VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o kontrolu logu

https://forum.viry.cz:443/viewtopic.php?t=157967

Stránka 1 z 1

Prosím o kontrolu logu

Napsal: 17 bře 2021 17:15
od koltmen
Prosím o kontrolu logu, počítač se zdá být pomalejší a náhodně v průběhu chodu PC se otvírají okna v internetovém prohlížeči.

Díky.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-09-2017 (ATTENTION: ====> FRSTversion is 1278 days old and could be outdated)
Ran by Koltmen (administrator) on LAPTOP-IOPB4Q9E (17-03-2021 17:07:24)
Running from C:\Users\Koltmen\Desktop
Loaded Profiles: Koltmen (Available Profiles: defaultuser0 & Koltmen)
Platform: Windows 10 Home Version 2004 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

Failed to access process -> Registry
(AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\SgrmBroker.exe
(Intel(R) Corporation) C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel(R) Corporation) C:\Program Files\Intel\Intel(R) Online Connect Access\LegacyCsLoaderService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\Nerve Center\bin\x64\PluginLoaderSvc.exe
(Microsoft Corporation) C:\Windows\System32\Locator.exe
(Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.5.27.0\LenovoVantageService.exe
(Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.5.27.0\Lenovo.Vantage.AddinHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\Nerve Center\bin\x64\LenovoNerveCenterUpdateAgent.exe
(Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.72.0_x64__8wekyb3d8bbwe\YourPhone.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Microsoft Corporation) C:\Windows\System32\SecurityHealthSystray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Lenovo(beijing) Limited) C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
() C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe
() C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\Bloody ToneMaker1.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\SDK\CM_LibraryIO.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2011.11613.0_x64__8wekyb3d8bbwe\Cortana.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\TextInputHost.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe
(Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
(Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2020.20110.11001.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\System32\CompPkgSrv.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\WINDOWS\system32\SecurityHealthSystray.exe [86016 2019-12-07] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391088 2018-10-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506376 2018-10-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506376 2018-10-18] (Realtek Semiconductor)
HKLM\...\Run: [NerveCenterTray] => C:\Program Files\Lenovo\Nerve Center\bin\x64\LenovoNerveCenterTray.exe [245088 2017-04-28] (Lenovo(beijing) Limited)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [LenovoUtility] => C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe [911272 2017-07-27] (Lenovo(beijing) Limited)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [277664 2020-03-18] (AVAST Software)
HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [829632 2016-06-24] ()
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645648 2019-10-05] (Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-128453223-1902492851-2738235570-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4293120 2017-06-09] (Disc Soft Ltd)
HKU\S-1-5-21-128453223-1902492851-2738235570-1001\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe [19405824 2017-04-14] ()
HKU\S-1-5-21-128453223-1902492851-2738235570-1001\...\Run: [BloodyToneMaker] => C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\Bloody ToneMaker1.exe [8555008 2017-10-16] ()
HKU\S-1-5-21-128453223-1902492851-2738235570-1001\...\Run: [Koltmen] => explorer.exe hxxp://dinoraptzor.org <==== ATTENTION
HKU\S-1-5-21-128453223-1902492851-2738235570-1001\...\Policies\Explorer: []
HKU\S-1-5-21-128453223-1902492851-2738235570-1001\...\MountPoints2: {12905d53-6217-11e7-83df-0028f8690842} - "G:\AutoRun.exe"
HKU\S-1-5-21-128453223-1902492851-2738235570-1001\...\MountPoints2: {897fc491-0190-11eb-8437-0028f8690842} - "H:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-128453223-1902492851-2738235570-1001\...\MountPoints2: {c607fb7c-6cab-11e7-83e0-0028f8690842} - "G:\setup.exe"

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{40b110d3-32d4-444e-9d9f-59bc2fccb845}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{a3364c84-2acf-4cb8-a463-901140117078}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-128453223-1902492851-2738235570-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
HKU\S-1-5-21-128453223-1902492851-2738235570-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-128453223-1902492851-2738235570-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKU\S-1-5-21-128453223-1902492851-2738235570-1001 -> DefaultScope {5C4B48B4-90EA-4CC6-A4D6-846F8531BA12} URL =
SearchScopes: HKU\S-1-5-21-128453223-1902492851-2738235570-1001 -> {5C4B48B4-90EA-4CC6-A4D6-846F8531BA12} URL =
SearchScopes: HKU\S-1-5-21-128453223-1902492851-2738235570-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10454__180623__yaie&p={searchTerms}
BHO: IEToEdge BHO -> {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} -> C:\Program Files (x86)\Microsoft\Edge\Application\89.0.774.54\BHO\ie_to_edge_bho_64.dll [2021-03-13] (Microsoft Corporation)
BHO-x32: IEToEdge BHO -> {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} -> C:\Program Files (x86)\Microsoft\Edge\Application\89.0.774.54\BHO\ie_to_edge_bho.dll [2021-03-13] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\ssv.dll [2019-10-19] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-10-19] (Oracle Corporation)

Edge:
======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions [2019-12-07]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets [2019-12-07]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions [2019-12-07]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions [2019-12-07]

FireFox:
========
FF Plugin-x32: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-10-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-10-19] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-03-16] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-03-16] (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.5.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-03-06] (Adobe Systems Inc.)

Chrome:
=======
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Koltmen\AppData\Local\Google\Chrome\User Data\Default [2021-03-17]
CHR Extension: (Prezentace) - C:\Users\Koltmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-09-07]
CHR Extension: (Dokumenty) - C:\Users\Koltmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-09-07]
CHR Extension: (Disk Google) - C:\Users\Koltmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-29]
CHR Extension: (YouTube) - C:\Users\Koltmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-09-07]
CHR Extension: (Adobe Acrobat) - C:\Users\Koltmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-03-09]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Koltmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-11-14]
CHR Extension: (Tabulky) - C:\Users\Koltmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-09-07]
CHR Extension: (Dokumenty Google offline) - C:\Users\Koltmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-12]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Koltmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-02-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Koltmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-07]
CHR Extension: (Gmail) - C:\Users\Koltmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-29]
CHR Extension: (Chrome Media Router) - C:\Users\Koltmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-13]
CHR HKU\S-1-5-21-128453223-1902492851-2738235570-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AarSvc; C:\WINDOWS\System32\AarSvc.dll [443904 2021-03-12] (Microsoft Corporation)
S3 AarSvc; C:\WINDOWS\SysWOW64\AarSvc.dll [339968 2021-03-12] (Microsoft Corporation)
R3 AarSvc_33dc037; C:\WINDOWS\system32\svchost.exe [57360 2020-11-28] (Microsoft Corporation)
R3 AarSvc_33dc037; C:\WINDOWS\SysWOW64\svchost.exe [47016 2020-11-28] (Microsoft Corporation)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6046624 2020-03-18] (AVAST Software)
S3 autotimesvc; C:\WINDOWS\System32\autotimesvc.dll [114176 2021-01-17] (Microsoft Corporation)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [413472 2020-03-18] (AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57536 2020-03-18] (AVAST Software)
S3 BcastDVRUserService; C:\WINDOWS\System32\BcastDVRUserService.dll [1384448 2021-02-11] (Microsoft Corporation)
S3 BcastDVRUserService_33dc037; C:\WINDOWS\system32\svchost.exe [57360 2020-11-28] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BcastDVRUserService_33dc037; C:\WINDOWS\SysWOW64\svchost.exe [47016 2020-11-28] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BluetoothUserService; C:\WINDOWS\System32\Microsoft.Bluetooth.UserService.dll [500736 2021-01-17] (Microsoft Corporation)
R3 BluetoothUserService_33dc037; C:\WINDOWS\system32\svchost.exe [57360 2020-11-28] (Microsoft Corporation)
R3 BluetoothUserService_33dc037; C:\WINDOWS\SysWOW64\svchost.exe [47016 2020-11-28] (Microsoft Corporation)
R2 BrokerInfrastructure; C:\WINDOWS\System32\psmsrv.dll [247296 2021-01-14] (Microsoft Corporation)
R3 BTAGService; C:\WINDOWS\System32\BTAGService.dll [1023488 2021-01-17] (Microsoft Corporation)
R3 BTAGService; C:\WINDOWS\SysWOW64\BTAGService.dll [733696 2021-01-17] (Microsoft Corporation)
R3 BthAvctpSvc; C:\WINDOWS\System32\BthAvctpSvc.dll [392192 2021-01-17] (Microsoft Corporation)
S3 CaptureService; C:\WINDOWS\System32\CaptureService.dll [130560 2021-02-11] (Microsoft Corporation)
S3 CaptureService_33dc037; C:\WINDOWS\system32\svchost.exe [57360 2020-11-28] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 CaptureService_33dc037; C:\WINDOWS\SysWOW64\svchost.exe [47016 2020-11-28] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 cbdhsvc; C:\WINDOWS\System32\cbdhsvc.dll [1024000 2021-02-11] (Microsoft Corporation)
R3 cbdhsvc_33dc037; C:\WINDOWS\system32\svchost.exe [57360 2020-11-28] (Microsoft Corporation)
R3 cbdhsvc_33dc037; C:\WINDOWS\SysWOW64\svchost.exe [47016 2020-11-28] (Microsoft Corporation)
S2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [680288 2016-12-07] (Lenovo)
S3 ConsentUxUserSvc; C:\WINDOWS\System32\ConsentUxClient.dll [170496 2021-01-17] (Microsoft Corporation)
S3 CredentialEnrollmentManagerUserSvc; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [388888 2021-03-12] (Microsoft Corporation)
S3 CredentialEnrollmentManagerUserSvc_33dc037; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [388888 2021-03-12] (Microsoft Corporation)
S3 DeviceAssociationBrokerSvc; C:\WINDOWS\System32\deviceaccess.dll [240688 2021-01-17] (Microsoft Corporation)
S3 DeviceAssociationBrokerSvc; C:\WINDOWS\SysWOW64\deviceaccess.dll [188536 2021-01-17] (Microsoft Corporation)
S3 DeviceAssociationBrokerSvc_33dc037; C:\WINDOWS\system32\svchost.exe [57360 2020-11-28] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 DeviceAssociationBrokerSvc_33dc037; C:\WINDOWS\SysWOW64\svchost.exe [47016 2020-11-28] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 DevicePickerUserSvc; C:\WINDOWS\System32\Windows.Devices.Picker.dll [487424 2021-02-11] (Microsoft Corporation)
S3 DevicePickerUserSvc; C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll [345600 2021-02-11] (Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-05-30] (Disc Soft Ltd)
R2 DispBrokerDesktopSvc; C:\WINDOWS\System32\DispBroker.Desktop.dll [379392 2020-11-28] (Microsoft Corporation)
R3 DisplayEnhancementService; C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll [1190400 2021-01-17] (Microsoft Corporation)
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2018-09-25] (Dolby Laboratories, Inc.)
S2 DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [123392 2017-10-06] (Dassault Systèmes) [File not signed]
S2 edgeupdate; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-08-22] (Microsoft Corporation)
S3 edgeupdatem; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-08-22] (Microsoft Corporation)
S2 ETDService; C:\Program Files\Elantech\ETDService.exe [134872 2017-11-08] (ELAN Microelectronics Corp.)
S2 GameRecorderSVC; C:\Program Files\Lenovo\Nerve Center\bin\x86\GameRecorderSVC.exe [392032 2017-04-28] (Lenovo(beijing) Limited)
S3 GoogleChromeElevationService; C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.82\elevation_service.exe [1509480 2021-03-05] (Google LLC)
S3 iaStorAfsService; C:\WINDOWS\IAStorAfsService\iaStorAfsService.exe [2413024 2018-04-05] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84920 2021-02-23] (Lenovo Group Ltd.)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [630048 2016-10-14] (Intel(R) Corporation)
U3 Intel(R) Online Connect; C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe [25312 2016-11-02] (Intel Corporation)
S2 Intel(R) Online Connect Helper; C:\Program Files\Intel\Intel(R) Online Connect\iocHelperService.exe [34528 2016-11-02] (Intel Corporation)
S3 Intel(R) Online Connect Software Asset Manager; C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-10-15] (Intel Corporation)
R2 Intel(R) TechnologyAccessLegacyCSLoader; C:\Program Files\Intel\Intel(R) Online Connect Access\LegacyCsLoaderService.exe [173288 2016-10-18] (Intel(R) Corporation)
R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe [496872 2016-10-18] (Intel(R) Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-11-09] (Intel Corporation)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.5.27.0\LenovoVantageService.exe [20880 2020-12-28] (Lenovo Group Ltd.)
S3 LxpSvc; C:\WINDOWS\System32\LanguageOverlayServer.dll [302080 2021-01-17] (Microsoft Corporation)
S3 MicrosoftEdgeElevationService; C:\Program Files (x86)\Microsoft\Edge\Application\89.0.774.54\elevation_service.exe [1559960 2021-03-13] (Microsoft Corporation)
S3 MixedRealityOpenXRSvc; C:\WINDOWS\System32\MixedRealityRuntime.dll [134768 2021-01-17] (Microsoft Corporation)
S3 MixedRealityOpenXRSvc; C:\WINDOWS\SysWOW64\MixedRealityRuntime.dll [104824 2021-01-17] (Microsoft Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-06-21] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-06-21] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [464456 2018-03-16] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [450168 2017-06-21] (NVIDIA Corporation)
S2 PDF Architect 5 Manager; C:\Program Files (x86)\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe [985848 2017-05-16] (© pdfforge GmbH.)
S3 perceptionsimulation; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [106496 2021-01-17] (Microsoft Corporation)
R2 PluginLoaderSvc; C:\Program Files\Lenovo\Nerve Center\bin\x64\PluginLoaderSvc.exe [966496 2017-04-28] (Lenovo(beijing) Limited)
S2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2013-09-13] (arvato digital services llc)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [268336 2018-10-18] (Realtek Semiconductor)
R2 SgrmBroker; C:\WINDOWS\system32\SgrmBroker.exe [329504 2020-11-28] (Microsoft Corporation)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [384512 2019-10-15] ()
S3 TroubleshootingSvc; C:\WINDOWS\system32\MitigationClient.dll [418816 2021-01-17] (Microsoft Corporation)
S4 tzautoupdate; C:\WINDOWS\SysWOW64\tzautoupdate.dll [73728 2021-01-17] (Microsoft Corporation)
S3 UdkUserSvc; C:\WINDOWS\System32\windowsudk.shellcommon.dll [2111488 2021-03-12] (Microsoft Corporation)
S4 uhssvc; C:\Program Files\Microsoft Update Health Tools\uhssvc.exe [326976 2021-02-05] (Microsoft Corporation)
R2 UsoSvc; C:\WINDOWS\system32\usosvc.dll [567296 2021-03-12] (Microsoft Corporation)
S3 VacSvc; C:\WINDOWS\System32\vac.dll [382720 2021-02-11] (Microsoft Corporation)
R3 WaaSMedicSvc; C:\WINDOWS\System32\WaaSMedicSvc.dll [407552 2021-01-14] (Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe [2483616 2021-03-17] (Microsoft Corporation) <==== ATTENTION
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe [128376 2021-03-17] (Microsoft Corporation) <==== ATTENTION
S3 wisvc; C:\WINDOWS\SysWOW64\flightsettings.dll [751992 2021-01-17] (Microsoft Corporation)
S3 WManSvc; C:\WINDOWS\system32\Windows.Management.Service.dll [937472 2021-03-12] (Microsoft Corporation)
S3 WpcMonSvc; C:\WINDOWS\System32\WpcDesktopMonSvc.dll [1924096 2021-02-11] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Acx01000; C:\WINDOWS\System32\drivers\Acx01000.sys [415232 2019-12-07] (Microsoft Corporation)
R1 afunix; C:\WINDOWS\system32\drivers\afunix.sys [41984 2020-11-28] (Microsoft Corporation)
R1 afunix; C:\Windows\SysWOW64\drivers\afunix.sys [29696 2020-11-28] (Microsoft Corporation)
S3 amdgpio2; C:\WINDOWS\System32\drivers\amdgpio2.sys [18432 2019-12-07] (Advanced Micro Devices, Inc)
S3 amdi2c; C:\WINDOWS\System32\drivers\amdi2c.sys [45568 2019-12-07] (Advanced Micro Devices, Inc)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37864 2020-03-04] (AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205576 2020-03-04] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [271120 2020-03-04] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [206608 2020-03-04] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [64272 2020-03-04] (AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16304 2020-03-04] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [279360 2020-03-04] (AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42976 2020-03-04] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110560 2020-03-04] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84056 2020-03-04] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [848672 2020-03-04] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [458584 2020-03-15] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [316256 2020-03-04] (AVAST Software)
R1 BasicDisplay; C:\WINDOWS\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_62ba5773ba05edee\BasicDisplay.sys [68608 2019-12-07] (Microsoft Corporation)
R1 BasicRender; C:\WINDOWS\System32\DriverStore\FileRepository\basicrender.inf_amd64_49a8589f00d970d9\BasicRender.sys [38912 2020-11-28] (Microsoft Corporation)
R3 BHTPCRDR; C:\WINDOWS\System32\drivers\bhtpcrdr.sys [173432 2016-08-11] (BayHubTech/O2Micro )
R2 bindflt; C:\WINDOWS\system32\drivers\bindflt.sys [149328 2021-03-12] (Microsoft Corporation)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthMini; C:\WINDOWS\System32\drivers\BTHMINI.sys [45568 2021-03-12] (Microsoft Corporation)
R1 CimFS; C:\Windows\System32\Drivers\CimFS.sys [91136 2021-03-12] ()
R3 CMUAC; C:\WINDOWS\system32\DRIVERS\Headset6400x1.SYS [387072 2013-10-03] (A4Tech Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-06-09] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-06-09] (Disc Soft Ltd)
R3 ETDSMBus; C:\WINDOWS\system32\DRIVERS\ETDSMBus.sys [32336 2016-11-24] (ELAN Microelectronic Corp.)
R3 FBNetFilter; C:\Windows\system32\Drivers\FBNetFlt.sys [46576 2017-04-28] (Lenovo(beijing) Limited)
S3 genericusbfn; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_53931f0ae21d6d2c\genericusbfn.sys [23040 2019-12-07] (Microsoft Corporation)
S3 hidspi; C:\WINDOWS\System32\drivers\hidspi.sys [66560 2019-12-07] (Microsoft Corporation)
S4 hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [35128 2019-12-07] (Microsoft Corporation)
S3 iaLPSS2i_GPIO2_CNL; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [112128 2019-12-07] (Intel Corporation)
S3 iaLPSS2i_GPIO2_GLK; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [96256 2019-12-07] (Intel Corporation)
S3 iaLPSS2i_I2C_CNL; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [177152 2019-12-07] (Intel Corporation)
S3 iaLPSS2i_I2C_GLK; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [177664 2019-12-07] (Intel Corporation)
R0 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [906216 2018-04-05] (Intel Corporation)
S3 iaStorAfs; C:\WINDOWS\System32\drivers\iaStorAfs.sys [69096 2018-04-05] (Intel Corporation)
S0 iaStorAVC; C:\WINDOWS\System32\drivers\iaStorAVC.sys [884752 2019-12-07] (Intel Corporation)
R3 ibtusb; C:\WINDOWS\System32\drivers\ibtusb.sys [207384 2018-07-06] (Intel Corporation)
S3 intelpmax; C:\WINDOWS\System32\drivers\intelpmax.sys [30720 2019-12-07] (Microsoft Corporation)
S0 ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [172344 2019-12-07] (Avago Technologies)
S3 MbbCx; C:\WINDOWS\System32\drivers\MbbCx.sys [386048 2020-11-28] (Microsoft Corporation)
S0 megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [105480 2019-12-07] (Avago Technologies)
S3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [65024 2019-12-07] (Microsoft Corporation)
R3 MpKsl567b7ddc; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{154C4043-31B9-4179-B568-4F9BA0010A44}\MpKslDrv.sys [90360 2021-03-17] (Microsoft Corporation)
R3 MsQuic; C:\WINDOWS\System32\drivers\msquic.sys [322376 2020-11-28] (Microsoft Corporation)
R1 ndisrd; C:\WINDOWS\system32\DRIVERS\ndisrfl.sys [59792 2016-09-14] (Intel Corporation)
S3 NDKPing; C:\WINDOWS\System32\drivers\NDKPing.sys [72720 2019-12-07] (Microsoft Corporation)
R3 Netwtw06; C:\WINDOWS\System32\drivers\Netwtw06.sys [8803328 2019-12-07] (Intel Corporation)
S0 nvdimm; C:\WINDOWS\System32\drivers\nvdimm.sys [168464 2019-12-07] (Microsoft Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvlt.inf_amd64_d03cf07457eb2e04\nvlddmkm.sys [17538080 2018-08-02] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-06-21] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48248 2017-06-21] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57976 2017-06-21] (NVIDIA Corporation)
S3 PktMon; C:\WINDOWS\System32\drivers\PktMon.sys [104760 2020-12-02] (Microsoft Corporation)
S3 portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [27136 2019-12-07] (Microsoft Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [943112 2016-08-22] (Realtek )
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3146760 2016-09-13] (Realtek Semiconductor Corp.)
R0 SgrmAgent; C:\WINDOWS\System32\drivers\SgrmAgent.sys [88080 2019-12-07] (Microsoft Corporation)
S0 SmartSAMD; C:\WINDOWS\System32\drivers\SmartSAMD.sys [209720 2019-12-07] (Microsemi Corportation)
S3 spaceparser; C:\WINDOWS\System32\drivers\spaceparser.sys [26624 2019-12-07] (Microsoft Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd.)
R0 Telemetry; C:\WINDOWS\System32\drivers\IntelTA.sys [26608 2020-11-28] (Microsoft Corporation)
S3 UcmUcsiAcpiClient; C:\WINDOWS\System32\drivers\UcmUcsiAcpiClient.sys [36864 2019-12-07] (Microsoft Corporation)
S3 UcmUcsiCx0101; C:\WINDOWS\System32\Drivers\UcmUcsiCx.sys [113152 2020-11-28] (Microsoft Corporation)
R3 UEFI; C:\WINDOWS\System32\DriverStore\FileRepository\uefi.inf_amd64_c1628ffa62c8e54c\UEFI.sys [34104 2019-12-07] (Microsoft Corporation)
S3 UfxChipidea; C:\WINDOWS\System32\DriverStore\FileRepository\ufxchipidea.inf_amd64_1c78775fffab6a0a\UfxChipidea.sys [110608 2019-12-07] (Microsoft Corporation)
R3 umbus; C:\WINDOWS\System32\DriverStore\FileRepository\umbus.inf_amd64_b78a9c5b6fd62c27\umbus.sys [58368 2019-12-07] (Microsoft Corporation)
R3 UrsChipidea; C:\WINDOWS\System32\DriverStore\FileRepository\urschipidea.inf_amd64_78ad1c14e33df968\urschipidea.sys [32056 2019-12-07] (Microsoft Corporation)
S3 UrsSynopsys; C:\WINDOWS\System32\DriverStore\FileRepository\urssynopsys.inf_amd64_057fa37902020500\urssynopsys.sys [29496 2019-12-07] (Microsoft Corporation)
S3 usbaudio2; C:\WINDOWS\System32\drivers\usbaudio2.sys [260608 2019-12-07] (Microsoft Corporation)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [24064 2020-11-28] (Microsoft Corporation)
S3 VirtualRender; C:\WINDOWS\System32\DriverStore\FileRepository\vrd.inf_amd64_81fbd405ff2470fc\vrd.sys [11264 2019-12-07] (Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-03-17] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [420072 2021-03-17] (Microsoft Corporation)
S3 WdmCompanionFilter; C:\WINDOWS\System32\drivers\WdmCompanionFilter.sys [23560 2019-12-07] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-03-17] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

NETSVC: TroubleshootingSvc -> C:\Windows\system32\MitigationClient.dll (Microsoft Corporation)
NETSVC: LxpSvc -> C:\Windows\System32\LanguageOverlayServer.dll (Microsoft Corporation)
NETSVC: WManSvc -> C:\Windows\system32\Windows.Management.Service.dll (Microsoft Corporation)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-17 17:07 - 2021-03-17 17:07 - 000036883 _____ C:\Users\Koltmen\Desktop\FRST.txt
2021-03-17 17:03 - 2021-03-17 17:03 - 000042770 _____ C:\Users\Koltmen\Downloads\Einreiseanmeldung (15).pdf
2021-03-17 17:00 - 2021-03-17 17:00 - 000059012 _____ C:\Users\Koltmen\Downloads\Cadova_Vera_1615996825.pdf
2021-03-15 18:26 - 2021-03-15 18:26 - 000042756 _____ C:\Users\Koltmen\Downloads\Einreiseanmeldung (14).pdf
2021-03-15 18:23 - 2021-03-15 18:23 - 000059011 _____ C:\Users\Koltmen\Downloads\Cadova_Vera_1615829038.pdf
2021-03-14 19:39 - 2021-03-14 19:39 - 002346549 _____ C:\Users\Koltmen\Downloads\F57DFDC7-2241-4DD2-89A2-6B56E1E53BF0.jpeg
2021-03-14 19:39 - 2021-03-14 19:39 - 001639669 _____ C:\Users\Koltmen\Downloads\CAC92101-C6E1-475E-95AA-70997988CE2C.jpeg
2021-03-14 18:12 - 2021-03-14 18:12 - 000042606 _____ C:\Users\Koltmen\Downloads\Einreiseanmeldung (13).pdf
2021-03-14 18:08 - 2021-03-14 18:08 - 000059009 _____ C:\Users\Koltmen\Downloads\Cadova_Vera_1615741719.pdf
2021-03-14 04:15 - 2021-03-14 04:15 - 008463216 _____ (Malwarebytes) C:\Users\Koltmen\Downloads\adwcleaner_8.1 (1).exe
2021-03-12 20:42 - 2021-03-12 20:42 - 024272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2021-03-12 20:42 - 2021-03-12 20:42 - 019870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2021-03-12 20:42 - 2021-03-12 20:42 - 018082304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2021-03-12 20:42 - 2021-03-12 20:42 - 007109120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2021-03-12 20:42 - 2021-03-12 20:42 - 006433792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2021-03-12 20:42 - 2021-03-12 20:42 - 004824576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2021-03-12 20:42 - 2021-03-12 20:42 - 004795784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2021-03-12 20:42 - 2021-03-12 20:42 - 004272640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2021-03-12 20:42 - 2021-03-12 20:42 - 003869184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2021-03-12 20:42 - 2021-03-12 20:42 - 003557584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2021-03-12 20:42 - 2021-03-12 20:42 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-03-12 20:42 - 2021-03-12 20:42 - 002659328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2021-03-12 20:42 - 2021-03-12 20:42 - 002520072 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2021-03-12 20:42 - 2021-03-12 20:42 - 002495824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2021-03-12 20:42 - 2021-03-12 20:42 - 002453384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2021-03-12 20:42 - 2021-03-12 20:42 - 002339744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2021-03-12 20:42 - 2021-03-12 20:42 - 002246480 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2021-03-12 20:42 - 2021-03-12 20:42 - 002137264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2021-03-12 20:42 - 2021-03-12 20:42 - 001956552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2021-03-12 20:42 - 2021-03-12 20:42 - 001548624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2021-03-12 20:42 - 2021-03-12 20:42 - 001352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2021-03-12 20:42 - 2021-03-12 20:42 - 001314640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2021-03-12 20:42 - 2021-03-12 20:42 - 001301608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2021-03-12 20:42 - 2021-03-12 20:42 - 001126096 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2021-03-12 20:42 - 2021-03-12 20:42 - 001092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2021-03-12 20:42 - 2021-03-12 20:42 - 001014872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2021-03-12 20:42 - 2021-03-12 20:42 - 000951384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2021-03-12 20:42 - 2021-03-12 20:42 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\opengl32.dll
2021-03-12 20:42 - 2021-03-12 20:42 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2021-03-12 20:42 - 2021-03-12 20:42 - 000837632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2021-03-12 20:42 - 2021-03-12 20:42 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2021-03-12 20:42 - 2021-03-12 20:42 - 000737280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PayloadRestrictions.dll
2021-03-12 20:42 - 2021-03-12 20:42 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVXENCD.DLL
2021-03-12 20:42 - 2021-03-12 20:42 - 000686080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2021-03-12 20:42 - 2021-03-12 20:42 - 000680960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVXENCD.DLL
2021-03-12 20:42 - 2021-03-12 20:42 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2021-03-12 20:42 - 2021-03-12 20:42 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2021-03-12 20:42 - 2021-03-12 20:42 - 000530952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2021-03-12 20:42 - 2021-03-12 20:42 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2021-03-12 20:42 - 2021-03-12 20:42 - 000442880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WalletService.dll
2021-03-12 20:42 - 2021-03-12 20:42 - 000423224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2021-03-12 20:42 - 2021-03-12 20:42 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\provplatformdesktop.dll
2021-03-12 20:42 - 2021-03-12 20:42 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2021-03-12 20:42 - 2021-03-12 20:42 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2021-03-12 20:42 - 2021-03-12 20:42 - 000361072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2021-03-12 20:42 - 2021-03-12 20:42 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2021-03-12 20:42 - 2021-03-12 20:42 - 000289280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConsoleLogon.dll
2021-03-12 20:42 - 2021-03-12 20:42 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\provplatformdesktop.dll
2021-03-12 20:42 - 2021-03-12 20:42 - 000245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glu32.dll
2021-03-12 20:42 - 2021-03-12 20:42 - 000230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2021-03-12 20:42 - 2021-03-12 20:42 - 000219648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Analog.Shell.Broker.dll
2021-03-12 20:42 - 2021-03-12 20:42 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2021-03-12 20:42 - 2021-03-12 20:42 - 000203536 _____ (Microsoft Corporation) C:\WINDOWS\system32\COLORCNV.DLL
2021-03-12 20:42 - 2021-03-12 20:42 - 000176136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COLORCNV.DLL
2021-03-12 20:42 - 2021-03-12 20:42 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2021-03-12 20:42 - 2021-03-12 20:42 - 000166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2021-03-12 20:42 - 2021-03-12 20:42 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\net1.exe
2021-03-12 20:42 - 2021-03-12 20:42 - 000114160 _____ (Microsoft Corporation) C:\WINDOWS\system32\VIDRESZR.DLL
2021-03-12 20:42 - 2021-03-12 20:42 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2021-03-12 20:42 - 2021-03-12 20:42 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbnetlib.dll
2021-03-12 20:42 - 2021-03-12 20:42 - 000100672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VIDRESZR.DLL
2021-03-12 20:42 - 2021-03-12 20:42 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2021-03-12 20:42 - 2021-03-12 20:42 - 000071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2021-03-12 20:42 - 2021-03-12 20:42 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2021-03-12 20:42 - 2021-03-12 20:42 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2021-03-12 20:42 - 2021-03-12 20:42 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2021-03-12 20:42 - 2021-03-12 20:42 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XInput1_4.dll
2021-03-12 20:42 - 2021-03-12 20:42 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
2021-03-12 20:42 - 2021-03-12 20:42 - 000033104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smphost.dll
2021-03-12 20:42 - 2021-03-12 20:42 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2021-03-12 20:42 - 2021-03-12 20:42 - 000018608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshhyperv.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 026273280 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 023451136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 017544704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 014762496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 010842448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 010352424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 008899800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 008237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 008015592 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 007965496 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 007784448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 007639536 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 007634432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 006361144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 006236160 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 006187008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 006004312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 005858144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 005751264 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 005424256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 005070336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 004901888 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 004743168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 004732416 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 004704744 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 004650576 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 004629312 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 004534784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 004437776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 004123184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 004008960 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 003938304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 003901952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 003852800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 003824192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 003815424 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2021-03-12 20:41 - 2021-03-12 20:41 - 003785552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2021-03-12 20:41 - 2021-03-12 20:41 - 003764224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 003749888 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 003592192 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 003507000 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 003394560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 003329536 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 003301376 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 003293184 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 003178832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 003094016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 003067904 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 002990904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2021-03-12 20:41 - 2021-03-12 20:41 - 002970624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 002919424 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2021-03-12 20:41 - 2021-03-12 20:41 - 002821632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 002810296 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-03-12 20:41 - 2021-03-12 20:41 - 002750976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2021-03-12 20:41 - 2021-03-12 20:41 - 002635128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 002602496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 002594128 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 002472040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 002454528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 002437632 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 002378752 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 002349568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 002321800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 002309120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 002268968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 002251264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 002204160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 002179584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 002111488 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsudk.shellcommon.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 002040144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 002024224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 002007352 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 001956352 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 001952912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 001866240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 001843712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 001828352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 001824056 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-03-12 20:41 - 2021-03-12 20:41 - 001787904 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 001784512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 001767936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 001751448 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 001721168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 001720320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 001712128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 001696232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 001695744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 001695248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 001686016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 001587512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 001570640 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 001560064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2021-03-12 20:41 - 2021-03-12 20:41 - 001555136 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 001532416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MoUsoCoreWorker.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 001509728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 001496064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 001494016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 001479680 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 001434624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 001425440 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 001415168 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-03-12 20:41 - 2021-03-12 20:41 - 001393984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 001391616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 001369600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsf3gip.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 001337704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 001335632 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 001335296 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 001331200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-03-12 20:41 - 2021-03-12 20:41 - 001290176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 001278976 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 001268048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 001256448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 001240576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_IME.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 001233920 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 001215816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 001213744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 001198312 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-03-12 20:41 - 2021-03-12 20:41 - 001148416 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 001139536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 001129056 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 001097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 001094656 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskbarcpl.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 001094464 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 001068368 _____ (Microsoft Corporation) C:\WINDOWS\system32\DismApi.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 001064448 _____ (Microsoft Corporation) C:\WINDOWS\system32\opengl32.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 001055696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 001051136 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2021-03-12 20:41 - 2021-03-12 20:41 - 001044304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvstore.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 001044304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 001040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 001021144 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 001021112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 001009232 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000995840 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000973312 _____ (Microsoft Corporation) C:\WINDOWS\system32\PayloadRestrictions.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000965280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 000958976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2021-03-12 20:41 - 2021-03-12 20:41 - 000948736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000944640 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000943416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000940544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 000937472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000923648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000907776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 000906576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2021-03-12 20:41 - 2021-03-12 20:41 - 000896064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000889856 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000887808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000887296 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2021-03-12 20:41 - 2021-03-12 20:41 - 000887296 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntimewindows.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000875008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000873984 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntime.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000863744 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000862208 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000860472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 000822232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000805168 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 000798208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000765400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000764728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000759728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000754688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000754072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000751616 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9on12.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2021-03-12 20:41 - 2021-03-12 20:41 - 000734208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000725616 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 000714240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000714240 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000713528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2021-03-12 20:41 - 2021-03-12 20:41 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000706872 _____ (Microsoft Corporation) C:\WINDOWS\system32\upshared.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000702800 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockController.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 000677712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2021-03-12 20:41 - 2021-03-12 20:41 - 000676112 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000654848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000649216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\agentactivationruntimewindows.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\agentactivationruntime.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.ConversationalAgent.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000630592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000628224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 000615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000611840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000603960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000603264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11on12.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000602176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000601600 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2021-03-12 20:41 - 2021-03-12 20:41 - 000587248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000583600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbemcomn.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000573776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2021-03-12 20:41 - 2021-03-12 20:41 - 000568632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 000568144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9on12.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_PCDisplay.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000554496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000546816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000546304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMPushRouterCore.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000539648 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000539648 _____ (Microsoft Corporation) C:\WINDOWS\system32\IESettingSync.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 000539248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000531984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000522064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 000520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000519064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 000517120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000517120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000502608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2021-03-12 20:41 - 2021-03-12 20:41 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2021-03-12 20:41 - 2021-03-12 20:41 - 000495616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000488632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000482104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 000479744 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 000471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000468448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11on12.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000461112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2021-03-12 20:41 - 2021-03-12 20:41 - 000457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000456088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000454992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2021-03-12 20:41 - 2021-03-12 20:41 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wbemcomn.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AarSvc.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 000419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000412464 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000410064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000403792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2021-03-12 20:41 - 2021-03-12 20:41 - 000403456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000403456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000403456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000402944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SpeechPrivacy.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000389432 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000388888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialEnrollmentManager.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 000382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000379192 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.FileExplorer.Common.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000374952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000362496 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000362032 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000361056 _____ (Microsoft Corporation) C:\WINDOWS\system32\BCP47Langs.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000354816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000350208 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AarSvc.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Authentication.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2021-03-12 20:41 - 2021-03-12 20:41 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2021-03-12 20:41 - 2021-03-12 20:41 - 000328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000312632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000303616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000297984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000288048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dism.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 000286720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000278016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 000272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000269312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000264704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000260944 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000259896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2021-03-12 20:41 - 2021-03-12 20:41 - 000259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2021-03-12 20:41 - 2021-03-12 20:41 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000250704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Workplace.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000249680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\fidocredprov.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Region.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_G18030.DLL
2021-03-12 20:41 - 2021-03-12 20:41 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000223640 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000219648 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000218936 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtutil.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 000215888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2021-03-12 20:41 - 2021-03-12 20:41 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000202544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2021-03-12 20:41 - 2021-03-12 20:41 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtm.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\net1.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 000183296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fidocredprov.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000180736 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000180048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2021-03-12 20:41 - 2021-03-12 20:41 - 000179536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Management.Workplace.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000176944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000175624 _____ (Microsoft Corporation) C:\WINDOWS\system32\BCP47mrm.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAuto.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000174024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\omadmapi.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000171584 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000171024 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 000166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\cimfs.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000164352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\glu32.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\winrscmd.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtm.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.CredentialProvider.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000157048 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000155960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2021-03-12 20:41 - 2021-03-12 20:41 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2021-03-12 20:41 - 2021-03-12 20:41 - 000151864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 000149784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.HardwareId.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000149328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2021-03-12 20:41 - 2021-03-12 20:41 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvsetup.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2021-03-12 20:41 - 2021-03-12 20:41 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000133728 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000132920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys
2021-03-12 20:41 - 2021-03-12 20:41 - 000132760 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000127288 _____ (Microsoft Corporation) C:\WINDOWS\system32\DTUHandler.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winrscmd.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000126552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000122424 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevDispItemProvider.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbnetlib.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 000117584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\DuCsps.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000115728 _____ (Microsoft Corporation) C:\WINDOWS\system32\profapi.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2021-03-12 20:41 - 2021-03-12 20:41 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\spfileq.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2021-03-12 20:41 - 2021-03-12 20:41 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\bindfltapi.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadjcsp.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000099632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManMigrationPlugin.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcnfs.sys
2021-03-12 20:41 - 2021-03-12 20:41 - 000092944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-03-12 20:41 - 2021-03-12 20:41 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spfileq.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmprc.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 000089360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profapi.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmprovhost.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 000086832 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnosticsTool.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardDlg.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ofdeploy.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 000077488 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialEnrollmentManagerForUser.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntlanman.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\xboxgipsvc.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000070968 _____ (Microsoft Corporation) C:\WINDOWS\system32\GameInput.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmpushproxy.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmprovhost.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmRes.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmRes.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000061752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GameInput.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstUI.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessRuntime.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000058392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2021-03-12 20:41 - 2021-03-12 20:41 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardBi.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmpushproxy.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelineprxy.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AssignedAccessRuntime.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\devauthe.sys
2021-03-12 20:41 - 2021-03-12 20:41 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\XInput1_4.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthMini.SYS
2021-03-12 20:41 - 2021-03-12 20:41 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scfilter.sys
2021-03-12 20:41 - 2021-03-12 20:41 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 000042312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000036176 _____ (Microsoft Corporation) C:\WINDOWS\system32\smphost.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 000034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAgent.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wci.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000024312 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerEnc.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DTUHandlerPS.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000020632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerEnc.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_IS2022.DLL
2021-03-12 20:41 - 2021-03-12 20:41 - 000017232 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmplpxy.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\c_GSM7.DLL
2021-03-12 20:41 - 2021-03-12 20:41 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmplpxy.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchTM.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtprio.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000011359 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-03-12 20:41 - 2021-03-12 20:41 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchTM.exe
2021-03-12 20:41 - 2021-03-12 20:41 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtprio.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCertResources.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCertResources.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3r.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3r.dll
2021-03-12 20:35 - 2021-02-09 07:52 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2021-03-12 20:35 - 2021-02-09 07:13 - 000495616 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2021-03-12 19:41 - 2021-03-12 19:41 - 000001269 _____ C:\Users\Koltmen\Downloads\hranol.wrl
2021-03-12 19:41 - 2021-03-12 19:41 - 000001269 _____ C:\Users\Koltmen\Downloads\hranol (1).wrl
2021-03-12 06:01 - 2021-03-12 06:01 - 001810588 _____ C:\WINDOWS\Minidump\031221-15140-01.dmp
2021-03-11 18:36 - 2021-03-11 18:36 - 000042630 _____ C:\Users\Koltmen\Downloads\Einreiseanmeldung (12).pdf
2021-03-10 20:28 - 2021-03-10 20:28 - 000042690 _____ C:\Users\Koltmen\Downloads\Einreiseanmeldung (11).pdf
2021-03-10 20:27 - 2021-03-10 20:27 - 000059010 _____ C:\Users\Koltmen\Downloads\Cadova_Vera_1615404459.pdf
2021-03-08 18:38 - 2021-03-08 18:38 - 000042674 _____ C:\Users\Koltmen\Downloads\Einreiseanmeldung (10).pdf
2021-03-08 18:32 - 2021-03-08 18:32 - 000058484 _____ C:\Users\Koltmen\Downloads\Cadova_Vera_1615224758.pdf
2021-03-07 18:02 - 2021-03-07 18:02 - 000042604 _____ C:\Users\Koltmen\Downloads\Einreiseanmeldung (9).pdf
2021-03-07 17:57 - 2021-03-07 17:57 - 000058726 _____ C:\Users\Koltmen\Downloads\Cadova_Vera_1615136235.pdf
2021-03-07 11:24 - 2021-03-07 11:24 - 000001093 _____ C:\Users\Public\Desktop\Heroes of Might and Magic V - Tribes of the East.lnk
2021-03-07 11:20 - 2021-03-07 11:20 - 000000748 _____ C:\Users\Public\Desktop\Heroes of Might & Magic V - Hammers of Fate.lnk
2021-03-07 11:18 - 2021-03-07 11:18 - 000000736 _____ C:\Users\Public\Desktop\Heroes of Might and Magic V.lnk
2021-03-07 11:16 - 2021-03-07 11:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
2021-03-07 11:16 - 2021-03-07 11:16 - 000000001 _____ C:\WINDOWS\SysWOW64\SI.bin
2021-03-07 06:36 - 2021-03-07 06:36 - 000035342 _____ C:\Users\Koltmen\Downloads\[SkT]Heroes_of_Might_and_Magic_V_ _Hammers_of_fate__ _Tribes_of_the_east_vse_v_cz_dabingu.torrent
2021-03-04 19:05 - 2021-03-04 19:05 - 000042504 _____ C:\Users\Koltmen\Downloads\Einreiseanmeldung (8).pdf
2021-03-03 18:48 - 2021-03-03 18:48 - 000042550 _____ C:\Users\Koltmen\Downloads\Einreiseanmeldung (7).pdf
2021-03-03 18:41 - 2021-03-03 18:41 - 000058721 _____ C:\Users\Koltmen\Downloads\Cadova_Vera_1614793314.pdf
2021-03-01 18:17 - 2021-03-01 18:17 - 000058720 _____ C:\Users\Koltmen\Downloads\Cadova_Vera_1614619027.pdf
2021-02-28 10:32 - 2021-02-28 10:32 - 000042456 _____ C:\Users\Koltmen\Downloads\Einreiseanmeldung (6).pdf
2021-02-28 10:23 - 2021-02-28 10:24 - 000172718 _____ C:\Users\Koltmen\Downloads\Analyseergebnis.pdf
2021-02-28 10:21 - 2021-02-28 10:21 - 000033288 _____ C:\Users\Koltmen\Downloads\Person-ID.pdf
2021-02-28 07:11 - 2021-02-28 07:12 - 000000000 ____D C:\Users\Koltmen\AppData\Local\WhatsApp
2021-02-28 07:11 - 2021-02-28 07:11 - 000002214 _____ C:\Users\Koltmen\Desktop\WhatsApp.lnk
2021-02-26 19:02 - 2021-02-26 19:02 - 000042430 _____ C:\Users\Koltmen\Downloads\Einreiseanmeldung (5).pdf
2021-02-26 05:03 - 2021-02-26 05:03 - 008463216 _____ (Malwarebytes) C:\Users\Koltmen\Downloads\adwcleaner_8.1.exe
2021-02-25 18:21 - 2021-02-25 18:21 - 000042670 _____ C:\Users\Koltmen\Downloads\Einreiseanmeldung (4).pdf
2021-02-25 18:19 - 2021-02-25 18:19 - 000058723 _____ C:\Users\Koltmen\Downloads\Cadova_Vera_1614273567.pdf
2021-02-24 16:54 - 2021-02-24 16:54 - 000042630 _____ C:\Users\Koltmen\Downloads\Einreiseanmeldung (3).pdf
2021-02-24 16:53 - 2021-02-24 16:53 - 000058720 _____ C:\Users\Koltmen\Downloads\Cadova_Vera_1614182013.pdf
2021-02-23 18:12 - 2021-02-23 18:12 - 000042484 _____ C:\Users\Koltmen\Downloads\Einreiseanmeldung (2).pdf
2021-02-23 18:06 - 2021-02-23 18:06 - 000058720 _____ C:\Users\Koltmen\Downloads\Cadova_Vera_1614100014.pdf
2021-02-22 17:12 - 2021-02-22 17:12 - 000042422 _____ C:\Users\Koltmen\Downloads\Einreiseanmeldung (1).pdf
2021-02-22 17:11 - 2021-02-22 17:11 - 000058698 _____ C:\Users\Koltmen\Downloads\Cadova_Vera_1614010271.pdf
2021-02-21 19:46 - 2021-02-21 19:46 - 000042512 _____ C:\Users\Koltmen\Downloads\Einreiseanmeldung.pdf
2021-02-21 19:37 - 2021-02-21 19:37 - 000058698 _____ C:\Users\Koltmen\Downloads\Cadova_Vera_1613932656.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-17 17:07 - 2017-09-15 20:14 - 000000000 ____D C:\FRST
2021-03-17 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-17 16:52 - 2020-11-28 01:04 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-03-17 16:18 - 2018-06-29 18:49 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-03-17 16:18 - 2017-09-29 05:15 - 000000000 ____D C:\ProgramData\NVIDIA
2021-03-15 05:33 - 2019-04-19 18:40 - 000000000 ____D C:\Users\Koltmen\AppData\Roaming\.minecraft
2021-03-15 05:30 - 2021-01-03 09:01 - 000000000 ____D C:\Users\Koltmen\AppData\Roaming\.tlauncher
2021-03-14 14:36 - 2020-08-22 04:30 - 000002426 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-03-14 14:36 - 2020-08-22 04:30 - 000002264 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-03-14 14:36 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-03-14 14:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-03-14 04:14 - 2017-09-16 05:10 - 000000000 ____D C:\AdwCleaner
2021-03-14 04:13 - 2017-06-09 17:15 - 000000000 __SHD C:\Users\Koltmen\IntelGraphicsProfiles
2021-03-13 05:56 - 2017-06-09 18:54 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-03-13 05:56 - 2017-06-09 18:54 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-03-13 05:52 - 2020-11-28 01:15 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-03-13 05:52 - 2019-12-07 15:41 - 000718024 _____ C:\WINDOWS\system32\perfh005.dat
2021-03-13 05:52 - 2019-12-07 15:41 - 000145166 _____ C:\WINDOWS\system32\perfc005.dat
2021-03-13 05:52 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-03-13 05:50 - 2020-11-28 01:12 - 000003382 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-128453223-1902492851-2738235570-1001
2021-03-13 05:50 - 2020-11-28 01:06 - 000002374 _____ C:\Users\Koltmen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-03-13 05:50 - 2017-06-09 17:16 - 000000000 ___RD C:\Users\Koltmen\OneDrive
2021-03-13 05:45 - 2020-11-28 01:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-13 05:45 - 2020-11-28 01:04 - 000008192 ___SH C:\DumpStack.log.tmp
2021-03-13 05:45 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-03-12 21:06 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-03-12 21:05 - 2020-11-28 01:04 - 000548880 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-03-12 21:05 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-03-12 21:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-03-12 21:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-03-12 21:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-03-12 21:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-03-12 21:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-03-12 21:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-03-12 21:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-03-12 21:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-03-12 21:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-03-12 21:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-03-12 21:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-03-12 21:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-03-12 20:44 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-03-12 20:35 - 2017-06-09 19:04 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-03-12 20:32 - 2017-06-09 19:04 - 131005360 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-03-12 19:41 - 2018-02-20 19:17 - 000000000 ___RD C:\Users\Koltmen\3D Objects
2021-03-12 19:25 - 2017-07-20 05:57 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-03-12 19:16 - 2017-06-21 15:19 - 000119168 _____ C:\Users\Koltmen\AppData\Local\GDIPFONTCACHEV1.DAT
2021-03-12 17:48 - 2020-11-28 01:06 - 000000000 ____D C:\Users\Koltmen
2021-03-12 06:01 - 2021-01-11 10:30 - 000000000 ____D C:\WINDOWS\Minidump
2021-03-11 18:33 - 2020-10-31 19:48 - 000000000 ___HD C:\$WinREAgent
2021-03-07 18:04 - 2019-11-10 08:41 - 000000000 ____D C:\Users\Koltmen\AppData\Roaming\qBittorrent
2021-03-07 11:26 - 2017-07-08 05:56 - 000000000 ____D C:\Users\Koltmen\Documents\My Games
2021-03-07 11:23 - 2017-02-17 05:02 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-03-07 07:26 - 2017-06-22 15:43 - 000000000 ____D C:\Users\Koltmen\AppData\Roaming\vlc
2021-03-07 07:23 - 2019-08-07 08:50 - 000000000 ____D C:\Users\Koltmen\Desktop\Nová složka
2021-03-04 11:12 - 2020-11-28 06:05 - 000003490 _____ C:\WINDOWS\System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6c51ad35f69aa
2021-03-04 11:12 - 2020-11-28 01:12 - 000003584 _____ C:\WINDOWS\System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-28 07:18 - 2020-09-26 17:23 - 000000000 ____D C:\Users\Koltmen\AppData\Roaming\WhatsApp
2021-02-28 07:11 - 2020-09-26 17:23 - 000000000 ____D C:\Users\Koltmen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2021-02-28 07:11 - 2020-09-26 17:23 - 000000000 ____D C:\Users\Koltmen\AppData\Local\SquirrelTemp
2021-02-27 10:56 - 2020-11-28 01:12 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2021-02-23 18:24 - 2020-10-25 03:47 - 000107936 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\WudfUpdate_02000.dll
2021-02-23 18:24 - 2020-10-25 03:47 - 000062368 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.InfInstaller.exe
2021-02-23 18:24 - 2017-12-16 06:55 - 000107936 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.CoInstaller.dll
2021-02-23 18:23 - 2020-10-25 03:47 - 000429936 _____ (Lenovo Group Limited) C:\WINDOWS\system32\iMDriverHelper.dll
2021-02-21 08:44 - 2020-10-25 17:32 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-02-15 18:53 - 2020-11-28 01:12 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update

==================== Files in the root of some directories =======

2017-09-15 19:15 - 2017-09-15 19:19 - 000000600 _____ () C:\Users\Koltmen\AppData\Local\PUTTY.RND
2019-08-21 05:20 - 2019-08-21 05:20 - 000000017 _____ () C:\Users\Koltmen\AppData\Local\resmon.resmoncfg
2017-09-29 05:16 - 2017-09-29 05:16 - 000000000 _____ () C:\ProgramData\DP45977C.lfl
2017-09-29 05:16 - 2017-09-29 05:16 - 000000102 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc

Some files in TEMP:
====================
2021-03-12 06:02 - 2021-03-12 06:02 - 000108144 _____ (Sony DADC Austria AG.) C:\Users\Koltmen\AppData\Local\Temp\CmdLineExt.dll
2021-03-12 06:02 - 2021-03-12 06:02 - 000065536 _____ (Sony DADC Austria AG) C:\Users\Koltmen\AppData\Local\Temp\drm_dialogs.dll
2021-03-07 07:26 - 2021-03-07 07:26 - 041436128 _____ () C:\Users\Koltmen\AppData\Local\Temp\vlc-3.0.12-win32.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
C:\WINDOWS\system32\codeintegrity\Bootcat.cache IS MISSING <==== ATTENTION

==================== End of FRST.txt ============================

Re: Prosím o kontrolu logu

Napsal: 17 bře 2021 17:58
od Rudy
Zdravím!
Stáhněte si nový FRST, váš má prošlou expiraci:
ATTENTION: ====> FRSTversion is 1278 days old and could be outdated
Pak udělejte nový sken a dejte logy FRST+Addition https://forum.viry.cz/viewtopic.php?f=13&t=154679 .

Re: Prosím o kontrolu logu

Napsal: 20 bře 2021 05:20
od koltmen
Zasílám logy z aktuální verze, Ještě jednou prosím o kontrolu.
Děkuji.

Re: Prosím o kontrolu logu

Napsal: 20 bře 2021 11:37
od Rudy
Teď spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Re: Prosím o kontrolu logu

Napsal: 21 bře 2021 06:41
od koltmen
# -------------------------------
# Malwarebytes AdwCleaner 8.1.0.0
# -------------------------------
# Build: 02-15-2021
# Database: 2021-03-09.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-21-2021
# Duration: 00:00:00
# OS: Windows 10 Home
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

Deleted nladljmabboanhihfkjacnnkgjhnokhj

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner_Debug.log - [79363 octets] - [24/08/2019 06:10:34]
AdwCleaner[S00].txt - [3108 octets] - [24/08/2019 06:11:30]
AdwCleaner[C00].txt - [2875 octets] - [24/08/2019 06:13:07]
AdwCleaner[S01].txt - [1601 octets] - [31/08/2019 06:14:37]
AdwCleaner[C01].txt - [1696 octets] - [31/08/2019 06:15:02]
AdwCleaner[S02].txt - [3149 octets] - [26/02/2021 05:04:01]
AdwCleaner[C02].txt - [2304 octets] - [26/02/2021 05:04:47]
AdwCleaner[S03].txt - [2822 octets] - [14/03/2021 04:15:49]
AdwCleaner[C03].txt - [2033 octets] - [14/03/2021 04:16:06]
AdwCleaner[S04].txt - [2944 octets] - [21/03/2021 06:39:03]
AdwCleaner[S05].txt - [3005 octets] - [21/03/2021 06:40:09]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C05].txt ##########

Re: Prosím o kontrolu logu

Napsal: 21 bře 2021 11:24
od Rudy
OK. Dejte nové logy FRST+Addition.

Re: Prosím o kontrolu logu

Napsal: 22 bře 2021 19:17
od koltmen
Aktuální logy zasílám v příloze.

Re: Prosím o kontrolu logu

Napsal: 22 bře 2021 20:03
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645648 2019-10-05] (Oracle America, Inc. -> Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTIONHKU\S-1-5-21-128453223-1902492851-2738235570-1001\...\Run: [Koltmen] => explorer.exe hxxp://dinoraptzor.org <==== ATTENTION
HKU\S-1-5-21-128453223-1902492851-2738235570-1001\...\Policies\Explorer: []
HKU\S-1-5-21-128453223-1902492851-2738235570-1001\...\MountPoints2: {12905d53-6217-11e7-83df-0028f8690842} - "G:\AutoRun.exe"
HKU\S-1-5-21-128453223-1902492851-2738235570-1001\...\MountPoints2: {897fc491-0190-11eb-8437-0028f8690842} - "H:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-128453223-1902492851-2738235570-1001\...\MountPoints2: {c607fb7c-6cab-11e7-83e0-0028f8690842} - "G:\setup.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {083F4A58-9EFD-4B0D-92F1-FE3750E71202} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-09] (Google Inc -> Google Inc.)
Task: {C54FC365-84C8-4BD3-9A9D-7BB04AC909C4} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {D52316BD-CD8A-4712-85CF-35D12172C05E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-09] (Google Inc -> Google Inc.)
C:\DumpStack.log.tmp
CustomCLSID: HKU\S-1-5-21-128453223-1902492851-2738235570-1001_Classes\CLSID\{9AAF0EB6-42D8-46C1-A2EF-679511B37A0D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-128453223-1902492851-2738235570-1001_Classes\CLSID\{B6EB585B-B467-4E46-A9C7-48D7D6FD26CB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe => No File
CustomCLSID: HKU\S-1-5-21-128453223-1902492851-2738235570-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2018\cs-CZ\acadficn.dll => No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]
HKU\S-1-5-21-128453223-1902492851-2738235570-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKU\S-1-5-21-128453223-1902492851-2738235570-1001 -> DefaultScope {5C4B48B4-90EA-4CC6-A4D6-846F8531BA12} URL =
SearchScopes: HKU\S-1-5-21-128453223-1902492851-2738235570-1001 -> {5C4B48B4-90EA-4CC6-A4D6-846F8531BA12} URL =
FirewallRules: [{90AB5324-5F45-4895-B16A-3B11CD226658}] => (Allow) C:\Users\Koltmen\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{2517F4A8-231C-4529-9FE1-DE1499F7BD92}] => (Allow) C:\Users\Koltmen\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [UDP Query User{61F029A0-1218-45F2-81D6-8B30AAAF9C03}E:\hry\far cry 4\bin\farcry4.exe] => (Block) E:\hry\far cry 4\bin\farcry4.exe => No File
FirewallRules: [TCP Query User{66AB788F-4A66-4E89-B535-E6E841A1828B}E:\hry\far cry 4\bin\farcry4.exe] => (Block) E:\hry\far cry 4\bin\farcry4.exe => No File
FirewallRules: [UDP Query User{7396B96B-AF78-4D19-9B06-84FE3F5C9509}E:\hry\far cry 4\bin\farcry4.exe] => (Block) E:\hry\far cry 4\bin\farcry4.exe => No File
FirewallRules: [TCP Query User{FF7B3B0B-3BD9-47B7-8D92-A052927CE892}E:\hry\far cry 4\bin\farcry4.exe] => (Block) E:\hry\far cry 4\bin\farcry4.exe => No File
FirewallRules: [UDP Query User{89EA4278-8D28-4AEE-A765-2BC09DA942C2}E:\hry\dead island definitive edition\deadislandgame.exe] => (Allow) E:\hry\dead island definitive edition\deadislandgame.exe => No File
FirewallRules: [TCP Query User{C785A2F1-18B0-4FBD-B6B7-79AA671DCBD5}E:\hry\dead island definitive edition\deadislandgame.exe] => (Allow) E:\hry\dead island definitive edition\deadislandgame.exe => No File
FirewallRules: [UDP Query User{B797195E-7620-4B3A-976C-818BE102EBF9}C:\program files (x86)\sniper ghost warrior 3\win_x64\sgw3.exe] => (Allow) C:\program files (x86)\sniper ghost warrior 3\win_x64\sgw3.exe => No File
FirewallRules: [TCP Query User{A60D2EC3-ECFC-48E3-95AD-CDAF399D7C8C}C:\program files (x86)\sniper ghost warrior 3\win_x64\sgw3.exe] => (Allow) C:\program files (x86)\sniper ghost warrior 3\win_x64\sgw3.exe => No File
FirewallRules: [UDP Query User{09032C54-DEB8-4997-8839-2C21E8C44DCC}C:\program files (x86)\sniper ghost warrior 3\win_x64\sgw3.exe] => (Block) C:\program files (x86)\sniper ghost warrior 3\win_x64\sgw3.exe => No File
FirewallRules: [TCP Query User{B03440A9-F26D-4B81-9558-E8B355B7292E}C:\program files (x86)\sniper ghost warrior 3\win_x64\sgw3.exe] => (Block) C:\program files (x86)\sniper ghost warrior 3\win_x64\sgw3.exe => No File
FirewallRules: [UDP Query User{C21D3B8B-BCE7-480A-B9E7-AF41DE825A7A}C:\program files (x86)\far cry primal\bin\fcprimal.exe] => (Block) C:\program files (x86)\far cry primal\bin\fcprimal.exe => No File
FirewallRules: [TCP Query User{ACC1906E-FC0F-491D-8983-9EAD254B0BD3}C:\program files (x86)\far cry primal\bin\fcprimal.exe] => (Block) C:\program files (x86)\far cry primal\bin\fcprimal.exe => No File
FirewallRules: [{FAB2F1C1-DE10-4219-B509-23728B647504}] => (Allow) C:\Users\Koltmen\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{002A751B-B180-4C1C-9AB1-93963445B9CA}] => (Allow) C:\Users\Koltmen\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [TCP Query User{C2EF41CB-89F5-4492-BC34-EA6511D37992}E:\hry\spintires\igg-spintires.build 25.12.2015\client\spintires.exe] => (Allow) E:\hry\spintires\igg-spintires.build 25.12.2015\client\spintires.exe => No File
FirewallRules: [UDP Query User{E9AAEDA3-157D-4AEE-87EE-BBF324AE14DB}E:\hry\spintires\igg-spintires.build 25.12.2015\client\spintires.exe] => (Allow) E:\hry\spintires\igg-spintires.build 25.12.2015\client\spintires.exe => No File
FirewallRules: [TCP Query User{2A56D011-5A3E-4799-9165-427319288AC7}E:\hry\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe] => (Allow) E:\hry\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe => No File
FirewallRules: [UDP Query User{0FBF22B5-370A-482B-BA6F-2DAF492D9CDF}E:\hry\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe] => (Allow) E:\hry\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe => No File
FirewallRules: [TCP Query User{33256473-5E53-42DB-BE34-71A6141F0940}E:\hry\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe] => (Allow) E:\hry\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe => No File
FirewallRules: [UDP Query User{56F15FBD-633E-4419-BA74-333A5586D99F}E:\hry\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe] => (Allow) E:\hry\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe => No File
FirewallRules: [TCP Query User{B6B487E1-81B0-4566-A23D-917E35D59491}E:\hry\the sims 4 seasons\game\bin\ts4_x64.exe] => (Block) E:\hry\the sims 4 seasons\game\bin\ts4_x64.exe => No File
FirewallRules: [UDP Query User{8F791966-E582-4442-B12A-72F7146D578E}E:\hry\the sims 4 seasons\game\bin\ts4_x64.exe] => (Block) E:\hry\the sims 4 seasons\game\bin\ts4_x64.exe => No File
FirewallRules: [TCP Query User{815BAD04-7DE4-46FC-BCE3-BCE1E0CDCAFA}E:\hry\the sims 4 seasons\game\bin\ts4.exe] => (Allow) E:\hry\the sims 4 seasons\game\bin\ts4.exe => No File
FirewallRules: [UDP Query User{57F29949-5451-4DC7-8ED6-61D3600BB2B2}E:\hry\the sims 4 seasons\game\bin\ts4.exe] => (Allow) E:\hry\the sims 4 seasons\game\bin\ts4.exe => No File
FirewallRules: [TCP Query User{BB876082-D134-4BE5-8F0D-64B97CFF7464}E:\hry\the sims 4\game\bin\ts4.exe] => (Block) E:\hry\the sims 4\game\bin\ts4.exe => No File
FirewallRules: [UDP Query User{E400FC3E-7B1E-4B15-82FD-8F0820D8E89A}E:\hry\the sims 4\game\bin\ts4.exe] => (Block) E:\hry\the sims 4\game\bin\ts4.exe => No File
FirewallRules: [TCP Query User{C5ED53E7-F443-4727-ACE1-57E8BA2BECBF}C:\program files (x86)\java\jre1.8.0_211\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_211\bin\javaw.exe => No File

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Prosím o kontrolu logu

Napsal: 28 bře 2021 12:43
od koltmen
Fix result of Farbar Recovery Scan Tool (x64) Version: 26-03-2021
Ran by Koltmen (28-03-2021 08:09:09) Run:1
Running from C:\Users\Koltmen\Desktop
Loaded Profiles: defaultuser0 & Koltmen
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645648 2019-10-05] (Oracle America, Inc. -> Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTIONHKU\S-1-5-21-128453223-1902492851-2738235570-1001\...\Run: [Koltmen] => explorer.exe hxxp://dinoraptzor.org <==== ATTENTION
HKU\S-1-5-21-128453223-1902492851-2738235570-1001\...\Policies\Explorer: []
HKU\S-1-5-21-128453223-1902492851-2738235570-1001\...\MountPoints2: {12905d53-6217-11e7-83df-0028f8690842} - "G:\AutoRun.exe"
HKU\S-1-5-21-128453223-1902492851-2738235570-1001\...\MountPoints2: {897fc491-0190-11eb-8437-0028f8690842} - "H:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-128453223-1902492851-2738235570-1001\...\MountPoints2: {c607fb7c-6cab-11e7-83e0-0028f8690842} - "G:\setup.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {083F4A58-9EFD-4B0D-92F1-FE3750E71202} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-09] (Google Inc -> Google Inc.)
Task: {C54FC365-84C8-4BD3-9A9D-7BB04AC909C4} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {D52316BD-CD8A-4712-85CF-35D12172C05E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-09] (Google Inc -> Google Inc.)
C:\DumpStack.log.tmp
CustomCLSID: HKU\S-1-5-21-128453223-1902492851-2738235570-1001_Classes\CLSID\{9AAF0EB6-42D8-46C1-A2EF-679511B37A0D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-128453223-1902492851-2738235570-1001_Classes\CLSID\{B6EB585B-B467-4E46-A9C7-48D7D6FD26CB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe => No File
CustomCLSID: HKU\S-1-5-21-128453223-1902492851-2738235570-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2018\cs-CZ\acadficn.dll => No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]
HKU\S-1-5-21-128453223-1902492851-2738235570-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKU\S-1-5-21-128453223-1902492851-2738235570-1001 -> DefaultScope {5C4B48B4-90EA-4CC6-A4D6-846F8531BA12} URL =
SearchScopes: HKU\S-1-5-21-128453223-1902492851-2738235570-1001 -> {5C4B48B4-90EA-4CC6-A4D6-846F8531BA12} URL =
FirewallRules: [{90AB5324-5F45-4895-B16A-3B11CD226658}] => (Allow) C:\Users\Koltmen\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{2517F4A8-231C-4529-9FE1-DE1499F7BD92}] => (Allow) C:\Users\Koltmen\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [UDP Query User{61F029A0-1218-45F2-81D6-8B30AAAF9C03}E:\hry\far cry 4\bin\farcry4.exe] => (Block) E:\hry\far cry 4\bin\farcry4.exe => No File
FirewallRules: [TCP Query User{66AB788F-4A66-4E89-B535-E6E841A1828B}E:\hry\far cry 4\bin\farcry4.exe] => (Block) E:\hry\far cry 4\bin\farcry4.exe => No File
FirewallRules: [UDP Query User{7396B96B-AF78-4D19-9B06-84FE3F5C9509}E:\hry\far cry 4\bin\farcry4.exe] => (Block) E:\hry\far cry 4\bin\farcry4.exe => No File
FirewallRules: [TCP Query User{FF7B3B0B-3BD9-47B7-8D92-A052927CE892}E:\hry\far cry 4\bin\farcry4.exe] => (Block) E:\hry\far cry 4\bin\farcry4.exe => No File
FirewallRules: [UDP Query User{89EA4278-8D28-4AEE-A765-2BC09DA942C2}E:\hry\dead island definitive edition\deadislandgame.exe] => (Allow) E:\hry\dead island definitive edition\deadislandgame.exe => No File
FirewallRules: [TCP Query User{C785A2F1-18B0-4FBD-B6B7-79AA671DCBD5}E:\hry\dead island definitive edition\deadislandgame.exe] => (Allow) E:\hry\dead island definitive edition\deadislandgame.exe => No File
FirewallRules: [UDP Query User{B797195E-7620-4B3A-976C-818BE102EBF9}C:\program files (x86)\sniper ghost warrior 3\win_x64\sgw3.exe] => (Allow) C:\program files (x86)\sniper ghost warrior 3\win_x64\sgw3.exe => No File
FirewallRules: [TCP Query User{A60D2EC3-ECFC-48E3-95AD-CDAF399D7C8C}C:\program files (x86)\sniper ghost warrior 3\win_x64\sgw3.exe] => (Allow) C:\program files (x86)\sniper ghost warrior 3\win_x64\sgw3.exe => No File
FirewallRules: [UDP Query User{09032C54-DEB8-4997-8839-2C21E8C44DCC}C:\program files (x86)\sniper ghost warrior 3\win_x64\sgw3.exe] => (Block) C:\program files (x86)\sniper ghost warrior 3\win_x64\sgw3.exe => No File
FirewallRules: [TCP Query User{B03440A9-F26D-4B81-9558-E8B355B7292E}C:\program files (x86)\sniper ghost warrior 3\win_x64\sgw3.exe] => (Block) C:\program files (x86)\sniper ghost warrior 3\win_x64\sgw3.exe => No File
FirewallRules: [UDP Query User{C21D3B8B-BCE7-480A-B9E7-AF41DE825A7A}C:\program files (x86)\far cry primal\bin\fcprimal.exe] => (Block) C:\program files (x86)\far cry primal\bin\fcprimal.exe => No File
FirewallRules: [TCP Query User{ACC1906E-FC0F-491D-8983-9EAD254B0BD3}C:\program files (x86)\far cry primal\bin\fcprimal.exe] => (Block) C:\program files (x86)\far cry primal\bin\fcprimal.exe => No File
FirewallRules: [{FAB2F1C1-DE10-4219-B509-23728B647504}] => (Allow) C:\Users\Koltmen\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{002A751B-B180-4C1C-9AB1-93963445B9CA}] => (Allow) C:\Users\Koltmen\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [TCP Query User{C2EF41CB-89F5-4492-BC34-EA6511D37992}E:\hry\spintires\igg-spintires.build 25.12.2015\client\spintires.exe] => (Allow) E:\hry\spintires\igg-spintires.build 25.12.2015\client\spintires.exe => No File
FirewallRules: [UDP Query User{E9AAEDA3-157D-4AEE-87EE-BBF324AE14DB}E:\hry\spintires\igg-spintires.build 25.12.2015\client\spintires.exe] => (Allow) E:\hry\spintires\igg-spintires.build 25.12.2015\client\spintires.exe => No File
FirewallRules: [TCP Query User{2A56D011-5A3E-4799-9165-427319288AC7}E:\hry\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe] => (Allow) E:\hry\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe => No File
FirewallRules: [UDP Query User{0FBF22B5-370A-482B-BA6F-2DAF492D9CDF}E:\hry\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe] => (Allow) E:\hry\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe => No File
FirewallRules: [TCP Query User{33256473-5E53-42DB-BE34-71A6141F0940}E:\hry\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe] => (Allow) E:\hry\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe => No File
FirewallRules: [UDP Query User{56F15FBD-633E-4419-BA74-333A5586D99F}E:\hry\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe] => (Allow) E:\hry\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe => No File
FirewallRules: [TCP Query User{B6B487E1-81B0-4566-A23D-917E35D59491}E:\hry\the sims 4 seasons\game\bin\ts4_x64.exe] => (Block) E:\hry\the sims 4 seasons\game\bin\ts4_x64.exe => No File
FirewallRules: [UDP Query User{8F791966-E582-4442-B12A-72F7146D578E}E:\hry\the sims 4 seasons\game\bin\ts4_x64.exe] => (Block) E:\hry\the sims 4 seasons\game\bin\ts4_x64.exe => No File
FirewallRules: [TCP Query User{815BAD04-7DE4-46FC-BCE3-BCE1E0CDCAFA}E:\hry\the sims 4 seasons\game\bin\ts4.exe] => (Allow) E:\hry\the sims 4 seasons\game\bin\ts4.exe => No File
FirewallRules: [UDP Query User{57F29949-5451-4DC7-8ED6-61D3600BB2B2}E:\hry\the sims 4 seasons\game\bin\ts4.exe] => (Allow) E:\hry\the sims 4 seasons\game\bin\ts4.exe => No File
FirewallRules: [TCP Query User{BB876082-D134-4BE5-8F0D-64B97CFF7464}E:\hry\the sims 4\game\bin\ts4.exe] => (Block) E:\hry\the sims 4\game\bin\ts4.exe => No File
FirewallRules: [UDP Query User{E400FC3E-7B1E-4B15-82FD-8F0820D8E89A}E:\hry\the sims 4\game\bin\ts4.exe] => (Block) E:\hry\the sims 4\game\bin\ts4.exe => No File
FirewallRules: [TCP Query User{C5ED53E7-F443-4727-ACE1-57E8BA2BECBF}C:\program files (x86)\java\jre1.8.0_211\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_211\bin\javaw.exe => No File

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTIONHKU\S-1-5-21-128453223-1902492851-2738235570-1001\...\Run: [Koltmen] => explorer.exe hxxp://dinoraptzor.org <==== ATTENTION => restored successfully
"HKU\S-1-5-21-128453223-1902492851-2738235570-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\" => removed successfully
HKU\S-1-5-21-128453223-1902492851-2738235570-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{12905d53-6217-11e7-83df-0028f8690842} => removed successfully
HKU\S-1-5-21-128453223-1902492851-2738235570-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{897fc491-0190-11eb-8437-0028f8690842} => removed successfully
HKU\S-1-5-21-128453223-1902492851-2738235570-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c607fb7c-6cab-11e7-83e0-0028f8690842} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{083F4A58-9EFD-4B0D-92F1-FE3750E71202}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{083F4A58-9EFD-4B0D-92F1-FE3750E71202}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C54FC365-84C8-4BD3-9A9D-7BB04AC909C4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C54FC365-84C8-4BD3-9A9D-7BB04AC909C4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D52316BD-CD8A-4712-85CF-35D12172C05E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D52316BD-CD8A-4712-85CF-35D12172C05E}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
HKU\S-1-5-21-128453223-1902492851-2738235570-1001_Classes\CLSID\{9AAF0EB6-42D8-46C1-A2EF-679511B37A0D} => removed successfully
HKU\S-1-5-21-128453223-1902492851-2738235570-1001_Classes\CLSID\{B6EB585B-B467-4E46-A9C7-48D7D6FD26CB} => removed successfully
HKU\S-1-5-21-128453223-1902492851-2738235570-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005} => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
C:\ProgramData\Reprise => ":wupeogjxldtlfudivq`qsp`27hfm" ADS removed successfully
"HKU\S-1-5-21-128453223-1902492851-2738235570-1001\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages" => removed successfully
"HKU\S-1-5-21-128453223-1902492851-2738235570-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-128453223-1902492851-2738235570-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5C4B48B4-90EA-4CC6-A4D6-846F8531BA12} => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{90AB5324-5F45-4895-B16A-3B11CD226658}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2517F4A8-231C-4529-9FE1-DE1499F7BD92}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{61F029A0-1218-45F2-81D6-8B30AAAF9C03}E:\hry\far cry 4\bin\farcry4.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{66AB788F-4A66-4E89-B535-E6E841A1828B}E:\hry\far cry 4\bin\farcry4.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{7396B96B-AF78-4D19-9B06-84FE3F5C9509}E:\hry\far cry 4\bin\farcry4.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{FF7B3B0B-3BD9-47B7-8D92-A052927CE892}E:\hry\far cry 4\bin\farcry4.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{89EA4278-8D28-4AEE-A765-2BC09DA942C2}E:\hry\dead island definitive edition\deadislandgame.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C785A2F1-18B0-4FBD-B6B7-79AA671DCBD5}E:\hry\dead island definitive edition\deadislandgame.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B797195E-7620-4B3A-976C-818BE102EBF9}C:\program files (x86)\sniper ghost warrior 3\win_x64\sgw3.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A60D2EC3-ECFC-48E3-95AD-CDAF399D7C8C}C:\program files (x86)\sniper ghost warrior 3\win_x64\sgw3.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{09032C54-DEB8-4997-8839-2C21E8C44DCC}C:\program files (x86)\sniper ghost warrior 3\win_x64\sgw3.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B03440A9-F26D-4B81-9558-E8B355B7292E}C:\program files (x86)\sniper ghost warrior 3\win_x64\sgw3.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C21D3B8B-BCE7-480A-B9E7-AF41DE825A7A}C:\program files (x86)\far cry primal\bin\fcprimal.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{ACC1906E-FC0F-491D-8983-9EAD254B0BD3}C:\program files (x86)\far cry primal\bin\fcprimal.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FAB2F1C1-DE10-4219-B509-23728B647504}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{002A751B-B180-4C1C-9AB1-93963445B9CA}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C2EF41CB-89F5-4492-BC34-EA6511D37992}E:\hry\spintires\igg-spintires.build 25.12.2015\client\spintires.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E9AAEDA3-157D-4AEE-87EE-BBF324AE14DB}E:\hry\spintires\igg-spintires.build 25.12.2015\client\spintires.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{2A56D011-5A3E-4799-9165-427319288AC7}E:\hry\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0FBF22B5-370A-482B-BA6F-2DAF492D9CDF}E:\hry\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{33256473-5E53-42DB-BE34-71A6141F0940}E:\hry\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{56F15FBD-633E-4419-BA74-333A5586D99F}E:\hry\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B6B487E1-81B0-4566-A23D-917E35D59491}E:\hry\the sims 4 seasons\game\bin\ts4_x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{8F791966-E582-4442-B12A-72F7146D578E}E:\hry\the sims 4 seasons\game\bin\ts4_x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{815BAD04-7DE4-46FC-BCE3-BCE1E0CDCAFA}E:\hry\the sims 4 seasons\game\bin\ts4.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{57F29949-5451-4DC7-8ED6-61D3600BB2B2}E:\hry\the sims 4 seasons\game\bin\ts4.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{BB876082-D134-4BE5-8F0D-64B97CFF7464}E:\hry\the sims 4\game\bin\ts4.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E400FC3E-7B1E-4B15-82FD-8F0820D8E89A}E:\hry\the sims 4\game\bin\ts4.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C5ED53E7-F443-4727-ACE1-57E8BA2BECBF}C:\program files (x86)\java\jre1.8.0_211\bin\javaw.exe" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 296249771 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 2063913 B
Edge => 3325082 B
Chrome => 560479415 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 176648 B
defaultuser0 => 176648 B
Koltmen => 29995528 B

RecycleBin => 0 B
EmptyTemp: => 861.1 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 28-03-2021 12:46:03)

C:\DumpStack.log.tmp => Could not move

==== End of Fixlog 12:46:03 ====

Re: Prosím o kontrolu logu

Napsal: 28 bře 2021 15:05
od Rudy
Smazáno. Nastala nějaká změna?

Re: Prosím o kontrolu logu

Napsal: 13 dub 2021 13:33
od koltmen
Dobrý den,
omlouvám se za pozdní odpověď.. na PC už nevyskakují náhodně okna v prohlížeči a pocitově se i zrychlil.

Děkuji za pomoc.

Re: Prosím o kontrolu logu

Napsal: 13 dub 2021 13:59
od Rudy
To jsem rád a nemáte zač! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz