\_tWm
PUP.Optional.Legacy C:\Windows\System32\SSL
PUP.Optional.Seznam.cz C:\Program Files (x86)\Seznam.cz
PUP.Optional.Seznam.cz C:\Users\Iveta\AppData\Roaming\Seznam.cz
PUP.Optional.UnCheckIt C:\ProgramData\uckt

***** [ Files ] *****

PUP.Optional.Legacy C:\Users\Public\Documents\report.dat

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Adware.Heuristic HKCU\SOFTWARE\9C2D81A3FD5C488226ADA099C2347377
PUP.Adware.Heuristic HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WinZip|DisplayIcon
PUP.Adware.Heuristic HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WinZip|Publisher
PUP.Adware.Heuristic HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WinZip|URLInfoAbout
PUP.Adware.Heuristic HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WinZip|UninstallString
PUP.Adware.Heuristic HKU\.DEFAULT\SOFTWARE\9C2D81A3FD5C488226ADA099C2347377
PUP.Adware.Heuristic HKU\S-1-5-18\SOFTWARE\9C2D81A3FD5C488226ADA099C2347377
PUP.Optional.InstallCore HKCU\Software\csastats
PUP.Optional.Legacy HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main|HomeButtonPage
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\WinZipper
PUP.Optional.Legacy HKLM\Software\Classes\Interface\{E7BC34A1-BA86-11CF-84B1-CBC2DA68BF6C}
PUP.Optional.Legacy HKLM\Software\Classes\TypeLib\{E7BC34A0-BA86-11CF-84B1-CBC2DA68BF6C}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\WinZiper
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{E7BC34A1-BA86-11CF-84B1-CBC2DA68BF6C}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\TypeLib\{E7BC34A0-BA86-11CF-84B1-CBC2DA68BF6C}
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.autoupdate
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.szndesktop
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.autoupdate
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.szndesktop
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall
PUP.Optional.Seznam.cz HKCU\Software\Mozilla\NativeMessagingHosts\sznpp_nm
PUP.Optional.Seznam.cz HKCU\Software\Seznam.cz
PUP.Optional.Seznam.cz HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|seznam-listicka-distribuce
PUP.Optional.Seznam.cz HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|seznam-listicka-distribuce

***** [ Chromium (and derivatives) ] *****

PUP.Optional.Legacy cpngackimfmofbokmjmljamhdncknpmg
PUP.Optional.Seznam.cz Seznam doplněk - Email - bgjpfhpjcgdppjbgnpnjllokbmcdllig
PUP.Optional.Seznam.cz Seznam doplněk - Esko - olfeabkoenfaoljndfecamgilllcpiak

***** [ Chromium URLs ] *****

PUP.Optional.Legacy http://www.nuesearch.com/?type=hp&ts=14 ... D_W7716KR9
PUP.Optional.Legacy http://www.nuesearch.com/?type=hp&ts=14 ... D_W7716KR9
PUP.Optional.Legacy nuesearch
PUP.Optional.Legacy nuesearch

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.LenovoHotkeyManager Folder C:\Program Files\LENOVO\HOTKEY
Preinstalled.LenovoHotkeyManager Registry HKLM\Software\Classes\CLSID\{A48CA1A4-C36B-44f2-8090-19E08DF4365E}
Preinstalled.LenovoHotkeyManager Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|LenovoOptMouseUpdate
Preinstalled.LenovoHotkeyManager Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\OnScreenDisplay
Preinstalled.LenovoIMController Folder C:\ProgramData\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\Users\Iveta\AppData\Local\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\Windows\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1
Preinstalled.LenovoPowerManager Folder C:\Windows\SysWOW64\LENOVO\POWERMGR
Preinstalled.LenovoPowerManager Folder C:\Windows\System32\LENOVO\POWERMGR
Preinstalled.LenovoREACHit Folder C:\Program Files (x86)\LENOVO\REACHIT
Preinstalled.LenovoREACHit Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LENOVO\REACHIT
Preinstalled.LenovoREACHit Folder C:\Users\Iveta\AppData\Local\LENOVO\REACHIT
Preinstalled.LenovoREACHit Registry HKLM\Software\Classes\CLSID\{2B3256D4-49AA-11D1-8429-0050AE509033}
Preinstalled.LenovoREACHit Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved|{2B3256D4-49AA-11D1-8429-0050AE509033}
Preinstalled.LenovoREACHit Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}
Preinstalled.LenovoUpdate Folder C:\Program Files (x86)\LENOVO\SYSTEM UPDATE
Preinstalled.LenovoUpdate Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{03C6CC92-68F2-4961-9A73-CAECA350BD08}
Preinstalled.LenovoUpdate Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\TVSU_is1



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

Re: Samovolné zpětování v programech i prohlížečí

Napsal: 09 lis 2020 17:52
od Rudy
Nalezené položky smažte, nebo dejte do karantény a pak dejte nové logy FRST+Addition.

Re: Samovolné zpětování v programech i prohlížečí

Napsal: 09 lis 2020 18:46
od Ivetaru
spustila jsem, ale stále "běží" a nic, tak alespoň logy z AdwCleaner:

# -------------------------------
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build: 10-08-2020
# Database: 2020-09-29.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 11-09-2020
# Duration: 00:00:20
# OS: Windows 10 Home
# Cleaned: 36
# Failed: 2


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Seznam.cz
Deleted C:\ProgramData\uckt
Deleted C:\Users\Iveta\AppData\Roaming\Seznam.cz
Deleted C:\Windows\SysWOW64\_TSpm
Deleted C:\Windows\SysWOW64\_tWm
Deleted C:\Windows\System32\SSL

***** [ Files ] *****

Deleted C:\Users\Public\Documents\report.dat

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\SOFTWARE\9C2D81A3FD5C488226ADA099C2347377
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main|HomeButtonPage
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.autoupdate
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.autoupdate
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall
Deleted HKCU\Software\Mozilla\NativeMessagingHosts\sznpp_nm
Deleted HKCU\Software\Seznam.cz
Deleted HKCU\Software\csastats
Deleted HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\WinZipper
Deleted HKLM\Software\Classes\Interface\{E7BC34A1-BA86-11CF-84B1-CBC2DA68BF6C}
Deleted HKLM\Software\Classes\TypeLib\{E7BC34A0-BA86-11CF-84B1-CBC2DA68BF6C}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|seznam-listicka-distribuce
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WinZip|DisplayIcon
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WinZip|Publisher
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WinZip|URLInfoAbout
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WinZip|UninstallString
Deleted HKLM\Software\Wow6432Node\WinZiper
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{E7BC34A1-BA86-11CF-84B1-CBC2DA68BF6C}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{E7BC34A0-BA86-11CF-84B1-CBC2DA68BF6C}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|seznam-listicka-distribuce
Deleted HKU\.DEFAULT\SOFTWARE\9C2D81A3FD5C488226ADA099C2347377
Deleted HKU\S-1-5-18\SOFTWARE\9C2D81A3FD5C488226ADA099C2347377

***** [ Chromium (and derivatives) ] *****

Deleted Seznam doplněk - Email - bgjpfhpjcgdppjbgnpnjllokbmcdllig
Deleted Seznam doplněk - Esko - olfeabkoenfaoljndfecamgilllcpiak
Deleted cpngackimfmofbokmjmljamhdncknpmg

***** [ Chromium URLs ] *****

Deleted http://www.nuesearch.com/?type=hp&ts=14 ... D_W7716KR9
Deleted http://www.nuesearch.com/?type=hp&ts=14 ... D_W7716KR9
Not Deleted nuesearch
Not Deleted nuesearch

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [7066 octets] - [09/11/2020 17:07:45]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Re: Samovolné zpětování v programech i prohlížečí

Napsal: 09 lis 2020 18:51
od Rudy
Až doběhne, dejte nové logy FRST+Addition.

Re: Samovolné zpětování v programech i prohlížečí

Napsal: 09 lis 2020 18:53
od Ivetaru
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-11-2020
Ran by Iveta (administrator) on IVETA-RUMLEROVA (LENOVO 3259MCG) (09-11-2020 18:48:56)
Running from C:\Users\Iveta\Desktop
Loaded Profiles: Iveta
Platform: Windows 10 Home Version 1903 18362.1139 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Fortemedia Inc -> ) C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Ghisler Software GmbH -> Ghisler Software GmbH) C:\totalcmd\TOTALCMD64.EXE
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <12>
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Lenovo -> ) C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Lenovo -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Lenovo -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tposd.exe
(LENOVO -> Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(LENOVO -> Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\Connect2\Connect2.Service.exe
(Lenovo -> Lenovo) C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
(Lenovo -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\mkrmsg.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files\Norton Security with Backup\Engine\22.20.5.39\nsWscSvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Realtek Semiconductor Corp -> Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Ricoh co.,Ltd.) [File not signed] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Security with Backup\Engine\22.20.5.39\NortonSecurity.exe <2>
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics Incorporated -> Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(TechSmith Corporation -> TechSmith Corporation) C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe
(TechSmith Corporation -> TechSmith Corporation) C:\Program Files\TechSmith\Snagit 2018\Snagit32.exe
(TechSmith Corporation -> TechSmith Corporation) C:\Program Files\TechSmith\Snagit 2018\SnagitEditor.exe
(TechSmith Corporation -> TechSmith Corporation) C:\Program Files\TechSmith\Snagit 2018\SnagPriv.exe
(Western Digital Techologies -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [935104 2014-11-25] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1860120 2016-01-12] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [TechSmithSnagit] => C:\Program Files\TechSmith\Snagit 2018\Snagit32.exe [9182176 2020-01-10] (TechSmith Corporation -> TechSmith Corporation)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM-x32\...\Run: [RotateImage] => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [64000 2012-08-10] (Ricoh co.,Ltd.) [File not signed]
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [132920 2013-05-31] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2042424 2020-03-16] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [WDDiscovery] => C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe [81376496 2019-11-29] (Western Digital Technologies, Inc. -> Western Digital Corporation)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [2309008 2018-06-01] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WDAppManager] => C:\Program Files (x86)\Western Digital\WD App Manager\AppManagerLauncher.exe [21888 2019-01-02] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [82183912 2019-07-11] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1319208 2019-05-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5866032 2020-10-22] (Adobe Inc. -> Adobe Systems Inc.)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5491248 2020-10-22] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\Run: [Screenshot Captor] => C:\Program Files (x86)\ScreenshotCaptor\ScreenshotCaptor.exe [6852376 2012-07-06] (DONATIONCODER.COM LLC -> DonationCoder) [File not signed]
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Iveta\AppData\Local\Microsoft\Teams\Update.exe [1789768 2019-08-26] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [648328 2020-04-13] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\Run: [GoogleChromeAutoLaunch_DD52DC0D6186026AFE712DB9D3450405] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTRAY.EXE [604128 2018-11-01] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIR6E.EXE [418000 2016-07-14] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\RunOnce: [Application Restart #4] => C:\Program Files (x86)\Microsoft\Edge\Temp\scoped_dir14400_1215716017\old_msedge.exe --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --restore-last-session -- microsoft-edge: (the data entry has 138 more characters). <==== ATTENTION
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\MountPoints2: {22986a71-0f7b-11e9-bf30-b888e3de6c61} - "E:\WD Drive Unlock.exe" autoplay=true
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [65496 2020-10-22] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\EPSON L7160 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMBR6E.DLL [182784 2016-08-02] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\WINDOWS\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [File not signed]
HKLM\...\Print\Monitors\PDF Print Monitor BZ101: C:\Program Files\Common Files\STORMWARE\PDF Printer\Ports\STORMWARE\bzpdf.dll [210944 2013-10-04] (Bullzip) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\86.0.4240.183\Installer\chrmstp.exe [2020-11-03] (Google LLC -> Google LLC)
Startup: C:\Users\Iveta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2020-11-03]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\Iveta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TickTick.lnk [2018-07-17]
ShortcutTarget: TickTick.lnk -> C:\Program Files (x86)\TickTick\TickTick.exe (Appest.com) [File not signed]
GroupPolicy: Restriction - Windows Defender <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03D3A8E8-B8E4-426D-AF0C-7247011CEADE} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {083A6183-4AEF-40C6-8424-1484BF42890F} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {08525A1C-9DA5-4DDB-A449-08F8A713D8E4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {119E7BA2-556A-489D-8CFF-C5C3CCC18174} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {14A94EC1-FC51-4C29-8BCB-A639C35C869C} - \Optimize Start Menu Cache Files-S-1-5-21-920122311-1960361517-2308721413-1001 -> No File <==== ATTENTION
Task: {161E9434-7FA6-46E6-BB6D-49D73732FB68} - System32\Tasks\WD Device Agent Task iveta => C:\Program Files (x86)\Western Digital\Discovery\Current\WD Device Agent.exe [720624 2019-11-29] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
Task: {16227D00-6CAF-48F0-89BC-AC89CBF34B22} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [144312 2020-09-15] (Lenovo -> Lenovo Group Ltd.)
Task: {19CD006D-BE44-4D72-9670-7D686C672872} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe [113024 2019-11-12] (Lenovo -> Lenovo)
Task: {1C7267CE-9ECE-4F18-A1E9-D370A3AD8CC6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1341008 2020-09-06] (Adobe Inc. -> Adobe Inc.)
Task: {24C9634F-1033-4204-B624-9EAEDEAE9E70} - System32\Tasks\Nvbackend_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {24D6D92E-6D31-4FB9-A22D-CFC0F57F6C97} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758648 2020-09-08] (Lenovo -> )
Task: {26D35485-0B85-4CEB-841A-717C15C52980} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {2ACB2618-F1F4-4993-9DC0-836F663313E9} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758648 2020-09-08] (Lenovo -> )
Task: {2EB752B6-070A-4B9C-B38C-59EA2B90293E} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [233824 2012-06-14] (Intel® Services Manager -> Intel Corporation)
Task: {2EFF15EB-8868-4C5D-97AA-3141DABD16CD} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [127176 2020-05-29] (Mozilla Corporation -> Mozilla Foundation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {40335F53-DAC0-42E3-8C61-F08C76150D44} - \WPD\SqmUpload_S-1-5-21-920122311-1960361517-2308721413-1001 -> No File <==== ATTENTION
Task: {41EB1A5B-C29A-47AC-B28A-654DD9754588} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {42B9CC78-B5D6-4587-8196-534B49454008} - System32\Tasks\Trigger KMS Activation => C:\KMSnano Final\TriggerKMS.exe [54784 2013-02-10] () [File not signed]
Task: {43156E03-5FCD-4416-84F8-12CA7F6C9759} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22939512 2020-10-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {4361DC2E-D5C8-4400-892F-831A101B1A24} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\f45e0707-3310-4006-98d0-0f0f2dbb9d36 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
Task: {43DC4658-8D72-4A73-B798-8F4558D7884B} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {4669933A-F9EE-4175-B560-75F0897C4408} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22939512 2020-10-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {551019E6-E1B8-4A2A-9686-03AA7D22880A} - System32\Tasks\WD Discovery Service Task iveta => C:\Program Files (x86)\Western Digital\Discovery\Current\Service\WDDiscoveryService.exe [75504 2019-11-29] (Western Digital Technologies, Inc. -> )
Task: {5D4D5AA5-8470-43B7-A4AE-21370D58E3FE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-05-04] (Google Inc -> Google Inc.)
Task: {5DE81771-97DA-472A-8DF7-141FEC6403D0} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [667856 2020-10-31] (Mozilla Corporation -> Mozilla Foundation)
Task: {5E0F430B-E8A6-40D0-9A08-CCAAF20079E3} - System32\Tasks\Norton 360\Norton 360 Error Processor => C:\Program Files\Norton Security with Backup\Engine\22.20.5.39\SymErr.exe [117192 2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {6213D423-62A9-4593-9DFE-1499BEE496AA} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton 360\Upgrade.exe [2162328 2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {6662012F-97B5-41EC-9073-0997FC4ED638} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {66C03512-B15B-4AB4-92DF-691F9F588F51} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {6C6BF952-D309-4CD6-BC20-6C2C37EFAEBF} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgrInst.exe [59776 2019-11-12] (Lenovo -> )
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {7B1CCD6F-1080-456E-905A-D4D7723BB571} - System32\Tasks\CupblueUpdateTaskMachineUA => C:\Program Files (x86)\Cupblue\Update\CupblueUpdate.exe
Task: {7D347C14-1456-4C7E-AB13-53AC61C880F1} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {7F53DAB5-ECBC-4AC6-A46D-30B21FF0D547} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\71a64da2-7887-4731-9650-4b8554bf0dbd => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
Task: {8204FCCD-D668-468D-AA4C-AC654161D2D2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {844FB30C-9FAB-480E-80F6-D0F47D6EF0DC} - System32\Tasks\Norton Security with Backup\Norton Security Error Analyzer => C:\Program Files\Norton Security with Backup\Engine\22.20.4.57\SymErr.exe
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {8800B2C7-D6FA-4467-AB97-A87E0E25BAF6} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
Task: {8B53BF56-A87E-4E69-97EB-45297D6C4977} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [117616 2020-10-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {90752D23-4494-4B13-B03C-F7D66BC310BE} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [4222560 2016-10-03] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {92B63E48-2F65-4A9C-AF8D-4F164859C499} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-05-04] (Google Inc -> Google Inc.)
Task: {9D35156C-3DBC-42F0-A311-483A4E00CD7D} - System32\Tasks\Norton Security with Backup\Norton Security Error Processor => C:\Program Files\Norton Security with Backup\Engine\22.20.4.57\SymErr.exe
Task: {9da5907f-f37b-4640-8ddb-881a43c9fe96} - no filepath
Task: {9DC7130F-F279-4B04-91BC-645E1EB7083D} - System32\Tasks\Norton 360\Norton 360 Autofix => C:\Program Files\Norton Security with Backup\Engine\22.20.5.39\SymErr.exe [117192 2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {9F55A2EA-005F-4B7A-AA4D-F07A58B9D858} - System32\Tasks\Norton Security with Backup\Norton Security Autofix => C:\Program Files\Norton Security with Backup\Engine\22.20.4.57\SymErr.exe
Task: {A59828F6-B3A5-4F62-9BE9-0DB9C109A85F} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [233824 2012-06-14] (Intel® Services Manager -> Intel Corporation)
Task: {ABEC7406-4233-49E9-A85A-076F0A7CD37F} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {AFB67115-937F-4473-BDD1-90F4081C1023} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {B09A0183-8627-4209-8F91-D59A81543214} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {B16D4493-D4BC-42AC-B681-251F389E1010} - System32\Tasks\Open URL by RoboForm => C:\WINDOWS\system32\rundll32.exe url.dll,FileProtocolHandler "http://www.roboform.com/uninstall.html? ... LIBNKJHIKJ"
Task: {B47C4E46-1133-4552-BAAE-E63DFE3AF896} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1146776 2020-10-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {BA69755F-8E4F-4A2B-A993-18DED861A758} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {BDC865D7-1F68-408D-8BE0-01380142CFF7} - \AdobeAAMUpdater-1.0-Iveta-Rumlerova-Iveta -> No File <==== ATTENTION
Task: {C1E03E35-9879-4363-8CC1-65FDA98A9157} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\d4b4a5af-bf93-4406-8548-afc50aa009e2 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
Task: {C6019B92-B7E9-49C4-9223-64A2471604FC} - System32\Tasks\Lenovo Power Management Driver PnP Task => C:\WINDOWS\System32\ibmpmsvc.exe [949632 2019-12-11] (Lenovo -> Lenovo.)
Task: {C7AFF3F3-A573-4F9A-9F92-48268AE6A8CE} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D2B41DE8-4B69-402D-A8E5-B51C9945F6D9} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {D5F5EB11-CAA8-404C-8885-9320688D9345} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [62280 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
Task: {D8583876-74B2-48D9-B59F-4B6E2807AEFA} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {D9335A1C-9788-4545-9A3A-118112B149C5} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {DE21874B-7B4A-4B6F-B6A4-0DAA6F70C257} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {E30B9646-1B3F-4582-AAA4-328F4D815466} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [16832 2015-07-08] (LENOVO -> Lenovo)
Task: {E396BF4A-BF40-49B0-8663-6E5A5677A19A} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {E5BB7FDE-ACA9-4FDB-81F3-0E48B8364F43} - System32\Tasks\Norton 360\Norton 360 Error Analyzer => C:\Program Files\Norton Security with Backup\Engine\22.20.5.39\SymErr.exe [117192 2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {E862A9B2-D32D-4119-83EB-0F83CF3B1557} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe [676176 2016-05-18] (LENOVO -> Lenovo)
Task: {ECF42CF1-5CA0-4836-BBF3-151FFB249565} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe [676176 2016-05-18] (LENOVO -> Lenovo)
Task: {EE7BCEAE-FEB7-4F10-9407-C25419ED6820} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security with Backup\Engine\22.20.5.39\WSCStub.exe [644608 2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {F31C70BB-659C-4D49-A534-1E3750CD9A82} - System32\Tasks\CupblueUpdateTaskMachineCore => C:\Program Files (x86)\Cupblue\Update\CupblueUpdate.exe
Task: {F320E204-F550-4A83-A789-04EF25859F5E} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {FAA70618-3AB5-4C6A-BB05-263D1AC2261D} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [117616 2020-10-30] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\ Update {700DF5E8-67F4-4B85-AC32-AC27A47931C4}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSR6E.EXE:/EXE:{700DF5E8-67F4-4B85-AC32-AC27A47931C4} /F:UpdateWORKGROUP\IVETA-RUMLEROVA$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 188.75.188.188 8.8.4.4
Tcpip\..\Interfaces\{1cdf01bc-e833-4f90-ba21-62c47bfafa1d}: [DhcpNameServer] 188.75.188.188 8.8.4.4
Tcpip\..\Interfaces\{6085ce70-8b05-4516-ba0b-8a96c4ff09e3}: [DhcpNameServer] 188.75.188.188 8.8.4.4

Edge:
======
DownloadDir: C:\Users\Iveta\Downloads
Edge Profile: C:\Users\Iveta\AppData\Local\Microsoft\Edge\User Data\Default [2020-10-08]
Edge HomePage: Default -> hxxp://www.attirerpage.com/?type=hp&ts=1466062 ... D_W7716KR9
Edge StartupUrls: Default -> "hxxp://google.com/"

FireFox:
========
FF DefaultProfile: 5cqym3x0.default
FF ProfilePath: C:\Users\Iveta\AppData\Roaming\Mozilla\Firefox\Profiles\014vkure.default-release [2020-08-04]
FF ProfilePath: C:\Users\Iveta\AppData\Roaming\Mozilla\Firefox\Profiles\5cqym3x0.default [2020-11-05]
FF Notifications: Mozilla\Firefox\Profiles\5cqym3x0.default -> hxxps://www.facebook.com
FF NewTabOverride: Mozilla\Firefox\Profiles\5cqym3x0.default -> Enabled: {ea614400-e918-4741-9a97-7a972ff7c30b}
FF Extension: (Seznam pro Firefox - Esko) - C:\Users\Iveta\AppData\Roaming\Mozilla\Firefox\Profiles\5cqym3x0.default\Extensions\sko-extension@firma.seznam.cz.xpi [2017-12-07]
FF Extension: (Seznam pro Firefox - Email) - C:\Users\Iveta\AppData\Roaming\Mozilla\Firefox\Profiles\5cqym3x0.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-10-31]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-05-02]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2020-03-16] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google Inc -> Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-14] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-14] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-09-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2020-10-22] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-10-22] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2020-03-16] (Adobe Inc. -> Adobe Systems)
FF Plugin HKU\S-1-5-21-920122311-1960361517-2308721413-1001: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2016-10-24] (Sony Network Entertainment International LLC) [File not signed]

Chrome:
=======
CHR DefaultProfile: ChromeDefaultData
CHR Profile: C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2020-11-09] <==== ATTENTION
CHR Notifications: ChromeDefaultData -> hxxps://modrokamennabouda.cz; hxxps://www.arttec.cz; hxxps://www.facebook.com
CHR HomePage: ChromeDefaultData -> hxxp://lenovo13-comm.msn.com/
CHR StartupUrls: ChromeDefaultData -> "hxxp://www.nuesearch.com/?type=hp&ts=146676335 ... oogle.com/"
CHR Extension: (Překladač Google) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-03-19]
CHR Extension: (Insert Text) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\abmgjcmmphkhndoahbfanhbgeekconmm [2018-09-10]
CHR Extension: (Norton Password Manager) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\admmjipmmciaobhojoghlmleefbicajg [2020-11-09]
CHR Extension: (Dokumenty) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Disk Google) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-26]
CHR Extension: (YouTube) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-31]
CHR Extension: (Flash Player) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\bmimdmkleccdoghpgdhaahkelfhjfhgm [2020-10-08]
CHR Extension: (MozBar) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\eakacpaijcpapndcfffdgphdiccmpknp [2020-11-09]
CHR Extension: (GoFullPage - Full Page Screen Capture) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fdpohaocaechififmbbbbbknoalclacl [2020-09-18]
CHR Extension: (Page Analytics (by Google)) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnbdnhhicmebfgdgglcdacdapkcihcoh [2016-10-10]
CHR Extension: (Norton Safe Web) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnpbeacklnhmkkilekogeiekaglbmmka [2020-11-02]
CHR Extension: (Google Analytics URL Builder) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gaidpiakchgkapdgbnoglpnbccdepnpk [2020-06-08]
CHR Extension: (CircleCount.com) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gfehmiknpngmjkhiieampgfppicbncid [2016-09-22]
CHR Extension: (Dokumenty Google offline) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-10-23]
CHR Extension: (Full Page Screenshot) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\glgomjpomoahpeekneidkinhcfjnnhmb [2018-03-15]
CHR Extension: (Tlačítko „Uložit“ pro Pinterest) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2020-10-05]
CHR Extension: (LinkedIn Sales Navigator) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\hihakjfhbmlmjdnnhegiciffjplmdhin [2019-03-21]
CHR Extension: (Projektový management Gantter) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\himomacamcpodhkahelbnmaddladgjgo [2019-09-12]
CHR Extension: (Rank Checker) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\hnhleeodcddckbbnpedmkkcpbhffpolb [2016-05-31]
CHR Extension: (Norton Identity Safe) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\iikflkcanblccfahdhdonehdalibjnif [2018-02-04]
CHR Extension: (FormApps Extension) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2017-06-15]
CHR Extension: (Google Analytics Debugger) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\jnkmfdileelhofjcijamephohjechhna [2019-08-02]
CHR Extension: (Snap It Button) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\kclagiidcihmjfnlfdboggonemfhcklk [2020-10-19]
CHR Extension: (Tag Assistant (by Google)) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\kejbdjndbnbjgmefkgdddjlbokphdefk [2020-11-09]
CHR Extension: (Loom for Chrome) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\liecbddmkiiihnedobmlmillhodjkdmb [2020-10-23]
CHR Extension: (Norton Safe) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\mpnlkmlkncncpgnnkmkgoobfpnjmblnk [2020-11-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-05]
CHR Extension: (Colour Extractor) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nndpibfappjacgbninhabcokfkdpnmpe [2016-06-20]
CHR Extension: (Image Color Picker - Pick your color online) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ocamglfcdanjnilooepglpjfmjabcgii [2016-06-20]
CHR Extension: (Collabim) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\oinjknlpcckmnnjpodcifmifeghabelo [2016-06-20]
CHR Extension: (Palette Creator) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\oolpphfmdmjbojolagcbgdemojhcnlod [2019-07-03]
CHR Extension: (Social Analytics) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pgckigmaefoaemjpijdepakcghjkggmg [2016-12-27]
CHR Extension: (Gmail) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-10-19]
CHR Profile: C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default [2020-06-18]
CHR HomePage: Default -> hxxp://www.ir-webdesign.com/
CHR Extension: (Překladač Google) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-06-18]
CHR Extension: (Prezentace) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-06-18]
CHR Extension: (Kancelář) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahfpbkogcgkoecgolaojpcijkabngljl [2015-05-04]
CHR Extension: (Dokumenty) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-06-18]
CHR Extension: (Lucidchart Diagrams) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\apboafhkiegglekeafbckfjldecefkhn [2020-06-18]
CHR Extension: (Disk Google) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (No Name) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2020-06-18]
CHR Extension: (No Name) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2017-04-08]
CHR Extension: (YouTube) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (chrometheme) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmcjefhelakcgphlgkfebcahbpdbhdpo [2015-05-04]
CHR Extension: (Vyhledávání Google) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (MozBar) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\eakacpaijcpapndcfffdgphdiccmpknp [2020-06-18]
CHR Extension: (Tabulky Google) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-04]
CHR Extension: (Page Analytics (by Google)) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnbdnhhicmebfgdgglcdacdapkcihcoh [2020-06-18]
CHR Extension: (Dokumenty Google offline) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Gantter for Google Drive) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\himomacamcpodhkahelbnmaddladgjgo [2015-05-04]
CHR Extension: (Rank Checker) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnhleeodcddckbbnpedmkkcpbhffpolb [2015-08-24]
CHR Extension: (Snap It Button) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\kclagiidcihmjfnlfdboggonemfhcklk [2020-06-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (No Name) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2020-06-18]
CHR Extension: (Notifications for Instagram) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\opnbmdkdflhjiclaoiiifmheknpccalb [2020-06-18]
CHR Extension: (Gmail) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-04]
CHR Profile: C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\System Profile [2017-04-08]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
CHR HKU\S-1-5-21-920122311-1960361517-2308721413-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig]
CHR HKU\S-1-5-21-920122311-1960361517-2308721413-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [blmojkbhnkkphngknkmgccmlenfaelkd]
CHR HKU\S-1-5-21-920122311-1960361517-2308721413-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <not found>
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\StartMenuInternet\ChromeHTML: -> C:\Program Files (x86)\Cupblue\Application\chrome.exe <==== ATTENTION

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-09-06] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [820280 2020-03-16] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9057136 2020-10-24] (Microsoft Corporation -> Microsoft Corporation)
R2 connect2hotspot; C:\Program Files (x86)\Lenovo\Connect2\Connect2.Service.exe [100680 2016-12-23] (Lenovo -> Lenovo)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [145224 2019-09-18] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2468496 2012-11-15] (Realtek Semiconductor Corp -> Realsil Microelectronics Inc.)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [115184 2014-07-08] (LENOVO -> Lenovo Group Limited)
S2 LPlatSvc; C:\WINDOWS\System32\LPlatSvc.exe [892288 2019-12-11] (Lenovo -> Lenovo.)
R2 NortonSecurity; C:\Program Files\Norton Security with Backup\Engine\22.20.5.39\NortonSecurity.exe [344760 2020-07-24] (Symantec Corporation -> Symantec Corporation)
R2 nsWscSvc; C:\Program Files\Norton Security with Backup\Engine\22.20.5.39\nsWscSvc.exe [1056096 2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155520 2015-06-10] (Sony Mobile Communications AB -> Avanquest Software) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R2 TechSmith Uploader Service; C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe [3658832 2019-06-28] (TechSmith Corporation -> TechSmith Corporation)
S3 WD Backup Drive Helper; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{4AB831D3-8315-414C-8A7A-303105288D0B} [19256 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WD Backup Drive Helper; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{4AB831D3-8315-414C-8A7A-303105288D0B} [19256 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WD Backup Snapshot; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{302480DF-3AC5-4400-BE7B-DD77AF93B6DD} [19256 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WD Backup Snapshot; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{302480DF-3AC5-4400-BE7B-DD77AF93B6DD} [19256 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [524632 2018-03-26] (Western Digital Techologies -> Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 BHDrvx64; C:\Program Files\Norton Security with Backup\NortonData\22.11.2.7\Definitions\BASHDefs\20201103.005\BHDrvx64.sys [1991536 2020-11-03] (Symantec Corporation -> Broadcom)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-09-12] (Microsoft Corporation) [File not signed]
R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\ccSetx64.sys [192248 2020-07-24] (Symantec Corporation -> Symantec Corporation)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [264552 2016-04-14] (ESET, spol. s r.o. -> ESET)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [516960 2020-07-29] (Symantec Corporation -> Broadcom)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [14976 2016-04-14] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [186784 2016-04-14] (ESET, spol. s r.o. -> ESET)
R2 epfwwfpr; C:\WINDOWS\system32\DRIVERS\epfwwfpr.sys [170792 2016-04-14] (ESET, spol. s r.o. -> ESET)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [154464 2020-08-03] (Symantec Corporation -> Broadcom)
R1 IDSVia64; C:\Program Files\Norton Security with Backup\NortonData\22.11.2.7\Definitions\IPSDefs\20201106.061\IDSvia64.sys [1478496 2020-09-17] (Symantec Corporation -> Broadcom)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-06-28] (Malwarebytes Corporation -> Malwarebytes)
R0 PMDRVS; C:\WINDOWS\System32\drivers\pmdrvs.sys [38160 2019-12-11] (Lenovo -> Lenovo.)
R3 RCUVCAVS; C:\WINDOWS\system32\DRIVERS\RCUVCAVS.sys [149632 2012-10-22] (Microsoft Windows Hardware Compatibility Publisher -> Ricoh co.,Ltd.)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-05] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R3 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\SRTSP64.SYS [889704 2020-07-24] (Symantec Corporation -> Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\SRTSPX64.SYS [50920 2020-07-24] (Symantec Corporation -> Symantec Corporation)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\SYMEFASI64.SYS [1964384 2020-07-24] (Symantec Corporation -> Symantec Corporation)
S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\SymELAM.sys [25080 2020-07-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Broadcom Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [100064 2019-04-05] (Symantec Corporation -> Symantec Corporation)
R3 SymEvnt; C:\Program Files\Norton Security with Backup\NortonData\22.11.2.7\SymPlatform\SymEvnt.sys [712368 2020-01-13] (Symantec Corporation -> Symantec Corporation)
R1 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\Ironx64.SYS [316488 2020-07-24] (Symantec Corporation -> Symantec Corporation)
R1 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\symnets.sys [575328 2020-07-24] (Symantec Corporation -> Symantec Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R1 wdfsconnect2017; C:\WINDOWS\system32\drivers\wdfsconnect2017.sys [468112 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R3 wdvpnpbus; C:\WINDOWS\System32\drivers\wdvpnpbus.sys [20624 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.)
R3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation)
R1 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\wpCtrlDrv.sys [1013792 2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-11-09 18:48 - 2020-11-09 18:49 - 000052117 _____ C:\Users\Iveta\Desktop\FRST.txt
2020-11-09 16:54 - 2020-11-09 16:54 - 008447152 _____ (Malwarebytes) C:\Users\Iveta\Downloads\adwcleaner_8.0.8.exe
2020-11-09 16:48 - 2020-11-09 16:48 - 000000000 ____D C:\Users\Iveta\Desktop\logy
2020-11-09 16:44 - 2020-11-09 16:44 - 000000000 ____D C:\WINDOWS\system32\Tasks\Remediation
2020-11-09 15:10 - 2020-11-09 18:49 - 000000000 ____D C:\FRST
2020-11-09 14:58 - 2020-11-09 14:58 - 002298368 _____ (Farbar) C:\Users\Iveta\Desktop\FRST64.exe
2020-11-04 12:55 - 2020-11-04 12:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2020-11-04 12:55 - 2020-11-04 12:54 - 000069264 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2020-11-04 12:54 - 2020-11-04 12:54 - 000000000 ____D C:\Program Files\Java
2020-11-04 12:54 - 2020-11-04 12:54 - 000000000 ____D C:\Program Files\Common Files\Oracle
2020-11-04 12:52 - 2020-11-04 12:53 - 167452312 _____ (Oracle Corporation) C:\Users\Iveta\Downloads\jdk-15.0.1_windows-x64_bin.exe
2020-11-04 12:47 - 2020-11-04 12:47 - 000000000 ____D C:\Users\Iveta\AppData\LocalLow\Oracle
2020-11-03 07:52 - 2020-11-09 07:42 - 000000000 ____D C:\Users\Iveta\AppData\Local\NPE
2020-11-02 11:19 - 2020-11-02 11:19 - 000062062 _____ C:\Users\Iveta\Downloads\hiaddtocartbutton_v1.0.10.zip
2020-11-02 11:19 - 2020-11-02 11:19 - 000062062 _____ C:\Users\Iveta\Downloads\hiaddtocartbutton_v1.0.10 (1).zip
2020-10-31 18:03 - 2020-11-05 21:11 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-10-26 16:56 - 2020-10-26 16:56 - 000000216 _____ C:\Users\Iveta\dm_importspecialprices.crt
2020-10-26 11:33 - 2020-10-26 11:33 - 000000000 ____D C:\Users\Iveta\.gnupg
2020-10-26 09:36 - 2020-10-26 09:36 - 000000000 ____D C:\Users\Iveta\AppData\Local\JetBrains
2020-10-26 09:33 - 2020-10-26 09:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetBrains
2020-10-26 09:32 - 2020-10-26 09:32 - 000000763 _____ C:\Users\Public\Desktop\PhpStorm 2020.2.3 x64.lnk
2020-10-26 09:32 - 2020-10-26 09:32 - 000000000 ____D C:\Program Files\JetBrains
2020-10-26 09:30 - 2015-05-04 16:57 - 000092550 _____ C:\ProgramData\PhpStorm2020.2_202.7660.42_Uninstall.exe
2020-10-26 09:28 - 2020-10-26 09:29 - 333723200 _____ C:\Users\Iveta\Downloads\PhpStorm-2020.2.3.exe
2020-10-26 09:27 - 2020-10-26 09:27 - 000004096 _____ C:\Users\Iveta\Downloads\E4AXWUU8GJ.zip
2020-10-23 19:02 - 2020-10-23 19:02 - 000425313 _____ C:\Users\Iveta\Downloads\wpfreeshipping.zip
2020-10-23 19:02 - 2020-10-23 19:02 - 000021051 _____ C:\Users\Iveta\Downloads\wpheadertext.zip
2020-10-23 18:58 - 2020-10-23 18:58 - 000020495 _____ C:\Users\Iveta\Downloads\wppayinstore.zip
2020-10-23 11:51 - 2020-10-23 11:53 - 000000000 ___RD C:\Users\Iveta\Dropbox
2020-10-23 11:13 - 2020-10-23 11:13 - 000670312 _____ (Dropbox, Inc.) C:\Users\Iveta\Downloads\DropboxInstaller.exe
2020-10-23 09:16 - 2020-10-23 09:16 - 000154596 _____ C:\Users\Iveta\Downloads\PTV_TPS_PSB_CZ.pdf
2020-10-22 23:42 - 2020-10-22 23:42 - 000065496 _____ (Adobe Systems Inc) C:\WINDOWS\system32\AdobePDF.dll
2020-10-22 23:42 - 2020-10-22 23:42 - 000036312 _____ (Adobe Systems Inc.) C:\WINDOWS\system32\AdobePDFUI.dll
2020-10-19 07:13 - 2020-10-19 07:13 - 000142758 _____ C:\Users\Iveta\Downloads\tax944663.pdf
2020-10-19 07:12 - 2020-10-19 07:12 - 000067437 _____ C:\Users\Iveta\Downloads\inv2368373.pdf
2020-10-16 14:08 - 2020-10-06 01:13 - 000835472 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-10-16 14:08 - 2020-10-06 01:13 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-10-13 22:29 - 2020-10-13 22:29 - 011630080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2020-10-13 22:29 - 2020-10-13 22:29 - 009728512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2020-10-13 22:28 - 2020-10-13 22:28 - 005507072 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2020-10-13 22:28 - 2020-10-13 22:28 - 004310016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2020-10-13 22:28 - 2020-10-13 22:28 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2020-10-13 22:28 - 2020-10-13 22:28 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2020-10-13 22:28 - 2020-10-13 22:28 - 000839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2020-10-13 22:28 - 2020-10-13 22:28 - 000800576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2020-10-13 22:28 - 2020-10-13 22:28 - 000724992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2020-10-13 22:28 - 2020-10-13 22:28 - 000711168 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2020-10-13 22:28 - 2020-10-13 22:28 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2020-10-13 22:28 - 2020-10-13 22:28 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2020-10-13 22:28 - 2020-10-13 22:28 - 000339456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2020-10-13 22:28 - 2020-10-13 22:28 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2020-10-13 22:28 - 2020-10-13 22:28 - 000093112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2020-10-13 22:27 - 2020-10-13 22:27 - 032928928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 031599448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsRaw.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 025445888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 019852288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 019812864 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 018035200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 008010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 007012864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 006307840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 005008896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 004547072 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 004348928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 003635712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 003525600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 003507200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 003243080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 002950264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 002588688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2020-10-13 22:27 - 2020-10-13 22:27 - 002495248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 002422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2020-10-13 22:27 - 2020-10-13 22:27 - 002315984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 002259192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2020-10-13 22:27 - 2020-10-13 22:27 - 002230224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 002227512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 002138264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2020-10-13 22:27 - 2020-10-13 22:27 - 002133312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 001869696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 001789752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 001783984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 001615360 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 001523712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 001506112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 001298752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 001272160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 001249792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 001218048 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 001139200 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 001099608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 001098728 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 001012784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 001000960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000868352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2fs.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000834560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000776704 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000748384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000692224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000515584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpedit.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000513848 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicRuntimes.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000477696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tracerpt.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000376320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tracerpt.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AnalogShell.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2020-10-13 22:27 - 2020-10-13 22:27 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWSD.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\logman.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\provmigrate.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logman.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdSSDP.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\relog.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\typeperf.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\relog.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\typeperf.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpupdate.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\diskperf.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\diskperf.exe
2020-10-13 22:26 - 2020-10-13 22:27 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 022646784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 007289344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 006525952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 005768256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 004608512 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 002799616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-10-13 22:26 - 2020-10-13 22:26 - 002740736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directml.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 002585024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 002262784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001958072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001686016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001672552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001665728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001617088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001564984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001477120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001459712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001436032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvbvm60.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001421392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001397568 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 001335608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdrecordcpu.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001327616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001285120 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 001214464 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001182744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001077056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 000992256 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2fs.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 000910336 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 000894024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000877056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 000864768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000833344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000784000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 000775480 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 000741696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DismApi.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000693128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000682736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 000675024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000629248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000599864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000593416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpedit.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResourceMapper.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000501000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp_win.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000491008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmdial32.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000488568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000474432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000468944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000453944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 000422000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000405936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\es.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-10-13 22:26 - 2020-10-13 22:26 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000300704 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000285560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000284504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdwriter.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppLockerCSP.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2020-10-13 22:26 - 2020-10-13 22:26 - 000224568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Dism.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000199992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000188224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ifsutil.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000166936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000164352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000164352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWSD.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000150328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 000149304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ulib.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupcln.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinHvEmulation.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 000117208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000111536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdSSDP.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000093512 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000089336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000084280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2020-10-13 22:26 - 2020-10-13 22:26 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptext.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000054720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000051632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel.appcore.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpupdate.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 000021312 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidtel.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shimeng.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3r.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-10-13 22:26 - 2020-10-13 22:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-10-13 22:26 - 2020-10-13 22:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-10-13 22:26 - 2020-10-13 22:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-10-13 22:26 - 2020-10-13 22:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-10-13 22:26 - 2020-10-13 22:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-10-13 22:26 - 2020-10-13 22:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-10-13 22:26 - 2020-10-13 22:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-10-13 22:26 - 2020-10-13 22:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-10-13 22:26 - 2020-10-13 22:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-10-13 22:26 - 2020-10-13 22:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-10-13 22:26 - 2020-10-13 22:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-10-13 22:25 - 2020-10-13 22:25 - 014818304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 009924928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 007604576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 005112320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 003805696 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 003748352 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 002986288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-10-13 22:25 - 2020-10-13 22:25 - 002777184 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 002775688 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 002737664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 002696512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-10-13 22:25 - 2020-10-13 22:25 - 002491032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 002092328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001999440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001916752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001845912 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001698816 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001664688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001653800 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001593344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001408512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001285120 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001271808 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001265152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001246208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001170960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001154440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001053120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001004872 _____ (Microsoft Corporation) C:\WINDOWS\system32\DismApi.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000950272 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000933288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000907072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000890432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000871936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000860160 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2020-10-13 22:25 - 2020-10-13 22:25 - 000845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000844088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000837120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000835672 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000767984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000628416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000628032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000614912 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2020-10-13 22:25 - 2020-10-13 22:25 - 000555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmdial32.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000551624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxs.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000546968 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000518456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-10-13 22:25 - 2020-10-13 22:25 - 000467952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2020-10-13 22:25 - 2020-10-13 22:25 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000437568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2020-10-13 22:25 - 2020-10-13 22:25 - 000375504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000362296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000350208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountWAMExtension.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2020-10-13 22:25 - 2020-10-13 22:25 - 000326656 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcomapi.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000280888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dism.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2020-10-13 22:25 - 2020-10-13 22:25 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppnp.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000222008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000213784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000204104 _____ (Microsoft Corporation) C:\WINDOWS\system32\unattend.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000188208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionQueue.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000176440 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxlib.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeHelper.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000165840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spopk.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupcln.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatialAudioLicenseSrv.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000141632 _____ (Microsoft Corporation) C:\WINDOWS\system32\migisol.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000130112 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000108856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GraphicsCapture.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\MuiUnattend.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2020-10-13 22:25 - 2020-10-13 22:25 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\djoin.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000072824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptext.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000068416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceReactivation.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000063296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\PnPUnattend.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000054272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000035840 _____ C:\WINDOWS\system32\deploymentcsphelper.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2020-10-13 22:25 - 2020-10-13 22:25 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnscacheugc.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxstrace.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2020-10-13 22:25 - 2020-10-13 22:25 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\netbtugc.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\EsdSip.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d8thk.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCertResources.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3r.dll
2020-10-13 22:24 - 2020-10-13 22:25 - 000797456 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 007271752 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 006437376 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 004565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 004140544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 004050944 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 003728384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-10-13 22:24 - 2020-10-13 22:24 - 003581248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-10-13 22:24 - 2020-10-13 22:24 - 003545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 003371168 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 003327776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 003232064 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 002712064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-10-13 22:24 - 2020-10-13 22:24 - 002556224 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 002485248 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 002455928 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 002260832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 002074624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 002007360 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 001947688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 001918976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 001833272 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 001756592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-10-13 22:24 - 2020-10-13 22:24 - 001743688 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 001656904 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 001618704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdrecordcpu.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 001614848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 001512840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 001487360 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 001393952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 001375744 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 001366136 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-10-13 22:24 - 2020-10-13 22:24 - 001259720 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 001182248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 001083704 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 001047040 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2020-10-13 22:24 - 2020-10-13 22:24 - 001024656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 001014784 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000974336 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000961024 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 000916760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000893624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2020-10-13 22:24 - 2020-10-13 22:24 - 000874304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-10-13 22:24 - 2020-10-13 22:24 - 000865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000852280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000782656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000761672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000742720 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000676864 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000639392 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000636856 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxs.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000604992 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000602424 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000598336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000586048 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2020-10-13 22:24 - 2020-10-13 22:24 - 000564736 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000554496 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-10-13 22:24 - 2020-10-13 22:24 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000522688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 000519496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 000492032 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2020-10-13 22:24 - 2020-10-13 22:24 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 000441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-10-13 22:24 - 2020-10-13 22:24 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\es.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000399360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000389440 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000363112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000353752 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000343416 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdwriter.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000328704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsku.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\PushToInstall.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000234992 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000214840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ifsutil.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000205632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2020-10-13 22:24 - 2020-10-13 22:24 - 000201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000192176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbrand.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\spopk.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000180544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2020-10-13 22:24 - 2020-10-13 22:24 - 000180032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ulib.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000160064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\GraphicsCapture.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSAssessment.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000141520 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000102720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000089920 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000067656 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\watchdog.sys
2020-10-13 22:24 - 2020-10-13 22:24 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000058888 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel.appcore.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000057664 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxstrace.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtClient.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidtel.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\applockerfltr.sys
2020-10-13 22:24 - 2020-10-13 22:24 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\shimeng.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 017790976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 003725824 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 003143168 _____ (Microsoft Corporation) C:\WINDOWS\system32\directml.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 002296832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 002125392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 001967104 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 001942016 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 001751552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 001499136 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 001413712 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 001187840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 001182720 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 001150264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-10-13 22:23 - 2020-10-13 22:23 - 001092608 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 001086784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 001077248 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 001029952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 001026800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 001008960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000875400 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000805184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000804672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000722080 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000589392 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2020-10-13 22:23 - 2020-10-13 22:23 - 000495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountWAMExtension.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000437056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000422712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000415816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000381656 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialEnrollmentManager.exe
2020-10-13 22:23 - 2020-10-13 22:23 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2020-10-13 22:23 - 2020-10-13 22:23 - 000222528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ataport.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000183616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000174400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2020-10-13 22:23 - 2020-10-13 22:23 - 000141632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000089928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000088360 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-10-13 22:23 - 2020-10-13 22:23 - 000076952 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialEnrollmentManagerForUser.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\bfsvc.exe
2020-10-13 22:23 - 2020-10-13 22:23 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidspi.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000056640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciidex.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
2020-10-13 22:23 - 2020-10-13 22:23 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2020-10-13 22:23 - 2020-10-13 22:23 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000030016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\atapi.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000019768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelide.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000016704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciide.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCertResources.dll
2020-10-13 21:24 - 2020-10-13 21:25 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-10-13 21:24 - 2020-10-13 21:25 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-11-09 18:49 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-11-09 18:49 - 2015-05-04 16:36 - 000000000 ____D C:\Users\Iveta\Documents\WWW pracovní
2020-11-09 18:38 - 2019-08-02 09:47 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-11-09 18:16 - 2019-10-05 19:11 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-11-09 18:13 - 2020-08-03 12:54 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton 360
2020-11-09 18:11 - 2019-08-02 10:08 - 001846928 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-11-09 18:11 - 2019-03-19 12:55 - 000776806 _____ C:\WINDOWS\system32\perfh005.dat
2020-11-09 18:11 - 2019-03-19 12:55 - 000168354 _____ C:\WINDOWS\system32\perfc005.dat
2020-11-09 18:11 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-11-09 18:04 - 2019-08-02 10:06 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-11-09 18:04 - 2016-10-12 03:20 - 000000000 ____D C:\ProgramData\NVIDIA
2020-11-09 18:04 - 2015-05-04 07:42 - 000000000 __SHD C:\Users\Iveta\IntelGraphicsProfiles
2020-11-09 18:03 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-11-09 17:56 - 2016-06-28 13:02 - 000000000 ____D C:\AdwCleaner
2020-11-09 16:41 - 2020-10-06 07:16 - 000000000 ____D C:\Users\Iveta\Documents\Soubory aplikace Outlook
2020-11-09 14:50 - 2019-03-19 05:37 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2020-11-08 14:17 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-11-08 14:17 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-11-06 15:16 - 2020-07-13 14:03 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-11-06 15:16 - 2020-07-13 14:03 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-11-05 21:11 - 2015-05-04 18:03 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-11-05 20:29 - 2015-05-09 11:34 - 000000000 ____D C:\Users\Iveta\Documents\WWW zálohy
2020-11-05 17:38 - 2015-05-04 16:54 - 000000000 ____D C:\Users\Iveta\Documents\Pracovní
2020-11-05 16:35 - 2016-12-08 22:55 - 000000000 ____D C:\Users\Iveta\AppData\LocalLow\Mozilla
2020-11-05 16:32 - 2020-08-04 09:27 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-11-05 16:32 - 2015-08-28 08:26 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-11-05 13:04 - 2016-03-18 11:58 - 000002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2020-11-05 13:04 - 2016-03-18 11:58 - 000002103 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2020-11-05 10:35 - 2015-05-04 19:23 - 000000000 ____D C:\Users\Iveta\AppData\Local\CrashDumps
2020-11-05 07:46 - 2015-05-06 09:23 - 000000000 ____D C:\Program Files (x86)\Java
2020-11-04 12:42 - 2016-04-02 06:25 - 000000000 ____D C:\Program Files (x86)\seoadministrator
2020-11-04 12:42 - 2015-05-05 19:51 - 000000000 ____D C:\Program Files (x86)\Screen Courier
2020-11-04 12:35 - 2019-01-04 17:32 - 000000000 ____D C:\Users\Iveta\AppData\Roaming\WD Discovery
2020-11-04 12:35 - 2019-01-04 17:32 - 000000000 ____D C:\Users\Iveta\.wdc
2020-11-04 09:15 - 2019-01-04 17:32 - 000000000 ____D C:\Program Files\WD Desktop App
2020-11-04 08:19 - 2019-08-02 09:57 - 000000000 ____D C:\Users\Iveta
2020-11-04 08:10 - 2016-10-14 05:50 - 000000000 ____D C:\ProgramData\Norton
2020-11-03 23:34 - 2015-05-04 19:57 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-11-03 15:57 - 2015-05-04 17:27 - 000000000 ____D C:\Users\Iveta\Documents\Smazat
2020-11-03 07:26 - 2015-05-04 16:25 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-11-03 07:26 - 2015-05-04 16:25 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-11-02 14:16 - 2019-04-05 17:44 - 001867252 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2020-11-02 09:36 - 2020-03-27 15:17 - 000000000 ____D C:\Users\Iveta\AppData\Roaming\npm-cache
2020-11-02 08:28 - 2020-07-13 14:03 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-11-02 08:28 - 2020-07-13 14:03 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-10-30 22:19 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-10-30 19:47 - 2015-05-04 12:59 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-10-30 09:39 - 2017-12-17 10:14 - 000000000 ____D C:\Users\Iveta\AppData\Local\Packages
2020-10-30 07:27 - 2019-08-02 10:06 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-920122311-1960361517-2308721413-1001
2020-10-30 07:27 - 2019-08-02 09:57 - 000002361 _____ C:\Users\Iveta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-10-30 07:27 - 2015-09-15 19:16 - 000000000 ___RD C:\Users\Iveta\OneDrive
2020-10-27 13:43 - 2018-02-24 12:26 - 000002073 _____ C:\Users\Public\Desktop\Google Slides.lnk
2020-10-27 13:43 - 2018-02-24 12:26 - 000002071 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2020-10-27 13:43 - 2018-02-24 12:26 - 000002061 _____ C:\Users\Public\Desktop\Google Docs.lnk
2020-10-27 13:43 - 2018-02-24 12:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2020-10-26 14:22 - 2015-05-04 16:55 - 000000000 ____D C:\Users\Iveta\Documents\Osobní
2020-10-26 09:44 - 2015-05-04 17:03 - 000000000 ____D C:\Users\Iveta\AppData\Roaming\JetBrains
2020-10-26 09:00 - 2015-05-04 16:36 - 000000000 ____D C:\Users\Iveta\Documents\WWW
2020-10-19 20:43 - 2019-08-02 11:21 - 000045775 ____H C:\Users\Iveta\AppData\Local\IconCache.db.backup
2020-10-17 09:40 - 2015-05-05 18:39 - 000001480 _____ C:\Users\Iveta\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2020-10-16 14:09 - 2016-10-29 22:54 - 000000000 ___RD C:\Users\Iveta\3D Objects
2020-10-16 14:09 - 2015-06-17 11:01 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-10-16 14:09 - 2015-05-04 05:29 - 000000402 ___SH C:\Users\Iveta\Documents\desktop (New).ini
2020-10-16 14:09 - 2015-05-04 05:29 - 000000282 ___RH C:\Users\Iveta\Desktop\desktop (New).ini
2020-10-16 14:07 - 2019-08-02 09:47 - 005370168 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-10-16 13:48 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2020-10-16 13:48 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-10-16 13:47 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-10-16 13:47 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2020-10-16 13:47 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2020-10-16 13:47 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2020-10-16 13:47 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2020-10-16 13:47 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-10-16 13:47 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\es-MX
2020-10-16 13:47 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-10-16 13:47 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\appraiser
2020-10-16 13:46 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2020-10-16 13:46 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-10-16 13:46 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-10-16 13:46 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Provisioning
2020-10-16 13:46 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-10-14 23:12 - 2019-08-02 10:06 - 000003472 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-10-14 23:12 - 2019-08-02 10:06 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-10-13 22:46 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp

==================== Files in the root of some directories ========

2020-10-26 09:30 - 2015-05-04 16:57 - 000092550 _____ () C:\ProgramData\PhpStorm2020.2_202.7660.42_Uninstall.exe
2015-08-24 09:17 - 2015-08-24 10:06 - 000000132 _____ () C:\Users\Iveta\AppData\Roaming\Adobe Formát BMP CS6 – předvolby
2015-09-09 13:50 - 2019-07-23 20:08 - 000000132 _____ () C:\Users\Iveta\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2018-01-20 11:49 - 2020-05-07 15:41 - 000000033 _____ () C:\Users\Iveta\AppData\Roaming\AdobeWLCMCache.dat
2015-08-03 08:36 - 2018-01-12 21:21 - 000000132 _____ () C:\Users\Iveta\AppData\Roaming\Filtr IIIExport Adobe CS6 – předvolby
2015-10-05 20:47 - 2020-10-05 20:10 - 000000128 _____ () C:\Users\Iveta\AppData\Roaming\winscp.rnd
2017-05-08 16:35 - 2017-05-08 16:35 - 000000038 ___SH () C:\Users\Iveta\AppData\Local\3132457594e445968615d80.28999810
2015-05-05 18:39 - 2020-10-17 09:40 - 000001480 _____ () C:\Users\Iveta\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2015-05-04 20:40 - 2017-02-02 09:44 - 000000058 _____ () C:\Users\Iveta\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2018-09-28 07:45 - 2018-09-28 07:45 - 000000000 _____ () C:\Users\Iveta\AppData\Local\oobelibMkey.log
2017-11-09 14:41 - 2017-11-09 14:41 - 000000768 _____ () C:\Users\Iveta\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

Re: Samovolné zpětování v programech i prohlížečí

Napsal: 09 lis 2020 18:55
od Ivetaru
pustila jsem znovu, ale mám jen první log na druhém se to sekne a chování počítače je stále horší, dělá mi problém i vkládat sem logy a psát, vždy mi vše zmizí a vyzpětuje se...

Re: Samovolné zpětování v programech i prohlížečí

Napsal: 09 lis 2020 18:56
od Ivetaru
proto píšu tak divně, snažím se hlavně dostat sem informace

Re: Samovolné zpětování v programech i prohlížečí

Napsal: 09 lis 2020 18:57
od Ivetaru
konečně
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-11-2020
Ran by Iveta (administrator) on IVETA-RUMLEROVA (LENOVO 3259MCG) (09-11-2020 18:48:56)
Running from C:\Users\Iveta\Desktop
Loaded Profiles: Iveta
Platform: Windows 10 Home Version 1903 18362.1139 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Fortemedia Inc -> ) C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Ghisler Software GmbH -> Ghisler Software GmbH) C:\totalcmd\TOTALCMD64.EXE
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <12>
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Lenovo -> ) C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Lenovo -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Lenovo -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tposd.exe
(LENOVO -> Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(LENOVO -> Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\Connect2\Connect2.Service.exe
(Lenovo -> Lenovo) C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
(Lenovo -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\mkrmsg.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files\Norton Security with Backup\Engine\22.20.5.39\nsWscSvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Realtek Semiconductor Corp -> Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Ricoh co.,Ltd.) [File not signed] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Security with Backup\Engine\22.20.5.39\NortonSecurity.exe <2>
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics Incorporated -> Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(TechSmith Corporation -> TechSmith Corporation) C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe
(TechSmith Corporation -> TechSmith Corporation) C:\Program Files\TechSmith\Snagit 2018\Snagit32.exe
(TechSmith Corporation -> TechSmith Corporation) C:\Program Files\TechSmith\Snagit 2018\SnagitEditor.exe
(TechSmith Corporation -> TechSmith Corporation) C:\Program Files\TechSmith\Snagit 2018\SnagPriv.exe
(Western Digital Techologies -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [935104 2014-11-25] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1860120 2016-01-12] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [TechSmithSnagit] => C:\Program Files\TechSmith\Snagit 2018\Snagit32.exe [9182176 2020-01-10] (TechSmith Corporation -> TechSmith Corporation)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM-x32\...\Run: [RotateImage] => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [64000 2012-08-10] (Ricoh co.,Ltd.) [File not signed]
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [132920 2013-05-31] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2042424 2020-03-16] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [WDDiscovery] => C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe [81376496 2019-11-29] (Western Digital Technologies, Inc. -> Western Digital Corporation)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [2309008 2018-06-01] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WDAppManager] => C:\Program Files (x86)\Western Digital\WD App Manager\AppManagerLauncher.exe [21888 2019-01-02] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [82183912 2019-07-11] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1319208 2019-05-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5866032 2020-10-22] (Adobe Inc. -> Adobe Systems Inc.)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5491248 2020-10-22] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\Run: [Screenshot Captor] => C:\Program Files (x86)\ScreenshotCaptor\ScreenshotCaptor.exe [6852376 2012-07-06] (DONATIONCODER.COM LLC -> DonationCoder) [File not signed]
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Iveta\AppData\Local\Microsoft\Teams\Update.exe [1789768 2019-08-26] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [648328 2020-04-13] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\Run: [GoogleChromeAutoLaunch_DD52DC0D6186026AFE712DB9D3450405] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTRAY.EXE [604128 2018-11-01] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIR6E.EXE [418000 2016-07-14] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\RunOnce: [Application Restart #4] => C:\Program Files (x86)\Microsoft\Edge\Temp\scoped_dir14400_1215716017\old_msedge.exe --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --restore-last-session -- microsoft-edge: (the data entry has 138 more characters). <==== ATTENTION
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\MountPoints2: {22986a71-0f7b-11e9-bf30-b888e3de6c61} - "E:\WD Drive Unlock.exe" autoplay=true
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [65496 2020-10-22] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\EPSON L7160 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMBR6E.DLL [182784 2016-08-02] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\WINDOWS\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [File not signed]
HKLM\...\Print\Monitors\PDF Print Monitor BZ101: C:\Program Files\Common Files\STORMWARE\PDF Printer\Ports\STORMWARE\bzpdf.dll [210944 2013-10-04] (Bullzip) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\86.0.4240.183\Installer\chrmstp.exe [2020-11-03] (Google LLC -> Google LLC)
Startup: C:\Users\Iveta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2020-11-03]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\Iveta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TickTick.lnk [2018-07-17]
ShortcutTarget: TickTick.lnk -> C:\Program Files (x86)\TickTick\TickTick.exe (Appest.com) [File not signed]
GroupPolicy: Restriction - Windows Defender <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03D3A8E8-B8E4-426D-AF0C-7247011CEADE} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {083A6183-4AEF-40C6-8424-1484BF42890F} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {08525A1C-9DA5-4DDB-A449-08F8A713D8E4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {119E7BA2-556A-489D-8CFF-C5C3CCC18174} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {14A94EC1-FC51-4C29-8BCB-A639C35C869C} - \Optimize Start Menu Cache Files-S-1-5-21-920122311-1960361517-2308721413-1001 -> No File <==== ATTENTION
Task: {161E9434-7FA6-46E6-BB6D-49D73732FB68} - System32\Tasks\WD Device Agent Task iveta => C:\Program Files (x86)\Western Digital\Discovery\Current\WD Device Agent.exe [720624 2019-11-29] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
Task: {16227D00-6CAF-48F0-89BC-AC89CBF34B22} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [144312 2020-09-15] (Lenovo -> Lenovo Group Ltd.)
Task: {19CD006D-BE44-4D72-9670-7D686C672872} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe [113024 2019-11-12] (Lenovo -> Lenovo)
Task: {1C7267CE-9ECE-4F18-A1E9-D370A3AD8CC6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1341008 2020-09-06] (Adobe Inc. -> Adobe Inc.)
Task: {24C9634F-1033-4204-B624-9EAEDEAE9E70} - System32\Tasks\Nvbackend_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {24D6D92E-6D31-4FB9-A22D-CFC0F57F6C97} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758648 2020-09-08] (Lenovo -> )
Task: {26D35485-0B85-4CEB-841A-717C15C52980} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {2ACB2618-F1F4-4993-9DC0-836F663313E9} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758648 2020-09-08] (Lenovo -> )
Task: {2EB752B6-070A-4B9C-B38C-59EA2B90293E} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [233824 2012-06-14] (Intel® Services Manager -> Intel Corporation)
Task: {2EFF15EB-8868-4C5D-97AA-3141DABD16CD} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [127176 2020-05-29] (Mozilla Corporation -> Mozilla Foundation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {40335F53-DAC0-42E3-8C61-F08C76150D44} - \WPD\SqmUpload_S-1-5-21-920122311-1960361517-2308721413-1001 -> No File <==== ATTENTION
Task: {41EB1A5B-C29A-47AC-B28A-654DD9754588} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {42B9CC78-B5D6-4587-8196-534B49454008} - System32\Tasks\Trigger KMS Activation => C:\KMSnano Final\TriggerKMS.exe [54784 2013-02-10] () [File not signed]
Task: {43156E03-5FCD-4416-84F8-12CA7F6C9759} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22939512 2020-10-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {4361DC2E-D5C8-4400-892F-831A101B1A24} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\f45e0707-3310-4006-98d0-0f0f2dbb9d36 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
Task: {43DC4658-8D72-4A73-B798-8F4558D7884B} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {4669933A-F9EE-4175-B560-75F0897C4408} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22939512 2020-10-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {551019E6-E1B8-4A2A-9686-03AA7D22880A} - System32\Tasks\WD Discovery Service Task iveta => C:\Program Files (x86)\Western Digital\Discovery\Current\Service\WDDiscoveryService.exe [75504 2019-11-29] (Western Digital Technologies, Inc. -> )
Task: {5D4D5AA5-8470-43B7-A4AE-21370D58E3FE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-05-04] (Google Inc -> Google Inc.)
Task: {5DE81771-97DA-472A-8DF7-141FEC6403D0} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [667856 2020-10-31] (Mozilla Corporation -> Mozilla Foundation)
Task: {5E0F430B-E8A6-40D0-9A08-CCAAF20079E3} - System32\Tasks\Norton 360\Norton 360 Error Processor => C:\Program Files\Norton Security with Backup\Engine\22.20.5.39\SymErr.exe [117192 2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {6213D423-62A9-4593-9DFE-1499BEE496AA} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton 360\Upgrade.exe [2162328 2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {6662012F-97B5-41EC-9073-0997FC4ED638} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {66C03512-B15B-4AB4-92DF-691F9F588F51} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {6C6BF952-D309-4CD6-BC20-6C2C37EFAEBF} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgrInst.exe [59776 2019-11-12] (Lenovo -> )
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {7B1CCD6F-1080-456E-905A-D4D7723BB571} - System32\Tasks\CupblueUpdateTaskMachineUA => C:\Program Files (x86)\Cupblue\Update\CupblueUpdate.exe
Task: {7D347C14-1456-4C7E-AB13-53AC61C880F1} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {7F53DAB5-ECBC-4AC6-A46D-30B21FF0D547} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\71a64da2-7887-4731-9650-4b8554bf0dbd => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
Task: {8204FCCD-D668-468D-AA4C-AC654161D2D2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {844FB30C-9FAB-480E-80F6-D0F47D6EF0DC} - System32\Tasks\Norton Security with Backup\Norton Security Error Analyzer => C:\Program Files\Norton Security with Backup\Engine\22.20.4.57\SymErr.exe
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {8800B2C7-D6FA-4467-AB97-A87E0E25BAF6} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
Task: {8B53BF56-A87E-4E69-97EB-45297D6C4977} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [117616 2020-10-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {90752D23-4494-4B13-B03C-F7D66BC310BE} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [4222560 2016-10-03] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {92B63E48-2F65-4A9C-AF8D-4F164859C499} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-05-04] (Google Inc -> Google Inc.)
Task: {9D35156C-3DBC-42F0-A311-483A4E00CD7D} - System32\Tasks\Norton Security with Backup\Norton Security Error Processor => C:\Program Files\Norton Security with Backup\Engine\22.20.4.57\SymErr.exe
Task: {9da5907f-f37b-4640-8ddb-881a43c9fe96} - no filepath
Task: {9DC7130F-F279-4B04-91BC-645E1EB7083D} - System32\Tasks\Norton 360\Norton 360 Autofix => C:\Program Files\Norton Security with Backup\Engine\22.20.5.39\SymErr.exe [117192 2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {9F55A2EA-005F-4B7A-AA4D-F07A58B9D858} - System32\Tasks\Norton Security with Backup\Norton Security Autofix => C:\Program Files\Norton Security with Backup\Engine\22.20.4.57\SymErr.exe
Task: {A59828F6-B3A5-4F62-9BE9-0DB9C109A85F} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [233824 2012-06-14] (Intel® Services Manager -> Intel Corporation)
Task: {ABEC7406-4233-49E9-A85A-076F0A7CD37F} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {AFB67115-937F-4473-BDD1-90F4081C1023} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {B09A0183-8627-4209-8F91-D59A81543214} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {B16D4493-D4BC-42AC-B681-251F389E1010} - System32\Tasks\Open URL by RoboForm => C:\WINDOWS\system32\rundll32.exe url.dll,FileProtocolHandler "http://www.roboform.com/uninstall.html? ... LIBNKJHIKJ"
Task: {B47C4E46-1133-4552-BAAE-E63DFE3AF896} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1146776 2020-10-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {BA69755F-8E4F-4A2B-A993-18DED861A758} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {BDC865D7-1F68-408D-8BE0-01380142CFF7} - \AdobeAAMUpdater-1.0-Iveta-Rumlerova-Iveta -> No File <==== ATTENTION
Task: {C1E03E35-9879-4363-8CC1-65FDA98A9157} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\d4b4a5af-bf93-4406-8548-afc50aa009e2 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
Task: {C6019B92-B7E9-49C4-9223-64A2471604FC} - System32\Tasks\Lenovo Power Management Driver PnP Task => C:\WINDOWS\System32\ibmpmsvc.exe [949632 2019-12-11] (Lenovo -> Lenovo.)
Task: {C7AFF3F3-A573-4F9A-9F92-48268AE6A8CE} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D2B41DE8-4B69-402D-A8E5-B51C9945F6D9} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {D5F5EB11-CAA8-404C-8885-9320688D9345} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [62280 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
Task: {D8583876-74B2-48D9-B59F-4B6E2807AEFA} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {D9335A1C-9788-4545-9A3A-118112B149C5} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {DE21874B-7B4A-4B6F-B6A4-0DAA6F70C257} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {E30B9646-1B3F-4582-AAA4-328F4D815466} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [16832 2015-07-08] (LENOVO -> Lenovo)
Task: {E396BF4A-BF40-49B0-8663-6E5A5677A19A} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {E5BB7FDE-ACA9-4FDB-81F3-0E48B8364F43} - System32\Tasks\Norton 360\Norton 360 Error Analyzer => C:\Program Files\Norton Security with Backup\Engine\22.20.5.39\SymErr.exe [117192 2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {E862A9B2-D32D-4119-83EB-0F83CF3B1557} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe [676176 2016-05-18] (LENOVO -> Lenovo)
Task: {ECF42CF1-5CA0-4836-BBF3-151FFB249565} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe [676176 2016-05-18] (LENOVO -> Lenovo)
Task: {EE7BCEAE-FEB7-4F10-9407-C25419ED6820} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security with Backup\Engine\22.20.5.39\WSCStub.exe [644608 2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {F31C70BB-659C-4D49-A534-1E3750CD9A82} - System32\Tasks\CupblueUpdateTaskMachineCore => C:\Program Files (x86)\Cupblue\Update\CupblueUpdate.exe
Task: {F320E204-F550-4A83-A789-04EF25859F5E} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {FAA70618-3AB5-4C6A-BB05-263D1AC2261D} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [117616 2020-10-30] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\ Update {700DF5E8-67F4-4B85-AC32-AC27A47931C4}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSR6E.EXE:/EXE:{700DF5E8-67F4-4B85-AC32-AC27A47931C4} /F:UpdateWORKGROUP\IVETA-RUMLEROVA$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 188.75.188.188 8.8.4.4
Tcpip\..\Interfaces\{1cdf01bc-e833-4f90-ba21-62c47bfafa1d}: [DhcpNameServer] 188.75.188.188 8.8.4.4
Tcpip\..\Interfaces\{6085ce70-8b05-4516-ba0b-8a96c4ff09e3}: [DhcpNameServer] 188.75.188.188 8.8.4.4

Edge:
======
DownloadDir: C:\Users\Iveta\Downloads
Edge Profile: C:\Users\Iveta\AppData\Local\Microsoft\Edge\User Data\Default [2020-10-08]
Edge HomePage: Default -> hxxp://www.attirerpage.com/?type=hp&ts=1466062 ... D_W7716KR9
Edge StartupUrls: Default -> "hxxp://google.com/"

FireFox:
========
FF DefaultProfile: 5cqym3x0.default
FF ProfilePath: C:\Users\Iveta\AppData\Roaming\Mozilla\Firefox\Profiles\014vkure.default-release [2020-08-04]
FF ProfilePath: C:\Users\Iveta\AppData\Roaming\Mozilla\Firefox\Profiles\5cqym3x0.default [2020-11-05]
FF Notifications: Mozilla\Firefox\Profiles\5cqym3x0.default -> hxxps://www.facebook.com
FF NewTabOverride: Mozilla\Firefox\Profiles\5cqym3x0.default -> Enabled: {ea614400-e918-4741-9a97-7a972ff7c30b}
FF Extension: (Seznam pro Firefox - Esko) - C:\Users\Iveta\AppData\Roaming\Mozilla\Firefox\Profiles\5cqym3x0.default\Extensions\sko-extension@firma.seznam.cz.xpi [2017-12-07]
FF Extension: (Seznam pro Firefox - Email) - C:\Users\Iveta\AppData\Roaming\Mozilla\Firefox\Profiles\5cqym3x0.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-10-31]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-05-02]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2020-03-16] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google Inc -> Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-14] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-14] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-09-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2020-10-22] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-10-22] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2020-03-16] (Adobe Inc. -> Adobe Systems)
FF Plugin HKU\S-1-5-21-920122311-1960361517-2308721413-1001: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2016-10-24] (Sony Network Entertainment International LLC) [File not signed]

Chrome:
=======
CHR DefaultProfile: ChromeDefaultData
CHR Profile: C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2020-11-09] <==== ATTENTION
CHR Notifications: ChromeDefaultData -> hxxps://modrokamennabouda.cz; hxxps://www.arttec.cz; hxxps://www.facebook.com
CHR HomePage: ChromeDefaultData -> hxxp://lenovo13-comm.msn.com/
CHR StartupUrls: ChromeDefaultData -> "hxxp://www.nuesearch.com/?type=hp&ts=146676335 ... oogle.com/"
CHR Extension: (Překladač Google) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-03-19]
CHR Extension: (Insert Text) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\abmgjcmmphkhndoahbfanhbgeekconmm [2018-09-10]
CHR Extension: (Norton Password Manager) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\admmjipmmciaobhojoghlmleefbicajg [2020-11-09]
CHR Extension: (Dokumenty) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Disk Google) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-26]
CHR Extension: (YouTube) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-31]
CHR Extension: (Flash Player) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\bmimdmkleccdoghpgdhaahkelfhjfhgm [2020-10-08]
CHR Extension: (MozBar) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\eakacpaijcpapndcfffdgphdiccmpknp [2020-11-09]
CHR Extension: (GoFullPage - Full Page Screen Capture) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fdpohaocaechififmbbbbbknoalclacl [2020-09-18]
CHR Extension: (Page Analytics (by Google)) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnbdnhhicmebfgdgglcdacdapkcihcoh [2016-10-10]
CHR Extension: (Norton Safe Web) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnpbeacklnhmkkilekogeiekaglbmmka [2020-11-02]
CHR Extension: (Google Analytics URL Builder) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gaidpiakchgkapdgbnoglpnbccdepnpk [2020-06-08]
CHR Extension: (CircleCount.com) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gfehmiknpngmjkhiieampgfppicbncid [2016-09-22]
CHR Extension: (Dokumenty Google offline) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-10-23]
CHR Extension: (Full Page Screenshot) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\glgomjpomoahpeekneidkinhcfjnnhmb [2018-03-15]
CHR Extension: (Tlačítko „Uložit“ pro Pinterest) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2020-10-05]
CHR Extension: (LinkedIn Sales Navigator) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\hihakjfhbmlmjdnnhegiciffjplmdhin [2019-03-21]
CHR Extension: (Projektový management Gantter) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\himomacamcpodhkahelbnmaddladgjgo [2019-09-12]
CHR Extension: (Rank Checker) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\hnhleeodcddckbbnpedmkkcpbhffpolb [2016-05-31]
CHR Extension: (Norton Identity Safe) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\iikflkcanblccfahdhdonehdalibjnif [2018-02-04]
CHR Extension: (FormApps Extension) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2017-06-15]
CHR Extension: (Google Analytics Debugger) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\jnkmfdileelhofjcijamephohjechhna [2019-08-02]
CHR Extension: (Snap It Button) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\kclagiidcihmjfnlfdboggonemfhcklk [2020-10-19]
CHR Extension: (Tag Assistant (by Google)) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\kejbdjndbnbjgmefkgdddjlbokphdefk [2020-11-09]
CHR Extension: (Loom for Chrome) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\liecbddmkiiihnedobmlmillhodjkdmb [2020-10-23]
CHR Extension: (Norton Safe) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\mpnlkmlkncncpgnnkmkgoobfpnjmblnk [2020-11-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-05]
CHR Extension: (Colour Extractor) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nndpibfappjacgbninhabcokfkdpnmpe [2016-06-20]
CHR Extension: (Image Color Picker - Pick your color online) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ocamglfcdanjnilooepglpjfmjabcgii [2016-06-20]
CHR Extension: (Collabim) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\oinjknlpcckmnnjpodcifmifeghabelo [2016-06-20]
CHR Extension: (Palette Creator) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\oolpphfmdmjbojolagcbgdemojhcnlod [2019-07-03]
CHR Extension: (Social Analytics) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pgckigmaefoaemjpijdepakcghjkggmg [2016-12-27]
CHR Extension: (Gmail) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-10-19]
CHR Profile: C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default [2020-06-18]
CHR HomePage: Default -> hxxp://www.ir-webdesign.com/
CHR Extension: (Překladač Google) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-06-18]
CHR Extension: (Prezentace) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-06-18]
CHR Extension: (Kancelář) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahfpbkogcgkoecgolaojpcijkabngljl [2015-05-04]
CHR Extension: (Dokumenty) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-06-18]
CHR Extension: (Lucidchart Diagrams) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\apboafhkiegglekeafbckfjldecefkhn [2020-06-18]
CHR Extension: (Disk Google) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (No Name) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2020-06-18]
CHR Extension: (No Name) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2017-04-08]
CHR Extension: (YouTube) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (chrometheme) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmcjefhelakcgphlgkfebcahbpdbhdpo [2015-05-04]
CHR Extension: (Vyhledávání Google) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (MozBar) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\eakacpaijcpapndcfffdgphdiccmpknp [2020-06-18]
CHR Extension: (Tabulky Google) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-04]
CHR Extension: (Page Analytics (by Google)) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnbdnhhicmebfgdgglcdacdapkcihcoh [2020-06-18]
CHR Extension: (Dokumenty Google offline) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Gantter for Google Drive) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\himomacamcpodhkahelbnmaddladgjgo [2015-05-04]
CHR Extension: (Rank Checker) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnhleeodcddckbbnpedmkkcpbhffpolb [2015-08-24]
CHR Extension: (Snap It Button) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\kclagiidcihmjfnlfdboggonemfhcklk [2020-06-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (No Name) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2020-06-18]
CHR Extension: (Notifications for Instagram) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\opnbmdkdflhjiclaoiiifmheknpccalb [2020-06-18]
CHR Extension: (Gmail) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-04]
CHR Profile: C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\System Profile [2017-04-08]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
CHR HKU\S-1-5-21-920122311-1960361517-2308721413-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig]
CHR HKU\S-1-5-21-920122311-1960361517-2308721413-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [blmojkbhnkkphngknkmgccmlenfaelkd]
CHR HKU\S-1-5-21-920122311-1960361517-2308721413-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <not found>
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\StartMenuInternet\ChromeHTML: -> C:\Program Files (x86)\Cupblue\Application\chrome.exe <==== ATTENTION

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-09-06] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [820280 2020-03-16] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9057136 2020-10-24] (Microsoft Corporation -> Microsoft Corporation)
R2 connect2hotspot; C:\Program Files (x86)\Lenovo\Connect2\Connect2.Service.exe [100680 2016-12-23] (Lenovo -> Lenovo)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [145224 2019-09-18] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2468496 2012-11-15] (Realtek Semiconductor Corp -> Realsil Microelectronics Inc.)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [115184 2014-07-08] (LENOVO -> Lenovo Group Limited)
S2 LPlatSvc; C:\WINDOWS\System32\LPlatSvc.exe [892288 2019-12-11] (Lenovo -> Lenovo.)
R2 NortonSecurity; C:\Program Files\Norton Security with Backup\Engine\22.20.5.39\NortonSecurity.exe [344760 2020-07-24] (Symantec Corporation -> Symantec Corporation)
R2 nsWscSvc; C:\Program Files\Norton Security with Backup\Engine\22.20.5.39\nsWscSvc.exe [1056096 2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155520 2015-06-10] (Sony Mobile Communications AB -> Avanquest Software) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R2 TechSmith Uploader Service; C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe [3658832 2019-06-28] (TechSmith Corporation -> TechSmith Corporation)
S3 WD Backup Drive Helper; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{4AB831D3-8315-414C-8A7A-303105288D0B} [19256 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WD Backup Drive Helper; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{4AB831D3-8315-414C-8A7A-303105288D0B} [19256 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WD Backup Snapshot; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{302480DF-3AC5-4400-BE7B-DD77AF93B6DD} [19256 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WD Backup Snapshot; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{302480DF-3AC5-4400-BE7B-DD77AF93B6DD} [19256 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [524632 2018-03-26] (Western Digital Techologies -> Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 BHDrvx64; C:\Program Files\Norton Security with Backup\NortonData\22.11.2.7\Definitions\BASHDefs\20201103.005\BHDrvx64.sys [1991536 2020-11-03] (Symantec Corporation -> Broadcom)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-09-12] (Microsoft Corporation) [File not signed]
R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\ccSetx64.sys [192248 2020-07-24] (Symantec Corporation -> Symantec Corporation)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [264552 2016-04-14] (ESET, spol. s r.o. -> ESET)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [516960 2020-07-29] (Symantec Corporation -> Broadcom)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [14976 2016-04-14] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [186784 2016-04-14] (ESET, spol. s r.o. -> ESET)
R2 epfwwfpr; C:\WINDOWS\system32\DRIVERS\epfwwfpr.sys [170792 2016-04-14] (ESET, spol. s r.o. -> ESET)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [154464 2020-08-03] (Symantec Corporation -> Broadcom)
R1 IDSVia64; C:\Program Files\Norton Security with Backup\NortonData\22.11.2.7\Definitions\IPSDefs\20201106.061\IDSvia64.sys [1478496 2020-09-17] (Symantec Corporation -> Broadcom)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-06-28] (Malwarebytes Corporation -> Malwarebytes)
R0 PMDRVS; C:\WINDOWS\System32\drivers\pmdrvs.sys [38160 2019-12-11] (Lenovo -> Lenovo.)
R3 RCUVCAVS; C:\WINDOWS\system32\DRIVERS\RCUVCAVS.sys [149632 2012-10-22] (Microsoft Windows Hardware Compatibility Publisher -> Ricoh co.,Ltd.)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-05] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R3 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\SRTSP64.SYS [889704 2020-07-24] (Symantec Corporation -> Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\SRTSPX64.SYS [50920 2020-07-24] (Symantec Corporation -> Symantec Corporation)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\SYMEFASI64.SYS [1964384 2020-07-24] (Symantec Corporation -> Symantec Corporation)
S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\SymELAM.sys [25080 2020-07-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Broadcom Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [100064 2019-04-05] (Symantec Corporation -> Symantec Corporation)
R3 SymEvnt; C:\Program Files\Norton Security with Backup\NortonData\22.11.2.7\SymPlatform\SymEvnt.sys [712368 2020-01-13] (Symantec Corporation -> Symantec Corporation)
R1 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\Ironx64.SYS [316488 2020-07-24] (Symantec Corporation -> Symantec Corporation)
R1 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\symnets.sys [575328 2020-07-24] (Symantec Corporation -> Symantec Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R1 wdfsconnect2017; C:\WINDOWS\system32\drivers\wdfsconnect2017.sys [468112 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R3 wdvpnpbus; C:\WINDOWS\System32\drivers\wdvpnpbus.sys [20624 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.)
R3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation)
R1 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\wpCtrlDrv.sys [1013792 2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-11-09 18:48 - 2020-11-09 18:49 - 000052117 _____ C:\Users\Iveta\Desktop\FRST.txt
2020-11-09 16:54 - 2020-11-09 16:54 - 008447152 _____ (Malwarebytes) C:\Users\Iveta\Downloads\adwcleaner_8.0.8.exe
2020-11-09 16:48 - 2020-11-09 16:48 - 000000000 ____D C:\Users\Iveta\Desktop\logy
2020-11-09 16:44 - 2020-11-09 16:44 - 000000000 ____D C:\WINDOWS\system32\Tasks\Remediation
2020-11-09 15:10 - 2020-11-09 18:49 - 000000000 ____D C:\FRST
2020-11-09 14:58 - 2020-11-09 14:58 - 002298368 _____ (Farbar) C:\Users\Iveta\Desktop\FRST64.exe
2020-11-04 12:55 - 2020-11-04 12:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2020-11-04 12:55 - 2020-11-04 12:54 - 000069264 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2020-11-04 12:54 - 2020-11-04 12:54 - 000000000 ____D C:\Program Files\Java
2020-11-04 12:54 - 2020-11-04 12:54 - 000000000 ____D C:\Program Files\Common Files\Oracle
2020-11-04 12:52 - 2020-11-04 12:53 - 167452312 _____ (Oracle Corporation) C:\Users\Iveta\Downloads\jdk-15.0.1_windows-x64_bin.exe
2020-11-04 12:47 - 2020-11-04 12:47 - 000000000 ____D C:\Users\Iveta\AppData\LocalLow\Oracle
2020-11-03 07:52 - 2020-11-09 07:42 - 000000000 ____D C:\Users\Iveta\AppData\Local\NPE
2020-11-02 11:19 - 2020-11-02 11:19 - 000062062 _____ C:\Users\Iveta\Downloads\hiaddtocartbutton_v1.0.10.zip
2020-11-02 11:19 - 2020-11-02 11:19 - 000062062 _____ C:\Users\Iveta\Downloads\hiaddtocartbutton_v1.0.10 (1).zip
2020-10-31 18:03 - 2020-11-05 21:11 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-10-26 16:56 - 2020-10-26 16:56 - 000000216 _____ C:\Users\Iveta\dm_importspecialprices.crt
2020-10-26 11:33 - 2020-10-26 11:33 - 000000000 ____D C:\Users\Iveta\.gnupg
2020-10-26 09:36 - 2020-10-26 09:36 - 000000000 ____D C:\Users\Iveta\AppData\Local\JetBrains
2020-10-26 09:33 - 2020-10-26 09:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetBrains
2020-10-26 09:32 - 2020-10-26 09:32 - 000000763 _____ C:\Users\Public\Desktop\PhpStorm 2020.2.3 x64.lnk
2020-10-26 09:32 - 2020-10-26 09:32 - 000000000 ____D C:\Program Files\JetBrains
2020-10-26 09:30 - 2015-05-04 16:57 - 000092550 _____ C:\ProgramData\PhpStorm2020.2_202.7660.42_Uninstall.exe
2020-10-26 09:28 - 2020-10-26 09:29 - 333723200 _____ C:\Users\Iveta\Downloads\PhpStorm-2020.2.3.exe
2020-10-26 09:27 - 2020-10-26 09:27 - 000004096 _____ C:\Users\Iveta\Downloads\E4AXWUU8GJ.zip
2020-10-23 19:02 - 2020-10-23 19:02 - 000425313 _____ C:\Users\Iveta\Downloads\wpfreeshipping.zip
2020-10-23 19:02 - 2020-10-23 19:02 - 000021051 _____ C:\Users\Iveta\Downloads\wpheadertext.zip
2020-10-23 18:58 - 2020-10-23 18:58 - 000020495 _____ C:\Users\Iveta\Downloads\wppayinstore.zip
2020-10-23 11:51 - 2020-10-23 11:53 - 000000000 ___RD C:\Users\Iveta\Dropbox
2020-10-23 11:13 - 2020-10-23 11:13 - 000670312 _____ (Dropbox, Inc.) C:\Users\Iveta\Downloads\DropboxInstaller.exe
2020-10-23 09:16 - 2020-10-23 09:16 - 000154596 _____ C:\Users\Iveta\Downloads\PTV_TPS_PSB_CZ.pdf
2020-10-22 23:42 - 2020-10-22 23:42 - 000065496 _____ (Adobe Systems Inc) C:\WINDOWS\system32\AdobePDF.dll
2020-10-22 23:42 - 2020-10-22 23:42 - 000036312 _____ (Adobe Systems Inc.) C:\WINDOWS\system32\AdobePDFUI.dll
2020-10-19 07:13 - 2020-10-19 07:13 - 000142758 _____ C:\Users\Iveta\Downloads\tax944663.pdf
2020-10-19 07:12 - 2020-10-19 07:12 - 000067437 _____ C:\Users\Iveta\Downloads\inv2368373.pdf
2020-10-16 14:08 - 2020-10-06 01:13 - 000835472 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-10-16 14:08 - 2020-10-06 01:13 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-10-13 22:29 - 2020-10-13 22:29 - 011630080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2020-10-13 22:29 - 2020-10-13 22:29 - 009728512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2020-10-13 22:28 - 2020-10-13 22:28 - 005507072 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2020-10-13 22:28 - 2020-10-13 22:28 - 004310016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2020-10-13 22:28 - 2020-10-13 22:28 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2020-10-13 22:28 - 2020-10-13 22:28 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2020-10-13 22:28 - 2020-10-13 22:28 - 000839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2020-10-13 22:28 - 2020-10-13 22:28 - 000800576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2020-10-13 22:28 - 2020-10-13 22:28 - 000724992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2020-10-13 22:28 - 2020-10-13 22:28 - 000711168 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2020-10-13 22:28 - 2020-10-13 22:28 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2020-10-13 22:28 - 2020-10-13 22:28 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2020-10-13 22:28 - 2020-10-13 22:28 - 000339456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2020-10-13 22:28 - 2020-10-13 22:28 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2020-10-13 22:28 - 2020-10-13 22:28 - 000093112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2020-10-13 22:27 - 2020-10-13 22:27 - 032928928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 031599448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsRaw.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 025445888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 019852288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 019812864 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 018035200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 008010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 007012864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 006307840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 005008896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 004547072 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 004348928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 003635712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 003525600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 003507200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 003243080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 002950264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 002588688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2020-10-13 22:27 - 2020-10-13 22:27 - 002495248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 002422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2020-10-13 22:27 - 2020-10-13 22:27 - 002315984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 002259192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2020-10-13 22:27 - 2020-10-13 22:27 - 002230224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 002227512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 002138264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2020-10-13 22:27 - 2020-10-13 22:27 - 002133312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 001869696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 001789752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 001783984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 001615360 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 001523712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 001506112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 001298752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 001272160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 001249792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 001218048 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 001139200 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 001099608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 001098728 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 001012784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 001000960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000868352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2fs.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000834560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000776704 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000748384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000692224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000515584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpedit.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000513848 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicRuntimes.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000477696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tracerpt.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000376320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tracerpt.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AnalogShell.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2020-10-13 22:27 - 2020-10-13 22:27 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWSD.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\logman.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\provmigrate.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logman.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdSSDP.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\relog.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\typeperf.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\relog.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\typeperf.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpupdate.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\diskperf.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\diskperf.exe
2020-10-13 22:26 - 2020-10-13 22:27 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 022646784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 007289344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 006525952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 005768256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 004608512 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 002799616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-10-13 22:26 - 2020-10-13 22:26 - 002740736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directml.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 002585024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 002262784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001958072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001686016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001672552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001665728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001617088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001564984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001477120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001459712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001436032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvbvm60.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001421392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001397568 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 001335608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdrecordcpu.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001327616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001285120 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 001214464 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001182744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001077056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 000992256 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2fs.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 000910336 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 000894024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000877056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 000864768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000833344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000784000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 000775480 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 000741696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DismApi.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000693128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000682736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 000675024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000629248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000599864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000593416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpedit.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResourceMapper.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000501000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp_win.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000491008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmdial32.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000488568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000474432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000468944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000453944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 000422000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000405936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\es.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-10-13 22:26 - 2020-10-13 22:26 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000300704 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000285560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000284504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdwriter.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppLockerCSP.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2020-10-13 22:26 - 2020-10-13 22:26 - 000224568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Dism.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000199992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000188224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ifsutil.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000166936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000164352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000164352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWSD.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000150328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 000149304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ulib.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupcln.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinHvEmulation.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 000117208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000111536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdSSDP.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000093512 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000089336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000084280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2020-10-13 22:26 - 2020-10-13 22:26 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptext.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000054720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000051632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel.appcore.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpupdate.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 000021312 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidtel.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shimeng.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3r.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-10-13 22:26 - 2020-10-13 22:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-10-13 22:26 - 2020-10-13 22:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-10-13 22:26 - 2020-10-13 22:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-10-13 22:26 - 2020-10-13 22:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-10-13 22:26 - 2020-10-13 22:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-10-13 22:26 - 2020-10-13 22:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-10-13 22:26 - 2020-10-13 22:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-10-13 22:26 - 2020-10-13 22:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-10-13 22:26 - 2020-10-13 22:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-10-13 22:26 - 2020-10-13 22:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-10-13 22:26 - 2020-10-13 22:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-10-13 22:25 - 2020-10-13 22:25 - 014818304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 009924928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 007604576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 005112320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 003805696 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 003748352 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 002986288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-10-13 22:25 - 2020-10-13 22:25 - 002777184 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 002775688 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 002737664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 002696512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-10-13 22:25 - 2020-10-13 22:25 - 002491032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 002092328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001999440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001916752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001845912 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001698816 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001664688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001653800 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001593344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001408512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001285120 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001271808 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001265152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001246208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001170960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001154440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001053120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001004872 _____ (Microsoft Corporation) C:\WINDOWS\system32\DismApi.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000950272 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000933288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000907072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000890432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000871936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000860160 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2020-10-13 22:25 - 2020-10-13 22:25 - 000845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000844088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000837120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000835672 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000767984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000628416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000628032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000614912 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2020-10-13 22:25 - 2020-10-13 22:25 - 000555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmdial32.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000551624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxs.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000546968 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000518456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-10-13 22:25 - 2020-10-13 22:25 - 000467952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2020-10-13 22:25 - 2020-10-13 22:25 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000437568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2020-10-13 22:25 - 2020-10-13 22:25 - 000375504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000362296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000350208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountWAMExtension.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2020-10-13 22:25 - 2020-10-13 22:25 - 000326656 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcomapi.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000280888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dism.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2020-10-13 22:25 - 2020-10-13 22:25 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppnp.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000222008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000213784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000204104 _____ (Microsoft Corporation) C:\WINDOWS\system32\unattend.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000188208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionQueue.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000176440 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxlib.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeHelper.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000165840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spopk.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupcln.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatialAudioLicenseSrv.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000141632 _____ (Microsoft Corporation) C:\WINDOWS\system32\migisol.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000130112 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000108856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GraphicsCapture.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\MuiUnattend.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2020-10-13 22:25 - 2020-10-13 22:25 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\djoin.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000072824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptext.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000068416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceReactivation.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000063296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\PnPUnattend.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000054272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000035840 _____ C:\WINDOWS\system32\deploymentcsphelper.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2020-10-13 22:25 - 2020-10-13 22:25 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnscacheugc.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxstrace.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2020-10-13 22:25 - 2020-10-13 22:25 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\netbtugc.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\EsdSip.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d8thk.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCertResources.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3r.dll
2020-10-13 22:24 - 2020-10-13 22:25 - 000797456 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 007271752 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 006437376 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 004565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 004140544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 004050944 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 003728384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-10-13 22:24 - 2020-10-13 22:24 - 003581248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-10-13 22:24 - 2020-10-13 22:24 - 003545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 003371168 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 003327776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 003232064 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 002712064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-10-13 22:24 - 2020-10-13 22:24 - 002556224 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 002485248 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 002455928 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 002260832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 002074624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 002007360 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 001947688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 001918976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 001833272 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 001756592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-10-13 22:24 - 2020-10-13 22:24 - 001743688 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 001656904 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 001618704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdrecordcpu.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 001614848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 001512840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 001487360 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 001393952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 001375744 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 001366136 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-10-13 22:24 - 2020-10-13 22:24 - 001259720 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 001182248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 001083704 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 001047040 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2020-10-13 22:24 - 2020-10-13 22:24 - 001024656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 001014784 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000974336 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000961024 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 000916760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000893624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2020-10-13 22:24 - 2020-10-13 22:24 - 000874304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-10-13 22:24 - 2020-10-13 22:24 - 000865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000852280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000782656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000761672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000742720 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000676864 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000639392 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000636856 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxs.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000604992 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000602424 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000598336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000586048 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2020-10-13 22:24 - 2020-10-13 22:24 - 000564736 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000554496 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-10-13 22:24 - 2020-10-13 22:24 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000522688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 000519496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 000492032 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2020-10-13 22:24 - 2020-10-13 22:24 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 000441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-10-13 22:24 - 2020-10-13 22:24 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\es.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000399360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000389440 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000363112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000353752 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000343416 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdwriter.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000328704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsku.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\PushToInstall.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000234992 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000214840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ifsutil.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000205632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2020-10-13 22:24 - 2020-10-13 22:24 - 000201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000192176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbrand.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\spopk.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000180544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2020-10-13 22:24 - 2020-10-13 22:24 - 000180032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ulib.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000160064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\GraphicsCapture.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSAssessment.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000141520 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000102720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000089920 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000067656 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\watchdog.sys
2020-10-13 22:24 - 2020-10-13 22:24 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000058888 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel.appcore.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000057664 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxstrace.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtClient.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidtel.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\applockerfltr.sys
2020-10-13 22:24 - 2020-10-13 22:24 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\shimeng.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 017790976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 003725824 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 003143168 _____ (Microsoft Corporation) C:\WINDOWS\system32\directml.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 002296832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 002125392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 001967104 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 001942016 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 001751552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 001499136 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 001413712 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 001187840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 001182720 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 001150264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-10-13 22:23 - 2020-10-13 22:23 - 001092608 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 001086784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 001077248 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 001029952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 001026800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 001008960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000875400 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000805184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000804672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000722080 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000589392 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2020-10-13 22:23 - 2020-10-13 22:23 - 000495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountWAMExtension.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000437056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000422712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000415816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000381656 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialEnrollmentManager.exe
2020-10-13 22:23 - 2020-10-13 22:23 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2020-10-13 22:23 - 2020-10-13 22:23 - 000222528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ataport.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000183616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000174400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2020-10-13 22:23 - 2020-10-13 22:23 - 000141632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000089928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000088360 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-10-13 22:23 - 2020-10-13 22:23 - 000076952 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialEnrollmentManagerForUser.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\bfsvc.exe
2020-10-13 22:23 - 2020-10-13 22:23 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidspi.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000056640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciidex.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
2020-10-13 22:23 - 2020-10-13 22:23 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2020-10-13 22:23 - 2020-10-13 22:23 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000030016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\atapi.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000019768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelide.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000016704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciide.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCertResources.dll
2020-10-13 21:24 - 2020-10-13 21:25 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-10-13 21:24 - 2020-10-13 21:25 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-11-09 18:49 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-11-09 18:49 - 2015-05-04 16:36 - 000000000 ____D C:\Users\Iveta\Documents\WWW pracovní
2020-11-09 18:38 - 2019-08-02 09:47 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-11-09 18:16 - 2019-10-05 19:11 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-11-09 18:13 - 2020-08-03 12:54 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton 360
2020-11-09 18:11 - 2019-08-02 10:08 - 001846928 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-11-09 18:11 - 2019-03-19 12:55 - 000776806 _____ C:\WINDOWS\system32\perfh005.dat
2020-11-09 18:11 - 2019-03-19 12:55 - 000168354 _____ C:\WINDOWS\system32\perfc005.dat
2020-11-09 18:11 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-11-09 18:04 - 2019-08-02 10:06 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-11-09 18:04 - 2016-10-12 03:20 - 000000000 ____D C:\ProgramData\NVIDIA
2020-11-09 18:04 - 2015-05-04 07:42 - 000000000 __SHD C:\Users\Iveta\IntelGraphicsProfiles
2020-11-09 18:03 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-11-09 17:56 - 2016-06-28 13:02 - 000000000 ____D C:\AdwCleaner
2020-11-09 16:41 - 2020-10-06 07:16 - 000000000 ____D C:\Users\Iveta\Documents\Soubory aplikace Outlook
2020-11-09 14:50 - 2019-03-19 05:37 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2020-11-08 14:17 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-11-08 14:17 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-11-06 15:16 - 2020-07-13 14:03 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-11-06 15:16 - 2020-07-13 14:03 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-11-05 21:11 - 2015-05-04 18:03 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-11-05 20:29 - 2015-05-09 11:34 - 000000000 ____D C:\Users\Iveta\Documents\WWW zálohy
2020-11-05 17:38 - 2015-05-04 16:54 - 000000000 ____D C:\Users\Iveta\Documents\Pracovní
2020-11-05 16:35 - 2016-12-08 22:55 - 000000000 ____D C:\Users\Iveta\AppData\LocalLow\Mozilla
2020-11-05 16:32 - 2020-08-04 09:27 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-11-05 16:32 - 2015-08-28 08:26 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-11-05 13:04 - 2016-03-18 11:58 - 000002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2020-11-05 13:04 - 2016-03-18 11:58 - 000002103 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2020-11-05 10:35 - 2015-05-04 19:23 - 000000000 ____D C:\Users\Iveta\AppData\Local\CrashDumps
2020-11-05 07:46 - 2015-05-06 09:23 - 000000000 ____D C:\Program Files (x86)\Java
2020-11-04 12:42 - 2016-04-02 06:25 - 000000000 ____D C:\Program Files (x86)\seoadministrator
2020-11-04 12:42 - 2015-05-05 19:51 - 000000000 ____D C:\Program Files (x86)\Screen Courier
2020-11-04 12:35 - 2019-01-04 17:32 - 000000000 ____D C:\Users\Iveta\AppData\Roaming\WD Discovery
2020-11-04 12:35 - 2019-01-04 17:32 - 000000000 ____D C:\Users\Iveta\.wdc
2020-11-04 09:15 - 2019-01-04 17:32 - 000000000 ____D C:\Program Files\WD Desktop App
2020-11-04 08:19 - 2019-08-02 09:57 - 000000000 ____D C:\Users\Iveta
2020-11-04 08:10 - 2016-10-14 05:50 - 000000000 ____D C:\ProgramData\Norton
2020-11-03 23:34 - 2015-05-04 19:57 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-11-03 15:57 - 2015-05-04 17:27 - 000000000 ____D C:\Users\Iveta\Documents\Smazat
2020-11-03 07:26 - 2015-05-04 16:25 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-11-03 07:26 - 2015-05-04 16:25 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-11-02 14:16 - 2019-04-05 17:44 - 001867252 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2020-11-02 09:36 - 2020-03-27 15:17 - 000000000 ____D C:\Users\Iveta\AppData\Roaming\npm-cache
2020-11-02 08:28 - 2020-07-13 14:03 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-11-02 08:28 - 2020-07-13 14:03 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-10-30 22:19 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-10-30 19:47 - 2015-05-04 12:59 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-10-30 09:39 - 2017-12-17 10:14 - 000000000 ____D C:\Users\Iveta\AppData\Local\Packages
2020-10-30 07:27 - 2019-08-02 10:06 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-920122311-1960361517-2308721413-1001
2020-10-30 07:27 - 2019-08-02 09:57 - 000002361 _____ C:\Users\Iveta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-10-30 07:27 - 2015-09-15 19:16 - 000000000 ___RD C:\Users\Iveta\OneDrive
2020-10-27 13:43 - 2018-02-24 12:26 - 000002073 _____ C:\Users\Public\Desktop\Google Slides.lnk
2020-10-27 13:43 - 2018-02-24 12:26 - 000002071 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2020-10-27 13:43 - 2018-02-24 12:26 - 000002061 _____ C:\Users\Public\Desktop\Google Docs.lnk
2020-10-27 13:43 - 2018-02-24 12:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2020-10-26 14:22 - 2015-05-04 16:55 - 000000000 ____D C:\Users\Iveta\Documents\Osobní
2020-10-26 09:44 - 2015-05-04 17:03 - 000000000 ____D C:\Users\Iveta\AppData\Roaming\JetBrains
2020-10-26 09:00 - 2015-05-04 16:36 - 000000000 ____D C:\Users\Iveta\Documents\WWW
2020-10-19 20:43 - 2019-08-02 11:21 - 000045775 ____H C:\Users\Iveta\AppData\Local\IconCache.db.backup
2020-10-17 09:40 - 2015-05-05 18:39 - 000001480 _____ C:\Users\Iveta\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2020-10-16 14:09 - 2016-10-29 22:54 - 000000000 ___RD C:\Users\Iveta\3D Objects
2020-10-16 14:09 - 2015-06-17 11:01 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-10-16 14:09 - 2015-05-04 05:29 - 000000402 ___SH C:\Users\Iveta\Documents\desktop (New).ini
2020-10-16 14:09 - 2015-05-04 05:29 - 000000282 ___RH C:\Users\Iveta\Desktop\desktop (New).ini
2020-10-16 14:07 - 2019-08-02 09:47 - 005370168 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-10-16 13:48 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2020-10-16 13:48 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-10-16 13:47 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-10-16 13:47 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2020-10-16 13:47 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2020-10-16 13:47 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2020-10-16 13:47 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2020-10-16 13:47 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-10-16 13:47 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\es-MX
2020-10-16 13:47 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-10-16 13:47 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\appraiser
2020-10-16 13:46 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2020-10-16 13:46 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-10-16 13:46 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-10-16 13:46 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Provisioning
2020-10-16 13:46 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-10-14 23:12 - 2019-08-02 10:06 - 000003472 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-10-14 23:12 - 2019-08-02 10:06 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-10-13 22:46 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp

==================== Files in the root of some directories ========

2020-10-26 09:30 - 2015-05-04 16:57 - 000092550 _____ () C:\ProgramData\PhpStorm2020.2_202.7660.42_Uninstall.exe
2015-08-24 09:17 - 2015-08-24 10:06 - 000000132 _____ () C:\Users\Iveta\AppData\Roaming\Adobe Formát BMP CS6 – předvolby
2015-09-09 13:50 - 2019-07-23 20:08 - 000000132 _____ () C:\Users\Iveta\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2018-01-20 11:49 - 2020-05-07 15:41 - 000000033 _____ () C:\Users\Iveta\AppData\Roaming\AdobeWLCMCache.dat
2015-08-03 08:36 - 2018-01-12 21:21 - 000000132 _____ () C:\Users\Iveta\AppData\Roaming\Filtr IIIExport Adobe CS6 – předvolby
2015-10-05 20:47 - 2020-10-05 20:10 - 000000128 _____ () C:\Users\Iveta\AppData\Roaming\winscp.rnd
2017-05-08 16:35 - 2017-05-08 16:35 - 000000038 ___SH () C:\Users\Iveta\AppData\Local\3132457594e445968615d80.28999810
2015-05-05 18:39 - 2020-10-17 09:40 - 000001480 _____ () C:\Users\Iveta\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2015-05-04 20:40 - 2017-02-02 09:44 - 000000058 _____ () C:\Users\Iveta\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2018-09-28 07:45 - 2018-09-28 07:45 - 000000000 _____ () C:\Users\Iveta\AppData\Local\oobelibMkey.log
2017-11-09 14:41 - 2017-11-09 14:41 - 000000768 _____ () C:\Users\Iveta\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Re: Samovolné zpětování v programech i prohlížečí

Napsal: 09 lis 2020 18:57
od Ivetaru
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-11-2020
Ran by Iveta (administrator) on IVETA-RUMLEROVA (LENOVO 3259MCG) (09-11-2020 18:48:56)
Running from C:\Users\Iveta\Desktop
Loaded Profiles: Iveta
Platform: Windows 10 Home Version 1903 18362.1139 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Fortemedia Inc -> ) C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Ghisler Software GmbH -> Ghisler Software GmbH) C:\totalcmd\TOTALCMD64.EXE
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <12>
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Lenovo -> ) C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Lenovo -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Lenovo -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tposd.exe
(LENOVO -> Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(LENOVO -> Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\Connect2\Connect2.Service.exe
(Lenovo -> Lenovo) C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
(Lenovo -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\mkrmsg.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files\Norton Security with Backup\Engine\22.20.5.39\nsWscSvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Realtek Semiconductor Corp -> Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Ricoh co.,Ltd.) [File not signed] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Security with Backup\Engine\22.20.5.39\NortonSecurity.exe <2>
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics Incorporated -> Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(TechSmith Corporation -> TechSmith Corporation) C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe
(TechSmith Corporation -> TechSmith Corporation) C:\Program Files\TechSmith\Snagit 2018\Snagit32.exe
(TechSmith Corporation -> TechSmith Corporation) C:\Program Files\TechSmith\Snagit 2018\SnagitEditor.exe
(TechSmith Corporation -> TechSmith Corporation) C:\Program Files\TechSmith\Snagit 2018\SnagPriv.exe
(Western Digital Techologies -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [935104 2014-11-25] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1860120 2016-01-12] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [TechSmithSnagit] => C:\Program Files\TechSmith\Snagit 2018\Snagit32.exe [9182176 2020-01-10] (TechSmith Corporation -> TechSmith Corporation)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM-x32\...\Run: [RotateImage] => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [64000 2012-08-10] (Ricoh co.,Ltd.) [File not signed]
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [132920 2013-05-31] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2042424 2020-03-16] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [WDDiscovery] => C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe [81376496 2019-11-29] (Western Digital Technologies, Inc. -> Western Digital Corporation)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [2309008 2018-06-01] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WDAppManager] => C:\Program Files (x86)\Western Digital\WD App Manager\AppManagerLauncher.exe [21888 2019-01-02] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [82183912 2019-07-11] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1319208 2019-05-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5866032 2020-10-22] (Adobe Inc. -> Adobe Systems Inc.)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5491248 2020-10-22] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\Run: [Screenshot Captor] => C:\Program Files (x86)\ScreenshotCaptor\ScreenshotCaptor.exe [6852376 2012-07-06] (DONATIONCODER.COM LLC -> DonationCoder) [File not signed]
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Iveta\AppData\Local\Microsoft\Teams\Update.exe [1789768 2019-08-26] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [648328 2020-04-13] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\Run: [GoogleChromeAutoLaunch_DD52DC0D6186026AFE712DB9D3450405] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTRAY.EXE [604128 2018-11-01] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIR6E.EXE [418000 2016-07-14] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\RunOnce: [Application Restart #4] => C:\Program Files (x86)\Microsoft\Edge\Temp\scoped_dir14400_1215716017\old_msedge.exe --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --restore-last-session -- microsoft-edge: (the data entry has 138 more characters). <==== ATTENTION
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\MountPoints2: {22986a71-0f7b-11e9-bf30-b888e3de6c61} - "E:\WD Drive Unlock.exe" autoplay=true
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [65496 2020-10-22] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\EPSON L7160 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMBR6E.DLL [182784 2016-08-02] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\WINDOWS\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [File not signed]
HKLM\...\Print\Monitors\PDF Print Monitor BZ101: C:\Program Files\Common Files\STORMWARE\PDF Printer\Ports\STORMWARE\bzpdf.dll [210944 2013-10-04] (Bullzip) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\86.0.4240.183\Installer\chrmstp.exe [2020-11-03] (Google LLC -> Google LLC)
Startup: C:\Users\Iveta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2020-11-03]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\Iveta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TickTick.lnk [2018-07-17]
ShortcutTarget: TickTick.lnk -> C:\Program Files (x86)\TickTick\TickTick.exe (Appest.com) [File not signed]
GroupPolicy: Restriction - Windows Defender <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03D3A8E8-B8E4-426D-AF0C-7247011CEADE} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {083A6183-4AEF-40C6-8424-1484BF42890F} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {08525A1C-9DA5-4DDB-A449-08F8A713D8E4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {119E7BA2-556A-489D-8CFF-C5C3CCC18174} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {14A94EC1-FC51-4C29-8BCB-A639C35C869C} - \Optimize Start Menu Cache Files-S-1-5-21-920122311-1960361517-2308721413-1001 -> No File <==== ATTENTION
Task: {161E9434-7FA6-46E6-BB6D-49D73732FB68} - System32\Tasks\WD Device Agent Task iveta => C:\Program Files (x86)\Western Digital\Discovery\Current\WD Device Agent.exe [720624 2019-11-29] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
Task: {16227D00-6CAF-48F0-89BC-AC89CBF34B22} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [144312 2020-09-15] (Lenovo -> Lenovo Group Ltd.)
Task: {19CD006D-BE44-4D72-9670-7D686C672872} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe [113024 2019-11-12] (Lenovo -> Lenovo)
Task: {1C7267CE-9ECE-4F18-A1E9-D370A3AD8CC6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1341008 2020-09-06] (Adobe Inc. -> Adobe Inc.)
Task: {24C9634F-1033-4204-B624-9EAEDEAE9E70} - System32\Tasks\Nvbackend_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {24D6D92E-6D31-4FB9-A22D-CFC0F57F6C97} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758648 2020-09-08] (Lenovo -> )
Task: {26D35485-0B85-4CEB-841A-717C15C52980} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {2ACB2618-F1F4-4993-9DC0-836F663313E9} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758648 2020-09-08] (Lenovo -> )
Task: {2EB752B6-070A-4B9C-B38C-59EA2B90293E} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [233824 2012-06-14] (Intel® Services Manager -> Intel Corporation)
Task: {2EFF15EB-8868-4C5D-97AA-3141DABD16CD} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [127176 2020-05-29] (Mozilla Corporation -> Mozilla Foundation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {40335F53-DAC0-42E3-8C61-F08C76150D44} - \WPD\SqmUpload_S-1-5-21-920122311-1960361517-2308721413-1001 -> No File <==== ATTENTION
Task: {41EB1A5B-C29A-47AC-B28A-654DD9754588} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {42B9CC78-B5D6-4587-8196-534B49454008} - System32\Tasks\Trigger KMS Activation => C:\KMSnano Final\TriggerKMS.exe [54784 2013-02-10] () [File not signed]
Task: {43156E03-5FCD-4416-84F8-12CA7F6C9759} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22939512 2020-10-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {4361DC2E-D5C8-4400-892F-831A101B1A24} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\f45e0707-3310-4006-98d0-0f0f2dbb9d36 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
Task: {43DC4658-8D72-4A73-B798-8F4558D7884B} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {4669933A-F9EE-4175-B560-75F0897C4408} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22939512 2020-10-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {551019E6-E1B8-4A2A-9686-03AA7D22880A} - System32\Tasks\WD Discovery Service Task iveta => C:\Program Files (x86)\Western Digital\Discovery\Current\Service\WDDiscoveryService.exe [75504 2019-11-29] (Western Digital Technologies, Inc. -> )
Task: {5D4D5AA5-8470-43B7-A4AE-21370D58E3FE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-05-04] (Google Inc -> Google Inc.)
Task: {5DE81771-97DA-472A-8DF7-141FEC6403D0} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [667856 2020-10-31] (Mozilla Corporation -> Mozilla Foundation)
Task: {5E0F430B-E8A6-40D0-9A08-CCAAF20079E3} - System32\Tasks\Norton 360\Norton 360 Error Processor => C:\Program Files\Norton Security with Backup\Engine\22.20.5.39\SymErr.exe [117192 2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {6213D423-62A9-4593-9DFE-1499BEE496AA} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton 360\Upgrade.exe [2162328 2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {6662012F-97B5-41EC-9073-0997FC4ED638} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {66C03512-B15B-4AB4-92DF-691F9F588F51} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {6C6BF952-D309-4CD6-BC20-6C2C37EFAEBF} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgrInst.exe [59776 2019-11-12] (Lenovo -> )
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {7B1CCD6F-1080-456E-905A-D4D7723BB571} - System32\Tasks\CupblueUpdateTaskMachineUA => C:\Program Files (x86)\Cupblue\Update\CupblueUpdate.exe
Task: {7D347C14-1456-4C7E-AB13-53AC61C880F1} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {7F53DAB5-ECBC-4AC6-A46D-30B21FF0D547} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\71a64da2-7887-4731-9650-4b8554bf0dbd => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
Task: {8204FCCD-D668-468D-AA4C-AC654161D2D2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {844FB30C-9FAB-480E-80F6-D0F47D6EF0DC} - System32\Tasks\Norton Security with Backup\Norton Security Error Analyzer => C:\Program Files\Norton Security with Backup\Engine\22.20.4.57\SymErr.exe
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {8800B2C7-D6FA-4467-AB97-A87E0E25BAF6} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
Task: {8B53BF56-A87E-4E69-97EB-45297D6C4977} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [117616 2020-10-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {90752D23-4494-4B13-B03C-F7D66BC310BE} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [4222560 2016-10-03] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {92B63E48-2F65-4A9C-AF8D-4F164859C499} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-05-04] (Google Inc -> Google Inc.)
Task: {9D35156C-3DBC-42F0-A311-483A4E00CD7D} - System32\Tasks\Norton Security with Backup\Norton Security Error Processor => C:\Program Files\Norton Security with Backup\Engine\22.20.4.57\SymErr.exe
Task: {9da5907f-f37b-4640-8ddb-881a43c9fe96} - no filepath
Task: {9DC7130F-F279-4B04-91BC-645E1EB7083D} - System32\Tasks\Norton 360\Norton 360 Autofix => C:\Program Files\Norton Security with Backup\Engine\22.20.5.39\SymErr.exe [117192 2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {9F55A2EA-005F-4B7A-AA4D-F07A58B9D858} - System32\Tasks\Norton Security with Backup\Norton Security Autofix => C:\Program Files\Norton Security with Backup\Engine\22.20.4.57\SymErr.exe
Task: {A59828F6-B3A5-4F62-9BE9-0DB9C109A85F} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [233824 2012-06-14] (Intel® Services Manager -> Intel Corporation)
Task: {ABEC7406-4233-49E9-A85A-076F0A7CD37F} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {AFB67115-937F-4473-BDD1-90F4081C1023} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {B09A0183-8627-4209-8F91-D59A81543214} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {B16D4493-D4BC-42AC-B681-251F389E1010} - System32\Tasks\Open URL by RoboForm => C:\WINDOWS\system32\rundll32.exe url.dll,FileProtocolHandler "http://www.roboform.com/uninstall.html? ... LIBNKJHIKJ"
Task: {B47C4E46-1133-4552-BAAE-E63DFE3AF896} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1146776 2020-10-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {BA69755F-8E4F-4A2B-A993-18DED861A758} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {BDC865D7-1F68-408D-8BE0-01380142CFF7} - \AdobeAAMUpdater-1.0-Iveta-Rumlerova-Iveta -> No File <==== ATTENTION
Task: {C1E03E35-9879-4363-8CC1-65FDA98A9157} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\d4b4a5af-bf93-4406-8548-afc50aa009e2 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
Task: {C6019B92-B7E9-49C4-9223-64A2471604FC} - System32\Tasks\Lenovo Power Management Driver PnP Task => C:\WINDOWS\System32\ibmpmsvc.exe [949632 2019-12-11] (Lenovo -> Lenovo.)
Task: {C7AFF3F3-A573-4F9A-9F92-48268AE6A8CE} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D2B41DE8-4B69-402D-A8E5-B51C9945F6D9} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {D5F5EB11-CAA8-404C-8885-9320688D9345} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [62280 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
Task: {D8583876-74B2-48D9-B59F-4B6E2807AEFA} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {D9335A1C-9788-4545-9A3A-118112B149C5} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {DE21874B-7B4A-4B6F-B6A4-0DAA6F70C257} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {E30B9646-1B3F-4582-AAA4-328F4D815466} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [16832 2015-07-08] (LENOVO -> Lenovo)
Task: {E396BF4A-BF40-49B0-8663-6E5A5677A19A} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {E5BB7FDE-ACA9-4FDB-81F3-0E48B8364F43} - System32\Tasks\Norton 360\Norton 360 Error Analyzer => C:\Program Files\Norton Security with Backup\Engine\22.20.5.39\SymErr.exe [117192 2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {E862A9B2-D32D-4119-83EB-0F83CF3B1557} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe [676176 2016-05-18] (LENOVO -> Lenovo)
Task: {ECF42CF1-5CA0-4836-BBF3-151FFB249565} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe [676176 2016-05-18] (LENOVO -> Lenovo)
Task: {EE7BCEAE-FEB7-4F10-9407-C25419ED6820} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security with Backup\Engine\22.20.5.39\WSCStub.exe [644608 2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {F31C70BB-659C-4D49-A534-1E3750CD9A82} - System32\Tasks\CupblueUpdateTaskMachineCore => C:\Program Files (x86)\Cupblue\Update\CupblueUpdate.exe
Task: {F320E204-F550-4A83-A789-04EF25859F5E} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {FAA70618-3AB5-4C6A-BB05-263D1AC2261D} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [117616 2020-10-30] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\ Update {700DF5E8-67F4-4B85-AC32-AC27A47931C4}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSR6E.EXE:/EXE:{700DF5E8-67F4-4B85-AC32-AC27A47931C4} /F:UpdateWORKGROUP\IVETA-RUMLEROVA$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 188.75.188.188 8.8.4.4
Tcpip\..\Interfaces\{1cdf01bc-e833-4f90-ba21-62c47bfafa1d}: [DhcpNameServer] 188.75.188.188 8.8.4.4
Tcpip\..\Interfaces\{6085ce70-8b05-4516-ba0b-8a96c4ff09e3}: [DhcpNameServer] 188.75.188.188 8.8.4.4

Edge:
======
DownloadDir: C:\Users\Iveta\Downloads
Edge Profile: C:\Users\Iveta\AppData\Local\Microsoft\Edge\User Data\Default [2020-10-08]
Edge HomePage: Default -> hxxp://www.attirerpage.com/?type=hp&ts=1466062 ... D_W7716KR9
Edge StartupUrls: Default -> "hxxp://google.com/"

FireFox:
========
FF DefaultProfile: 5cqym3x0.default
FF ProfilePath: C:\Users\Iveta\AppData\Roaming\Mozilla\Firefox\Profiles\014vkure.default-release [2020-08-04]
FF ProfilePath: C:\Users\Iveta\AppData\Roaming\Mozilla\Firefox\Profiles\5cqym3x0.default [2020-11-05]
FF Notifications: Mozilla\Firefox\Profiles\5cqym3x0.default -> hxxps://www.facebook.com
FF NewTabOverride: Mozilla\Firefox\Profiles\5cqym3x0.default -> Enabled: {ea614400-e918-4741-9a97-7a972ff7c30b}
FF Extension: (Seznam pro Firefox - Esko) - C:\Users\Iveta\AppData\Roaming\Mozilla\Firefox\Profiles\5cqym3x0.default\Extensions\sko-extension@firma.seznam.cz.xpi [2017-12-07]
FF Extension: (Seznam pro Firefox - Email) - C:\Users\Iveta\AppData\Roaming\Mozilla\Firefox\Profiles\5cqym3x0.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-10-31]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-05-02]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2020-03-16] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google Inc -> Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-14] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-14] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-09-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2020-10-22] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-10-22] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2020-03-16] (Adobe Inc. -> Adobe Systems)
FF Plugin HKU\S-1-5-21-920122311-1960361517-2308721413-1001: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2016-10-24] (Sony Network Entertainment International LLC) [File not signed]

Chrome:
=======
CHR DefaultProfile: ChromeDefaultData
CHR Profile: C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2020-11-09] <==== ATTENTION
CHR Notifications: ChromeDefaultData -> hxxps://modrokamennabouda.cz; hxxps://www.arttec.cz; hxxps://www.facebook.com
CHR HomePage: ChromeDefaultData -> hxxp://lenovo13-comm.msn.com/
CHR StartupUrls: ChromeDefaultData -> "hxxp://www.nuesearch.com/?type=hp&ts=146676335 ... oogle.com/"
CHR Extension: (Překladač Google) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-03-19]
CHR Extension: (Insert Text) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\abmgjcmmphkhndoahbfanhbgeekconmm [2018-09-10]
CHR Extension: (Norton Password Manager) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\admmjipmmciaobhojoghlmleefbicajg [2020-11-09]
CHR Extension: (Dokumenty) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Disk Google) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-26]
CHR Extension: (YouTube) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-31]
CHR Extension: (Flash Player) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\bmimdmkleccdoghpgdhaahkelfhjfhgm [2020-10-08]
CHR Extension: (MozBar) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\eakacpaijcpapndcfffdgphdiccmpknp [2020-11-09]
CHR Extension: (GoFullPage - Full Page Screen Capture) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fdpohaocaechififmbbbbbknoalclacl [2020-09-18]
CHR Extension: (Page Analytics (by Google)) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnbdnhhicmebfgdgglcdacdapkcihcoh [2016-10-10]
CHR Extension: (Norton Safe Web) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnpbeacklnhmkkilekogeiekaglbmmka [2020-11-02]
CHR Extension: (Google Analytics URL Builder) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gaidpiakchgkapdgbnoglpnbccdepnpk [2020-06-08]
CHR Extension: (CircleCount.com) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gfehmiknpngmjkhiieampgfppicbncid [2016-09-22]
CHR Extension: (Dokumenty Google offline) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-10-23]
CHR Extension: (Full Page Screenshot) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\glgomjpomoahpeekneidkinhcfjnnhmb [2018-03-15]
CHR Extension: (Tlačítko „Uložit“ pro Pinterest) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2020-10-05]
CHR Extension: (LinkedIn Sales Navigator) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\hihakjfhbmlmjdnnhegiciffjplmdhin [2019-03-21]
CHR Extension: (Projektový management Gantter) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\himomacamcpodhkahelbnmaddladgjgo [2019-09-12]
CHR Extension: (Rank Checker) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\hnhleeodcddckbbnpedmkkcpbhffpolb [2016-05-31]
CHR Extension: (Norton Identity Safe) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\iikflkcanblccfahdhdonehdalibjnif [2018-02-04]
CHR Extension: (FormApps Extension) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2017-06-15]
CHR Extension: (Google Analytics Debugger) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\jnkmfdileelhofjcijamephohjechhna [2019-08-02]
CHR Extension: (Snap It Button) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\kclagiidcihmjfnlfdboggonemfhcklk [2020-10-19]
CHR Extension: (Tag Assistant (by Google)) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\kejbdjndbnbjgmefkgdddjlbokphdefk [2020-11-09]
CHR Extension: (Loom for Chrome) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\liecbddmkiiihnedobmlmillhodjkdmb [2020-10-23]
CHR Extension: (Norton Safe) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\mpnlkmlkncncpgnnkmkgoobfpnjmblnk [2020-11-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-05]
CHR Extension: (Colour Extractor) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nndpibfappjacgbninhabcokfkdpnmpe [2016-06-20]
CHR Extension: (Image Color Picker - Pick your color online) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ocamglfcdanjnilooepglpjfmjabcgii [2016-06-20]
CHR Extension: (Collabim) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\oinjknlpcckmnnjpodcifmifeghabelo [2016-06-20]
CHR Extension: (Palette Creator) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\oolpphfmdmjbojolagcbgdemojhcnlod [2019-07-03]
CHR Extension: (Social Analytics) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pgckigmaefoaemjpijdepakcghjkggmg [2016-12-27]
CHR Extension: (Gmail) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-10-19]
CHR Profile: C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default [2020-06-18]
CHR HomePage: Default -> hxxp://www.ir-webdesign.com/
CHR Extension: (Překladač Google) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-06-18]
CHR Extension: (Prezentace) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-06-18]
CHR Extension: (Kancelář) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahfpbkogcgkoecgolaojpcijkabngljl [2015-05-04]
CHR Extension: (Dokumenty) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-06-18]
CHR Extension: (Lucidchart Diagrams) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\apboafhkiegglekeafbckfjldecefkhn [2020-06-18]
CHR Extension: (Disk Google) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (No Name) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2020-06-18]
CHR Extension: (No Name) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2017-04-08]
CHR Extension: (YouTube) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (chrometheme) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmcjefhelakcgphlgkfebcahbpdbhdpo [2015-05-04]
CHR Extension: (Vyhledávání Google) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (MozBar) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\eakacpaijcpapndcfffdgphdiccmpknp [2020-06-18]
CHR Extension: (Tabulky Google) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-04]
CHR Extension: (Page Analytics (by Google)) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnbdnhhicmebfgdgglcdacdapkcihcoh [2020-06-18]
CHR Extension: (Dokumenty Google offline) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Gantter for Google Drive) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\himomacamcpodhkahelbnmaddladgjgo [2015-05-04]
CHR Extension: (Rank Checker) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnhleeodcddckbbnpedmkkcpbhffpolb [2015-08-24]
CHR Extension: (Snap It Button) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\kclagiidcihmjfnlfdboggonemfhcklk [2020-06-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (No Name) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2020-06-18]
CHR Extension: (Notifications for Instagram) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\opnbmdkdflhjiclaoiiifmheknpccalb [2020-06-18]
CHR Extension: (Gmail) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-04]
CHR Profile: C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\System Profile [2017-04-08]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
CHR HKU\S-1-5-21-920122311-1960361517-2308721413-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig]
CHR HKU\S-1-5-21-920122311-1960361517-2308721413-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [blmojkbhnkkphngknkmgccmlenfaelkd]
CHR HKU\S-1-5-21-920122311-1960361517-2308721413-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <not found>
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\StartMenuInternet\ChromeHTML: -> C:\Program Files (x86)\Cupblue\Application\chrome.exe <==== ATTENTION

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-09-06] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [820280 2020-03-16] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9057136 2020-10-24] (Microsoft Corporation -> Microsoft Corporation)
R2 connect2hotspot; C:\Program Files (x86)\Lenovo\Connect2\Connect2.Service.exe [100680 2016-12-23] (Lenovo -> Lenovo)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [145224 2019-09-18] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2468496 2012-11-15] (Realtek Semiconductor Corp -> Realsil Microelectronics Inc.)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [115184 2014-07-08] (LENOVO -> Lenovo Group Limited)
S2 LPlatSvc; C:\WINDOWS\System32\LPlatSvc.exe [892288 2019-12-11] (Lenovo -> Lenovo.)
R2 NortonSecurity; C:\Program Files\Norton Security with Backup\Engine\22.20.5.39\NortonSecurity.exe [344760 2020-07-24] (Symantec Corporation -> Symantec Corporation)
R2 nsWscSvc; C:\Program Files\Norton Security with Backup\Engine\22.20.5.39\nsWscSvc.exe [1056096 2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155520 2015-06-10] (Sony Mobile Communications AB -> Avanquest Software) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R2 TechSmith Uploader Service; C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe [3658832 2019-06-28] (TechSmith Corporation -> TechSmith Corporation)
S3 WD Backup Drive Helper; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{4AB831D3-8315-414C-8A7A-303105288D0B} [19256 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WD Backup Drive Helper; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{4AB831D3-8315-414C-8A7A-303105288D0B} [19256 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WD Backup Snapshot; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{302480DF-3AC5-4400-BE7B-DD77AF93B6DD} [19256 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WD Backup Snapshot; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{302480DF-3AC5-4400-BE7B-DD77AF93B6DD} [19256 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [524632 2018-03-26] (Western Digital Techologies -> Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 BHDrvx64; C:\Program Files\Norton Security with Backup\NortonData\22.11.2.7\Definitions\BASHDefs\20201103.005\BHDrvx64.sys [1991536 2020-11-03] (Symantec Corporation -> Broadcom)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-09-12] (Microsoft Corporation) [File not signed]
R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\ccSetx64.sys [192248 2020-07-24] (Symantec Corporation -> Symantec Corporation)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [264552 2016-04-14] (ESET, spol. s r.o. -> ESET)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [516960 2020-07-29] (Symantec Corporation -> Broadcom)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [14976 2016-04-14] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [186784 2016-04-14] (ESET, spol. s r.o. -> ESET)
R2 epfwwfpr; C:\WINDOWS\system32\DRIVERS\epfwwfpr.sys [170792 2016-04-14] (ESET, spol. s r.o. -> ESET)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [154464 2020-08-03] (Symantec Corporation -> Broadcom)
R1 IDSVia64; C:\Program Files\Norton Security with Backup\NortonData\22.11.2.7\Definitions\IPSDefs\20201106.061\IDSvia64.sys [1478496 2020-09-17] (Symantec Corporation -> Broadcom)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-06-28] (Malwarebytes Corporation -> Malwarebytes)
R0 PMDRVS; C:\WINDOWS\System32\drivers\pmdrvs.sys [38160 2019-12-11] (Lenovo -> Lenovo.)
R3 RCUVCAVS; C:\WINDOWS\system32\DRIVERS\RCUVCAVS.sys [149632 2012-10-22] (Microsoft Windows Hardware Compatibility Publisher -> Ricoh co.,Ltd.)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-05] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R3 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\SRTSP64.SYS [889704 2020-07-24] (Symantec Corporation -> Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\SRTSPX64.SYS [50920 2020-07-24] (Symantec Corporation -> Symantec Corporation)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\SYMEFASI64.SYS [1964384 2020-07-24] (Symantec Corporation -> Symantec Corporation)
S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\SymELAM.sys [25080 2020-07-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Broadcom Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [100064 2019-04-05] (Symantec Corporation -> Symantec Corporation)
R3 SymEvnt; C:\Program Files\Norton Security with Backup\NortonData\22.11.2.7\SymPlatform\SymEvnt.sys [712368 2020-01-13] (Symantec Corporation -> Symantec Corporation)
R1 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\Ironx64.SYS [316488 2020-07-24] (Symantec Corporation -> Symantec Corporation)
R1 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\symnets.sys [575328 2020-07-24] (Symantec Corporation -> Symantec Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R1 wdfsconnect2017; C:\WINDOWS\system32\drivers\wdfsconnect2017.sys [468112 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R3 wdvpnpbus; C:\WINDOWS\System32\drivers\wdvpnpbus.sys [20624 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.)
R3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation)
R1 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\wpCtrlDrv.sys [1013792 2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-11-09 18:48 - 2020-11-09 18:49 - 000052117 _____ C:\Users\Iveta\Desktop\FRST.txt
2020-11-09 16:54 - 2020-11-09 16:54 - 008447152 _____ (Malwarebytes) C:\Users\Iveta\Downloads\adwcleaner_8.0.8.exe
2020-11-09 16:48 - 2020-11-09 16:48 - 000000000 ____D C:\Users\Iveta\Desktop\logy
2020-11-09 16:44 - 2020-11-09 16:44 - 000000000 ____D C:\WINDOWS\system32\Tasks\Remediation
2020-11-09 15:10 - 2020-11-09 18:49 - 000000000 ____D C:\FRST
2020-11-09 14:58 - 2020-11-09 14:58 - 002298368 _____ (Farbar) C:\Users\Iveta\Desktop\FRST64.exe
2020-11-04 12:55 - 2020-11-04 12:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2020-11-04 12:55 - 2020-11-04 12:54 - 000069264 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2020-11-04 12:54 - 2020-11-04 12:54 - 000000000 ____D C:\Program Files\Java
2020-11-04 12:54 - 2020-11-04 12:54 - 000000000 ____D C:\Program Files\Common Files\Oracle
2020-11-04 12:52 - 2020-11-04 12:53 - 167452312 _____ (Oracle Corporation) C:\Users\Iveta\Downloads\jdk-15.0.1_windows-x64_bin.exe
2020-11-04 12:47 - 2020-11-04 12:47 - 000000000 ____D C:\Users\Iveta\AppData\LocalLow\Oracle
2020-11-03 07:52 - 2020-11-09 07:42 - 000000000 ____D C:\Users\Iveta\AppData\Local\NPE
2020-11-02 11:19 - 2020-11-02 11:19 - 000062062 _____ C:\Users\Iveta\Downloads\hiaddtocartbutton_v1.0.10.zip
2020-11-02 11:19 - 2020-11-02 11:19 - 000062062 _____ C:\Users\Iveta\Downloads\hiaddtocartbutton_v1.0.10 (1).zip
2020-10-31 18:03 - 2020-11-05 21:11 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-10-26 16:56 - 2020-10-26 16:56 - 000000216 _____ C:\Users\Iveta\dm_importspecialprices.crt
2020-10-26 11:33 - 2020-10-26 11:33 - 000000000 ____D C:\Users\Iveta\.gnupg
2020-10-26 09:36 - 2020-10-26 09:36 - 000000000 ____D C:\Users\Iveta\AppData\Local\JetBrains
2020-10-26 09:33 - 2020-10-26 09:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetBrains
2020-10-26 09:32 - 2020-10-26 09:32 - 000000763 _____ C:\Users\Public\Desktop\PhpStorm 2020.2.3 x64.lnk
2020-10-26 09:32 - 2020-10-26 09:32 - 000000000 ____D C:\Program Files\JetBrains
2020-10-26 09:30 - 2015-05-04 16:57 - 000092550 _____ C:\ProgramData\PhpStorm2020.2_202.7660.42_Uninstall.exe
2020-10-26 09:28 - 2020-10-26 09:29 - 333723200 _____ C:\Users\Iveta\Downloads\PhpStorm-2020.2.3.exe
2020-10-26 09:27 - 2020-10-26 09:27 - 000004096 _____ C:\Users\Iveta\Downloads\E4AXWUU8GJ.zip
2020-10-23 19:02 - 2020-10-23 19:02 - 000425313 _____ C:\Users\Iveta\Downloads\wpfreeshipping.zip
2020-10-23 19:02 - 2020-10-23 19:02 - 000021051 _____ C:\Users\Iveta\Downloads\wpheadertext.zip
2020-10-23 18:58 - 2020-10-23 18:58 - 000020495 _____ C:\Users\Iveta\Downloads\wppayinstore.zip
2020-10-23 11:51 - 2020-10-23 11:53 - 000000000 ___RD C:\Users\Iveta\Dropbox
2020-10-23 11:13 - 2020-10-23 11:13 - 000670312 _____ (Dropbox, Inc.) C:\Users\Iveta\Downloads\DropboxInstaller.exe
2020-10-23 09:16 - 2020-10-23 09:16 - 000154596 _____ C:\Users\Iveta\Downloads\PTV_TPS_PSB_CZ.pdf
2020-10-22 23:42 - 2020-10-22 23:42 - 000065496 _____ (Adobe Systems Inc) C:\WINDOWS\system32\AdobePDF.dll
2020-10-22 23:42 - 2020-10-22 23:42 - 000036312 _____ (Adobe Systems Inc.) C:\WINDOWS\system32\AdobePDFUI.dll
2020-10-19 07:13 - 2020-10-19 07:13 - 000142758 _____ C:\Users\Iveta\Downloads\tax944663.pdf
2020-10-19 07:12 - 2020-10-19 07:12 - 000067437 _____ C:\Users\Iveta\Downloads\inv2368373.pdf
2020-10-16 14:08 - 2020-10-06 01:13 - 000835472 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-10-16 14:08 - 2020-10-06 01:13 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-10-13 22:29 - 2020-10-13 22:29 - 011630080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2020-10-13 22:29 - 2020-10-13 22:29 - 009728512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2020-10-13 22:28 - 2020-10-13 22:28 - 005507072 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2020-10-13 22:28 - 2020-10-13 22:28 - 004310016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2020-10-13 22:28 - 2020-10-13 22:28 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2020-10-13 22:28 - 2020-10-13 22:28 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2020-10-13 22:28 - 2020-10-13 22:28 - 000839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2020-10-13 22:28 - 2020-10-13 22:28 - 000800576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2020-10-13 22:28 - 2020-10-13 22:28 - 000724992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2020-10-13 22:28 - 2020-10-13 22:28 - 000711168 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2020-10-13 22:28 - 2020-10-13 22:28 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2020-10-13 22:28 - 2020-10-13 22:28 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2020-10-13 22:28 - 2020-10-13 22:28 - 000339456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2020-10-13 22:28 - 2020-10-13 22:28 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2020-10-13 22:28 - 2020-10-13 22:28 - 000093112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2020-10-13 22:27 - 2020-10-13 22:27 - 032928928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 031599448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsRaw.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 025445888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 019852288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 019812864 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 018035200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 008010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 007012864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 006307840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 005008896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 004547072 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 004348928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 003635712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 003525600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 003507200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 003243080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 002950264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 002588688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2020-10-13 22:27 - 2020-10-13 22:27 - 002495248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 002422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2020-10-13 22:27 - 2020-10-13 22:27 - 002315984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 002259192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2020-10-13 22:27 - 2020-10-13 22:27 - 002230224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 002227512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 002138264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2020-10-13 22:27 - 2020-10-13 22:27 - 002133312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 001869696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 001789752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 001783984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 001615360 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 001523712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 001506112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 001298752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 001272160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 001249792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 001218048 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 001139200 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 001099608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 001098728 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 001012784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 001000960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000868352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2fs.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000834560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000776704 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000748384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000692224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000515584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpedit.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000513848 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicRuntimes.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000477696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tracerpt.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000376320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tracerpt.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AnalogShell.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2020-10-13 22:27 - 2020-10-13 22:27 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWSD.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\logman.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\provmigrate.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logman.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdSSDP.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\relog.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\typeperf.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\relog.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\typeperf.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-10-13 22:27 - 2020-10-13 22:27 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpupdate.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\diskperf.exe
2020-10-13 22:27 - 2020-10-13 22:27 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\diskperf.exe
2020-10-13 22:26 - 2020-10-13 22:27 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 022646784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 007289344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 006525952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 005768256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 004608512 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 002799616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-10-13 22:26 - 2020-10-13 22:26 - 002740736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directml.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 002585024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 002262784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001958072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001686016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001672552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001665728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001617088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001564984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001477120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001459712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001436032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvbvm60.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001421392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001397568 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 001335608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdrecordcpu.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001327616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001285120 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 001214464 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001182744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 001077056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 000992256 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2fs.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 000910336 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 000894024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000877056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 000864768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000833344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000784000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 000775480 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 000741696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DismApi.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000693128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000682736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 000675024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000629248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000599864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000593416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpedit.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResourceMapper.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000501000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp_win.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000491008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmdial32.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000488568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000474432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000468944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000453944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 000422000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000405936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\es.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-10-13 22:26 - 2020-10-13 22:26 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000300704 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000285560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000284504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdwriter.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppLockerCSP.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2020-10-13 22:26 - 2020-10-13 22:26 - 000224568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Dism.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000199992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000188224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ifsutil.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000166936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000164352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000164352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWSD.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000150328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 000149304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ulib.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupcln.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinHvEmulation.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 000117208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000111536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdSSDP.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000093512 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000089336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000084280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2020-10-13 22:26 - 2020-10-13 22:26 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptext.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000054720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000051632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel.appcore.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpupdate.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 000021312 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidtel.exe
2020-10-13 22:26 - 2020-10-13 22:26 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shimeng.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3r.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-10-13 22:26 - 2020-10-13 22:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-10-13 22:26 - 2020-10-13 22:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-10-13 22:26 - 2020-10-13 22:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-10-13 22:26 - 2020-10-13 22:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-10-13 22:26 - 2020-10-13 22:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-10-13 22:26 - 2020-10-13 22:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-10-13 22:26 - 2020-10-13 22:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-10-13 22:26 - 2020-10-13 22:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-10-13 22:26 - 2020-10-13 22:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-10-13 22:26 - 2020-10-13 22:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-10-13 22:26 - 2020-10-13 22:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-10-13 22:26 - 2020-10-13 22:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-10-13 22:25 - 2020-10-13 22:25 - 014818304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 009924928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 007604576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 005112320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 003805696 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 003748352 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 002986288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-10-13 22:25 - 2020-10-13 22:25 - 002777184 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 002775688 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 002737664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 002696512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-10-13 22:25 - 2020-10-13 22:25 - 002491032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 002092328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001999440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001916752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001845912 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001698816 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001664688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001653800 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001593344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001408512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001285120 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001271808 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001265152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001246208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001170960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001154440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001053120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 001004872 _____ (Microsoft Corporation) C:\WINDOWS\system32\DismApi.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000950272 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000933288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000907072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000890432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000871936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000860160 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2020-10-13 22:25 - 2020-10-13 22:25 - 000845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000844088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000837120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000835672 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000767984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000628416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000628032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000614912 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2020-10-13 22:25 - 2020-10-13 22:25 - 000555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmdial32.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000551624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxs.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000546968 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000518456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-10-13 22:25 - 2020-10-13 22:25 - 000467952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2020-10-13 22:25 - 2020-10-13 22:25 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000437568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2020-10-13 22:25 - 2020-10-13 22:25 - 000375504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000362296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000350208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountWAMExtension.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2020-10-13 22:25 - 2020-10-13 22:25 - 000326656 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcomapi.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000280888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dism.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2020-10-13 22:25 - 2020-10-13 22:25 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppnp.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000222008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000213784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000204104 _____ (Microsoft Corporation) C:\WINDOWS\system32\unattend.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000188208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionQueue.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000176440 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxlib.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeHelper.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000165840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spopk.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupcln.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatialAudioLicenseSrv.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000141632 _____ (Microsoft Corporation) C:\WINDOWS\system32\migisol.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000130112 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000108856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GraphicsCapture.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\MuiUnattend.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2020-10-13 22:25 - 2020-10-13 22:25 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\djoin.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000072824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptext.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000068416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceReactivation.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000063296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\PnPUnattend.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000054272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000035840 _____ C:\WINDOWS\system32\deploymentcsphelper.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2020-10-13 22:25 - 2020-10-13 22:25 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnscacheugc.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxstrace.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2020-10-13 22:25 - 2020-10-13 22:25 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\netbtugc.exe
2020-10-13 22:25 - 2020-10-13 22:25 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\EsdSip.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d8thk.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCertResources.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-10-13 22:25 - 2020-10-13 22:25 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3r.dll
2020-10-13 22:24 - 2020-10-13 22:25 - 000797456 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 007271752 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 006437376 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 004565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 004140544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 004050944 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 003728384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-10-13 22:24 - 2020-10-13 22:24 - 003581248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-10-13 22:24 - 2020-10-13 22:24 - 003545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 003371168 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 003327776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 003232064 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 002712064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-10-13 22:24 - 2020-10-13 22:24 - 002556224 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 002485248 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 002455928 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 002260832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 002074624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 002007360 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 001947688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 001918976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 001833272 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 001756592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-10-13 22:24 - 2020-10-13 22:24 - 001743688 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 001656904 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 001618704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdrecordcpu.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 001614848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 001512840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 001487360 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 001393952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 001375744 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 001366136 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-10-13 22:24 - 2020-10-13 22:24 - 001259720 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 001182248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 001083704 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 001047040 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2020-10-13 22:24 - 2020-10-13 22:24 - 001024656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 001014784 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000974336 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000961024 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 000916760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000893624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2020-10-13 22:24 - 2020-10-13 22:24 - 000874304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-10-13 22:24 - 2020-10-13 22:24 - 000865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000852280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000782656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000761672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000742720 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000676864 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000639392 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000636856 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxs.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000604992 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000602424 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000598336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000586048 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2020-10-13 22:24 - 2020-10-13 22:24 - 000564736 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000554496 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-10-13 22:24 - 2020-10-13 22:24 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000522688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 000519496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 000492032 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2020-10-13 22:24 - 2020-10-13 22:24 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 000441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-10-13 22:24 - 2020-10-13 22:24 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\es.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000399360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000389440 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000363112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000353752 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000343416 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdwriter.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000328704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsku.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\PushToInstall.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000234992 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000214840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ifsutil.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000205632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2020-10-13 22:24 - 2020-10-13 22:24 - 000201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000192176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbrand.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\spopk.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000180544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2020-10-13 22:24 - 2020-10-13 22:24 - 000180032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ulib.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000160064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\GraphicsCapture.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSAssessment.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000141520 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000102720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000089920 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000067656 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\watchdog.sys
2020-10-13 22:24 - 2020-10-13 22:24 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000058888 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel.appcore.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000057664 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxstrace.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtClient.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidtel.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2020-10-13 22:24 - 2020-10-13 22:24 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\applockerfltr.sys
2020-10-13 22:24 - 2020-10-13 22:24 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\shimeng.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2020-10-13 22:24 - 2020-10-13 22:24 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 017790976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 003725824 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 003143168 _____ (Microsoft Corporation) C:\WINDOWS\system32\directml.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 002296832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 002125392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 001967104 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 001942016 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 001751552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 001499136 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 001413712 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 001187840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 001182720 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 001150264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-10-13 22:23 - 2020-10-13 22:23 - 001092608 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 001086784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 001077248 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 001029952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 001026800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 001008960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000875400 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000805184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000804672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000722080 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000589392 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2020-10-13 22:23 - 2020-10-13 22:23 - 000495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountWAMExtension.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000437056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000422712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000415816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000381656 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialEnrollmentManager.exe
2020-10-13 22:23 - 2020-10-13 22:23 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2020-10-13 22:23 - 2020-10-13 22:23 - 000222528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ataport.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000183616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000174400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2020-10-13 22:23 - 2020-10-13 22:23 - 000141632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000089928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000088360 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-10-13 22:23 - 2020-10-13 22:23 - 000076952 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialEnrollmentManagerForUser.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\bfsvc.exe
2020-10-13 22:23 - 2020-10-13 22:23 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidspi.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000056640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciidex.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
2020-10-13 22:23 - 2020-10-13 22:23 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2020-10-13 22:23 - 2020-10-13 22:23 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-10-13 22:23 - 2020-10-13 22:23 - 000030016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\atapi.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000019768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelide.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000016704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciide.sys
2020-10-13 22:23 - 2020-10-13 22:23 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCertResources.dll
2020-10-13 21:24 - 2020-10-13 21:25 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-10-13 21:24 - 2020-10-13 21:25 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-11-09 18:49 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-11-09 18:49 - 2015-05-04 16:36 - 000000000 ____D C:\Users\Iveta\Documents\WWW pracovní
2020-11-09 18:38 - 2019-08-02 09:47 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-11-09 18:16 - 2019-10-05 19:11 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-11-09 18:13 - 2020-08-03 12:54 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton 360
2020-11-09 18:11 - 2019-08-02 10:08 - 001846928 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-11-09 18:11 - 2019-03-19 12:55 - 000776806 _____ C:\WINDOWS\system32\perfh005.dat
2020-11-09 18:11 - 2019-03-19 12:55 - 000168354 _____ C:\WINDOWS\system32\perfc005.dat
2020-11-09 18:11 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-11-09 18:04 - 2019-08-02 10:06 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-11-09 18:04 - 2016-10-12 03:20 - 000000000 ____D C:\ProgramData\NVIDIA
2020-11-09 18:04 - 2015-05-04 07:42 - 000000000 __SHD C:\Users\Iveta\IntelGraphicsProfiles
2020-11-09 18:03 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-11-09 17:56 - 2016-06-28 13:02 - 000000000 ____D C:\AdwCleaner
2020-11-09 16:41 - 2020-10-06 07:16 - 000000000 ____D C:\Users\Iveta\Documents\Soubory aplikace Outlook
2020-11-09 14:50 - 2019-03-19 05:37 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2020-11-08 14:17 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-11-08 14:17 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-11-06 15:16 - 2020-07-13 14:03 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-11-06 15:16 - 2020-07-13 14:03 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-11-05 21:11 - 2015-05-04 18:03 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-11-05 20:29 - 2015-05-09 11:34 - 000000000 ____D C:\Users\Iveta\Documents\WWW zálohy
2020-11-05 17:38 - 2015-05-04 16:54 - 000000000 ____D C:\Users\Iveta\Documents\Pracovní
2020-11-05 16:35 - 2016-12-08 22:55 - 000000000 ____D C:\Users\Iveta\AppData\LocalLow\Mozilla
2020-11-05 16:32 - 2020-08-04 09:27 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-11-05 16:32 - 2015-08-28 08:26 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-11-05 13:04 - 2016-03-18 11:58 - 000002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2020-11-05 13:04 - 2016-03-18 11:58 - 000002103 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2020-11-05 10:35 - 2015-05-04 19:23 - 000000000 ____D C:\Users\Iveta\AppData\Local\CrashDumps
2020-11-05 07:46 - 2015-05-06 09:23 - 000000000 ____D C:\Program Files (x86)\Java
2020-11-04 12:42 - 2016-04-02 06:25 - 000000000 ____D C:\Program Files (x86)\seoadministrator
2020-11-04 12:42 - 2015-05-05 19:51 - 000000000 ____D C:\Program Files (x86)\Screen Courier
2020-11-04 12:35 - 2019-01-04 17:32 - 000000000 ____D C:\Users\Iveta\AppData\Roaming\WD Discovery
2020-11-04 12:35 - 2019-01-04 17:32 - 000000000 ____D C:\Users\Iveta\.wdc
2020-11-04 09:15 - 2019-01-04 17:32 - 000000000 ____D C:\Program Files\WD Desktop App
2020-11-04 08:19 - 2019-08-02 09:57 - 000000000 ____D C:\Users\Iveta
2020-11-04 08:10 - 2016-10-14 05:50 - 000000000 ____D C:\ProgramData\Norton
2020-11-03 23:34 - 2015-05-04 19:57 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-11-03 15:57 - 2015-05-04 17:27 - 000000000 ____D C:\Users\Iveta\Documents\Smazat
2020-11-03 07:26 - 2015-05-04 16:25 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-11-03 07:26 - 2015-05-04 16:25 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-11-02 14:16 - 2019-04-05 17:44 - 001867252 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2020-11-02 09:36 - 2020-03-27 15:17 - 000000000 ____D C:\Users\Iveta\AppData\Roaming\npm-cache
2020-11-02 08:28 - 2020-07-13 14:03 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-11-02 08:28 - 2020-07-13 14:03 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-10-30 22:19 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-10-30 19:47 - 2015-05-04 12:59 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-10-30 09:39 - 2017-12-17 10:14 - 000000000 ____D C:\Users\Iveta\AppData\Local\Packages
2020-10-30 07:27 - 2019-08-02 10:06 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-920122311-1960361517-2308721413-1001
2020-10-30 07:27 - 2019-08-02 09:57 - 000002361 _____ C:\Users\Iveta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-10-30 07:27 - 2015-09-15 19:16 - 000000000 ___RD C:\Users\Iveta\OneDrive
2020-10-27 13:43 - 2018-02-24 12:26 - 000002073 _____ C:\Users\Public\Desktop\Google Slides.lnk
2020-10-27 13:43 - 2018-02-24 12:26 - 000002071 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2020-10-27 13:43 - 2018-02-24 12:26 - 000002061 _____ C:\Users\Public\Desktop\Google Docs.lnk
2020-10-27 13:43 - 2018-02-24 12:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2020-10-26 14:22 - 2015-05-04 16:55 - 000000000 ____D C:\Users\Iveta\Documents\Osobní
2020-10-26 09:44 - 2015-05-04 17:03 - 000000000 ____D C:\Users\Iveta\AppData\Roaming\JetBrains
2020-10-26 09:00 - 2015-05-04 16:36 - 000000000 ____D C:\Users\Iveta\Documents\WWW
2020-10-19 20:43 - 2019-08-02 11:21 - 000045775 ____H C:\Users\Iveta\AppData\Local\IconCache.db.backup
2020-10-17 09:40 - 2015-05-05 18:39 - 000001480 _____ C:\Users\Iveta\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2020-10-16 14:09 - 2016-10-29 22:54 - 000000000 ___RD C:\Users\Iveta\3D Objects
2020-10-16 14:09 - 2015-06-17 11:01 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-10-16 14:09 - 2015-05-04 05:29 - 000000402 ___SH C:\Users\Iveta\Documents\desktop (New).ini
2020-10-16 14:09 - 2015-05-04 05:29 - 000000282 ___RH C:\Users\Iveta\Desktop\desktop (New).ini
2020-10-16 14:07 - 2019-08-02 09:47 - 005370168 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-10-16 13:48 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2020-10-16 13:48 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-10-16 13:47 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-10-16 13:47 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2020-10-16 13:47 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2020-10-16 13:47 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2020-10-16 13:47 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2020-10-16 13:47 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-10-16 13:47 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\es-MX
2020-10-16 13:47 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-10-16 13:47 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\appraiser
2020-10-16 13:46 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2020-10-16 13:46 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-10-16 13:46 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-10-16 13:46 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Provisioning
2020-10-16 13:46 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-10-14 23:12 - 2019-08-02 10:06 - 000003472 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-10-14 23:12 - 2019-08-02 10:06 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-10-13 22:46 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp

==================== Files in the root of some directories ========

2020-10-26 09:30 - 2015-05-04 16:57 - 000092550 _____ () C:\ProgramData\PhpStorm2020.2_202.7660.42_Uninstall.exe
2015-08-24 09:17 - 2015-08-24 10:06 - 000000132 _____ () C:\Users\Iveta\AppData\Roaming\Adobe Formát BMP CS6 – předvolby
2015-09-09 13:50 - 2019-07-23 20:08 - 000000132 _____ () C:\Users\Iveta\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2018-01-20 11:49 - 2020-05-07 15:41 - 000000033 _____ () C:\Users\Iveta\AppData\Roaming\AdobeWLCMCache.dat
2015-08-03 08:36 - 2018-01-12 21:21 - 000000132 _____ () C:\Users\Iveta\AppData\Roaming\Filtr IIIExport Adobe CS6 – předvolby
2015-10-05 20:47 - 2020-10-05 20:10 - 000000128 _____ () C:\Users\Iveta\AppData\Roaming\winscp.rnd
2017-05-08 16:35 - 2017-05-08 16:35 - 000000038 ___SH () C:\Users\Iveta\AppData\Local\3132457594e445968615d80.28999810
2015-05-05 18:39 - 2020-10-17 09:40 - 000001480 _____ () C:\Users\Iveta\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2015-05-04 20:40 - 2017-02-02 09:44 - 000000058 _____ () C:\Users\Iveta\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2018-09-28 07:45 - 2018-09-28 07:45 - 000000000 _____ () C:\Users\Iveta\AppData\Local\oobelibMkey.log
2017-11-09 14:41 - 2017-11-09 14:41 - 000000768 _____ () C:\Users\Iveta\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Re: Samovolné zpětování v programech i prohlížečí

Napsal: 09 lis 2020 20:06
od Rudy
No, to je špatné. Addition log bych také pořeboval. Zatím tedy:

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\RunOnce: [Application Restart #4] => C:\Program Files (x86)\Microsoft\Edge\Temp\scoped_dir14400_1215716017\old_msedge.exe --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --restore-last-session -- microsoft-edge: (the data entry has 138 more characters). <==== ATTENTION
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\MountPoints2: {22986a71-0f7b-11e9-bf30-b888e3de6c61} - "E:\WD Drive Unlock.exe" autoplay=true
GroupPolicy: Restriction - Windows Defender <==== ATTENTION
Task: {03D3A8E8-B8E4-426D-AF0C-7247011CEADE} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {08525A1C-9DA5-4DDB-A449-08F8A713D8E4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {14A94EC1-FC51-4C29-8BCB-A639C35C869C} - \Optimize Start Menu Cache Files-S-1-5-21-920122311-1960361517-2308721413-1001 -> No File <==== ATTENTION
Task: {26D35485-0B85-4CEB-841A-717C15C52980} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {40335F53-DAC0-42E3-8C61-F08C76150D44} - \WPD\SqmUpload_S-1-5-21-920122311-1960361517-2308721413-1001 -> No File <==== ATTENTION
Task: {42B9CC78-B5D6-4587-8196-534B49454008} - System32\Tasks\Trigger KMS Activation => C:\KMSnano Final\TriggerKMS.exe [54784 2013-02-10] () [File not signed]
C:\KMSnano Final
Task: {5D4D5AA5-8470-43B7-A4AE-21370D58E3FE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-05-04] (Google Inc -> Google Inc.)
Task: {66C03512-B15B-4AB4-92DF-691F9F588F51} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {7D347C14-1456-4C7E-AB13-53AC61C880F1} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {8204FCCD-D668-468D-AA4C-AC654161D2D2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {92B63E48-2F65-4A9C-AF8D-4F164859C499} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-05-04] (Google Inc -> Google Inc.)
Task: {ABEC7406-4233-49E9-A85A-076F0A7CD37F} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {B09A0183-8627-4209-8F91-D59A81543214} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {BDC865D7-1F68-408D-8BE0-01380142CFF7} - \AdobeAAMUpdater-1.0-Iveta-Rumlerova-Iveta -> No File <==== ATTENTION
Task: {C7AFF3F3-A573-4F9A-9F92-48268AE6A8CE} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {D2B41DE8-4B69-402D-A8E5-B51C9945F6D9} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {D8583876-74B2-48D9-B59F-4B6E2807AEFA} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {F320E204-F550-4A83-A789-04EF25859F5E} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Edge HomePage: Default -> hxxp://www.attirerpage.com/?type=hp&ts=1466062 ... D_W7716KR9
CHR Profile: C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2020-11-09] <==== ATTENTION
CHR StartupUrls: ChromeDefaultData -> "hxxp://www.nuesearch.com/?type=hp&ts=146676335 ... oogle.com/"
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\StartMenuInternet\ChromeHTML: -> C:\Program Files (x86)\Cupblue\Application\chrome.exe <==== ATTENTION
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Iveta\AppData\Local\3132457594e445968615d80.28999810

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Samovolné zpětování v programech i prohlížečí

Napsal: 09 lis 2020 21:07
od Ivetaru
Fix result of Farbar Recovery Scan Tool (x64) Version: 06-11-2020
Ran by Iveta (09-11-2020 20:21:26) Run:1
Running from C:\Users\Iveta\Desktop
Loaded Profiles: Iveta
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\RunOnce: [Application Restart #4] => C:\Program Files (x86)\Microsoft\Edge\Temp\scoped_dir14400_1215716017\old_msedge.exe --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --restore-last-session -- microsoft-edge: (the data entry has 138 more characters). <==== ATTENTION
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\MountPoints2: {22986a71-0f7b-11e9-bf30-b888e3de6c61} - "E:\WD Drive Unlock.exe" autoplay=true
GroupPolicy: Restriction - Windows Defender <==== ATTENTION
Task: {03D3A8E8-B8E4-426D-AF0C-7247011CEADE} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {08525A1C-9DA5-4DDB-A449-08F8A713D8E4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {14A94EC1-FC51-4C29-8BCB-A639C35C869C} - \Optimize Start Menu Cache Files-S-1-5-21-920122311-1960361517-2308721413-1001 -> No File <==== ATTENTION
Task: {26D35485-0B85-4CEB-841A-717C15C52980} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {40335F53-DAC0-42E3-8C61-F08C76150D44} - \WPD\SqmUpload_S-1-5-21-920122311-1960361517-2308721413-1001 -> No File <==== ATTENTION
Task: {42B9CC78-B5D6-4587-8196-534B49454008} - System32\Tasks\Trigger KMS Activation => C:\KMSnano Final\TriggerKMS.exe [54784 2013-02-10] () [File not signed]
C:\KMSnano Final
Task: {5D4D5AA5-8470-43B7-A4AE-21370D58E3FE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-05-04] (Google Inc -> Google Inc.)
Task: {66C03512-B15B-4AB4-92DF-691F9F588F51} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {7D347C14-1456-4C7E-AB13-53AC61C880F1} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {8204FCCD-D668-468D-AA4C-AC654161D2D2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {92B63E48-2F65-4A9C-AF8D-4F164859C499} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-05-04] (Google Inc -> Google Inc.)
Task: {ABEC7406-4233-49E9-A85A-076F0A7CD37F} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {B09A0183-8627-4209-8F91-D59A81543214} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {BDC865D7-1F68-408D-8BE0-01380142CFF7} - \AdobeAAMUpdater-1.0-Iveta-Rumlerova-Iveta -> No File <==== ATTENTION
Task: {C7AFF3F3-A573-4F9A-9F92-48268AE6A8CE} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {D2B41DE8-4B69-402D-A8E5-B51C9945F6D9} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {D8583876-74B2-48D9-B59F-4B6E2807AEFA} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {F320E204-F550-4A83-A789-04EF25859F5E} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Edge HomePage: Default -> hxxp://www.attirerpage.com/?type=hp&ts=1466062 ... D_W7716KR9
CHR Profile: C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2020-11-09] <==== ATTENTION
CHR StartupUrls: ChromeDefaultData -> "hxxp://www.nuesearch.com/?type=hp&ts=146676335 ... oogle.com/"
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\StartMenuInternet\ChromeHTML: -> C:\Program Files (x86)\Cupblue\Application\chrome.exe <==== ATTENTION
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Iveta\AppData\Local\3132457594e445968615d80.28999810

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKU\S-1-5-21-920122311-1960361517-2308721413-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Application Restart #4" => removed successfully
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{22986a71-0f7b-11e9-bf30-b888e3de6c61} => removed successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{03D3A8E8-B8E4-426D-AF0C-7247011CEADE} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{03D3A8E8-B8E4-426D-AF0C-7247011CEADE} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{08525A1C-9DA5-4DDB-A449-08F8A713D8E4} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{08525A1C-9DA5-4DDB-A449-08F8A713D8E4} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{14A94EC1-FC51-4C29-8BCB-A639C35C869C} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{14A94EC1-FC51-4C29-8BCB-A639C35C869C} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Optimize Start Menu Cache Files-S-1-5-21-920122311-1960361517-2308721413-1001 => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{26D35485-0B85-4CEB-841A-717C15C52980} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{26D35485-0B85-4CEB-841A-717C15C52980} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{40335F53-DAC0-42E3-8C61-F08C76150D44} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{40335F53-DAC0-42E3-8C61-F08C76150D44} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-920122311-1960361517-2308721413-1001 => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{42B9CC78-B5D6-4587-8196-534B49454008} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{42B9CC78-B5D6-4587-8196-534B49454008} => removed successfully
C:\WINDOWS\System32\Tasks\Trigger KMS Activation => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Trigger KMS Activation => removed successfully
C:\KMSnano Final => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5D4D5AA5-8470-43B7-A4AE-21370D58E3FE} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5D4D5AA5-8470-43B7-A4AE-21370D58E3FE} => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{66C03512-B15B-4AB4-92DF-691F9F588F51} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{66C03512-B15B-4AB4-92DF-691F9F588F51} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7D347C14-1456-4C7E-AB13-53AC61C880F1} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7D347C14-1456-4C7E-AB13-53AC61C880F1} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8204FCCD-D668-468D-AA4C-AC654161D2D2} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8204FCCD-D668-468D-AA4C-AC654161D2D2} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{92B63E48-2F65-4A9C-AF8D-4F164859C499} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{92B63E48-2F65-4A9C-AF8D-4F164859C499} => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ABEC7406-4233-49E9-A85A-076F0A7CD37F} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ABEC7406-4233-49E9-A85A-076F0A7CD37F} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B09A0183-8627-4209-8F91-D59A81543214} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B09A0183-8627-4209-8F91-D59A81543214} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BDC865D7-1F68-408D-8BE0-01380142CFF7} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BDC865D7-1F68-408D-8BE0-01380142CFF7} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeAAMUpdater-1.0-Iveta-Rumlerova-Iveta => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C7AFF3F3-A573-4F9A-9F92-48268AE6A8CE} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C7AFF3F3-A573-4F9A-9F92-48268AE6A8CE} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D2B41DE8-4B69-402D-A8E5-B51C9945F6D9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D2B41DE8-4B69-402D-A8E5-B51C9945F6D9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D8583876-74B2-48D9-B59F-4B6E2807AEFA} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D8583876-74B2-48D9-B59F-4B6E2807AEFA} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F320E204-F550-4A83-A789-04EF25859F5E} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F320E204-F550-4A83-A789-04EF25859F5E} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd => removed successfully
"Edge HomePage" => removed successfully
C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\ChromeDefaultData => moved successfully
"Chrome StartupUrls" => not found
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\SOFTWARE\Clients\StartMenuInternet\ChromeHTML => removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\Users\Iveta\AppData\Local\3132457594e445968615d80.28999810 => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 367020587 B
Java, Flash, Steam htmlcache => 4825 B
Windows/system/drivers => 1649757 B
Edge => 2601323 B
Chrome => 36935170 B
Firefox => 1541785309 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 9673 B
Users => 9673 B
ProgramData => 9673 B
Public => 9673 B
systemprofile => 9673 B
systemprofile32 => 9673 B
LocalService => 410781 B
NetworkService => 410781 B
Iveta => 157674096 B

Re: Samovolné zpětování v programech i prohlížečí

Napsal: 09 lis 2020 21:08
od Ivetaru
program mi neodpovídá, ale log se vytvořil, tak jsem ho v předchozí zprávě zkopírovala

Re: Samovolné zpětování v programech i prohlížečí

Napsal: 09 lis 2020 21:10
od Ivetaru
dodatečně ten addition log

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-11-2020
Ran by Iveta (09-11-2020 18:50:32)
Running from C:\Users\Iveta\Desktop
Windows 10 Home Version 1903 18362.1139 (X64) (2019-08-02 10:07:14)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-920122311-1960361517-2308721413-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-920122311-1960361517-2308721413-503 - Limited - Disabled)
Guest (S-1-5-21-920122311-1960361517-2308721413-501 - Limited - Disabled)
Iveta (S-1-5-21-920122311-1960361517-2308721413-1001 - Administrator - Enabled) => C:\Users\Iveta
WDAGUtilityAccount (S-1-5-21-920122311-1960361517-2308721413-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton 360 (Enabled - Up to date) {1122B19A-E671-38EC-8EAC-87048FD4528D}
AV: Norton Security (Enabled - Up to date) {A2708B76-6835-6565-CB96-694212954A75}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton 360 (Enabled - Up to date) {9E3FD331-C4C2-7AC4-0537-131EEF1B1F8A}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Security (Enabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E}
FW: Norton 360 (Enabled) {A6045214-8EAD-7B9C-2E68-BA2B11C858F1}
FW: Norton 360 (Enabled) {291930BF-AC1E-39B4-A5F3-2E31710715F6}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 20.013.20064 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20064 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.1.0.407 - Adobe Systems Incorporated)
Adobe Illustrator 2020 (HKLM-x32\...\ILST_24_1_2) (Version: 24.1.2 - Adobe Inc.)
Adobe InDesign 2020 (HKLM-x32\...\IDSN_15_0_2) (Version: 15.0.2 - Adobe Inc.)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
AIMP (HKLM-x32\...\AIMP) (Version: v4.11.1839, 30.09.2016 - AIMP DevTeam)
Aktualizace NVIDIA 2.9.1.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.9.1.22 - NVIDIA Corporation) Hidden
Backup and Sync from Google (HKLM\...\{86E7EC52-41D9-4573-951C-FB7AC339A251}) (Version: 3.52.3372.2621 - Google, Inc.)
Barvy 4.1 (HKLM\...\Barvy_is1) (Version: - Vlastimil Burian)
calibre 64bit (HKLM\...\{53CF63D2-ADC7-4D61-8076-113B313EE85A}) (Version: 3.33.1 - Kovid Goyal)
Composer - Php Dependency Manager (HKLM-x32\...\{7315AF68-E777-496A-A6A2-4763A98ED35A}_is1) (Version: - getcomposer.org)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.16.50 - Conexant)
Conexant SmartAudio (HKLM\...\SAII) (Version: 6.0.224.0 - Conexant Systems)
Connect2 (HKLM-x32\...\Connect2_is1) (Version: 4.2.0.3818 - Lenovo)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Epson Event Manager (HKLM-x32\...\{49048EBF-3803-4AA4-8943-675E6E8D5B30}) (Version: 3.11.0030 - Seiko Epson Corporation)
EPSON L7160 Series Printer Uninstall (HKLM\...\EPSON L7160 Series) (Version: - Seiko Epson Corporation)
Epson Printer Connection Checker (HKLM-x32\...\{FFA5C174-DB3F-4AFE-B59D-C0FB1744CD76}) (Version: 3.1.0.0 - Seiko Epson Corporation)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 3.00.04 - SEIKO EPSON Corp.)
Epson ScanSmart (HKLM-x32\...\{7565F1C6-8DDF-4057-9152-2281A66F4BD3}) (Version: 3.4.1 - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{D2D9559D-359A-4C61-B93A-FE01AE2BFB75}) (Version: 4.5.4 - Seiko Epson Corporation)
EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation)
Excel Split Files Into Multiple Smaller Files Software (HKLM-x32\...\Excel Split Files Into Multiple Smaller Files Software_is1) (Version: - Sobolsoft)
FormApps Signing Extension (HKLM-x32\...\{ACA43D91-8B42-4D42-8C8B-A893BD6AA40D}) (Version: 2.8.2.28 - Software602 a.s.)
FreeLanguageTranslator 3.9 (HKLM-x32\...\{1AF6ABD0-D230-4222-BBD4-044754170530}) (Version: 3.9 - Decebal Mihailescu)
Git version 2.26.0 (HKLM\...\Git_is1) (Version: 2.26.0 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 86.0.4240.183 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.31 - Google LLC) Hidden
HandBrake 1.2.2 (HKLM-x32\...\HandBrake) (Version: 1.2.2 - )
Inkscape 0.92.2 (HKLM-x32\...\Inkscape) (Version: 0.92.2 - Inkscape Project)
Integrated Camera Driver Installer Package Ver.1.0.0.26 (HKLM-x32\...\{F8754583-7893-4CD8-9E51-1A08F3D4C1A9}) (Version: 1.0.0.26 - RICOH)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36702 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3190 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.42 - Irfan Skiljan)
Java(TM) SE Development Kit 15.0.1 (64-bit) (HKLM\...\{E6A95593-92FB-518A-B2D5-5E9EE8CBEA82}) (Version: 15.0.1.0 - Oracle Corporation)
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 2.13 - )
Lenovo On Screen Display (HKLM\...\OnScreenDisplay) (Version: 8.85.03 - Lenovo)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.10.15 - Lenovo) Hidden
Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.07.0110 - Lenovo)
Media Go (HKLM-x32\...\{60CDD65B-61AD-4BE4-BEA8-BB2D15534D4B}) (Version: 3.2.191 - Sony)
Media Go Video Playback Engine 2.20.102.05220 (HKLM-x32\...\{1EBB91B3-B277-3438-6125-C1C0281E02C7}) (Version: 2.20.102.05220 - Sony)
Metric Collection SDK (HKLM-x32\...\{DDAA788F-52E6-44EA-ADB8-92837B11BF26}) (Version: 1.1.0012.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0011.00 - Lenovo Group Limited) Hidden
Microsoft 365 Apps pro firmy - cs-cz (HKLM\...\O365BusinessRetail - cs-cz) (Version: 16.0.13328.20292 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 86.0.622.63 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.137.99 - )
Microsoft Office Access database engine 2007 (English) (HKLM-x32\...\{90120000-00D1-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\OneDriveSetup.exe) (Version: 20.169.0823.0008 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\Teams) (Version: 1.2.00.19260 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{97238E8A-4919-4A1E-965A-C6C36938F4CE}) (Version: 2.68.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 76.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 76.0.1 (x64 cs)) (Version: 76.0.1 - Mozilla)
Mozilla Firefox 82.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 82.0.2 (x64 cs)) (Version: 82.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 66.0.2 - Mozilla)
Mozilla Thunderbird 68.12.1 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 68.12.1 (x86 cs)) (Version: 68.12.1 - Mozilla)
Node.js (HKLM\...\{5423D4CA-7953-4205-A13A-87E577B4B9EA}) (Version: 12.16.1 - Node.js Foundation)
Norton 360 (HKLM-x32\...\NGC) (Version: 22.20.5.39 - Symantec Corporation)
NVIDIA GeForce Experience 2.9.1.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.9.1.22 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13328.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13328.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13328.20292 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.13328.20278 - Microsoft Corporation) Hidden
OmmWriter (HKLM-x32\...\{61356085-6C51-4DC9-99E6-33ED72304690}) (Version: 0.1.0.8 - Herraiz & Soto)
Ovládací panel NVIDIA 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 376.54 - NVIDIA Corporation) Hidden
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
PhpStorm 2020.2.3 (HKLM-x32\...\PhpStorm 2020.2.3) (Version: 202.7660.42 - JetBrains s.r.o.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Pokročilá kalkulačka 1.1 (HKLM-x32\...\Pokročilá kalkulačka_is1) (Version: - Island software)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22532 - Microsoft Corporation)
Příručky společnosti EPSON (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.56.1.0 - Seiko Epson Corporation)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.5.8.2500 - Jan Fiala)
REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: 2.5.005.12 - Lenovo)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.10.1226.2012 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{0D61A55C-3ADC-409F-BF5B-A1766D1F5944}) (Version: 6.2.9200.29048 - Realtek Semiconductor Corp.)
Reduce PDF Size (HKLM-x32\...\{32BD8FD9-8990-46A0-B86B-857F11014DF6}_is1) (Version: - reducepdfsize.com)
Remove Accents From Characters Software (HKLM-x32\...\Remove Accents From Characters Software_is1) (Version: - Sobolsoft)
Sada Compatibility Pack pro systém Office 2007 (HKLM-x32\...\{90120000-0020-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Screenshot Captor 3.08.01 (HKLM-x32\...\ScreenshotCaptor_is1) (Version: - )
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 4.1.0260 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.9.1.22 - NVIDIA Corporation) Hidden
Sigil 0.9.9 (HKLM\...\Sigil_is1) (Version: - Sigil-Ebook)
SimpleDiagrams4 (HKLM-x32\...\{7232CC9A-D030-46DD-B804-780B940934DA}) (Version: 4.0.16 - McQuillen Interactive)
Skype™ 7.41 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.41.101 - Skype Technologies S.A.)
Snagit 2018 (HKLM\...\{F39A0C19-554A-4F64-8031-CB4C1E8A7A71}) (Version: 18.2.5 - TechSmith Corporation)
Sony PC Companion 2.10.303 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony)
STORMWARE PDF Printer 10.1.0.1871 (HKLM\...\STORMWARE PDF Printer_is1) (Version: 10.1.0.1871 - STORMWARE)
STORMWARE POHODA CZ Lite (HKLM-x32\...\{8527D8BC-5D64-4CC6-8028-C84E88B1C820}) (Version: 12300.166 - STORMWARE)
Sweet Home 3D version 5.5 (HKLM\...\Sweet Home 3D_is1) (Version: 5.5 - eTeks)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.115 - Synaptics Incorporated)
Teams Machine-Wide Installer (HKLM-x32\...\{39AF0813-FA7B-4860-ADBE-93B9B214B914}) (Version: 1.2.0.19260 - Microsoft Corporation)
TickTick version 2.4.5.1 (HKLM-x32\...\{1A434D02-8C9A-41A2-9BBE-C97A1E31ABC1}_is1) (Version: 2.4.5.1 - Appest.com)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 8.51 - Ghisler Software GmbH)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
TurboFloorPlan 3D Home & Landscape Pro 2017 (HKLM-x32\...\{1108A041-6B85-4BD2-B6F7-8E2A8A365039}) (Version: 19.0.5 - IMSI Design, LLC)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WD Backup (HKLM-x32\...\{50C6CAE8-562E-440D-8616-E0514D41CC10}) (Version: 1.9.6941.25593 - Western Digital Technologies, Inc) Hidden
WD Backup (HKLM-x32\...\{6531bf4b-4bad-46a5-9562-766d0a858003}) (Version: 1.9.6941.25593 - Western Digital Technologies, Inc.)
WD Desktop App 2.1.0.246 (HKLM-x32\...\{efa29edd-d423-4291-b1d0-71428a78579f}) (Version: 2.1.0.246 - Western Digital Corporation) Hidden
WD Desktop App 2.1.0.246 (x64) (HKLM\...\{CA7F7232-526E-41BD-971A-47BE28C18516}) (Version: 2.1.0.246 - Western Digital Corporation) Hidden
WD Discovery (HKLM-x32\...\WDDiscovery) (Version: 3.6.163 - Western Digital Technologies, Inc.)
WD Drive Utilities (HKLM-x32\...\{490aca2d-0bcf-4d7d-bfb8-c6785e2ba5f3}) (Version: 2.0.0.48 - Western Digital Technologies, Inc.)
WD Drive Utilities (HKLM-x32\...\{CC0FD183-6E59-4D9C-87A9-5055814C3E90}) (Version: 2.0.0.48 - Western Digital Technologies, Inc.) Hidden
WD Security (HKLM-x32\...\{1E284B5F-9016-45D7-AC70-6FB2020460CD}) (Version: 2.0.0.48 - Western Digital Technologies, Inc.) Hidden
WD Security (HKLM-x32\...\{35e89ba7-f286-4bf0-948b-ac170318643d}) (Version: 2.0.0.48 - Western Digital Technologies, Inc.)
WD SES Driver Setup (HKLM-x32\...\{924A274D-38B6-4930-8859-F3F51CFA8DDD}) (Version: 1.1.0.25 - Western Digital) Hidden
WinHTTrack Website Copier 3.48-22 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.48.22 - HTTrack)
WinSCP 5.17.7 (HKLM-x32\...\winscp3_is1) (Version: 5.17.7 - Martin Prikryl)
WinZip (HKLM-x32\...\WinZip) (Version: 2.2.34 - )
XAMPP (HKLM\...\xampp) (Version: 7.1.33-1 - Bitnami)
Zoner Callisto 5 FREE (HKLM-x32\...\ZonerCallisto5_CZ_is1) (Version: 5.0.5000.16 - ZONER software)
Zoner Photo Studio X (HKLM\...\ZonerPhotoStudioX_CZ_is1) (Version: 19.1809.2.84 - ZONER software)

Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2020-10-07] (Adobe Systems Incorporated)
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc [2020-05-07] (Adobe Systems Incorporated)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2009.18.0_x64__k1h2ywk1493x8 [2020-09-29] (LENOVO INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-10-23] (Microsoft Studios) [MS Ad]
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2017-01-25] (Microsoft Corporation) [MS Ad]
MSN Gurmánský svět -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2017-01-25] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
MSN Zdraví a fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2017-01-25] (Microsoft Corporation) [MS Ad]
Pinterest -> C:\Program Files\WindowsApps\1424566A.147190DF3DE79_1.0.20.0_neutral__5byw4zywtsh80 [2020-04-14] (Pinterest Inc.)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-08] (Twitter Inc.)
Wunderlist: To-Do List & Tasks -> C:\Program Files\WindowsApps\6Wunderkinder.Wunderlist_3.6.43.0_x64__b4cwydgxqx59r [2020-05-01] (6 Wunderkinder GmbH)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\ChromeHTML: -> <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-920122311-1960361517-2308721413-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-DB979C520147} -> [Creative Cloud Files] => C:\Users\Iveta\Creative Cloud Files [2020-05-07 12:56]
CustomCLSID: HKU\S-1-5-21-920122311-1960361517-2308721413-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Iveta\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19163.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-920122311-1960361517-2308721413-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-920122311-1960361517-2308721413-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Iveta\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19163.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-920122311-1960361517-2308721413-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
SSODL: WDFSMountNotificator-wdfsconnect2017 - {593DB3E3-B721-4AA2-BDFD-0085EB0119B8} - C:\WINDOWS\system32\wdfsconnectMntNtf2017.dll (Western Digital Technologies, Inc.) [File not signed]
SSODL-x32: WDFSMountNotificator-wdfsconnect2017 - {593DB3E3-B721-4AA2-BDFD-0085EB0119B8} - C:\WINDOWS\SysWOW64\wdfsconnectMntNtf2017.dll (Western Digital Technologies, Inc.) [File not signed]
ShellServiceObjects: Virtual Storage Mount Notification -> {593DB3E3-B721-4AA2-BDFD-0085EB0119B8} => C:\WINDOWS\system32\wdfsconnectMntNtf2017.dll [2017-11-10] (Western Digital Technologies, Inc.) [File not signed]
ShellServiceObjects-x32: Virtual Storage Mount Notification -> {593DB3E3-B721-4AA2-BDFD-0085EB0119B8} => C:\WINDOWS\SysWOW64\wdfsconnectMntNtf2017.dll [2017-11-10] (Western Digital Technologies, Inc.) [File not signed]
ShellExecuteHooks: No Name - {7AD1C0F5-07A2-40E5-8608-C6EAA0FF362F} - -> No File
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay01] -> {4F8A325E-9DAF-44B8-A825-1A14DFA0FA78} => C:\Program Files\WD Desktop App\kda.DLL [2019-07-08] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay02] -> {0176BDDE-B59A-4A1E-808B-CAD461415CCA} => C:\Program Files\WD Desktop App\kda.DLL [2019-07-08] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay03] -> {B65909D1-57AF-41F5-AB94-BEB733F62B35} => C:\Program Files\WD Desktop App\kda.DLL [2019-07-08] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay04] -> {C6C2397D-8238-4332-8935-86C39C7C165F} => C:\Program Files\WD Desktop App\kda.DLL [2019-07-08] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay05] -> {E7B3BCF9-0386-4B5F-AE6A-91B9F1423973} => C:\Program Files\WD Desktop App\kda.DLL [2019-07-08] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay06] -> {564EA121-D9DA-485D-82C2-C2ED7BFCCEAD} => C:\Program Files\WD Desktop App\kda.DLL [2019-07-08] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-10-14] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-10-14] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-10-14] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security with Backup\Engine\22.20.5.39\buShell.dll [2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security with Backup\Engine\22.20.5.39\buShell.dll [2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security with Backup\Engine\22.20.5.39\buShell.dll [2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security with Backup\Engine\22.20.5.39\buShell.dll [2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security with Backup\Engine\22.20.5.39\buShell.dll [2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security with Backup\Engine\22.20.5.39\buShell.dll [2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-07-31] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2016-10-02] (Artem Izmaylov -> AIMP DevTeam) [File not signed]
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security with Backup\Engine\22.20.5.39\buShell.dll [2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-10-14] (Google LLC -> Google)
ContextMenuHandlers1: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security with Backup\Engine\22.20.5.39\NavShExt.dll [2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [SnagItMainShellExt] -> {CF74B903-3389-469c-B3B6-0204D204FCBD} => C:\Program Files\TechSmith\Snagit 2018\DLLx64\SnagitShellExt64.dll [2020-01-10] (TechSmith Corporation -> TechSmith Corporation)
ContextMenuHandlers1: [WDDesktopContextMenu] -> {47625ad9-51e4-3519-92d0-07ecd5b8f771} => C:\Program Files\WD Desktop App\kda.DLL [2019-07-08] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ContextMenuHandlers2: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security with Backup\Engine\22.20.5.39\NavShExt.dll [2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2016-10-02] (Artem Izmaylov -> AIMP DevTeam) [File not signed]
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-10-14] (Google LLC -> Google)
ContextMenuHandlers4: [SnagItMainShellExt] -> {CF74B903-3389-469c-B3B6-0204D204FCBD} => C:\Program Files\TechSmith\Snagit 2018\DLLx64\SnagitShellExt64.dll [2020-01-10] (TechSmith Corporation -> TechSmith Corporation)
ContextMenuHandlers4: [WDDesktopContextMenu] -> {47625ad9-51e4-3519-92d0-07ecd5b8f771} => C:\Program Files\WD Desktop App\kda.DLL [2019-07-08] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-07-31] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security with Backup\Engine\22.20.5.39\buShell.dll [2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers6: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security with Backup\Engine\22.20.5.39\NavShExt.dll [2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.tscc] => C:\Windows\SysWOW64\tsccvid.dll [102400 2005-06-15] (TechSmith Corporation) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Iveta\Desktop\Iveta - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="ChromeDefaultData"
ShortcutWithArgument: C:\Users\Iveta\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=ChromeDefaultData

==================== Loaded Modules (Whitelisted) =============

2017-11-02 14:36 - 2017-11-02 14:36 - 001897984 _____ () [File not signed] C:\Program Files\TechSmith\Snagit 2018\cairo.dll
2017-11-02 14:36 - 2017-11-02 14:36 - 000800256 _____ () [File not signed] C:\Program Files\TechSmith\Snagit 2018\fontconfig.dll
2017-11-02 14:36 - 2017-11-02 14:36 - 001037312 _____ () [File not signed] C:\Program Files\TechSmith\Snagit 2018\harfbuzz-vs14.dll
2017-11-02 14:36 - 2017-11-02 14:36 - 000061440 _____ () [File not signed] C:\Program Files\TechSmith\Snagit 2018\iconv.dll
2016-07-14 09:23 - 2016-07-14 09:23 - 000778240 _____ () [File not signed] C:\Program Files\TechSmith\Snagit 2018\libhpdf.dll
2017-11-02 14:36 - 2017-11-02 14:36 - 000252928 _____ () [File not signed] C:\Program Files\TechSmith\Snagit 2018\libpng16.dll
2017-11-02 14:36 - 2017-11-02 14:36 - 001335808 _____ () [File not signed] C:\Program Files\TechSmith\Snagit 2018\libxml2.dll
2017-10-18 07:43 - 2017-10-18 07:43 - 010857984 _____ () [File not signed] C:\Program Files\TechSmith\Snagit 2018\opencv_core300.dll
2016-03-04 14:10 - 2016-03-04 14:10 - 010860544 _____ () [File not signed] C:\Program Files\TechSmith\Snagit 2018\opencv_core310.dll
2017-10-18 07:43 - 2017-10-18 07:43 - 025250304 _____ () [File not signed] C:\Program Files\TechSmith\Snagit 2018\opencv_imgproc300.dll
2016-03-04 14:10 - 2016-03-04 14:10 - 025254912 _____ () [File not signed] C:\Program Files\TechSmith\Snagit 2018\opencv_imgproc310.dll
2016-03-04 14:10 - 2016-03-04 14:10 - 000969216 _____ () [File not signed] C:\Program Files\TechSmith\Snagit 2018\opencv_photo310.dll
2017-11-02 14:36 - 2017-11-02 14:36 - 000086016 _____ () [File not signed] C:\Program Files\TechSmith\Snagit 2018\zlib1.dll
2019-12-02 23:29 - 2019-12-02 23:29 - 000021504 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\cs_cz\Acrobat Elements\ContextMenuShim64.cze
2016-10-02 19:32 - 2016-10-02 19:32 - 002059848 _____ (Artem Izmaylov -> AIMP DevTeam) [File not signed] C:\Program Files (x86)\AIMP\System\aimp_menu64.dll
2015-05-05 09:25 - 2013-10-04 08:42 - 000210944 _____ (Bullzip) [File not signed] C:\Program Files\Common Files\STORMWARE\PDF Printer\Ports\STORMWARE\bzpdf.dll
2017-11-02 14:36 - 2017-11-02 14:36 - 000092672 _____ (Free Software Foundation) [File not signed] C:\Program Files\TechSmith\Snagit 2018\intl.dll
2016-01-08 12:28 - 2016-01-08 12:28 - 000356352 _____ (hxxp://hunspell.sourceforge.net/) [File not signed] C:\Program Files\TechSmith\Snagit 2018\libhunspell.dll
2016-03-17 07:12 - 2015-12-31 15:15 - 000077312 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2017-02-10 06:50 - 2016-01-12 12:41 - 001186352 _____ (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\NvStreamSrv\rxinput.dll
2017-11-02 14:36 - 2017-11-02 14:36 - 000288768 _____ (Red Hat Software) [File not signed] C:\Program Files\TechSmith\Snagit 2018\pango-1.0.dll
2017-11-02 14:36 - 2017-11-02 14:36 - 000588800 _____ (Red Hat Software) [File not signed] C:\Program Files\TechSmith\Snagit 2018\pangocairo-1.0.dll
2017-11-02 14:36 - 2017-11-02 14:36 - 000615424 _____ (Red Hat Software) [File not signed] C:\Program Files\TechSmith\Snagit 2018\pangoft2-1.0.dll
2017-11-02 14:36 - 2017-11-02 14:36 - 000066048 _____ (Red Hat Software) [File not signed] C:\Program Files\TechSmith\Snagit 2018\pangowin32-1.0.dll
2020-09-13 06:45 - 2020-05-30 18:58 - 001280000 _____ (Robert Simpson, et al.) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\GenericMessagingPlugin\x86\SQLite.Interop.dll
2016-09-14 13:31 - 2016-09-14 13:31 - 000500736 ____S (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\enppmon.dll
2020-06-19 14:13 - 2020-04-09 08:17 - 000944840 _____ (SQLite Development Team) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\LenovoWiFiSecurityPlugin\x86\x86\e_sqlite3.dll
2017-11-02 14:36 - 2017-11-02 14:36 - 001328128 _____ (The GLib developer community) [File not signed] C:\Program Files\TechSmith\Snagit 2018\glib-2.0.dll
2017-11-02 14:36 - 2017-11-02 14:36 - 000276480 _____ (The GLib developer community) [File not signed] C:\Program Files\TechSmith\Snagit 2018\gobject-2.0.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]
AlternateDataStreams: C:\ProgramData\TEMP:008D5C95 [390]
AlternateDataStreams: C:\Users\Iveta\Desktop:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\7zFM.exe.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\desktop (New).ini:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\download.jpg:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\FreeTranslator.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\HandBrake.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\home.mmw:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\HTTrack Website Copier.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\IrfanView Thumbnails.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\IrfanView.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\Iveta - Chrome.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\Microsoft Teams.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\Norton Installation Files.lnk:com.dropbox.attrs [13]
AlternateDataStreams: C:\Users\Iveta\Desktop\OmmWriter.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\pravitko.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\projekty_data.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\PSPad.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\Přehled nabídek.xlsx.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\Původní data aplikace Firefox:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\Reduce PDF Size.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\Screenshot Captor.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\SEO Tipy.docx:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\Sweet Home 3D.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\Total Commander 64 bit.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\Wunderlist.lnk:com.dropbox.attrs [54]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=131208116788260735&GUID=A82E2E79-942E-4587-8F8B-D5AD309C9676
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=13554
SearchScopes: HKU\S-1-5-21-920122311-1960361517-2308721413-1001 -> {1DDC1C11-AC31-4AD6-822A-27124440FD04} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_13554
SearchScopes: HKU\S-1-5-21-920122311-1960361517-2308721413-1001 -> {265A7EEA-C72A-442B-B6BC-FAD2128B78EB} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_13554
SearchScopes: HKU\S-1-5-21-920122311-1960361517-2308721413-1001 -> {2DB1833C-0AC6-4F96-A1BC-3DD275AB7E37} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_13554
SearchScopes: HKU\S-1-5-21-920122311-1960361517-2308721413-1001 -> {3FE5C8B9-504E-4F8C-9D8F-6ECC75716FAE} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_13554
SearchScopes: HKU\S-1-5-21-920122311-1960361517-2308721413-1001 -> {768E0185-C214-4154-8848-A26FDAE9F5BE} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13554
SearchScopes: HKU\S-1-5-21-920122311-1960361517-2308721413-1001 -> {8D224EEF-3582-418A-B6E1-7FBA984D2CAF} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_13554
SearchScopes: HKU\S-1-5-21-920122311-1960361517-2308721413-1001 -> {91BF827A-DF49-4D98-BC4F-192ED3BB710E} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_13554
SearchScopes: HKU\S-1-5-21-920122311-1960361517-2308721413-1001 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = &gct=kwd&qsrc=2869
SearchScopes: HKU\S-1-5-21-920122311-1960361517-2308721413-1001 -> {B6F0A386-51A9-46C1-8C2E-3F34874F8B10} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_13554
SearchScopes: HKU\S-1-5-21-920122311-1960361517-2308721413-1001 -> {DCD22F8F-3CC7-4D81-8250-89C71F442A13} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_13554
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-09-13] (Microsoft Corporation -> Microsoft Corporation)
BHO: No Name -> {593DB3E3-B721-4AA2-BDFD-0085EB0119B8}' -> No File
BHO: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security with Backup\Engine\22.20.5.39\coIEPlg.dll [2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2020-09-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: No Name -> {593DB3E3-B721-4AA2-BDFD-0085EB0119B8}' -> No File
BHO-x32: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security with Backup\Engine32\22.20.5.39\coIEPlg.dll [2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security with Backup\Engine\22.20.5.39\coIEPlg.dll [2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security with Backup\Engine32\22.20.5.39\coIEPlg.dll [2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-10-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-10-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-10-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-10-30] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\sharepoint.com -> hxxps://irwebdesign-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2020-10-26 13:45 - 000002471 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 192.150.14.69
127.0.0.1 192.150.18.101
127.0.0.1 192.150.18.108
127.0.0.1 192.150.22.40
127.0.0.1 192.150.8.100
127.0.0.1 192.150.8.118
127.0.0.1 209-34-83-73.ood.opsource.net
127.0.0.1 3dns-1.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-4.adobe.com
127.0.0.1 3dns.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate.wip.adobe.com
127.0.0.1 activate.wip1.adobe.com
127.0.0.1 activate.wip2.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 activate.wip4.adobe.com
127.0.0.1 adobe-dns-1.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-2.adobe.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\xampp\php;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Skype\Phone\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Calibre2\;C:\dev\php56;C:\composer;C:\Program Files\nodejs\;C:\Program Files\Git\cmd;C:\Program Files\Git\mingw64\bin;C:\Program Files\Git\usr\bin
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Iveta\Pictures\fotografie 2014\2014-12-28-Turin\100K7590\100_7616.jpg
DNS Servers: 188.75.188.188 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "LenovoOptMouseUpdate"
HKLM\...\StartupApproved\Run: => "cAudioFilterAgent"
HKLM\...\StartupApproved\Run: => "SmartAudio"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "IMSS"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "KiesTrayAgent"
HKLM\...\StartupApproved\Run32: => "WDAppManager"
HKLM\...\StartupApproved\Run32: => "WDDiscovery"
HKLM\...\StartupApproved\Run32: => "DriveUtilitiesHelper"
HKLM\...\StartupApproved\Run32: => "EEventManager"
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\StartupApproved\StartupFolder: => "TickTick.lnk"
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\StartupApproved\StartupFolder: => "Poslat do aplikace OneNote.lnk"
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_DD52DC0D6186026AFE712DB9D3450405"
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\StartupApproved\Run: => "Screenshot Captor"
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\StartupApproved\Run: => "f.lux"
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\StartupApproved\Run: => "CCXProcess"
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{DB649C07-A854-4E42-92B5-1925586663D1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D8BC940D-E93A-44BF-9DD6-4CB12147A73C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{049BFFF1-BEF8-4F57-A5DD-44F4FE974E6A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9F8B5168-76EF-4303-BA9A-0C486A9C445D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{133D1DCB-6122-452D-9AC1-6396BA556E34}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe (MariaDB Corporation Ab -> )
FirewallRules: [TCP Query User{0B1D4B1B-54FD-4D62-8505-9196EAA5301A}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe (MariaDB Corporation Ab -> )
FirewallRules: [{A506CEB4-A801-40EE-ACFA-00E14B962C24}] => (Allow) LPort=8298
FirewallRules: [{16C6DAE8-3A1C-4552-940E-C81A7C0CF098}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8B10FBB6-0E1A-436F-B891-2016383685A6}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{25C463FE-451F-4459-A5C5-5AC682E6F27F}] => (Allow) C:\ProgramData\Cupblue\Cupblue.exe => No File
FirewallRules: [{C2515308-4815-489D-827A-46DA8E6E8537}] => (Allow) C:\Program Files (x86)\Cupblue\Update\CupblueUpdate.exe => No File
FirewallRules: [{6739D12C-A6AE-464F-B94B-15851881099F}] => (Allow) C:\Windows\SysWOW64\muzapp.exe (Musiccity Co.Ltd.) [File not signed]
FirewallRules: [{77F8CC78-71CD-4F8A-8526-852E4CD99C95}] => (Allow) C:\Windows\SysWOW64\muzapp.exe (Musiccity Co.Ltd.) [File not signed]
FirewallRules: [{9DE14A4C-CADC-43FD-8A86-3FB7AD55FAAB}] => (Allow) C:\Users\Iveta\AppData\Local\Temp\KMSnano\qemu-system-i386.exe => No File
FirewallRules: [{A07B5737-CF28-4D12-A68C-6F365AD7ACFD}] => (Allow) C:\Users\Iveta\AppData\Local\Temp\KMSnano\qemu-system-i386.exe => No File
FirewallRules: [{2C3F2F65-C5E9-41E8-A45B-22BD35D25E0F}] => (Allow) C:\Users\Iveta\AppData\Local\Temp\KMSnano\qemu-system-i386.exe => No File
FirewallRules: [{EDD40949-0191-400C-88DC-7DD32FE78DE6}] => (Allow) C:\Users\Iveta\AppData\Local\Temp\KMSnano\qemu-system-i386.exe => No File
FirewallRules: [UDP Query User{887EAD76-EDCE-4FF4-BD74-6360C9DB432D}C:\totalcmd\totalcmd64.exe] => (Block) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [TCP Query User{78FB58CC-6932-4EB1-9803-31067F6BD8F2}C:\totalcmd\totalcmd64.exe] => (Block) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{D57B8385-63B4-4E41-B122-07E3B8C80F51}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BBCACF44-DEDD-406C-8A05-4D57EDCD6F64}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{2E9C9389-8F00-4658-9C1F-A04A6978113A}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe => No File
FirewallRules: [UDP Query User{4B811B7D-858F-4536-A6DA-FC5176A000F4}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [File not signed]
FirewallRules: [TCP Query User{BBBC6034-A3EA-4E31-9F12-EA11C27FAFBB}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [File not signed]
FirewallRules: [UDP Query User{EF896FD6-DC08-4437-AC5E-5ADCFB9D8A14}C:\program files (x86)\jetbrains\phpstorm 8.0.1\bin\phpstorm.exe] => (Allow) C:\program files (x86)\jetbrains\phpstorm 8.0.1\bin\phpstorm.exe (JetBrains s.r.o. -> JetBrains s.r.o.)
FirewallRules: [TCP Query User{632B9DAA-FE01-47AA-BA74-108F8E6D9795}C:\program files (x86)\jetbrains\phpstorm 8.0.1\bin\phpstorm.exe] => (Allow) C:\program files (x86)\jetbrains\phpstorm 8.0.1\bin\phpstorm.exe (JetBrains s.r.o. -> JetBrains s.r.o.)
FirewallRules: [UDP Query User{B4F3C480-3187-4BC9-8FA1-3234CE7926E4}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{3A8F0F87-C621-4220-8BD3-84E6C0D55FB7}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{205A2EAE-2CBD-4E9E-9FE5-E5C38475C726}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{7E2EA515-C8AF-4D09-9440-BD09E34AC452}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{23FBC342-B64D-4BC9-9A73-653352C657ED}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [TCP Query User{81B7921E-1123-4D4D-97AC-E3953CBAD94D}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{70FC2F83-74BD-4BB3-9B7D-942897A11146}C:\program files (x86)\jetbrains\phpstorm 8.0.1\bin\phpstorm.exe] => (Allow) C:\program files (x86)\jetbrains\phpstorm 8.0.1\bin\phpstorm.exe (JetBrains s.r.o. -> JetBrains s.r.o.)
FirewallRules: [TCP Query User{C1AEF64D-40EF-44EE-B704-F1551B024EF9}C:\program files (x86)\jetbrains\phpstorm 8.0.1\bin\phpstorm.exe] => (Allow) C:\program files (x86)\jetbrains\phpstorm 8.0.1\bin\phpstorm.exe (JetBrains s.r.o. -> JetBrains s.r.o.)
FirewallRules: [{356ABACE-1402-4DDA-AC13-0066626BFF67}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe => No File
FirewallRules: [{65B1D323-FFD2-4754-8AD7-8A0A31ABE758}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe => No File
FirewallRules: [{E20A1333-AC0C-4D10-ADCF-95BA2FEF6143}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7D615EF6-D669-4DB6-9368-502A24C421FE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D35D8657-A809-414A-B4FB-49D40EE8F02E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe => No File
FirewallRules: [{FE47054F-9688-4BB9-9B35-1F2746FF5778}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe => No File
FirewallRules: [{CD19F428-A779-45A9-887B-61A12A118228}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{57DD3DC6-73F2-4D11-8012-9C41FC52A9BD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E542FE1F-96A4-4428-991A-EA4C030D4669}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F63EE54F-8B9B-4D58-B3D7-B456E02B1F2D}] => (Allow) C:\Program Files (x86)\Lenovo\Connect2\Connect2.exe (Lenovo -> Lenovo)
FirewallRules: [{D2D0EFCE-407C-428E-8FF1-2CF4F4F66810}] => (Allow) C:\Program Files (x86)\Lenovo\Connect2\Connect2.exe (Lenovo -> Lenovo)
FirewallRules: [{B4534127-FDEE-4281-855A-040889B3DC6E}] => (Allow) C:\Program Files (x86)\Lenovo\Connect2\Connect2.exe (Lenovo -> Lenovo)
FirewallRules: [{17C6EC45-5F73-49FA-9EAC-033EC394ABCA}] => (Allow) C:\Users\Iveta\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe => No File
FirewallRules: [{82677D6D-1AD7-449B-9249-42F4FF8F5E43}] => (Allow) C:\Users\Iveta\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe => No File
FirewallRules: [{5EB5B7CB-B345-4225-9A22-99E9F5BAD92D}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
FirewallRules: [{94E5385C-A4F3-46E2-894D-1D30D07C7791}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
FirewallRules: [{FFFF27CD-1EB7-4EFE-B450-D0079E534135}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{796BB51D-A17D-475D-97E5-85CA4E6511AF}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{2E49BB2A-2982-486B-9C11-29C238F278E1}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{E9DB779A-CEB1-4A31-9303-6DADF348F641}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{87A65D08-752A-43FF-B56B-829D8265B15F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{22F337D4-52D2-432A-89E5-614ED0895EC9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D446C786-9090-47C5-ADDD-FDFEBE0FA2CD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BB74700E-6B9D-40D6-AF5D-715D7987161F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

04-11-2020 08:17:11 Norton_Power_Eraser_20201104081646231

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (11/09/2020 06:48:49 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program FRST64.exe verze 6.11.2020.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 2db0

Čas spuštění: 01d6b6bae982d693

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Users\Iveta\Desktop\FRST64.exe

ID hlášení: 3f9463ef-f9ef-405b-8f45-666684faecb3

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Top level window is idle

Error: (11/09/2020 06:25:24 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5224,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (11/09/2020 04:56:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program FRST64.exe verze 6.11.2020.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 16a4

Čas spuštění: 01d6b6a21d4a0124

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Users\Iveta\Desktop\FRST64.exe

ID hlášení: 20fee78f-f955-4297-a6e6-9abbb78a6631

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Top level window is idle

Error: (11/09/2020 04:37:51 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2760,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (11/09/2020 04:01:53 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (13216,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (11/09/2020 03:07:31 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (13052,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (11/09/2020 02:58:30 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5676,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (11/09/2020 02:44:29 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.


System errors:
=============
Error: (11/09/2020 06:34:32 PM) (Source: DCOM) (EventID: 10010) (User: Iveta-Rumlerova)
Description: Server Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (11/09/2020 06:09:33 PM) (Source: DCOM) (EventID: 10010) (User: Iveta-Rumlerova)
Description: Server Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (11/09/2020 06:07:31 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {784E29F4-5EBE-4279-9948-1E8FE941646D} se v daném časovém limitu neregistroval u služby DCOM.

Error: (11/09/2020 06:05:04 PM) (Source: DCOM) (EventID: 10010) (User: Iveta-Rumlerova)
Description: Server Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (11/09/2020 06:04:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba SAService neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (11/09/2020 05:56:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba WD Drive Manager byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (11/09/2020 05:56:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba System Interface Foundation Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (11/09/2020 05:56:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusť byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.


CodeIntegrity:
===================================

Date: 2020-11-09 18:13:07.457
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\Norton Security with Backup\Engine\22.20.5.39\symamsi.dll that did not meet the Microsoft signing level requirements.

Date: 2020-11-09 18:13:07.445
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\Norton Security with Backup\Engine\22.20.5.39\symamsi.dll that did not meet the Microsoft signing level requirements.

Date: 2020-11-09 18:13:07.432
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\Norton Security with Backup\Engine\22.20.5.39\symamsi.dll that did not meet the Microsoft signing level requirements.

Date: 2020-11-09 18:13:07.419
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\Norton Security with Backup\Engine\22.20.5.39\symamsi.dll that did not meet the Microsoft signing level requirements.

Date: 2020-11-09 18:13:07.406
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\Norton Security with Backup\Engine\22.20.5.39\symamsi.dll that did not meet the Microsoft signing level requirements.

Date: 2020-11-09 18:13:07.391
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\Norton Security with Backup\Engine\22.20.5.39\symamsi.dll that did not meet the Microsoft signing level requirements.

Date: 2020-11-09 18:13:07.377
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\Norton Security with Backup\Engine\22.20.5.39\symamsi.dll that did not meet the Microsoft signing level requirements.

Date: 2020-11-09 18:13:07.357
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\Norton Security with Backup\Engine\22.20.5.39\symamsi.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: LENOVO H0ET70WW (2.04 ) 09/11/2012
Motherboard: LENOVO 3259MCG
Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Percentage of memory in use: 62%
Total physical RAM: 8037.91 MB
Available physical RAM: 3050.02 MB
Total Virtual: 9701.91 MB
Available Virtual: 5121.91 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:929.74 GB) (Free:435.75 GB) NTFS

\\?\Volume{56282f65-ee5c-416c-b434-b909c024613e}\ (Obnovení) (Fixed) (Total:0.29 GB) (Free:0.26 GB) NTFS
\\?\Volume{9e83e15c-b800-4a6e-a21b-fa30ae042294}\ () (Fixed) (Total:0.81 GB) (Free:0.3 GB) NTFS
\\?\Volume{8f39d49f-aa1d-41c1-b88d-9e97ad93da0e}\ () (Fixed) (Total:0.44 GB) (Free:0.15 GB) NTFS
\\?\Volume{8d5c63b2-5831-480f-bda5-0780d9e954cb}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Size: 14.9 GB) (Disk ID: 1D718A34)

Partition: GPT.

==================== End of Addition.txt =======================
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz