Prosím o kontrolu logu Vyřešeno

[buripe]

Fix result of Farbar Recovery Scan Tool (x64) Version: 29-12-2022
Ran by 4815162342 (07-01-2023 22:38:34) Run:1
Running from C:\Users\893\Desktop
Loaded Profiles: 4815162342
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
C:\FRST
EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.

"C:\FRST" folder move:

Could not move "C:\FRST" => Scheduled to move on reboot.


=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 786432 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 12612672 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 370686 B
Edge => 0 B
Chrome => 319297144 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 18682 B
NetworkService => 24194 B
893 => 4705388 B

RecycleBin => 0 B
EmptyTemp: => 322.2 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 07-01-2023 22:43:34)

C:\FRST => Could not move

==== End of Fixlog 22:43:34 ====

[Reklama]

[buripe]

# DelFix v1.010 - Logfile created 07/01/2023 at 22:47:25
# Updated 26/04/2015 by Xplode
# Username : 4815162342 - LASVEGAS
# Operating System : Windows 10 Enterprise (64 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\Users\893\Desktop\Fixlog.txt
Deleted : C:\Users\893\Desktop\FRST64.exe

~ Cleaning system restore ...

Deleted : RP #108 [End of disinfection | 01/07/2023 19:13:56]

New restore point created !

########## - EOF - ##########

[buripe]

C:/FRST stále nesmazáno.
V nouz. režimu nejde smazat.
Převzetí práv jsem zkoušel už s tou složkou zoek a i teď, bez výsledku.
Ano, spouštím jako správce.

[jaro3]

Could not move "C:\FRST" => Scheduled to move on reboot.
byl restart?

Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

[buripe]

Ano, restart mě nabídl sám FRST, po restartujte byl FRST otevřeny s hláškou, že vytvořil log.

Další krok až zítra

[jaro3]

OK. Ještě to projedeme jiným programem a pak smažeme ten frst.exe.

[buripe]

OTL logfile created on: 08.01.2023 11:18:03 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\893\Desktop
64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.19041.0)
Locale: 00000405 | Country: Česko | Language: CSY | Date Format: dd.MM.yyyy

3,86 Gb Total Physical Memory | 1,79 Gb Available Physical Memory | 46,27% Memory free
5,18 Gb Paging File | 3,04 Gb Available in Paging File | 58,75% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 464,70 Gb Total Space | 201,35 Gb Free Space | 43,33% Space Free | Partition Type: NTFS

Computer Name: LASVEGAS | User Name: 4815162342 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found
PRC - C:\Users\893\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\AntiTrackSvc.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\afwServ.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\aswEngSrv.exe (AVAST Software)
PRC - C:\Windows\SysWOW64\fontdrvhost.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Inc.)
PRC - C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe (Google LLC)
PRC - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe (Microsoft Corporation)


========== Modules (No Company Name) ==========

MOD - C:\Windows\SysWOW64\TextShaping.dll ()
MOD - C:\Windows\SysWOW64\umpdc.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll ()


========== Services (SafeList) ==========

SRV:64bit: - (ose64) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE File not found
SRV:64bit: - (CleanupPSvc) -- C:\Program Files\AVAST Software\Cleanup\TuneupSvc.exe (AVAST Software)
SRV:64bit: - (SecureLine) -- C:\Program Files\AVAST Software\SecureLine VPN\VpnSvc.exe (AVAST Software)
SRV:64bit: - (avast! Firewall) -- C:\Program Files\AVAST Software\Avast\afwServ.exe (AVAST Software)
SRV:64bit: - (OneDrive Updater Service) -- C:\Program Files\Microsoft OneDrive\22.238.1114.0002\OneDriveUpdaterService.exe (Microsoft Corporation)
SRV:64bit: - (FileSyncHelper) -- C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncHelper.exe (Microsoft Corporation)
SRV:64bit: - (aswbIDSAgent) -- C:\Program Files\AVAST Software\Avast\aswidsagent.exe (AVAST Software)
SRV:64bit: - (UevAgentService) -- C:\Windows\SysNative\AgentService.exe (Microsoft Corporation)
SRV:64bit: - (UdkUserSvc) -- C:\Windows\SysNative\windowsudk.shellcommon.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation)
SRV:64bit: - (dcsvc) -- C:\Windows\SysNative\dcsvc.dll (Microsoft Corporation)
SRV:64bit: - (EntAppSvc) -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll (Microsoft Corporation)
SRV:64bit: - (UsoSvc) -- C:\Windows\SysNative\usosvc.dll (Microsoft Corporation)
SRV:64bit: - (InstallService) -- C:\Windows\SysNative\InstallService.dll (Microsoft Corporation)
SRV:64bit: - (WaaSMedicSvc) -- C:\Windows\SysNative\WaaSMedicSvc.dll (Microsoft Corporation)
SRV:64bit: - (DoSvc) -- C:\Windows\SysNative\dosvc.dll (Microsoft Corporation)
SRV:64bit: - (ClipSVC) -- C:\Windows\SysNative\ClipSVC.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationBrokerSvc) -- C:\Windows\SysNative\deviceaccess.dll (Microsoft Corporation)
SRV:64bit: - (tzautoupdate) -- C:\Windows\SysNative\tzautoupdate.dll (Microsoft Corporation)
SRV:64bit: - (CDPUserSvc) -- C:\Windows\SysNative\cdpusersvc.dll (Microsoft Corporation)
SRV:64bit: - (wisvc) -- C:\Windows\SysNative\FlightSettings.dll (Microsoft Corporation)
SRV:64bit: - (WManSvc) -- C:\Windows\SysNative\Windows.Management.Service.dll (Microsoft Corporation)
SRV:64bit: - (Sense) -- C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (avast! Tools) -- C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe (AVAST Software)
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (GoogleChromeElevationService) -- C:\Program Files\Google\Chrome\Application\108.0.5359.125\elevation_service.exe (Google LLC)
SRV:64bit: - (FrameServer) -- C:\Windows\SysNative\FrameServer.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (DmEnrollmentSvc) -- C:\Windows\SysNative\Windows.Internal.Management.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (dmwappushservice) -- C:\Windows\SysNative\dmwappushsvc.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (CoreMessagingRegistrar) -- C:\Windows\SysNative\CoreMessaging.dll (Microsoft Corporation)
SRV:64bit: - (StateRepository) -- C:\Windows\SysNative\Windows.StateRepository.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (AppVClient) -- C:\Windows\SysNative\AppVClient.exe (Microsoft Corporation)
SRV:64bit: - (UserManager) -- C:\Windows\SysNative\usermgr.dll (Microsoft Corporation)
SRV:64bit: - (DiagTrack) -- C:\Windows\SysNative\diagtrack.dll (Microsoft Corporation)
SRV:64bit: - (NgcSvc) -- C:\Windows\SysNative\ngcsvc.dll (Microsoft Corporation)
SRV:64bit: - (SecurityHealthService) -- C:\Windows\SysNative\SecurityHealthService.exe (Microsoft Corporation)
SRV:64bit: - (PhoneSvc) -- C:\Windows\SysNative\PhoneService.dll (Microsoft Corporation)
SRV:64bit: - (WpcMonSvc) -- C:\Windows\SysNative\WpcDesktopMonSvc.dll (Microsoft Corporation)
SRV:64bit: - (LxpSvc) -- C:\Windows\SysNative\LanguageOverlayServer.dll (Microsoft Corporation)
SRV:64bit: - (diagsvc) -- C:\Windows\SysNative\DiagSvc.dll (Microsoft Corporation)
SRV:64bit: - (PrintWorkflowUserSvc) -- C:\Windows\SysNative\PrintWorkflowService.dll (Microsoft Corporation)
SRV:64bit: - (DevicesFlowUserSvc) -- C:\Windows\SysNative\DevicesFlowBroker.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (AarSvc) -- C:\Windows\SysNative\AarSvc.dll (Microsoft Corporation)
SRV:64bit: - (cloudidsvc) -- C:\Windows\SysNative\cloudidsvc.dll (Microsoft Corporation)
SRV:64bit: - (DevicePickerUserSvc) -- C:\Windows\SysNative\Windows.Devices.Picker.dll (Microsoft Corporation)
SRV:64bit: - (McpManagementService) -- C:\Windows\SysNative\McpManagementService.dll (Microsoft Corporation)
SRV:64bit: - (BcastDVRUserService) -- C:\Windows\SysNative\bcastdvruserservice.dll (Microsoft Corporation)
SRV:64bit: - (WpnUserService_69c5ec) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UserDataSvc_69c5ec) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc_69c5ec) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UdkUserSvc_69c5ec) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (PrintWorkflowUserSvc_69c5ec) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc_69c5ec) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc_69c5ec) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (MessagingService_69c5ec) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (DevicesFlowUserSvc_69c5ec) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (DevicePickerUserSvc_69c5ec) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationBrokerSvc_69c5ec) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (ConsentUxUserSvc_69c5ec) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (CDPUserSvc_69c5ec) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (cbdhsvc_69c5ec) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (CaptureService_69c5ec) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (BluetoothUserService_69c5ec) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (BcastDVRUserService_69c5ec) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (AarSvc_69c5ec) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (TokenBroker) -- C:\Windows\SysNative\TokenBroker.dll (Microsoft Corporation)
SRV:64bit: - (AssignedAccessManagerSvc) -- C:\Windows\SysNative\assignedaccessmanagersvc.dll (Microsoft Corporation)
SRV:64bit: - (MsKeyboardFilter) -- C:\Windows\SysNative\KeyboardFilterSvc.dll (Microsoft Corporation)
SRV:64bit: - (DialogBlockingService) -- C:\Windows\SysNative\DialogBlockingService.dll (Microsoft Corporation)
SRV:64bit: - (spectrum) -- C:\Windows\SysNative\Spectrum.exe (Microsoft Corporation)
SRV:64bit: - (SharedRealitySvc) -- C:\Windows\SysNative\SharedRealitySvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvcext.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvcext.dll (Microsoft Corporation)
SRV:64bit: - (NetSetupSvc) -- C:\Windows\SysNative\NetSetupSvc.dll (Microsoft Corporation)
SRV:64bit: - (UserDataSvc) -- C:\Windows\SysNative\UserDataService.dll (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc) -- C:\Windows\SysNative\Unistore.dll (Microsoft Corporation)
SRV:64bit: - (PushToInstall) -- C:\Windows\SysNative\PushToInstall.dll (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc) -- C:\Windows\SysNative\PimIndexMaintenance.dll (Microsoft Corporation)
SRV:64bit: - (SEMgrSvc) -- C:\Windows\SysNative\SEMgrSvc.dll (Microsoft Corporation)
SRV:64bit: - (XblGameSave) -- C:\Windows\SysNative\XblGameSave.dll (Microsoft Corporation)
SRV:64bit: - (TroubleshootingSvc) -- C:\Windows\SysNative\MitigationClient.dll (Microsoft Corporation)
SRV:64bit: - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (BthAvctpSvc) -- C:\Windows\SysNative\BthAvctpSvc.dll (Microsoft Corporation)
SRV:64bit: - (DispBrokerDesktopSvc) -- C:\Windows\SysNative\DispBroker.Desktop.dll (Microsoft Corporation)
SRV:64bit: - (SmsRouter) -- C:\Windows\SysNative\SmsRouterSvc.dll (Microsoft Corporation)
SRV:64bit: - (NgcCtnrSvc) -- C:\Windows\SysNative\NgcCtnrSvc.dll (Microsoft Corporation)
SRV:64bit: - (XblAuthManager) -- C:\Windows\SysNative\XblAuthManager.dll (Microsoft Corporation)
SRV:64bit: - (uhssvc) -- C:\Program Files\Microsoft Update Health Tools\uhssvc.exe (Microsoft Corporation)
SRV:64bit: - (cbdhsvc) -- C:\Windows\SysNative\CBDHSvc.dll (Microsoft Corporation)
SRV:64bit: - (CDPSvc) -- C:\Windows\SysNative\cdpsvc.dll (Microsoft Corporation)
SRV:64bit: - (diagnosticshub.standardcollector.service) -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (Microsoft Corporation)
SRV:64bit: - (shpamsvc) -- C:\Windows\SysNative\Windows.SharedPC.AccountManager.dll (Microsoft Corporation)
SRV:64bit: - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation)
SRV:64bit: - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (WFDSConMgrSvc) -- C:\Windows\SysNative\WFDSConMgrSvc.dll (Microsoft Corporation)
SRV:64bit: - (CredentialEnrollmentManagerUserSvc_69c5ec) -- C:\Windows\SysNative\CredentialEnrollmentManager.exe (Microsoft Corporation)
SRV:64bit: - (CredentialEnrollmentManagerUserSvc) -- C:\Windows\SysNative\CredentialEnrollmentManager.exe (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (AvastWscReporter) -- C:\Program Files\AVAST Software\Avast\wsc_proxy.exe (AVAST Software)
SRV:64bit: - (WalletService) -- C:\Windows\SysNative\WalletService.dll (Microsoft Corporation)
SRV:64bit: - (ssh-agent) -- C:\Windows\SysNative\OpenSSH\ssh-agent.exe ()
SRV:64bit: - (DisplayEnhancementService) -- C:\Windows\SysNative\Microsoft.Graphics.Display.DisplayEnhancementService.dll (Microsoft Corporation)
SRV:64bit: - (RetailDemo) -- C:\Windows\SysNative\RDXService.dll (Microsoft Corporation)
SRV:64bit: - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc) -- C:\Windows\SysNative\APHostService.dll (Microsoft Corporation)
SRV:64bit: - (MixedRealityOpenXRSvc) -- C:\Windows\SysNative\MixedRealityRuntime.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvmsession) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (TieringEngineService) -- C:\Windows\SysNative\TieringEngineService.exe (Microsoft Corporation)
SRV:64bit: - (ConsentUxUserSvc) -- C:\Windows\SysNative\ConsentUxClient.dll (Microsoft Corporation)
SRV:64bit: - (XboxNetApiSvc) -- C:\Windows\SysNative\XboxNetApiSvc.dll (Microsoft Corporation)
SRV:64bit: - (SgrmBroker) -- C:\Windows\SysNative\SgrmBroker.exe (Microsoft Corporation)
SRV:64bit: - (autotimesvc) -- C:\Windows\SysNative\autotimesvc.dll (Microsoft Corporation)
SRV:64bit: - (perceptionsimulation) -- C:\Windows\SysNative\PerceptionSimulation\PerceptionSimulationService.exe (Microsoft Corporation)
SRV:64bit: - (SensorDataService) -- C:\Windows\SysNative\SensorDataService.exe (Microsoft Corporation)
SRV:64bit: - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation)
SRV:64bit: - (RmSvc) -- C:\Windows\SysNative\RMapi.dll (Microsoft Corporation)
SRV:64bit: - (CaptureService) -- C:\Windows\SysNative\CaptureService.dll (Microsoft Corporation)
SRV:64bit: - (SensorService) -- C:\Windows\SysNative\SensorService.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\psmsrv.dll (Microsoft Corporation)
SRV:64bit: - (WpnService) -- C:\Windows\SysNative\wpnservice.dll (Microsoft Corporation)
SRV:64bit: - (WpnUserService) -- C:\Windows\SysNative\WpnUserService.dll (Microsoft Corporation)
SRV:64bit: - (TimeBrokerSvc) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (LicenseManager) -- C:\Windows\SysNative\LicenseManagerSvc.dll (Microsoft Corporation)
SRV:64bit: - (GraphicsPerfSvc) -- C:\Windows\SysNative\GraphicsPerfSvc.dll (Microsoft Corporation)
SRV:64bit: - (camsvc) -- C:\Windows\SysNative\CapabilityAccessManager.dll (Microsoft Corporation)
SRV:64bit: - (DsSvc) -- C:\Windows\SysNative\dssvc.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (embeddedmode) -- C:\Windows\SysNative\embeddedmodesvc.dll (Microsoft Corporation)
SRV:64bit: - (NaturalAuthentication) -- C:\Windows\SysNative\NaturalAuth.dll (Microsoft Corporation)
SRV:64bit: - (VacSvc) -- C:\Windows\SysNative\vac.dll (Microsoft Corporation)
SRV:64bit: - (icssvc) -- C:\Windows\SysNative\tetheringservice.dll (Microsoft Corporation)
SRV:64bit: - (MessagingService) -- C:\Windows\SysNative\MessagingService.dll (Microsoft Corporation)
SRV:64bit: - (wlpasvc) -- C:\Windows\SysNative\lpasvc.dll (Microsoft Corporation)
SRV:64bit: - (BTAGService) -- C:\Windows\SysNative\BTAGService.dll (Microsoft Corporation)
SRV:64bit: - (BluetoothUserService) -- C:\Windows\SysNative\Microsoft.Bluetooth.UserService.dll (Microsoft Corporation)
SRV:64bit: - (XboxGipSvc) -- C:\Windows\SysNative\xboxgipsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation)
SRV:64bit: - (DusmSvc) -- C:\Windows\SysNative\dusmsvc.dll (Microsoft Corporation)
SRV:64bit: - (HvHost) -- C:\Windows\SysNative\hvhostsvc.dll (Microsoft Corporation)
SRV:64bit: - (lfsvc) -- C:\Windows\SysNative\lfsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (DevQueryBroker) -- C:\Windows\SysNative\DevQueryBroker.dll (Microsoft Corporation)
SRV:64bit: - (MapsBroker) -- C:\Windows\SysNative\moshost.dll (Microsoft Corporation)
SRV:64bit: - (WarpJITSvc) -- C:\Windows\SysNative\Windows.WARP.JITService.dll (Microsoft Corporation)
SRV:64bit: - (AJRouter) -- C:\Windows\SysNative\AJRouter.dll (Microsoft Corporation)
SRV:64bit: - (IpxlatCfgSvc) -- C:\Windows\SysNative\ipxlatcfg.dll (Microsoft Corporation)
SRV:64bit: - (NVDisplay.ContainerLocalSystem) -- C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation)
SRV:64bit: - (ETDService) -- C:\Program Files\Elantech\ETDService.exe (ELAN Microelectronics Corp.)
SRV:64bit: - (FastbootService) -- C:\Program Files\Lenovo\OneKey Optimizer\bin\FBService.exe (Lenovo)
SRV:64bit: - (OKOControlSvc) -- C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOControlSvc.exe (Lenovo(beijing) Limited)
SRV:64bit: - (Lenovo OKO Service) -- C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOUpdataService.exe ()
SRV - (MicrosoftEdgeElevationService) -- C:\Program Files (x86)\Microsoft\Edge\Application\108.0.1462.76\elevation_service.exe (Microsoft Corporation)
SRV - (AvastAntiTrackSvc) -- C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\AntiTrackSvc.exe (AVAST Software)
SRV - (WdNisSvc) -- C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe (Microsoft Corporation)
SRV - (WinDefend) -- C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe (Microsoft Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\steamservice.exe (Valve Corporation)
SRV - (DeviceAssociationBrokerSvc) -- C:\Windows\SysWOW64\deviceaccess.dll (Microsoft Corporation)
SRV - (tzautoupdate) -- C:\Windows\SysWOW64\tzautoupdate.dll (Microsoft Corporation)
SRV - (InstallService) -- C:\Windows\SysWOW64\InstallService.dll (Microsoft Corporation)
SRV - (wisvc) -- C:\Windows\SysWOW64\FlightSettings.dll (Microsoft Corporation)
SRV - (PrintNotify) -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (DmEnrollmentSvc) -- C:\Windows\SysWOW64\Windows.Internal.Management.dll (Microsoft Corporation)
SRV - (CoreMessagingRegistrar) -- C:\Windows\SysWOW64\CoreMessaging.dll (Microsoft Corporation)
SRV - (StateRepository) -- C:\Windows\SysWOW64\Windows.StateRepository.dll (Microsoft Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Inc.)
SRV - (PrintWorkflowUserSvc) -- C:\Windows\SysWOW64\PrintWorkflowService.dll (Microsoft Corporation)
SRV - (AarSvc) -- C:\Windows\SysWOW64\AarSvc.dll (Microsoft Corporation)
SRV - (DevicePickerUserSvc) -- C:\Windows\SysWOW64\Windows.Devices.Picker.dll (Microsoft Corporation)
SRV - (TokenBroker) -- C:\Windows\SysWOW64\TokenBroker.dll (Microsoft Corporation)
SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation)
SRV - (MixedRealityOpenXRSvc) -- C:\Windows\SysWOW64\MixedRealityRuntime.dll (Microsoft Corporation)
SRV - (UnistoreSvc) -- C:\Windows\SysWOW64\Unistore.dll (Microsoft Corporation)
SRV - (BTAGService) -- C:\Windows\SysWOW64\BTAGService.dll (Microsoft Corporation)
SRV - (edgeupdatem) -- C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe (Microsoft Corporation)
SRV - (edgeupdate) -- C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe (Microsoft Corporation)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (netfilter2) -- C:\Windows\SysNative\drivers\netfilter2.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (aswWireGuard) -- C:\Windows\SysNative\drivers\aswWireguard.sys (WireGuard LLC)
DRV:64bit: - (aswVpnRdr) -- C:\Windows\SysNative\drivers\aswVpnRdr.sys (Avast Software)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\drivers\wd\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (WdNisDrv) -- C:\Windows\SysNative\drivers\wd\WdNisDrv.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\drivers\wd\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (LHDmgr) -- C:\Windows\SysNative\drivers\LhdX64.sys (Lenovo.)
DRV:64bit: - (hvservice) -- C:\Windows\SysNative\drivers\hvservice.sys (Microsoft Corporation)
DRV:64bit: - (applockerfltr) -- C:\Windows\SysNative\drivers\applockerfltr.sys (Microsoft Corporation)
DRV:64bit: - (wdiwifi) -- C:\Windows\SysNative\drivers\WdiWiFi.sys (Microsoft Corporation)
DRV:64bit: - (Vid) -- C:\Windows\SysNative\drivers\Vid.sys (Microsoft Corporation)
DRV:64bit: - (BthMini) -- C:\Windows\SysNative\drivers\BthMini.SYS (Microsoft Corporation)
DRV:64bit: - (xinputhid) -- C:\Windows\SysNative\drivers\xinputhid.sys (Microsoft Corporation)
DRV:64bit: - (aswbidsdriver) -- C:\Windows\SysNative\drivers\aswbidsdriver.sys (AVAST Software)
DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys (AVAST Software)
DRV:64bit: - (aswbidsh) -- C:\Windows\SysNative\drivers\aswbidsh.sys (AVAST Software)
DRV:64bit: - (aswStm) -- C:\Windows\SysNative\drivers\aswStm.sys (AVAST Software)
DRV:64bit: - (aswbuniv) -- C:\Windows\SysNative\drivers\aswbuniv.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswNetHub) -- C:\Windows\SysNative\drivers\aswNetHub.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys (AVAST Software)
DRV:64bit: - (aswKbd) -- C:\Windows\SysNative\drivers\aswKbd.sys (AVAST Software)
DRV:64bit: - (aswArPot) -- C:\Windows\SysNative\drivers\aswArPot.sys (AVAST Software)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (PktMon) -- C:\Windows\SysNative\drivers\PktMon.sys (Microsoft Corporation)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (CldFlt) -- C:\Windows\SysNative\drivers\cldflt.sys (Microsoft Corporation)
DRV:64bit: - (Wof) -- C:\WINDOWS\SysNative\drivers\wof.sys (Microsoft Corporation)
DRV:64bit: - (ReFS) -- C:\WINDOWS\SysNative\drivers\refs.sys (Microsoft Corporation)
DRV:64bit: - (bindflt) -- C:\Windows\SysNative\drivers\bindflt.sys (Microsoft Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (ufxsynopsys) -- C:\Windows\SysNative\drivers\ufxsynopsys.sys (Microsoft Corporation)
DRV:64bit: - (AppvVemgr) -- C:\Windows\SysNative\drivers\AppvVemgr.sys (Microsoft Corporation)
DRV:64bit: - (AppvVfs) -- C:\Windows\SysNative\drivers\AppvVfs.sys (Microsoft Corporation)
DRV:64bit: - (AppvStrm) -- C:\Windows\SysNative\drivers\AppVStrm.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (wcifs) -- C:\Windows\SysNative\drivers\wcifs.sys (Microsoft Corporation)
DRV:64bit: - (MsSecFlt) -- C:\Windows\SysNative\drivers\mssecflt.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (storufs) -- C:\Windows\SysNative\drivers\storufs.sys (Microsoft Corporation)
DRV:64bit: - (BthA2dp) -- C:\Windows\SysNative\drivers\BthA2dp.sys (Microsoft Corporation)
DRV:64bit: - (aswElam) -- C:\Windows\SysNative\drivers\aswElam.sys (AVAST Software)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (CimFS) -- C:\WINDOWS\SysNative\drivers\cimfs.sys ()
DRV:64bit: - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (pmem) -- C:\Windows\SysNative\drivers\pmem.sys (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\DriverStore\FileRepository\basicdisplay.inf_amd64_fc93ae411c02f280\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\DriverStore\FileRepository\basicrender.inf_amd64_ed345fdc37d65139\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (afunix) -- C:\Windows\SysNative\drivers\afunix.sys (Microsoft Corporation)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (WSDScan) -- C:\Windows\SysNative\drivers\WSDScan.sys (Microsoft Corporation)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (wcnfs) -- C:\Windows\SysNative\drivers\wcnfs.sys (Microsoft Corporation)
DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc.sys (Microsoft Corporation)
DRV:64bit: - (NetAdapterCx) -- C:\Windows\SysNative\drivers\NetAdapterCx.sys (Microsoft Corporation)
DRV:64bit: - (MbbCx) -- C:\Windows\SysNative\drivers\MbbCx.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\drivers\BthHfEnum.sys (Microsoft Corporation)
DRV:64bit: - (BthHFAud) -- C:\Windows\SysNative\drivers\BthHfAud.sys (Microsoft Corporation)
DRV:64bit: - (WinNat) -- C:\Windows\SysNative\drivers\winnat.sys (Microsoft Corporation)
DRV:64bit: - (tsusbhub) -- C:\Windows\SysNative\drivers\tsusbhub.sys (Microsoft Corporation)
DRV:64bit: - (xboxgip) -- C:\Windows\SysNative\drivers\xboxgip.sys (Microsoft Corporation)
DRV:64bit: - (Acx01000) -- C:\Windows\SysNative\drivers\Acx01000.sys (Microsoft Corporation)
DRV:64bit: - (scmbus) -- C:\Windows\SysNative\drivers\scmbus.sys (Microsoft Corporation)
DRV:64bit: - (ReFSv1) -- C:\WINDOWS\SysNative\drivers\refsv1.sys (Microsoft Corporation)
DRV:64bit: - (UevAgentDriver) -- C:\Windows\SysNative\drivers\UevAgentDriver.sys (Microsoft Corporation)
DRV:64bit: - (Ufx01000) -- C:\Windows\SysNative\drivers\ufx01000.sys (Microsoft Corporation)
DRV:64bit: - (UcmCx0101) -- C:\Windows\SysNative\drivers\UcmCx.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (iorate) -- C:\Windows\SysNative\drivers\iorate.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
DRV:64bit: - (Synth3dVsc) -- C:\Windows\SysNative\drivers\Synth3dVsc.sys (Microsoft Corporation)
DRV:64bit: - (kbldfltr) -- C:\Windows\SysNative\drivers\kbldfltr.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsQuic) -- C:\Windows\SysNative\drivers\msquic.sys (Microsoft Corporation)
DRV:64bit: - (UcmUcsiCx0101) -- C:\Windows\SysNative\drivers\UcmUcsiCx.sys (Microsoft Corporation)
DRV:64bit: - (IndirectKmd) -- C:\Windows\SysNative\drivers\IndirectKmd.sys (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (MMCSS) -- C:\Windows\SysNative\drivers\mmcss.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (BthLEEnum) -- C:\Windows\SysNative\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys (Microsoft Corporation)
DRV:64bit: - (Telemetry) -- C:\Windows\SysNative\drivers\IntelTA.sys (Microsoft Corporation)
DRV:64bit: - (AppleLowerFilter) -- C:\Windows\SysNative\drivers\AppleLowerFilter.sys (Apple Inc.)
DRV:64bit: - (smbdirect) -- C:\Windows\SysNative\drivers\smbdirect.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (SpatialGraphFilter) -- C:\Windows\SysNative\drivers\SpatialGraphFilter.sys (Microsoft Corporation)
DRV:64bit: - (NDKPing) -- C:\Windows\SysNative\drivers\NDKPing.sys (Microsoft Corporation)
DRV:64bit: - (spaceparser) -- C:\Windows\SysNative\drivers\spaceparser.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (SgrmAgent) -- C:\Windows\SysNative\drivers\SgrmAgent.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (bam) -- C:\Windows\SysNative\drivers\bam.sys (Microsoft Corporation)
DRV:64bit: - (WdmCompanionFilter) -- C:\Windows\SysNative\drivers\WdmCompanionFilter.sys (Microsoft Corporation)
DRV:64bit: - (UcmTcpciCx0101) -- C:\Windows\SysNative\drivers\UcmTcpciCx.sys (Microsoft Corporation)
DRV:64bit: - (storqosflt) -- C:\Windows\SysNative\drivers\storqosflt.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (WindowsTrustedRT) -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys (Microsoft Corporation)
DRV:64bit: - (UrsCx01000) -- C:\Windows\SysNative\drivers\urscx01000.sys (Microsoft Corporation)
DRV:64bit: - (cnghwassist) -- C:\Windows\SysNative\drivers\cnghwassist.sys (Microsoft Corporation)
DRV:64bit: - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (HwNClx0101) -- C:\Windows\SysNative\drivers\mshwnclx.sys (Microsoft Corporation)
DRV:64bit: - (portcfg) -- C:\Windows\SysNative\drivers\portcfg.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (Ucx01000) -- C:\Windows\SysNative\drivers\Ucx01000.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (IPT) -- C:\Windows\SysNative\drivers\ipt.sys (Microsoft Corporation)
DRV:64bit: - (FileCrypt) -- C:\Windows\SysNative\drivers\filecrypt.sys (Microsoft Corporation)
DRV:64bit: - (UdeCx) -- C:\Windows\SysNative\drivers\Udecx.sys (Microsoft Corporation)
DRV:64bit: - (Ramdisk) -- C:\Windows\SysNative\drivers\ramdisk.sys (Microsoft Corporation)
DRV:64bit: - (GpuEnergyDrv) -- C:\Windows\SysNative\drivers\gpuenergydrv.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (hvcrash) -- C:\Windows\SysNative\drivers\hvcrash.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (vmgid) -- C:\Windows\SysNative\drivers\vmgid.sys (Microsoft Corporation)
DRV:64bit: - (VirtualRender) -- C:\Windows\SysNative\DriverStore\FileRepository\vrd.inf_amd64_81fbd405ff2470fc\vrd.sys (Microsoft Corporation)
DRV:64bit: - (UfxChipidea) -- C:\Windows\SysNative\DriverStore\FileRepository\ufxchipidea.inf_amd64_1c78775fffab6a0a\UfxChipidea.sys (Microsoft Corporation)
DRV:64bit: - (hidspi) -- C:\Windows\SysNative\drivers\hidspi.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (hidinterrupt) -- C:\Windows\SysNative\drivers\hidinterrupt.sys (Microsoft Corporation)
DRV:64bit: - (buttonconverter) -- C:\Windows\SysNative\drivers\buttonconverter.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (UcmUcsiAcpiClient) -- C:\Windows\SysNative\drivers\UcmUcsiAcpiClient.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (UrsChipidea) -- C:\Windows\SysNative\DriverStore\FileRepository\urschipidea.inf_amd64_78ad1c14e33df968\urschipidea.sys (Microsoft Corporation)
DRV:64bit: - (UrsSynopsys) -- C:\Windows\SysNative\DriverStore\FileRepository\urssynopsys.inf_amd64_057fa37902020500\urssynopsys.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (genericusbfn) -- C:\Windows\SysNative\DriverStore\FileRepository\genericusbfn.inf_amd64_53931f0ae21d6d2c\genericusbfn.sys (Microsoft Corporation)
DRV:64bit: - (WindowsTrustedRTProxy) -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys (Microsoft Corporation)
DRV:64bit: - (cht4vbd) -- C:\Windows\SysNative\drivers\cht4vx64.sys (Chelsio Communications)
DRV:64bit: - (mlx4_bus) -- C:\Windows\SysNative\drivers\mlx4_bus.sys (Mellanox)
DRV:64bit: - (iaStorAVC) -- C:\Windows\SysNative\drivers\iaStorAVC.sys (Intel Corporation)
DRV:64bit: - (ibbus) -- C:\Windows\SysNative\drivers\ibbus.sys (Mellanox)
DRV:64bit: - (mausbhost) -- C:\Windows\SysNative\drivers\mausbhost.sys (Microsoft Corporation)
DRV:64bit: - (cht4iscsi) -- C:\Windows\SysNative\drivers\cht4sx64.sys (Chelsio Communications)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (nvdimm) -- C:\Windows\SysNative\drivers\nvdimm.sys (Microsoft Corporation)
DRV:64bit: - (ndfltr) -- C:\Windows\SysNative\drivers\ndfltr.sys (Mellanox)
DRV:64bit: - (WinVerbs) -- C:\Windows\SysNative\drivers\winverbs.sys (Mellanox)
DRV:64bit: - (mausbip) -- C:\Windows\SysNative\drivers\mausbip.sys (Microsoft Corporation)
DRV:64bit: - (vhf) -- C:\Windows\SysNative\drivers\vhf.sys (Microsoft Corporation)
DRV:64bit: - (bttflt) -- C:\Windows\SysNative\drivers\bttflt.sys (Microsoft Corporation)
DRV:64bit: - (WinMad) -- C:\Windows\SysNative\drivers\winmad.sys (Mellanox)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (SmartSAMD) -- C:\Windows\SysNative\drivers\SmartSAMD.sys (Microsemi Corportation)
DRV:64bit: - (ItSas35i) -- C:\Windows\SysNative\drivers\ItSas35i.sys (Avago Technologies)
DRV:64bit: - (LSI_SAS3i) -- C:\Windows\SysNative\drivers\lsi_sas3i.sys (Avago Technologies)
DRV:64bit: - (LSI_SAS2i) -- C:\Windows\SysNative\drivers\lsi_sas2i.sys (LSI Corporation)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI)
DRV:64bit: - (megasas35i) -- C:\Windows\SysNative\drivers\megasas35i.sys (Avago Technologies)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (megasas2i) -- C:\Windows\SysNative\drivers\MegaSas2i.sys (Avago Technologies)
DRV:64bit: - (percsas3i) -- C:\Windows\SysNative\drivers\percsas3i.sys (Avago Technologies)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (percsas2i) -- C:\Windows\SysNative\drivers\percsas2i.sys (Avago Technologies)
DRV:64bit: - (umbus) -- C:\Windows\SysNative\DriverStore\FileRepository\umbus.inf_amd64_b78a9c5b6fd62c27\umbus.sys (Microsoft Corporation)
DRV:64bit: - (UEFI) -- C:\Windows\SysNative\DriverStore\FileRepository\uefi.inf_amd64_c1628ffa62c8e54c\uefi.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (AcpiDev) -- C:\Windows\SysNative\drivers\AcpiDev.sys (Microsoft Corporation)
DRV:64bit: - (volume) -- C:\Windows\SysNative\drivers\volume.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (QLogic Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (QLogic Corporation)
DRV:64bit: - (usbaudio2) -- C:\Windows\SysNative\drivers\usbaudio2.sys (Microsoft Corporation)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (rhproxy) -- C:\Windows\SysNative\drivers\rhproxy.sys (Microsoft Corporation)
DRV:64bit: - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation)
DRV:64bit: - (CompositeBus) -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_7500cffa210c6946\CompositeBus.sys (Microsoft Corporation)
DRV:64bit: - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation)
DRV:64bit: - (SDFRd) -- C:\Windows\SysNative\drivers\SDFRd.sys (Microsoft Corporation)
DRV:64bit: - (swenum) -- C:\Windows\SysNative\DriverStore\FileRepository\swenum.inf_amd64_16a14542b63c02af\swenum.sys (Microsoft Corporation)
DRV:64bit: - (PNPMEM) -- C:\Windows\SysNative\drivers\pnpmem.sys (Microsoft Corporation)
DRV:64bit: - (NETwNe64) -- C:\Windows\SysNative\drivers\NETwew01.sys (Intel Corporation)
DRV:64bit: - (iaLPSS2i_I2C_GLK) -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_GLK.sys (Intel Corporation)
DRV:64bit: - (iaLPSS2i_I2C_CNL) -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_CNL.sys (Intel Corporation)
DRV:64bit: - (iaLPSS2i_I2C_BXT_P) -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_BXT_P.sys (Intel Corporation)
DRV:64bit: - (iaLPSS2i_I2C) -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys (Intel Corporation)
DRV:64bit: - (iaLPSS2i_GPIO2_CNL) -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_CNL.sys (Intel Corporation)
DRV:64bit: - (iaLPSS2i_GPIO2_GLK) -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_GLK.sys (Intel Corporation)
DRV:64bit: - (iaLPSS2i_GPIO2_BXT_P) -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_BXT_P.sys (Intel Corporation)
DRV:64bit: - (iai2c) -- C:\Windows\SysNative\drivers\iai2c.sys (Intel(R) Corporation)
DRV:64bit: - (iaLPSS2i_GPIO2) -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2.sys (Intel Corporation)
DRV:64bit: - (CAD) -- C:\Windows\SysNative\drivers\CAD.sys (Microsoft Corporation)
DRV:64bit: - (Microsoft_Bluetooth_AvrcpTransport) -- C:\Windows\SysNative\drivers\Microsoft.Bluetooth.AvrcpTransport.sys (Microsoft Corporation)
DRV:64bit: - (amdi2c) -- C:\Windows\SysNative\drivers\amdi2c.sys (Advanced Micro Devices, Inc)
DRV:64bit: - (iagpio) -- C:\Windows\SysNative\drivers\iagpio.sys (Intel(R) Corporation)
DRV:64bit: - (intelpmax) -- C:\Windows\SysNative\drivers\intelpmax.sys (Microsoft Corporation)
DRV:64bit: - (amdgpio2) -- C:\Windows\SysNative\drivers\amdgpio2.sys (Advanced Micro Devices, Inc)
DRV:64bit: - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (ACPIVPC) -- C:\Windows\SysNative\drivers\AcpiVpc.sys (Lenovo Group Ltd.)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (rt640x64) -- C:\Windows\SysNative\drivers\rt640x64.sys (Realtek )
DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)
DRV:64bit: - (nvlddmkm) -- C:\Windows\SysNative\DriverStore\FileRepository\nvltwu.inf_amd64_0221ce4ec0827f74\nvlddmkm.sys (NVIDIA Corporation)
DRV:64bit: - (RTSUER) -- C:\Windows\SysNative\drivers\RtsUer.sys (Realsil Semiconductor Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\TeeDriverW8x64.sys (Intel Corporation)
DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronics Corp.)
DRV:64bit: - (iBtFltCoex) -- C:\Windows\SysNative\drivers\ibtfltcoex.sys (Intel Corporation)
DRV:64bit: - (Fastboot) -- C:\WINDOWS\SysNative\drivers\Fastboot.sys (Windows (R) Win 7 DDK provider)
DRV - (BasicDisplay) -- C:\WINDOWS\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_fc93ae411c02f280\BasicDisplay.sys (Microsoft Corporation)
DRV - (BasicRender) -- C:\WINDOWS\System32\DriverStore\FileRepository\basicrender.inf_amd64_ed345fdc37d65139\BasicRender.sys (Microsoft Corporation)
DRV - (afunix) -- C:\Windows\SysWOW64\drivers\afunix.sys (Microsoft Corporation)
DRV - (VirtualRender) -- C:\WINDOWS\System32\DriverStore\FileRepository\vrd.inf_amd64_81fbd405ff2470fc\vrd.sys (Microsoft Corporation)
DRV - (UfxChipidea) -- C:\WINDOWS\System32\DriverStore\FileRepository\ufxchipidea.inf_amd64_1c78775fffab6a0a\UfxChipidea.sys (Microsoft Corporation)
DRV - (UrsChipidea) -- C:\WINDOWS\System32\DriverStore\FileRepository\urschipidea.inf_amd64_78ad1c14e33df968\urschipidea.sys (Microsoft Corporation)
DRV - (UrsSynopsys) -- C:\WINDOWS\System32\DriverStore\FileRepository\urssynopsys.inf_amd64_057fa37902020500\urssynopsys.sys (Microsoft Corporation)
DRV - (genericusbfn) -- C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_53931f0ae21d6d2c\genericusbfn.sys (Microsoft Corporation)
DRV - (umbus) -- C:\WINDOWS\System32\DriverStore\FileRepository\umbus.inf_amd64_b78a9c5b6fd62c27\umbus.sys (Microsoft Corporation)
DRV - (UEFI) -- C:\WINDOWS\System32\DriverStore\FileRepository\uefi.inf_amd64_c1628ffa62c8e54c\UEFI.sys (Microsoft Corporation)
DRV - (CompositeBus) -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_7500cffa210c6946\CompositeBus.sys (Microsoft Corporation)
DRV - (swenum) -- C:\WINDOWS\System32\DriverStore\FileRepository\swenum.inf_amd64_16a14542b63c02af\swenum.sys (Microsoft Corporation)
DRV - (nvlddmkm) -- C:\WINDOWS\System32\DriverStore\FileRepository\nvltwu.inf_amd64_0221ce4ec0827f74\nvlddmkm.sys (NVIDIA Corporation)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 5B 00 B5 C9 3D 2D D7 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.18: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF:64bit: - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.8: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll File not found

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\NativeMessagingHosts\com.microsoft.defender.browser_extension.native_message_host\\: C:\PROGRAMDATA\MICROSOFT\WINDOWS DEFENDER\PLATFORM\4.18.2211.5-0\COM.MICROSOFT.DEFENDER.BE.FIREFOX.JSON [2023.01.04 17:22:01 | 000,000,310 | ---- | M] ()


========== Chrome ==========

CHR - Extension: No name found = C:\Users\893\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\3.15.2_0\
CHR - Extension: No name found = C:\Users\893\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_1\
CHR - Extension: No name found = C:\Users\893\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppdidpcihajhihmghhhkfnpklgdehold\2.0.8.3101_0\

O1 HOSTS File: ([2023.01.04 16:17:15 | 000,000,841 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (IEToEdge BHO) - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\108.0.1462.76\BHO\ie_to_edge_bho_64.dll (Microsoft Corporation)
O2 - BHO: (IEToEdge BHO) - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\108.0.1462.76\BHO\ie_to_edge_bho.dll (Microsoft Corporation)
O2 - BHO: (Skype for Business Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvLaunch.exe (AVAST Software)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [OneKeyOptimizer] C:\Program Files\Lenovo\OneKey Optimizer\bin\OneKeyOptimizerTray.exe (Lenovo(beijing) Limited)
O4:64bit: - HKLM..\Run: [SecurityHealth] C:\Windows\SysNative\SecurityHealthSystray.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [TuneupUI.exe] C:\Program Files\Avast Software\Cleanup\TuneupUI.exe (AVAST Software)
O4 - HKCU..\Run: [MicrosoftEdgeAutoLaunch_7E09B735E3C4D540F01DEDE53EE09501] C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\INFODELIVERY present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsHistory = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Max Cached Icons = 2000
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableFullTrustStartupTasks = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUwpStartupTasks = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SupportFullTrustStartupTasks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SupportUwpStartupTasks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1

[buripe]

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\root\Office16\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\root\Office16\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\Office16\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\Office16\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000012 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000013 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000014 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000013 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000014 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000013 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000014 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{272a51bc-dc46-4f73-8554-969052ee610c}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{36f351e6-d402-42b6-80fe-5b9b58d80dec}: DhcpNameServer = 213.46.172.37 213.46.172.36
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{41420830-4542-46c0-b008-dd05d05afe67}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{41766173-7453-6f66-7477-617265415357}: NameServer = 100.126.0.1
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-minsb.16 {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mso-minsb-roaming.16 {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Handler\osf.16 {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Handler\osf-roaming.16 {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-minsb.16 {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-minsb-roaming.16 {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\osf.16 {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\osf-roaming.16 {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\WINDOWS\system32\DriverStore\FileRepository\nvltwu.inf_amd64_0221ce4ec0827f74\nvinitx.dll) - C:\Windows\SysNative\DriverStore\FileRepository\nvltwu.inf_amd64_0221ce4ec0827f74\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\DriverStore\FileRepository\nvltwu.inf_amd64_0221ce4ec0827f74\nvinit.dll) - File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\WINDOWS\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\WINDOWS\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\WINDOWS\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\SysWow64\msv1_0.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 0
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2023.01.08 11:15:07 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\893\Desktop\OTL.exe
[2023.01.07 14:41:50 | 000,000,000 | ---D | C] -- C:\Users\893\Documents\Vlastní šablony Office
[2023.01.06 12:33:45 | 000,000,000 | ---D | C] -- C:\Users\893\AppData\Local\PeerDistRepub
[2023.01.05 22:36:23 | 000,000,000 | ---D | C] -- C:\FRST
[2023.01.04 17:38:56 | 000,000,000 | RHSD | C] -- C:\ProgramData\Key-Base
[2023.01.04 17:38:56 | 000,000,000 | ---D | C] -- C:\Users\893\AppData\Local\AvastAntiTrackPremium
[2023.01.04 17:38:56 | 000,000,000 | ---D | C] -- C:\ProgramData\{89E43662-838A-0F86-5411-98DADFEFAF5B}
[2023.01.04 17:38:44 | 000,124,952 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\WINDOWS\SysNative\drivers\netfilter2.sys
[2023.01.04 17:38:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2023.01.04 17:37:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avast Software
[2023.01.04 17:36:56 | 000,065,944 | ---- | C] (Avast Software) -- C:\WINDOWS\SysNative\drivers\aswVpnRdr.sys
[2023.01.04 17:36:54 | 000,038,616 | ---- | C] (Avast Software) -- C:\WINDOWS\SysNative\icarus_rvrt.exe
[2023.01.04 17:36:38 | 000,273,816 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\aswBoot.exe
[2023.01.04 17:36:36 | 000,498,992 | ---- | C] (WireGuard LLC) -- C:\WINDOWS\SysNative\drivers\aswWireguard.sys
[2023.01.04 17:28:08 | 000,000,000 | ---D | C] -- C:\Users\893\AppData\Local\Avast Software
[2023.01.04 17:01:53 | 000,000,000 | ---D | C] -- C:\Users\893\AppData\Local\Zemana
[2023.01.04 17:01:24 | 000,000,000 | ---D | C] -- C:\Users\893\AppData\Local\AMSDK
[2023.01.04 16:57:03 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2023.01.04 16:56:52 | 000,000,000 | ---D | C] -- C:\ProgramData\OneKey Optimizer
[2023.01.04 16:45:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2023.01.04 16:45:52 | 000,000,000 | ---D | C] -- C:\Users\893\AppData\Local\Temp
[2023.01.03 20:04:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Sophos
[2023.01.03 17:22:08 | 000,000,000 | ---D | C] -- C:\Users\893\AppData\Local\Adobe
[2023.01.03 17:21:35 | 000,000,000 | ---D | C] -- C:\Users\893\AppData\Local\mbam
[2023.01.03 10:47:34 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2023.01.03 10:47:15 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft OneDrive
[2023.01.03 10:34:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2023.01.03 10:33:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
[2023.01.03 10:32:07 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office 15
[2023.01.03 10:32:07 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2023.01.03 10:16:02 | 000,000,000 | ---D | C] -- C:\Users\893\AppData\Local\SaraResults
[2023.01.03 10:01:01 | 000,000,000 | ---D | C] -- C:\Users\893\AppData\Local\SaRALogs
[2023.01.03 09:58:16 | 000,000,000 | ---D | C] -- C:\Users\893\AppData\Local\Deployment
[2023.01.03 08:51:25 | 000,000,000 | ---D | C] -- C:\Users\893\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2023.01.03 08:51:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2023.01.03 08:49:31 | 000,000,000 | ---D | C] -- C:\Users\893\AppData\Roaming\vlc
[2023.01.03 08:48:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2023.01.03 08:48:19 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2023.01.03 07:18:25 | 000,000,000 | ---D | C] -- C:\Users\893\Documents\AsBuiltData
[2023.01.02 18:29:36 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2023.01.02 18:29:35 | 000,039,008 | ---- | C] (Lenovo.) -- C:\WINDOWS\SysNative\drivers\LhdX64.sys
[2023.01.02 18:29:35 | 000,019,872 | ---- | C] (Lenovo (Beijing) Limited) -- C:\WINDOWS\SysNative\LenovoSDKEmSubSystem.dll
[2023.01.02 18:22:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\TempInst
[2023.01.02 18:18:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
[2023.01.02 18:18:47 | 000,069,144 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\WINDOWS\SysNative\drivers\Fastboot.sys
[2023.01.02 18:18:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lenovo
[2023.01.02 18:18:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Lenovo
[2023.01.02 18:18:32 | 000,000,000 | ---D | C] -- C:\Program Files\Lenovo
[2023.01.02 18:18:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations
[2023.01.02 18:17:47 | 000,000,000 | ---D | C] -- C:\drivers
[2023.01.01 20:43:43 | 000,000,000 | ---D | C] -- C:\Users\893\Documents\FORScan
[2023.01.01 20:39:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FORScan
[2023.01.01 20:39:06 | 000,000,000 | ---D | C] -- C:\Users\893\Documents\AdapterFiles
[2023.01.01 20:38:59 | 000,000,000 | ---D | C] -- C:\Users\893\AppData\Roaming\FORScan
[2023.01.01 20:38:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FORScan
[2022.12.22 22:19:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mafia
[2022.12.22 22:19:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cenega Czech
[2022.12.22 21:57:49 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAudio2_7.dll
[2022.12.22 21:57:49 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAudio2_7.dll
[2022.12.22 21:57:49 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine3_7.dll
[2022.12.22 21:57:49 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine3_7.dll
[2022.12.22 21:57:49 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAPOFX1_5.dll
[2022.12.22 21:57:49 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAPOFX1_5.dll
[2022.12.22 21:57:48 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_43.dll
[2022.12.22 21:57:48 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_43.dll
[2022.12.22 21:57:48 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dcsx_43.dll
[2022.12.22 21:57:48 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dcsx_43.dll
[2022.12.22 21:57:48 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10_43.dll
[2022.12.22 21:57:48 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_43.dll
[2022.12.22 21:57:48 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx11_43.dll
[2022.12.22 21:57:48 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx11_43.dll
[2022.12.22 21:57:47 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DX9_43.dll
[2022.12.22 21:57:47 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAudio2_6.dll
[2022.12.22 21:57:47 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAudio2_6.dll
[2022.12.22 21:57:47 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine3_6.dll
[2022.12.22 21:57:47 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine3_6.dll
[2022.12.22 21:57:47 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAPOFX1_4.dll
[2022.12.22 21:57:47 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAPOFX1_4.dll
[2022.12.22 21:57:46 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAudio2_5.dll
[2022.12.22 21:57:46 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAudio2_5.dll
[2022.12.22 21:57:46 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine3_5.dll
[2022.12.22 21:57:46 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine3_5.dll
[2022.12.22 21:57:46 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\X3DAudio1_7.dll
[2022.12.22 21:57:46 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\X3DAudio1_7.dll
[2022.12.22 21:57:45 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dcsx_42.dll
[2022.12.22 21:57:45 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dcsx_42.dll
[2022.12.22 21:57:45 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_42.dll
[2022.12.22 21:57:45 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_42.dll
[2022.12.22 21:57:44 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DX9_42.dll
[2022.12.22 21:57:44 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DX9_42.dll
[2022.12.22 21:57:44 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10_42.dll
[2022.12.22 21:57:44 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_42.dll
[2022.12.22 21:57:44 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx11_42.dll
[2022.12.22 21:57:44 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx11_42.dll
[2022.12.22 21:57:42 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAPOFX1_3.dll
[2022.12.22 21:57:42 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAPOFX1_3.dll
[2022.12.22 21:57:41 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAudio2_3.dll
[2022.12.22 21:57:41 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAudio2_3.dll
[2022.12.22 21:57:41 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAPOFX1_2.dll
[2022.12.22 21:57:41 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAPOFX1_2.dll
[2022.12.22 21:57:40 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAudio2_2.dll
[2022.12.22 21:57:40 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAudio2_2.dll
[2022.12.22 21:57:40 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine3_3.dll
[2022.12.22 21:57:40 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine3_3.dll
[2022.12.22 21:57:40 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAPOFX1_1.dll
[2022.12.22 21:57:40 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAPOFX1_1.dll
[2022.12.22 21:57:40 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\X3DAudio1_5.dll
[2022.12.22 21:57:40 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\X3DAudio1_5.dll
[2022.12.22 21:57:39 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine3_2.dll
[2022.12.22 21:57:39 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine3_2.dll
[2022.12.16 14:44:59 | 000,000,000 | -H-D | C] -- C:\$WinREAgent
[2022.12.15 18:22:31 | 004,418,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cdp.dll
[2022.12.15 18:22:31 | 000,966,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WFS.exe
[2022.12.15 18:22:31 | 000,669,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WFSR.dll
[2022.12.15 18:22:31 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSCOMPOSE.dll
[2022.12.15 18:22:31 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSCOVER.exe
[2022.12.15 18:22:31 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSUTILITY.dll
[2022.12.15 18:22:31 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSCOMPOSERES.dll
[2022.12.15 18:22:30 | 005,006,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdp.dll
[2022.12.15 18:22:29 | 000,768,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\quickassist.exe
[2022.12.15 18:22:24 | 000,961,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DolbyDecMFT.dll
[2022.12.15 18:22:24 | 000,958,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\quickassist.exe
[2022.12.15 18:22:23 | 003,560,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2022.12.15 18:22:23 | 002,341,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmpeg2vdec.dll
[2022.12.15 18:22:23 | 002,255,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMVDECOD.DLL
[2022.12.15 18:22:23 | 001,302,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfasfsrcsnk.dll
[2022.12.15 18:22:23 | 001,136,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DolbyDecMFT.dll
[2022.12.15 18:22:23 | 001,015,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll
[2022.12.15 18:22:23 | 000,539,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mf.dll
[2022.12.15 18:22:21 | 024,272,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Hydrogen.dll
[2022.12.15 18:22:20 | 018,767,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HologramWorld.dll
[2022.12.15 18:22:20 | 002,524,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVDECOD.DLL
[2022.12.15 18:22:20 | 002,522,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2vdec.dll
[2022.12.15 18:22:20 | 002,454,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVCORE.DLL
[2022.12.15 18:22:20 | 000,944,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSMPEG2ENC.DLL
[2022.12.15 18:22:19 | 004,799,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2022.12.15 18:22:19 | 001,957,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfasfsrcsnk.dll
[2022.12.15 18:22:19 | 001,645,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Microsoft.Uev.AppAgent.dll
[2022.12.15 18:22:19 | 001,504,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppVEntSubsystems32.dll
[2022.12.15 18:22:19 | 001,353,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmpeg2srcsnk.dll
[2022.12.15 18:22:19 | 000,531,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mf.dll
[2022.12.15 18:22:19 | 000,512,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Microsoft.Uev.Office2013CustomActions.dll
[2022.12.15 18:22:19 | 000,160,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvsigpext.dll
[2022.12.15 18:22:19 | 000,084,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windowsdefenderapplicationguardcsp.dll
[2022.12.15 18:22:18 | 002,404,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft.Uev.AppAgent.dll
[2022.12.15 18:22:18 | 002,221,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft.Uev.ModernAppAgent.dll
[2022.12.15 18:22:18 | 002,024,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppVEntSubsystems64.dll
[2022.12.15 18:22:18 | 001,260,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppVEntSubsystemController.dll
[2022.12.15 18:22:18 | 001,220,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AgentService.exe
[2022.12.15 18:22:18 | 001,217,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft.Uev.CommonBridge.dll
[2022.12.15 18:22:18 | 000,771,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft.Uev.PrinterCustomActions.dll
[2022.12.15 18:22:18 | 000,754,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft.Uev.Office2013CustomActions.dll
[2022.12.15 18:22:18 | 000,161,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvsievaluator.exe
[2022.12.15 18:22:17 | 000,444,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fclip.exe
[2022.12.15 18:22:16 | 001,537,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsp_fs.dll
[2022.12.15 18:22:16 | 001,345,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsp_health.dll
[2022.12.15 18:22:16 | 000,408,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CPFilters.dll
[2022.12.15 18:22:15 | 005,820,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll
[2022.12.15 18:22:13 | 019,866,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll
[2022.12.15 18:22:13 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmsynth.dll
[2022.12.15 18:22:13 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmusic.dll
[2022.12.15 18:22:13 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmloader.dll
[2022.12.15 18:22:13 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dswave.dll
[2022.12.15 18:22:06 | 002,024,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsp_fs.dll
[2022.12.15 18:22:06 | 001,953,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mmc.exe
[2022.12.15 18:22:06 | 001,763,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsp_health.dll
[2022.12.15 18:22:06 | 000,520,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CPFilters.dll
[2022.12.15 18:22:06 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RDXTaskFactory.dll
[2022.12.15 18:22:06 | 000,387,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SIHClient.exe
[2022.12.15 18:22:06 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wslapi.dll
[2022.12.15 18:22:06 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetpp.dll
[2022.12.15 18:22:06 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsl.exe
[2022.12.15 18:22:06 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetppui.dll
[2022.12.15 18:22:06 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpnpinst.exe
[2022.12.15 18:22:02 | 026,270,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll
[2022.12.15 18:22:02 | 001,129,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ClipUp.exe
[2022.12.15 18:22:02 | 000,678,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\computecore.dll
[2022.12.15 18:22:02 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dosettings.dll
[2022.12.15 18:22:02 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vmdevicehost.dll
[2022.12.15 18:22:02 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmusic.dll
[2022.12.15 18:22:02 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmsynth.dll
[2022.12.15 18:22:02 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmloader.dll
[2022.12.15 18:22:02 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dswave.dll
[2022.12.15 18:22:00 | 001,572,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvix64.exe
[2022.12.15 18:22:00 | 001,300,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvax64.exe
[2022.12.15 18:22:00 | 000,810,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tcblaunch.exe
[2022.12.15 18:22:00 | 000,419,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SgrmEnclave.dll
[2022.12.15 18:22:00 | 000,415,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SgrmEnclave_secure.dll
[2022.12.15 18:22:00 | 000,307,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\skci.dll
[2022.12.15 18:22:00 | 000,224,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tcbloader.dll
[2022.12.15 18:22:00 | 000,119,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvloader.dll
[2022.12.15 18:22:00 | 000,096,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hvservice.sys
[2022.12.15 18:22:00 | 000,022,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kdhvcom.dll
[2022.12.15 18:21:59 | 008,896,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
[2022.12.15 18:21:59 | 001,831,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xpsservices.dll
[2022.12.15 18:21:59 | 001,009,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Sensors.dll
[2022.12.15 18:21:59 | 000,908,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gdi32full.dll
[2022.12.15 18:21:59 | 000,686,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmenrollengine.dll
[2022.12.15 18:21:59 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\newdev.dll
[2022.12.15 18:21:59 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netjoin.dll
[2022.12.15 18:21:59 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\newdev.exe
[2022.12.15 18:21:59 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ndadmin.exe
[2022.12.15 18:21:59 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\enrollmentapi.dll
[2022.12.15 18:21:59 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nlmproxy.dll
[2022.12.15 18:21:59 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nlmsprep.dll
[2022.12.15 18:21:58 | 002,636,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\combase.dll
[2022.12.15 18:21:58 | 000,897,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WinTypes.dll
[2022.12.15 18:21:58 | 000,765,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2022.12.15 18:21:58 | 000,706,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wer.dll
[2022.12.15 18:21:58 | 000,533,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\policymanager.dll
[2022.12.15 18:21:58 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\daxexec.dll
[2022.12.15 18:21:58 | 000,483,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerFault.exe
[2022.12.15 18:21:58 | 000,411,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Faultrep.dll
[2022.12.15 18:21:58 | 000,297,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wincorlib.dll
[2022.12.15 18:21:58 | 000,272,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppLockerCSP.dll
[2022.12.15 18:21:58 | 000,236,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cryptui.dll
[2022.12.15 18:21:58 | 000,202,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wermgr.exe
[2022.12.15 18:21:58 | 000,196,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\weretw.dll
[2022.12.15 18:21:58 | 000,183,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SensorsNativeApi.V2.dll
[2022.12.15 18:21:58 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbgcore.dll
[2022.12.15 18:21:58 | 000,154,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wldp.dll
[2022.12.15 18:21:58 | 000,152,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerFaultSecure.exe
[2022.12.15 18:21:58 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\OneSettingsClient.dll
[2022.12.15 18:21:58 | 000,133,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\srpapi.dll
[2022.12.15 18:21:58 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\usoapi.dll
[2022.12.15 18:21:58 | 000,060,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SensorsNativeApi.dll
[2022.12.15 18:21:58 | 000,059,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\virtdisk.dll
[2022.12.15 18:21:58 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\werdiagcontroller.dll
[2022.12.15 18:21:58 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wups.dll
[2022.12.15 18:21:58 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PCShellCommonProxyStub.dll
[2022.12.15 18:21:58 | 000,021,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerEnc.dll
[2022.12.15 18:21:58 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\appidtel.exe
[2022.12.15 18:21:58 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\EnterpriseAppMgmtClient.dll
[2022.12.15 18:21:57 | 003,927,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\OneCoreUAPCommonProxyStub.dll
[2022.12.15 18:21:57 | 002,753,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32kfull.sys
[2022.12.15 18:21:57 | 001,083,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wpnapps.dll
[2022.12.15 18:21:57 | 000,329,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32k.sys
[2022.12.15 18:21:57 | 000,319,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Storage.ApplicationData.dll
[2022.12.15 18:21:57 | 000,190,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\deviceaccess.dll
[2022.12.15 18:21:57 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\updatepolicy.dll
[2022.12.15 18:21:57 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tzautoupdate.dll
[2022.12.15 18:21:57 | 000,093,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32u.dll
[2022.12.15 18:21:56 | 006,920,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BingMaps.dll
[2022.12.15 18:21:56 | 006,373,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\windows.storage.dll
[2022.12.15 18:21:56 | 002,433,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapRouter.dll
[2022.12.15 18:21:56 | 001,862,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InstallService.dll
[2022.12.15 18:21:56 | 001,015,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CloudExperienceHostCommon.dll
[2022.12.15 18:21:56 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InstallServiceTasks.dll
[2022.12.15 18:21:56 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.Preview.DOSettings.dll
[2022.12.15 18:21:50 | 001,375,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cdprt.dll
[2022.12.15 18:21:50 | 001,117,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aadtb.dll
[2022.12.15 18:21:50 | 000,879,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ShareHost.dll
[2022.12.15 18:21:50 | 000,721,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.dll
[2022.12.15 18:21:50 | 000,565,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.Connectivity.dll
[2022.12.15 18:21:50 | 000,294,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppxAllUserStore.dll
[2022.12.15 18:21:50 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.HostName.dll
[2022.12.15 18:21:50 | 000,062,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GameInput.dll
[2022.12.15 18:21:50 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\OnDemandConnRouteHelper.dll
[2022.12.15 18:21:49 | 014,770,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2022.12.15 18:21:49 | 004,749,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2022.12.15 18:21:49 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\usercpl.dll
[2022.12.15 18:21:49 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll
[2022.12.15 18:21:48 | 004,514,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe
[2022.12.15 18:21:48 | 001,332,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ContentDeliveryManager.Utilities.dll
[2022.12.15 18:21:48 | 000,943,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TSWorkspace.dll
[2022.12.15 18:21:48 | 000,783,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usercpl.dll
[2022.12.15 18:21:48 | 000,773,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kernel32.dll
[2022.12.15 18:21:48 | 000,754,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\FlightSettings.dll
[2022.12.15 18:21:48 | 000,615,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.ConversationalAgent.dll
[2022.12.15 18:21:48 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ShellCommonCommonProxyStub.dll
[2022.12.15 18:21:48 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LicensingDiagSpp.dll
[2022.12.15 18:21:48 | 000,336,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LsaIso.exe
[2022.12.15 18:21:48 | 000,138,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll
[2022.12.15 18:21:48 | 000,070,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iumcrypt.dll
[2022.12.15 18:21:48 | 000,063,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sfc_os.dll
[2022.12.15 18:21:48 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sxstrace.exe
[2022.12.15 18:21:47 | 006,191,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2022.12.15 18:21:47 | 003,966,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_nt.dll
[2022.12.15 18:21:47 | 002,242,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windowsudk.shellcommon.dll
[2022.12.15 18:21:47 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drvinst.exe
[2022.12.15 18:21:47 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\newdev.dll
[2022.12.15 18:21:47 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\newdev.exe
[2022.12.15 18:21:47 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ndadmin.exe
[2022.12.15 18:21:47 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\npmproxy.dll
[2022.12.15 18:21:47 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nlmproxy.dll
[2022.12.15 18:21:47 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nlmsprep.dll
[2022.12.15 18:21:47 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\icsunattend.exe
[2022.12.15 18:21:46 | 003,922,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2022.12.15 18:21:46 | 002,465,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.onecore.dll
[2022.12.15 18:21:46 | 001,772,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.desktop.dll
[2022.12.15 18:21:46 | 001,289,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Sensors.dll
[2022.12.15 18:21:46 | 001,214,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ApplyTrustOffline.exe
[2022.12.15 18:21:46 | 001,005,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netprofmsvc.dll
[2022.12.15 18:21:46 | 000,382,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxAllUserStore.dll
[2022.12.15 18:21:46 | 000,210,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXApplicabilityBlob.dll
[2022.12.15 18:21:46 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netjoin.dll
[2022.12.15 18:21:46 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\profsvcext.dll
[2022.12.15 18:21:46 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CustomInstallExec.exe
[2022.12.15 18:21:45 | 002,380,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enterprisecsps.dll
[2022.12.15 18:21:45 | 002,143,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MdmDiagnostics.dll
[2022.12.15 18:21:45 | 002,028,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LocationFramework.dll
[2022.12.15 18:21:45 | 001,874,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d9.dll
[2022.12.15 18:21:45 | 001,752,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppobjs.dll
[2022.12.15 18:21:45 | 001,092,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32full.dll
[2022.12.15 18:21:45 | 000,858,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmenrollengine.dll
[2022.12.15 18:21:45 | 000,791,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dcsvc.dll
[2022.12.15 18:21:45 | 000,695,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sxs.dll
[2022.12.15 18:21:45 | 000,648,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\policymanager.dll
[2022.12.15 18:21:45 | 000,572,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SppExtComObj.Exe
[2022.12.15 18:21:45 | 000,396,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LicensingDiagSpp.dll
[2022.12.15 18:21:45 | 000,363,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppwinob.dll
[2022.12.15 18:21:45 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mdmmigrator.dll
[2022.12.15 18:21:45 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enrollmentapi.dll
[2022.12.15 18:21:45 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sxssrv.dll
[2022.12.15 18:21:45 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sxstrace.exe
[2022.12.15 18:21:45 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\declaredconfiguration.dll
[2022.12.15 18:21:45 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d8thk.dll
[2022.12.15 18:21:44 | 000,608,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppcext.dll
[2022.12.15 18:21:43 | 000,521,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuuhext.dll
[2022.12.15 18:21:43 | 000,503,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS
[2022.12.15 18:21:43 | 000,308,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cryptui.dll
[2022.12.15 18:21:42 | 002,964,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2022.12.15 18:21:41 | 010,855,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2022.12.15 18:21:41 | 000,930,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samsrv.dll
[2022.12.15 18:21:41 | 000,889,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wer.dll
[2022.12.15 18:21:41 | 000,570,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerFault.exe
[2022.12.15 18:21:41 | 000,489,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Faultrep.dll
[2022.12.15 18:21:41 | 000,420,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wininit.exe
[2022.12.15 18:21:41 | 000,272,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\offlinesam.dll
[2022.12.15 18:21:41 | 000,254,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\weretw.dll
[2022.12.15 18:21:41 | 000,229,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wermgr.exe

[buripe]

[2022.12.15 18:21:41 | 000,200,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dbgcore.dll
[2022.12.15 18:21:41 | 000,182,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OneSettingsClient.dll
[2022.12.15 18:21:41 | 000,172,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerFaultSecure.exe
[2022.12.15 18:21:41 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samlib.dll
[2022.12.15 18:21:41 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\basesrv.dll
[2022.12.15 18:21:41 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\werdiagcontroller.dll
[2022.12.15 18:21:41 | 000,025,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerEnc.dll
[2022.12.15 18:21:41 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmsgapi.dll
[2022.12.15 18:21:35 | 001,395,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinTypes.dll
[2022.12.15 18:21:35 | 000,437,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wincorlib.dll
[2022.12.15 18:21:34 | 003,576,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2022.12.15 18:21:34 | 003,507,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll
[2022.12.15 18:21:34 | 001,830,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2022.12.15 18:21:34 | 001,562,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2022.12.15 18:21:34 | 001,221,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NotificationController.dll
[2022.12.15 18:21:34 | 000,929,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ci.dll
[2022.12.15 18:21:34 | 000,501,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_Notifications.dll
[2022.12.15 18:21:34 | 000,390,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppLockerCSP.dll
[2022.12.15 18:21:34 | 000,379,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NotificationControllerPS.dll
[2022.12.15 18:21:34 | 000,193,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wldp.dll
[2022.12.15 18:21:34 | 000,157,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\srpapi.dll
[2022.12.15 18:21:34 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appidtel.exe
[2022.12.15 18:21:34 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\applockerfltr.sys
[2022.12.15 18:21:33 | 006,424,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.pcshell.dll
[2022.12.15 18:21:32 | 004,011,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsThresholdAdminFlowUI.dll
[2022.12.15 18:21:32 | 001,689,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MoUsoCoreWorker.exe
[2022.12.15 18:21:32 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusUpdateHandlers.dll
[2022.12.15 18:21:32 | 000,966,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2022.12.15 18:21:32 | 000,717,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\upshared.dll
[2022.12.15 18:21:32 | 000,692,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotification.exe
[2022.12.15 18:21:32 | 000,646,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotifyIcon.exe
[2022.12.15 18:21:32 | 000,630,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotificationUx.exe
[2022.12.15 18:21:32 | 000,522,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsAdminFlows.exe
[2022.12.15 18:21:32 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UpdateDeploymentProvider.dll
[2022.12.15 18:21:32 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuuhosdeployment.dll
[2022.12.15 18:21:32 | 000,230,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\convertvhd.exe
[2022.12.15 18:21:32 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\musdialoghandlers.dll
[2022.12.15 18:21:32 | 000,090,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UsoClient.exe
[2022.12.15 18:21:32 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups.dll
[2022.12.15 18:21:32 | 000,082,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2022.12.15 18:21:32 | 000,069,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\virtdisk.dll
[2022.12.15 18:21:32 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups2.dll
[2022.12.15 18:21:32 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PCShellCommonProxyStub.dll
[2022.12.15 18:21:31 | 003,811,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys
[2022.12.15 18:21:31 | 001,709,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\user32.dll
[2022.12.15 18:21:31 | 001,414,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usocoreworker.exe
[2022.12.15 18:21:31 | 000,765,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windows.immersiveshell.serviceprovider.dll
[2022.12.15 18:21:31 | 000,622,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EnterpriseAppMgmtSvc.dll
[2022.12.15 18:21:31 | 000,570,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usosvc.dll
[2022.12.15 18:21:31 | 000,336,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HttpsDataSource.dll
[2022.12.15 18:21:31 | 000,221,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SensorsNativeApi.V2.dll
[2022.12.15 18:21:31 | 000,141,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usoapi.dll
[2022.12.15 18:21:31 | 000,133,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32u.dll
[2022.12.15 18:21:31 | 000,072,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SensorsNativeApi.dll
[2022.12.15 18:21:31 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EnterpriseAppMgmtClient.dll
[2022.12.15 18:21:30 | 007,978,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windows.storage.dll
[2022.12.15 18:21:30 | 001,378,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpnapps.dll
[2022.12.15 18:21:30 | 000,422,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wintrust.dll
[2022.12.15 18:21:30 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WaaSMedicCapsule.dll
[2022.12.15 18:21:29 | 003,182,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapRouter.dll
[2022.12.15 18:21:29 | 002,632,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapGeocoder.dll
[2022.12.15 18:21:29 | 002,459,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InstallService.dll
[2022.12.15 18:21:29 | 002,250,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ISM.dll
[2022.12.15 18:21:29 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WaaSMedicSvc.dll
[2022.12.15 18:21:29 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storewuauth.dll
[2022.12.15 18:21:29 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InstallServiceTasks.dll
[2022.12.15 18:21:29 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WaaSMedicAgent.exe
[2022.12.15 18:21:29 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WaaSMedicPS.dll
[2022.12.15 18:21:29 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapihost.exe
[2022.12.15 18:21:28 | 009,037,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BingMaps.dll
[2022.12.15 18:21:28 | 003,749,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EdgeContent.dll
[2022.12.15 18:21:28 | 002,892,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys
[2022.12.15 18:21:28 | 001,503,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dosvc.dll
[2022.12.15 18:21:28 | 000,978,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxgi.dll
[2022.12.15 18:21:28 | 000,902,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms2.sys
[2022.12.15 18:21:28 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\domgmt.dll
[2022.12.15 18:21:28 | 000,456,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2022.12.15 18:21:28 | 000,267,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdd.dll
[2022.12.15 18:21:28 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\updatepolicy.dll
[2022.12.15 18:21:28 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.Preview.DOSettings.dll
[2022.12.15 18:21:27 | 008,233,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OneCoreUAPCommonProxyStub.dll
[2022.12.15 18:21:27 | 001,191,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudExperienceHostCommon.dll
[2022.12.15 18:21:27 | 001,119,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ClipSVC.dll
[2022.12.15 18:21:27 | 001,104,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\ClipSp.sys
[2022.12.15 18:21:27 | 000,737,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.Connectivity.dll
[2022.12.15 18:21:27 | 000,410,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Storage.ApplicationData.dll
[2022.12.15 18:21:27 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\licensingdiag.exe
[2022.12.15 18:21:27 | 000,242,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\deviceaccess.dll
[2022.12.15 18:21:27 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.HostName.dll
[2022.12.15 18:21:27 | 000,187,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Clipc.dll
[2022.12.15 18:21:27 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tzautoupdate.dll
[2022.12.15 18:21:27 | 000,134,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\oemlicense.dll
[2022.12.15 18:21:27 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OnDemandConnRouteHelper.dll
[2022.12.15 18:21:26 | 002,389,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\smartscreen.exe
[2022.12.15 18:21:26 | 002,308,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Graphics.Printing.3D.dll
[2022.12.15 18:21:26 | 002,009,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.CloudStore.dll
[2022.12.15 18:21:26 | 001,765,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdprt.dll
[2022.12.15 18:21:26 | 001,420,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aadtb.dll
[2022.12.15 18:21:26 | 001,119,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ShareHost.dll
[2022.12.15 18:21:26 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdpusersvc.dll
[2022.12.15 18:21:26 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\smartscreenps.dll
[2022.12.15 18:21:26 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ACPBackgroundManagerPolicy.dll
[2022.12.15 18:21:26 | 000,072,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GameInput.dll
[2022.12.15 18:21:25 | 010,349,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Protection.PlayReady.dll
[2022.12.15 18:21:25 | 000,862,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pkeyhelper.dll
[2022.12.15 18:21:25 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.CloudStore.Schema.Shell.dll
[2022.12.15 18:21:25 | 000,832,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ShellCommonCommonProxyStub.dll
[2022.12.15 18:21:20 | 005,141,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2022.12.15 18:21:20 | 001,335,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32spl.dll
[2022.12.15 18:21:20 | 001,283,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localspl.dll
[2022.12.15 18:21:20 | 001,175,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usbmon.dll
[2022.12.15 18:21:20 | 000,967,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdiWiFi.sys
[2022.12.15 18:21:20 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winspool.drv
[2022.12.15 18:21:20 | 000,297,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TpmTasks.dll
[2022.12.15 18:21:20 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\splwow64.exe
[2022.12.15 18:21:20 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PrinterCleanupTask.dll
[2022.12.15 18:21:20 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FaxPrinterInstaller.dll
[2022.12.15 18:21:20 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localui.dll
[2022.12.15 18:21:19 | 001,788,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ContentDeliveryManager.Utilities.dll
[2022.12.15 18:21:19 | 001,580,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SpeechPal.dll
[2022.12.15 18:21:19 | 001,568,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSes.dll
[2022.12.15 18:21:19 | 001,543,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TaskFlowDataEngine.dll
[2022.12.15 18:21:19 | 000,940,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FlightSettings.dll
[2022.12.15 18:21:19 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Management.Service.dll
[2022.12.15 18:21:19 | 000,781,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.ConversationalAgent.dll
[2022.12.15 18:21:19 | 000,726,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storport.sys
[2022.12.15 18:21:19 | 000,203,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autopilot.dll
[2022.12.15 18:21:19 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Management.ModernDeployment.ConfigProviders.dll
[2022.12.15 18:21:19 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppListBackupLauncher.dll
[2022.12.15 18:21:19 | 000,084,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WindowsManagementServiceWinRt.ProxyStub.dll
[2022.12.15 18:21:19 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
[2022.12.15 18:21:19 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autopilotdiag.dll
[2022.12.15 18:21:17 | 000,642,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Vid.sys
[2022.12.15 18:21:16 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BthMini.SYS
[2022.12.15 18:21:15 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\xinputhid.sys
[2022.12.14 13:14:00 | 000,392,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\poqexec.exe
[2022.12.14 13:13:59 | 000,497,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\poqexec.exe
[2022.12.14 12:11:51 | 000,212,632 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswStm.sys
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2023.01.08 11:19:23 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2023.01.08 11:15:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\893\Desktop\OTL.exe
[2023.01.08 11:10:49 | 1659,097,088 | -HS- | M] () -- C:\hiberfil.sys
[2023.01.07 22:53:12 | 001,693,136 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2023.01.07 22:53:12 | 000,717,980 | ---- | M] () -- C:\WINDOWS\SysNative\perfh005.dat
[2023.01.07 22:53:12 | 000,701,564 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2023.01.07 22:53:12 | 000,145,122 | ---- | M] () -- C:\WINDOWS\SysNative\perfc005.dat
[2023.01.07 22:53:12 | 000,133,406 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2023.01.07 22:48:37 | 016,777,216 | -HS- | M] () -- C:\swapfile.sys
[2023.01.07 22:31:26 | 000,000,214 | ---- | M] () -- C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job
[2023.01.07 20:14:58 | 000,439,728 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2023.01.04 19:57:07 | 001,944,234 | ---- | M] () -- C:\WINDOWS\ZAM.krnl.trace
[2023.01.04 17:38:14 | 000,124,952 | ---- | M] (Windows (R) Win 7 DDK provider) -- C:\WINDOWS\SysNative\drivers\netfilter2.sys
[2023.01.04 17:37:54 | 000,038,616 | ---- | M] (Avast Software) -- C:\WINDOWS\SysNative\icarus_rvrt.exe
[2023.01.04 17:36:57 | 000,002,169 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk
[2023.01.04 17:36:36 | 000,498,992 | ---- | M] (WireGuard LLC) -- C:\WINDOWS\SysNative\drivers\aswWireguard.sys
[2023.01.04 17:36:28 | 000,065,944 | ---- | M] (Avast Software) -- C:\WINDOWS\SysNative\drivers\aswVpnRdr.sys
[2023.01.04 17:22:03 | 000,473,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wd\WdFilter.sys
[2023.01.04 17:22:03 | 000,185,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wd\WdDevFlt.sys
[2023.01.04 17:22:03 | 000,099,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wd\WdNisDrv.sys
[2023.01.04 17:22:03 | 000,049,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wd\WdBoot.sys
[2023.01.04 16:17:15 | 000,000,841 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\etc\hosts
[2023.01.03 10:42:52 | 000,002,483 | ---- | M] () -- C:\Users\893\Desktop\Excel.lnk
[2023.01.03 10:42:42 | 000,002,511 | ---- | M] () -- C:\Users\893\Desktop\Word.lnk
[2023.01.02 18:29:16 | 001,511,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WudfUpdate_01011.dll
[2023.01.02 18:29:16 | 000,066,560 | ---- | M] (Lenovo) -- C:\WINDOWS\SysNative\drivers\UMDF\LenovoVhid.dll
[2023.01.02 18:29:15 | 000,019,872 | ---- | M] (Lenovo (Beijing) Limited) -- C:\WINDOWS\SysNative\LenovoSDKEmSubSystem.dll
[2023.01.02 18:29:10 | 000,039,008 | ---- | M] (Lenovo.) -- C:\WINDOWS\SysNative\drivers\LhdX64.sys
[2023.01.02 18:18:48 | 629,145,600 | -HS- | M] () -- C:\WINDOWS\lenovo_fastboot.img
[2023.01.01 20:39:06 | 000,001,064 | ---- | M] () -- C:\Users\Public\Desktop\FORScan.lnk
[2022.12.31 11:13:36 | 006,438,983 | ---- | M] () -- C:\Users\893\Desktop\Mazda6_Návod_k_obsluze.pdf
[2022.12.22 23:28:50 | 000,001,808 | ---- | M] () -- C:\Users\Public\Desktop\Mafia.lnk
[2022.12.22 13:09:53 | 000,262,787 | ---- | M] () -- C:\Users\893\Desktop\448FD187-3342-4889-A9EE-3CA5424CF570.jpeg
[2022.12.15 18:22:31 | 004,418,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cdp.dll
[2022.12.15 18:22:31 | 000,966,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WFS.exe
[2022.12.15 18:22:31 | 000,669,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WFSR.dll
[2022.12.15 18:22:31 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSCOMPOSE.dll
[2022.12.15 18:22:31 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSCOVER.exe
[2022.12.15 18:22:31 | 000,186,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSUTILITY.dll
[2022.12.15 18:22:31 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSCOMPOSERES.dll
[2022.12.15 18:22:30 | 005,006,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdp.dll
[2022.12.15 18:22:29 | 000,768,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\quickassist.exe
[2022.12.15 18:22:24 | 000,961,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DolbyDecMFT.dll
[2022.12.15 18:22:24 | 000,958,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\quickassist.exe
[2022.12.15 18:22:23 | 024,272,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Hydrogen.dll
[2022.12.15 18:22:23 | 003,560,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2022.12.15 18:22:23 | 002,341,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmpeg2vdec.dll
[2022.12.15 18:22:23 | 002,255,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMVDECOD.DLL
[2022.12.15 18:22:23 | 001,302,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfasfsrcsnk.dll
[2022.12.15 18:22:23 | 001,136,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DolbyDecMFT.dll
[2022.12.15 18:22:23 | 001,015,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll
[2022.12.15 18:22:23 | 000,539,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mf.dll
[2022.12.15 18:22:21 | 018,767,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HologramWorld.dll
[2022.12.15 18:22:20 | 002,524,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVDECOD.DLL
[2022.12.15 18:22:20 | 002,522,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2vdec.dll
[2022.12.15 18:22:20 | 002,454,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVCORE.DLL
[2022.12.15 18:22:20 | 001,353,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmpeg2srcsnk.dll
[2022.12.15 18:22:20 | 000,944,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSMPEG2ENC.DLL
[2022.12.15 18:22:19 | 004,799,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2022.12.15 18:22:19 | 001,957,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfasfsrcsnk.dll
[2022.12.15 18:22:19 | 001,645,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Microsoft.Uev.AppAgent.dll
[2022.12.15 18:22:19 | 001,504,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppVEntSubsystems32.dll
[2022.12.15 18:22:19 | 000,531,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mf.dll
[2022.12.15 18:22:19 | 000,512,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Microsoft.Uev.Office2013CustomActions.dll
[2022.12.15 18:22:19 | 000,161,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvsievaluator.exe
[2022.12.15 18:22:19 | 000,160,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvsigpext.dll
[2022.12.15 18:22:19 | 000,084,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windowsdefenderapplicationguardcsp.dll
[2022.12.15 18:22:18 | 002,404,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft.Uev.AppAgent.dll
[2022.12.15 18:22:18 | 002,221,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft.Uev.ModernAppAgent.dll
[2022.12.15 18:22:18 | 002,024,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppVEntSubsystems64.dll
[2022.12.15 18:22:18 | 001,260,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppVEntSubsystemController.dll
[2022.12.15 18:22:18 | 001,220,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AgentService.exe
[2022.12.15 18:22:18 | 001,217,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft.Uev.CommonBridge.dll
[2022.12.15 18:22:18 | 000,771,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft.Uev.PrinterCustomActions.dll
[2022.12.15 18:22:18 | 000,754,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft.Uev.Office2013CustomActions.dll
[2022.12.15 18:22:17 | 000,444,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fclip.exe
[2022.12.15 18:22:16 | 005,820,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll
[2022.12.15 18:22:16 | 001,537,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsp_fs.dll
[2022.12.15 18:22:16 | 001,345,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsp_health.dll
[2022.12.15 18:22:16 | 000,408,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CPFilters.dll
[2022.12.15 18:22:14 | 019,866,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll
[2022.12.15 18:22:13 | 000,112,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmsynth.dll
[2022.12.15 18:22:13 | 000,109,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmusic.dll
[2022.12.15 18:22:13 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmloader.dll
[2022.12.15 18:22:13 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dswave.dll
[2022.12.15 18:22:06 | 002,024,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsp_fs.dll
[2022.12.15 18:22:06 | 001,953,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mmc.exe
[2022.12.15 18:22:06 | 001,763,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsp_health.dll
[2022.12.15 18:22:06 | 000,520,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CPFilters.dll
[2022.12.15 18:22:06 | 000,421,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RDXTaskFactory.dll
[2022.12.15 18:22:06 | 000,387,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SIHClient.exe
[2022.12.15 18:22:06 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wslapi.dll
[2022.12.15 18:22:06 | 000,186,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetpp.dll
[2022.12.15 18:22:06 | 000,169,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsl.exe
[2022.12.15 18:22:06 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetppui.dll
[2022.12.15 18:22:06 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpnpinst.exe
[2022.12.15 18:22:04 | 026,270,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll
[2022.12.15 18:22:02 | 001,129,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ClipUp.exe
[2022.12.15 18:22:02 | 000,678,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\computecore.dll
[2022.12.15 18:22:02 | 000,293,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dosettings.dll
[2022.12.15 18:22:02 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vmdevicehost.dll
[2022.12.15 18:22:02 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmusic.dll
[2022.12.15 18:22:02 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmsynth.dll
[2022.12.15 18:22:02 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmloader.dll
[2022.12.15 18:22:02 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dswave.dll
[2022.12.15 18:22:00 | 001,572,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvix64.exe
[2022.12.15 18:22:00 | 001,300,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvax64.exe
[2022.12.15 18:22:00 | 000,810,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tcblaunch.exe
[2022.12.15 18:22:00 | 000,419,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SgrmEnclave.dll
[2022.12.15 18:22:00 | 000,415,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SgrmEnclave_secure.dll
[2022.12.15 18:22:00 | 000,307,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\skci.dll
[2022.12.15 18:22:00 | 000,224,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tcbloader.dll
[2022.12.15 18:22:00 | 000,119,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvloader.dll
[2022.12.15 18:22:00 | 000,096,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hvservice.sys
[2022.12.15 18:22:00 | 000,022,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kdhvcom.dll
[2022.12.15 18:22:00 | 000,012,367 | ---- | M] () -- C:\WINDOWS\SysNative\DrtmAuthTxt.wim
[2022.12.15 18:21:59 | 008,896,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
[2022.12.15 18:21:59 | 001,831,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xpsservices.dll
[2022.12.15 18:21:59 | 001,009,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Sensors.dll
[2022.12.15 18:21:59 | 000,908,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gdi32full.dll
[2022.12.15 18:21:59 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmenrollengine.dll
[2022.12.15 18:21:59 | 000,533,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\policymanager.dll
[2022.12.15 18:21:59 | 000,236,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\newdev.dll
[2022.12.15 18:21:59 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netjoin.dll
[2022.12.15 18:21:59 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\newdev.exe
[2022.12.15 18:21:59 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ndadmin.exe
[2022.12.15 18:21:59 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\enrollmentapi.dll
[2022.12.15 18:21:59 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nlmproxy.dll
[2022.12.15 18:21:59 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nlmsprep.dll
[2022.12.15 18:21:58 | 002,753,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32kfull.sys
[2022.12.15 18:21:58 | 002,636,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\combase.dll
[2022.12.15 18:21:58 | 000,897,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WinTypes.dll
[2022.12.15 18:21:58 | 000,765,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2022.12.15 18:21:58 | 000,706,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wer.dll
[2022.12.15 18:21:58 | 000,508,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\daxexec.dll
[2022.12.15 18:21:58 | 000,483,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerFault.exe
[2022.12.15 18:21:58 | 000,411,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Faultrep.dll
[2022.12.15 18:21:58 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wincorlib.dll
[2022.12.15 18:21:58 | 000,272,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppLockerCSP.dll
[2022.12.15 18:21:58 | 000,236,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cryptui.dll
[2022.12.15 18:21:58 | 000,202,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wermgr.exe
[2022.12.15 18:21:58 | 000,196,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\weretw.dll
[2022.12.15 18:21:58 | 000,183,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SensorsNativeApi.V2.dll
[2022.12.15 18:21:58 | 000,162,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbgcore.dll
[2022.12.15 18:21:58 | 000,154,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wldp.dll
[2022.12.15 18:21:58 | 000,152,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerFaultSecure.exe
[2022.12.15 18:21:58 | 000,141,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\OneSettingsClient.dll
[2022.12.15 18:21:58 | 000,133,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\srpapi.dll
[2022.12.15 18:21:58 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\usoapi.dll
[2022.12.15 18:21:58 | 000,060,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SensorsNativeApi.dll
[2022.12.15 18:21:58 | 000,059,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\virtdisk.dll
[2022.12.15 18:21:58 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\werdiagcontroller.dll
[2022.12.15 18:21:58 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wups.dll
[2022.12.15 18:21:58 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PCShellCommonProxyStub.dll
[2022.12.15 18:21:58 | 000,021,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerEnc.dll
[2022.12.15 18:21:58 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\appidtel.exe
[2022.12.15 18:21:58 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\EnterpriseAppMgmtClient.dll
[2022.12.15 18:21:57 | 006,373,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\windows.storage.dll
[2022.12.15 18:21:57 | 003,927,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\OneCoreUAPCommonProxyStub.dll
[2022.12.15 18:21:57 | 001,083,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wpnapps.dll
[2022.12.15 18:21:57 | 000,329,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32k.sys
[2022.12.15 18:21:57 | 000,319,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Storage.ApplicationData.dll
[2022.12.15 18:21:57 | 000,190,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\deviceaccess.dll
[2022.12.15 18:21:57 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\updatepolicy.dll
[2022.12.15 18:21:57 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tzautoupdate.dll
[2022.12.15 18:21:57 | 000,093,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32u.dll
[2022.12.15 18:21:56 | 006,920,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BingMaps.dll
[2022.12.15 18:21:56 | 002,433,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapRouter.dll
[2022.12.15 18:21:56 | 001,862,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InstallService.dll
[2022.12.15 18:21:56 | 001,015,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CloudExperienceHostCommon.dll
[2022.12.15 18:21:56 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InstallServiceTasks.dll
[2022.12.15 18:21:56 | 000,052,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.Preview.DOSettings.dll
[2022.12.15 18:21:50 | 014,770,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2022.12.15 18:21:50 | 001,375,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cdprt.dll
[2022.12.15 18:21:50 | 001,117,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aadtb.dll
[2022.12.15 18:21:50 | 000,879,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ShareHost.dll
[2022.12.15 18:21:50 | 000,721,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.dll
[2022.12.15 18:21:50 | 000,565,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.Connectivity.dll
[2022.12.15 18:21:50 | 000,294,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppxAllUserStore.dll
[2022.12.15 18:21:50 | 000,129,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.HostName.dll
[2022.12.15 18:21:50 | 000,062,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GameInput.dll
[2022.12.15 18:21:50 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\OnDemandConnRouteHelper.dll
[2022.12.15 18:21:49 | 004,749,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2022.12.15 18:21:49 | 000,943,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TSWorkspace.dll
[2022.12.15 18:21:49 | 000,592,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\usercpl.dll
[2022.12.15 18:21:49 | 000,107,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll
[2022.12.15 18:21:48 | 004,514,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe
[2022.12.15 18:21:48 | 001,332,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ContentDeliveryManager.Utilities.dll
[2022.12.15 18:21:48 | 000,783,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usercpl.dll
[2022.12.15 18:21:48 | 000,773,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kernel32.dll
[2022.12.15 18:21:48 | 000,754,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\FlightSettings.dll
[2022.12.15 18:21:48 | 000,615,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.ConversationalAgent.dll
[2022.12.15 18:21:48 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ShellCommonCommonProxyStub.dll
[2022.12.15 18:21:48 | 000,352,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LicensingDiagSpp.dll
[2022.12.15 18:21:48 | 000,336,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LsaIso.exe
[2022.12.15 18:21:48 | 000,138,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll
[2022.12.15 18:21:48 | 000,070,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iumcrypt.dll
[2022.12.15 18:21:48 | 000,063,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sfc_os.dll
[2022.12.15 18:21:48 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sxstrace.exe
[2022.12.15 18:21:47 | 006,191,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2022.12.15 18:21:47 | 003,966,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_nt.dll
[2022.12.15 18:21:47 | 002,242,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windowsudk.shellcommon.dll
[2022.12.15 18:21:47 | 001,005,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netprofmsvc.dll
[2022.12.15 18:21:47 | 000,332,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drvinst.exe
[2022.12.15 18:21:47 | 000,312,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\newdev.dll
[2022.12.15 18:21:47 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\newdev.exe
[2022.12.15 18:21:47 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ndadmin.exe
[2022.12.15 18:21:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\npmproxy.dll
[2022.12.15 18:21:47 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nlmproxy.dll
[2022.12.15 18:21:47 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nlmsprep.dll
[2022.12.15 18:21:47 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\icsunattend.exe
[2022.12.15 18:21:46 | 003,922,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2022.12.15 18:21:46 | 002,465,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.onecore.dll
[2022.12.15 18:21:46 | 001,772,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.desktop.dll
[2022.12.15 18:21:46 | 001,289,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Sensors.dll
[2022.12.15 18:21:46 | 001,214,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ApplyTrustOffline.exe
[2022.12.15 18:21:46 | 000,382,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxAllUserStore.dll
[2022.12.15 18:21:46 | 000,210,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXApplicabilityBlob.dll
[2022.12.15 18:21:46 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netjoin.dll
[2022.12.15 18:21:46 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\profsvcext.dll
[2022.12.15 18:21:46 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CustomInstallExec.exe
[2022.12.15 18:21:45 | 002,380,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enterprisecsps.dll
[2022.12.15 18:21:45 | 002,143,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MdmDiagnostics.dll
[2022.12.15 18:21:45 | 002,028,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LocationFramework.dll
[2022.12.15 18:21:45 | 001,874,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d9.dll
[2022.12.15 18:21:45 | 001,752,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppobjs.dll
[2022.12.15 18:21:45 | 001,092,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32full.dll
[2022.12.15 18:21:45 | 000,858,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmenrollengine.dll
[2022.12.15 18:21:45 | 000,791,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dcsvc.dll
[2022.12.15 18:21:45 | 000,695,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sxs.dll
[2022.12.15 18:21:45 | 000,648,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\policymanager.dll
[2022.12.15 18:21:45 | 000,572,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SppExtComObj.Exe
[2022.12.15 18:21:45 | 000,396,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LicensingDiagSpp.dll
[2022.12.15 18:21:45 | 000,363,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppwinob.dll
[2022.12.15 18:21:45 | 000,169,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mdmmigrator.dll
[2022.12.15 18:21:45 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enrollmentapi.dll
[2022.12.15 18:21:45 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sxssrv.dll
[2022.12.15 18:21:45 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sxstrace.exe
[2022.12.15 18:21:45 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\declaredconfiguration.dll
[2022.12.15 18:21:45 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d8thk.dll
[2022.12.15 18:21:44 | 000,608,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppcext.dll
[2022.12.15 18:21:43 | 002,964,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2022.12.15 18:21:43 | 000,521,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuuhext.dll
[2022.12.15 18:21:43 | 000,503,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS
[2022.12.15 18:21:43 | 000,308,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cryptui.dll
[2022.12.15 18:21:42 | 010,855,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2022.12.15 18:21:41 | 000,930,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samsrv.dll
[2022.12.15 18:21:41 | 000,889,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wer.dll
[2022.12.15 18:21:41 | 000,570,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerFault.exe
[2022.12.15 18:21:41 | 000,489,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Faultrep.dll
[2022.12.15 18:21:41 | 000,420,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wininit.exe
[2022.12.15 18:21:41 | 000,272,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\offlinesam.dll
[2022.12.15 18:21:41 | 000,254,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\weretw.dll
[2022.12.15 18:21:41 | 000,229,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wermgr.exe
[2022.12.15 18:21:41 | 000,200,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dbgcore.dll
[2022.12.15 18:21:41 | 000,182,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OneSettingsClient.dll
[2022.12.15 18:21:41 | 000,172,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerFaultSecure.exe
[2022.12.15 18:21:41 | 000,137,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samlib.dll
[2022.12.15 18:21:41 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\basesrv.dll
[2022.12.15 18:21:41 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\werdiagcontroller.dll
[2022.12.15 18:21:41 | 000,025,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerEnc.dll
[2022.12.15 18:21:41 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmsgapi.dll
[2022.12.15 18:21:35 | 003,507,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll
[2022.12.15 18:21:35 | 001,395,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinTypes.dll
[2022.12.15 18:21:35 | 000,437,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wincorlib.dll
[2022.12.15 18:21:34 | 003,576,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2022.12.15 18:21:34 | 001,830,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2022.12.15 18:21:34 | 001,562,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2022.12.15 18:21:34 | 001,221,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NotificationController.dll
[2022.12.15 18:21:34 | 000,929,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ci.dll
[2022.12.15 18:21:34 | 000,501,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_Notifications.dll
[2022.12.15 18:21:34 | 000,390,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppLockerCSP.dll
[2022.12.15 18:21:34 | 000,379,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NotificationControllerPS.dll
[2022.12.15 18:21:34 | 000,193,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wldp.dll
[2022.12.15 18:21:34 | 000,157,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\srpapi.dll
[2022.12.15 18:21:34 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appidtel.exe
[2022.12.15 18:21:34 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\applockerfltr.sys
[2022.12.15 18:21:33 | 006,424,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.pcshell.dll
[2022.12.15 18:21:33 | 004,011,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsThresholdAdminFlowUI.dll
[2022.12.15 18:21:32 | 001,689,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MoUsoCoreWorker.exe
[2022.12.15 18:21:32 | 001,414,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usocoreworker.exe
[2022.12.15 18:21:32 | 001,163,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusUpdateHandlers.dll
[2022.12.15 18:21:32 | 000,966,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2022.12.15 18:21:32 | 000,717,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\upshared.dll
[2022.12.15 18:21:32 | 000,692,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotification.exe
[2022.12.15 18:21:32 | 000,646,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotifyIcon.exe
[2022.12.15 18:21:32 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotificationUx.exe
[2022.12.15 18:21:32 | 000,522,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsAdminFlows.exe
[2022.12.15 18:21:32 | 000,352,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UpdateDeploymentProvider.dll
[2022.12.15 18:21:32 | 000,276,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuuhosdeployment.dll
[2022.12.15 18:21:32 | 000,230,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\convertvhd.exe
[2022.12.15 18:21:32 | 000,169,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\musdialoghandlers.dll
[2022.12.15 18:21:32 | 000,090,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UsoClient.exe
[2022.12.15 18:21:32 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups.dll
[2022.12.15 18:21:32 | 000,082,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2022.12.15 18:21:32 | 000,069,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\virtdisk.dll
[2022.12.15 18:21:32 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups2.dll
[2022.12.15 18:21:32 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PCShellCommonProxyStub.dll
[2022.12.15 18:21:31 | 003,811,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys
[2022.12.15 18:21:31 | 001,709,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\user32.dll
[2022.12.15 18:21:31 | 000,765,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windows.immersiveshell.serviceprovider.dll
[2022.12.15 18:21:31 | 000,622,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EnterpriseAppMgmtSvc.dll
[2022.12.15 18:21:31 | 000,570,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usosvc.dll
[2022.12.15 18:21:31 | 000,336,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HttpsDataSource.dll
[2022.12.15 18:21:31 | 000,221,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SensorsNativeApi.V2.dll
[2022.12.15 18:21:31 | 000,141,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usoapi.dll
[2022.12.15 18:21:31 | 000,133,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32u.dll
[2022.12.15 18:21:31 | 000,072,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SensorsNativeApi.dll
[2022.12.15 18:21:31 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EnterpriseAppMgmtClient.dll
[2022.12.15 18:21:30 | 007,978,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windows.storage.dll
[2022.12.15 18:21:30 | 001,378,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpnapps.dll
[2022.12.15 18:21:30 | 000,422,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wintrust.dll
[2022.12.15 18:21:30 | 000,365,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WaaSMedicCapsule.dll
[2022.12.15 18:21:29 | 009,037,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BingMaps.dll
[2022.12.15 18:21:29 | 003,182,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapRouter.dll
[2022.12.15 18:21:29 | 002,632,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapGeocoder.dll
[2022.12.15 18:21:29 | 002,459,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InstallService.dll
[2022.12.15 18:21:29 | 002,250,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ISM.dll
[2022.12.15 18:21:29 | 000,427,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WaaSMedicSvc.dll
[2022.12.15 18:21:29 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storewuauth.dll
[2022.12.15 18:21:29 | 000,230,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InstallServiceTasks.dll
[2022.12.15 18:21:29 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WaaSMedicAgent.exe
[2022.12.15 18:21:29 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WaaSMedicPS.dll
[2022.12.15 18:21:29 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapihost.exe
[2022.12.15 18:21:28 | 003,749,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EdgeContent.dll
[2022.12.15 18:21:28 | 002,892,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys
[2022.12.15 18:21:28 | 001,503,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dosvc.dll
[2022.12.15 18:21:28 | 000,978,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxgi.dll
[2022.12.15 18:21:28 | 000,902,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms2.sys
[2022.12.15 18:21:28 | 000,491,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\domgmt.dll
[2022.12.15 18:21:28 | 000,456,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2022.12.15 18:21:28 | 000,267,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdd.dll
[2022.12.15 18:21:28 | 000,230,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\updatepolicy.dll
[2022.12.15 18:21:28 | 000,068,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.Preview.DOSettings.dll
[2022.12.15 18:21:27 | 008,233,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OneCoreUAPCommonProxyStub.dll
[2022.12.15 18:21:27 | 001,191,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudExperienceHostCommon.dll
[2022.12.15 18:21:27 | 001,119,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ClipSVC.dll
[2022.12.15 18:21:27 | 001,104,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\ClipSp.sys
[2022.12.15 18:21:27 | 000,737,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.Connectivity.dll
[2022.12.15 18:21:27 | 000,410,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Storage.ApplicationData.dll
[2022.12.15 18:21:27 | 000,395,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\licensingdiag.exe
[2022.12.15 18:21:27 | 000,242,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\deviceaccess.dll
[2022.12.15 18:21:27 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.HostName.dll
[2022.12.15 18:21:27 | 000,187,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Clipc.dll
[2022.12.15 18:21:27 | 000,184,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tzautoupdate.dll
[2022.12.15 18:21:27 | 000,134,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\oemlicense.dll
[2022.12.15 18:21:27 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OnDemandConnRouteHelper.dll
[2022.12.15 18:21:26 | 010,349,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Protection.PlayReady.dll
[2022.12.15 18:21:26 | 002,389,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\smartscreen.exe
[2022.12.15 18:21:26 | 002,308,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Graphics.Printing.3D.dll
[2022.12.15 18:21:26 | 002,009,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.CloudStore.dll
[2022.12.15 18:21:26 | 001,765,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdprt.dll
[2022.12.15 18:21:26 | 001,420,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aadtb.dll
[2022.12.15 18:21:26 | 001,119,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ShareHost.dll
[2022.12.15 18:21:26 | 000,503,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdpusersvc.dll
[2022.12.15 18:21:26 | 000,312,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\smartscreenps.dll
[2022.12.15 18:21:26 | 000,212,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ACPBackgroundManagerPolicy.dll
[2022.12.15 18:21:26 | 000,072,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GameInput.dll
[2022.12.15 18:21:25 | 000,862,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pkeyhelper.dll
[2022.12.15 18:21:25 | 000,838,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.CloudStore.Schema.Shell.dll
[2022.12.15 18:21:25 | 000,832,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ShellCommonCommonProxyStub.dll
[2022.12.15 18:21:20 | 005,141,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2022.12.15 18:21:20 | 001,335,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32spl.dll
[2022.12.15 18:21:20 | 001,283,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localspl.dll
[2022.12.15 18:21:20 | 001,175,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usbmon.dll
[2022.12.15 18:21:20 | 000,967,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdiWiFi.sys
[2022.12.15 18:21:20 | 000,940,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FlightSettings.dll
[2022.12.15 18:21:20 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winspool.drv
[2022.12.15 18:21:20 | 000,297,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TpmTasks.dll
[2022.12.15 18:21:20 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\splwow64.exe
[2022.12.15 18:21:20 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PrinterCleanupTask.dll

[buripe]

[2022.12.15 18:21:20 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FaxPrinterInstaller.dll
[2022.12.15 18:21:20 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localui.dll
[2022.12.15 18:21:19 | 001,788,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ContentDeliveryManager.Utilities.dll
[2022.12.15 18:21:19 | 001,580,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SpeechPal.dll
[2022.12.15 18:21:19 | 001,568,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSes.dll
[2022.12.15 18:21:19 | 001,543,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TaskFlowDataEngine.dll
[2022.12.15 18:21:19 | 000,852,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Management.Service.dll
[2022.12.15 18:21:19 | 000,781,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.ConversationalAgent.dll
[2022.12.15 18:21:19 | 000,726,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storport.sys
[2022.12.15 18:21:19 | 000,297,472 | ---- | M] () -- C:\WINDOWS\SysNative\Windows.Management.InprocObjects.dll
[2022.12.15 18:21:19 | 000,203,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autopilot.dll
[2022.12.15 18:21:19 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Management.ModernDeployment.ConfigProviders.dll
[2022.12.15 18:21:19 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppListBackupLauncher.dll
[2022.12.15 18:21:19 | 000,084,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WindowsManagementServiceWinRt.ProxyStub.dll
[2022.12.15 18:21:19 | 000,071,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
[2022.12.15 18:21:19 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autopilotdiag.dll
[2022.12.15 18:21:17 | 000,642,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Vid.sys
[2022.12.15 18:21:16 | 003,014,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PrintConfig.dll
[2022.12.15 18:21:16 | 000,045,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BthMini.SYS
[2022.12.15 18:21:15 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\xinputhid.sys
[2022.12.14 12:12:32 | 000,391,272 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswbidsdriver.sys
[2022.12.14 12:11:30 | 000,318,456 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswVmm.sys
[2022.12.14 12:11:28 | 000,297,832 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswbidsh.sys
[2022.12.14 12:11:28 | 000,212,632 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswStm.sys
[2022.12.14 12:11:28 | 000,095,960 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswbuniv.sys
[2022.12.14 12:11:26 | 000,695,496 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSP.sys
[2022.12.14 12:11:26 | 000,555,560 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswNetHub.sys
[2022.12.14 12:11:26 | 000,267,888 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswMonFlt.sys
[2022.12.14 12:11:26 | 000,105,248 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswRdr2.sys
[2022.12.14 12:11:26 | 000,080,376 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys
[2022.12.14 12:11:26 | 000,039,648 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswKbd.sys
[2022.12.14 12:11:20 | 000,273,816 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\aswBoot.exe
[2022.12.14 12:11:09 | 000,229,208 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswArPot.sys
[2022.12.14 12:11:08 | 000,852,000 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSnx.sys
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2023.01.07 22:31:26 | 000,000,214 | ---- | C] () -- C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job
[2023.01.07 20:14:53 | 000,439,728 | ---- | C] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2023.01.04 17:38:31 | 000,002,402 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast AntiTrack Premium.lnk
[2023.01.04 17:37:42 | 000,002,125 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Cleanup Premium.lnk
[2023.01.04 17:36:57 | 000,002,169 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk
[2023.01.04 17:36:57 | 000,002,149 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SecureLine VPN.lnk
[2023.01.04 17:36:54 | 000,002,088 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Premium Security.lnk
[2023.01.04 17:01:52 | 001,944,234 | ---- | C] () -- C:\WINDOWS\ZAM.krnl.trace
[2023.01.04 16:45:53 | 000,024,064 | ---- | C] () -- C:\WINDOWS\zoek-delete.exe
[2023.01.03 10:42:52 | 000,002,483 | ---- | C] () -- C:\Users\893\Desktop\Excel.lnk
[2023.01.03 10:42:42 | 000,002,511 | ---- | C] () -- C:\Users\893\Desktop\Word.lnk
[2023.01.03 10:35:26 | 000,002,130 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
[2023.01.03 10:33:56 | 000,002,517 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
[2023.01.03 10:33:56 | 000,002,511 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
[2023.01.03 10:33:56 | 000,002,488 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
[2023.01.03 10:33:56 | 000,002,483 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
[2023.01.03 10:33:56 | 000,002,444 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
[2023.01.03 10:33:56 | 000,002,409 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
[2023.01.03 10:33:56 | 000,002,405 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
[2023.01.02 18:18:48 | 629,145,600 | -HS- | C] () -- C:\WINDOWS\lenovo_fastboot.img
[2023.01.01 20:39:06 | 000,001,064 | ---- | C] () -- C:\Users\Public\Desktop\FORScan.lnk
[2022.12.31 11:13:35 | 006,438,983 | ---- | C] () -- C:\Users\893\Desktop\Mazda6_Návod_k_obsluze.pdf
[2022.12.22 22:19:44 | 000,001,808 | ---- | C] () -- C:\Users\Public\Desktop\Mafia.lnk
[2022.12.22 13:09:51 | 000,262,787 | ---- | C] () -- C:\Users\893\Desktop\448FD187-3342-4889-A9EE-3CA5424CF570.jpeg
[2022.12.15 18:22:00 | 000,012,367 | ---- | C] () -- C:\WINDOWS\SysNative\DrtmAuthTxt.wim
[2022.12.15 18:21:19 | 000,297,472 | ---- | C] () -- C:\WINDOWS\SysNative\Windows.Management.InprocObjects.dll
[2022.10.21 17:37:57 | 001,333,760 | ---- | C] () -- C:\WINDOWS\SysWow64\TextInputMethodFormatter.dll
[2022.07.21 23:19:53 | 000,018,944 | ---- | C] () -- C:\WINDOWS\SysWow64\WsdProviderUtil.dll
[2022.03.12 11:52:15 | 000,223,744 | ---- | C] () -- C:\WINDOWS\SysWow64\TpmTool.exe
[2021.10.19 15:20:38 | 000,611,960 | ---- | C] () -- C:\WINDOWS\SysWow64\TextShaping.dll
[2021.06.15 15:28:02 | 000,468,440 | ---- | C] () -- C:\WINDOWS\SysWow64\WindowManagementAPI.dll
[2021.03.12 20:28:28 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2021.03.12 20:21:14 | 000,101,704 | ---- | C] () -- C:\WINDOWS\SysWow64\HvsiManagementApi.dll
[2021.03.12 20:21:00 | 000,053,760 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2021.03.12 20:20:21 | 000,047,472 | ---- | C] () -- C:\WINDOWS\SysWow64\umpdc.dll
[2021.03.12 20:20:17 | 000,235,520 | ---- | C] () -- C:\WINDOWS\SysWow64\HeatCore.dll
[2021.03.12 20:20:11 | 000,266,240 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.Internal.UI.Shell.WindowTabManager.dll
[2021.03.12 20:20:08 | 000,330,752 | ---- | C] () -- C:\WINDOWS\SysWow64\ssdm.dll
[2021.03.12 20:20:08 | 000,240,640 | ---- | C] () -- C:\WINDOWS\SysWow64\CoreMas.dll
[2021.03.12 20:20:08 | 000,010,752 | ---- | C] () -- C:\WINDOWS\SysWow64\agentactivationruntimestarter.exe
[2021.03.09 22:36:38 | 000,000,759 | ---- | C] () -- C:\WINDOWS\MAZEPC.INI
[2019.09.26 13:59:03 | 000,012,685 | ---- | C] () -- C:\ProgramData\sokqucqi.nri

========== ZeroAccess Check ==========

[2021.04.25 09:54:27 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\windows.storage.dll -- [2022.12.15 18:21:30 | 007,978,384 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\windows.storage.dll -- [2022.12.15 18:21:57 | 006,373,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2021.03.12 20:19:02 | 001,075,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2021.03.12 20:20:11 | 000,804,352 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2019.12.07 10:08:19 | 000,514,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2023.01.04 18:18:07 | 000,000,000 | ---D | M] -- C:\Users\893\AppData\Roaming\AVAST Software
[2019.07.18 17:40:01 | 000,000,000 | ---D | M] -- C:\Users\893\AppData\Roaming\Canneverbe Limited
[2022.11.21 16:08:57 | 000,000,000 | ---D | M] -- C:\Users\893\AppData\Roaming\com.adobe.dunamis
[2019.12.29 12:37:12 | 000,000,000 | ---D | M] -- C:\Users\893\AppData\Roaming\EleFun Games
[2023.01.01 20:43:54 | 000,000,000 | ---D | M] -- C:\Users\893\AppData\Roaming\FORScan
[2020.01.08 22:22:53 | 000,000,000 | ---D | M] -- C:\Users\893\AppData\Roaming\OpenOffice
[2019.07.03 19:18:06 | 000,000,000 | ---D | M] -- C:\Users\893\AppData\Roaming\SmartSteamEmu
[2020.03.27 09:18:37 | 000,000,000 | ---D | M] -- C:\Users\893\AppData\Roaming\VBA-M
[2019.03.22 18:39:46 | 000,000,000 | ---D | M] -- C:\Users\893\AppData\Roaming\Zoner
[2023.01.04 17:57:33 | 000,000,000 | ---D | M] -- C:\Users\893\AppData\Roaming\Zoom

========== Purity Check ==========



< End of report >

[buripe]

OTL Extras logfile created on: 08.01.2023 11:18:03 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\893\Desktop
64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.19041.0)
Locale: 00000405 | Country: Česko | Language: CSY | Date Format: dd.MM.yyyy

3,86 Gb Total Physical Memory | 1,79 Gb Available Physical Memory | 46,27% Memory free
5,18 Gb Paging File | 3,04 Gb Available in Paging File | 58,75% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 464,70 Gb Total Space | 201,35 Gb Free Space | 43,33% Space Free | Partition Type: NTFS

Computer Name: LASVEGAS | User Name: 4815162342 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- Reg Error: Key error.
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Powershell] -- powershell.exe -noexit -command Set-Location -literalPath '%V' (Microsoft Corporation)
Directory [UpdateEncryptionSettings] -- Reg Error: Key error.
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Powershell] -- powershell.exe -noexit -command Set-Location -literalPath '%V' (Microsoft Corporation)
Directory [UpdateEncryptionSettings] -- Reg Error: Key error.
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Feature]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av]
"DataMigrated" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{D68DDC3A-831F-4fae-9E44-DA132C1ACF46}]
"GUID" = {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
"DISPLAYNAME" = Windows Defender
"STATE" = 393472
"PRODUCTEXE" = windowsdefender://
"REPORTINGEXE" = %ProgramFiles%\Windows Defender\MsMpeng.exe -- (Microsoft Corporation)

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{EB19B86E-3998-C706-90EF-92B41EB091AF}]
"GUID" = {EB19B86E-3998-C706-90EF-92B41EB091AF}
"DISPLAYNAME" = Avast Antivirus
"STATE" = 266240
"PRODUCTEXE" = C:\Program Files\AVAST Software\Avast\wsc_proxy.exe -- (AVAST Software)
"REPORTINGEXE" = C:\Program Files\AVAST Software\Avast\wsc_proxy.exe -- (AVAST Software)

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\CBP]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\DPA]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw]
"DataMigrated" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw\{D322394B-73F7-C65E-BBB0-3B81E063D6D4}]
"GUID" = {D322394B-73F7-C65E-BBB0-3B81E063D6D4}
"DISPLAYNAME" = Avast Antivirus
"STATE" = 266240
"PRODUCTEXE" = C:\Program Files\AVAST Software\Avast\wsc_proxy.exe -- (AVAST Software)
"REPORTINGEXE" = C:\Program Files\AVAST Software\Avast\wsc_proxy.exe -- (AVAST Software)

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\SecurityApp]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\SecurityApp\WebProtection]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\ProvidersMigration]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\ProvidersMigration\WicaUpgradableAVs]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 34 A5 52 94 77 17 D7 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Feature]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\CBP]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\DPA]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\SecurityApp]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\SecurityApp\WebProtection]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\ProvidersMigration]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{13064170-A692-40DE-A57A-0386DF0505D3}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\root\office16\outlook.exe |
"{1793C8D1-C98B-4679-9788-A2273AEF79A9}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft\edgewebview\application\108.0.1462.54\msedgewebview2.exe |
"{25808EB9-70FC-4D76-9AA8-41628A8D79D5}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft\edge\application\msedge.exe |
"{539EE5CC-199A-4535-A721-7C4649E99341}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"{E6ED014A-11CA-428F-A583-526EEAE725AC}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{F0D67035-ED04-4292-B837-22EE8C2F5F07}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01744D40-D947-4477-98A4-2C619D533CD1}" = dir=out | name=windows_ie_ac_001 |
"{07DCF94A-00DE-48CC-8F05-670ACF6C882A}" = dir=out | name=@{microsoft.windows.photos_2022.30120.12006.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{08599E63-0B8A-42D4-ABEC-B5D02B481425}" = dir=out | name=@{microsoft.windows.search_1.14.7.19041_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.search/resources/packagedisplayname} |
"{0CDCBBB0-922F-4ACA-84AD-7A4F379EA320}" = dir=out | name=@{microsoft.desktopappinstaller_1.18.2691.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.desktopappinstaller/resources/appdisplayname} |
"{1C09758B-5A2A-493E-8894-B7FDC2DA69F9}" = dir=out | name=@{microsoft.windows.sechealthui_10.0.19041.1865_neutral__cw5n1h2txyewy?ms-resource://microsoft.windows.sechealthui/resources/packagedisplayname} |
"{227A9156-331F-47A2-B1EA-E2A887E5A8A9}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.17763.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{2760FF46-7388-43D2-9EBC-68E7CB197B74}" = dir=out | name=@{microsoft.lockapp_10.0.19041.1023_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{288D8002-BACE-4DAF-A3E2-F8A25C0A61A8}" = dir=out | name=@{microsoft.windows.shellexperiencehost_10.0.19041.1949_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} |
"{28DDE54F-1A73-47F1-9103-39A623263003}" = protocol=17 | dir=in | app=c:\program files (x86)\avast software\avastantitrackpremium\cefsharp.browsersubprocess.exe |
"{32027BED-B31B-4D73-B12E-68A3B4531BD6}" = dir=in | name=@{microsoft.windows.photos_2022.30120.12006.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{3ABA92AF-BC06-4585-9D03-2D95571B2944}" = dir=in | name=microsoft store |
"{3C1CCE4E-89ED-4859-9AD9-3BFB64EB4EA9}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{3E2B556A-88EB-472F-B9E0-614D672C02D0}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{4353D27B-D44C-4D11-AFC4-DD1BE7FF0010}" = protocol=6 | dir=in | app=c:\program files\avast software\avast\avastui.exe |
"{49CE112E-3FA7-4285-9378-19EEF1ECE751}" = dir=out | name=@{microsoft.windows.shellexperiencehost_10.0.17763.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} |
"{52CEEE5D-2E08-4F05-99A3-035345099514}" = protocol=6 | dir=in | app=c:\program files (x86)\avast software\avastantitrackpremium\cefsharp.browsersubprocess.exe |
"{5764FC2B-56AF-47FE-B28E-BCFC86EF557C}" = dir=out | name=@{microsoft.accountscontrol_10.0.19041.1023_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} |
"{60D57EA8-C50E-4E4B-9250-442B50B9DB61}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\bin\cef\cef.win7x64\steamwebhelper.exe |
"{6A60B656-8392-48B2-8EF2-028E76B22CF5}" = dir=out | name=@{microsoft.windows.secureassessmentbrowser_10.0.19041.2311_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.secureassessmentbrowser/resources/packagedisplayname} |
"{70094B55-13BD-4F47-A927-CA7C9FB182F9}" = dir=out | name=@{microsoft.win32webviewhost_10.0.19041.1023_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.win32webviewhost/resources/displayname} |
"{7203A1A7-A5DD-4D71-A8DB-B73901B30C1F}" = dir=out | name=@{microsoft.windows.startmenuexperiencehost_10.0.19041.1023_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.startmenuexperiencehost/startmenuexperiencehost/pkgdisplayname} |
"{729DFF4D-B5EF-4D7A-9F7E-F528FACFE139}" = protocol=6 | dir=in | app=c:\program files\avast software\secureline vpn\vpn.exe |
"{76A8B9D5-8C68-4BAF-AAB1-4B3004BC9B37}" = dir=in | name=@{microsoft.windows.startmenuexperiencehost_10.0.19041.1023_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.startmenuexperiencehost/startmenuexperiencehost/pkgdisplayname} |
"{7CA319F6-BB58-42A4-A7DE-B467AEC99A74}" = protocol=6 | dir=in | app=c:\program files\avast software\cleanup\tuneupui.exe |
"{83BC53C4-488C-4EAD-8C41-1F4C092ABA28}" = dir=out | name=@{microsoftwindows.client.cbs_120.2212.4190.0_x64__cw5n1h2txyewy?ms-resource://microsoftwindows.client.cbs/resources/productpkgdisplayname} |
"{876C7D3C-01F7-40C7-AA8F-D633CAF8D57B}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.19041.1266_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{8A0CDBC6-7362-4CF3-A3BF-128071193672}" = dir=in | name=hp smart |
"{92C29425-B98D-4FAF-8E01-A4BD2788AB50}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} |
"{9C7FD388-96EC-495D-B72C-8201C86F9004}" = dir=out | name=hp smart |
"{9EEFAC1F-9908-4107-84A5-D16B3629E028}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{A05E23BC-AB8C-4CB9-A8AC-BC37B78F914E}" = protocol=17 | dir=in | app=c:\program files\avast software\avast\avastui.exe |
"{A292088C-CF94-4F80-917E-3E8F552DB86F}" = protocol=17 | dir=in | app=c:\users\893\appdata\roaming\zoom\bin\zoom.exe |
"{A40D267A-099D-4F69-A27C-4DB0BF0C38C1}" = dir=out | name=dolby access |
"{A476C882-EA67-4E20-A8A5-9AE48C118F2D}" = dir=out | name=@{microsoft.mspaint_6.2203.1037.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.mspaint/resources/appname} |
"{AF2F2038-6FD1-482E-B23C-746BA2E8B077}" = dir=out | name=@{microsoft.windows.apprep.chxapp_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.apprep.chxapp/resources/displayname} |
"{B0C8FE53-1A75-4DCB-98D8-221EB7A0CBEF}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{B28BD8C3-FBBB-4F22-B572-4811EE1C4B82}" = dir=in | name=dolby access |
"{B5656AC0-02F3-43AA-9118-1BE49BD4AAD6}" = dir=out | name=@{microsoft.storepurchaseapp_12207.44.6.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.storepurchaseapp/resources/displaytitle} |
"{B693DB01-F795-4D51-B7EF-A436958F9648}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{BAAE9713-9439-4C2B-9CC3-A118242C7530}" = dir=in | name=microsoft edge |
"{BB1EBE9A-E164-4136-87C2-BD53F4CEDC30}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\bin\cef\cef.win7x64\steamwebhelper.exe |
"{BD0DCF0B-79A8-48B4-A413-02F94221E3AC}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} |
"{C16ABB37-C2FE-43F6-8DE8-7F67B59B4A95}" = dir=in | name=@{microsoft.win32webviewhost_10.0.19041.1023_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.win32webviewhost/resources/displayname} |
"{C5C68234-0728-44AE-A30C-D800A7A97C97}" = protocol=17 | dir=in | app=c:\program files\avast software\cleanup\tuneupui.exe |
"{C5E17181-5F64-4EE3-9DC7-9C4CED8E0C71}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.17763.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{C7183158-333C-4E05-B478-E811DBAC7D90}" = dir=in | name=@{microsoft.desktopappinstaller_1.18.2691.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.desktopappinstaller/resources/appdisplayname} |
"{C764B05F-C048-49FF-9BC6-EC7530BFC62E}" = dir=out | name=@{microsoft.windows.peopleexperiencehost_10.0.19041.1023_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.peopleexperiencehost/resources/pkgdisplayname} |
"{CFC49FB8-5948-4388-8DB2-D9517511C88A}" = dir=out | name=@{microsoft.windows.oobenetworkcaptiveportal_10.0.19041.1023_neutral__cw5n1h2txyewy?ms-resource://microsoft.windows.oobenetworkcaptiveportal/resources/appdisplayname} |
"{D537A882-2398-4DC2-BC48-D10C22A2D2DB}" = dir=in | name=@{microsoft.windows.sechealthui_10.0.19041.1865_neutral__cw5n1h2txyewy?ms-resource://microsoft.windows.sechealthui/resources/packagedisplayname} |
"{D6887966-7ED1-4BB6-96CB-E5B54F709ADC}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.19041.1023_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{DF205E0E-C9D0-4415-89C1-14A42A4C3125}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{DF65ED66-522D-47DB-A773-AC58714DD127}" = dir=out | name=microsoft store |
"{E08F5159-CDB0-41A2-9B22-2712368D4AA6}" = dir=out | name=ncsiuwpapp |
"{E4CAF59D-4CDB-4D50-809C-020CFEABF32D}" = protocol=17 | dir=in | app=c:\program files\avast software\secureline vpn\vpn.exe |
"{E5AAA246-4AF3-4A73-919C-F5AE5A9B8B32}" = dir=in | name=@{microsoft.windows.search_1.14.7.19041_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.search/resources/packagedisplayname} |
"{E8412272-1882-4AA6-8790-58A51BF0FCBA}" = dir=out | name=microsoft edge |
"{EA931EDC-E23B-43BB-A494-AAF9DC9C19D0}" = dir=out | name=@{microsoft.windows.narratorquickstart_10.0.19041.1023_neutral_neutral_8wekyb3d8bbwe?ms-resource://microsoft.windows.narratorquickstart/resources/appdisplayname} |
"{EFE36C2F-33E0-4CE3-973B-00A5210D1EC0}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.17763.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{FC3F5009-8B73-475B-BE50-D9227191F71C}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.19041.1266_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02A116A8-E559-488C-879C-B212F3EA963A}" = Far Cry (Patch 1.32 AMD64)
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{2304A2EE-010B-43EE-90F8-2218FB93244E}" = Far Cry (AMD64 Exclusive Content Update)
"{25058321-C33E-496B-8915-6FD64D362CAF}" = Windows Live MIME IFilter
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{5016990D-7F61-4A20-9451-A915D6616DD9}" = Microsoft Update Health Tools
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{7DC387B8-E6A2-480C-8EF9-A6E51AE81C19}" = Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.24.28127
"{8678BA04-D161-45BE-ACA4-CC5D13073F35}" = Microsoft Visual C++ 2019 X64 Additional Runtime - 14.24.28127
"{90160000-007E-0000-1000-0000000FF1CE}" = Office 16 Click-to-Run Licensing Component
"{90160000-008C-0000-1000-0000000FF1CE}" = Office 16 Click-to-Run Extensibility Component
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{AC76BA86-1029-1033-7760-BC15014EA700}" = Adobe Acrobat (64-bit)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 376.54
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainer" = NVIDIA Display Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainerLS" = NVIDIA Display Container LS
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{D1F15F7A-707A-42BD-BE6B-3380616F796D}" = Kontrola stavu osobního počítače s Windows
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42" = Balíček ovladače systému Windows - Lenovo (ACPIVPC) System (06/15/2012 8.1.0.1)
"8A223E56FB1ED4F697B54E5BF96F1EB63B512684" = Balíček ovladače systému Windows - Lenovo (WUDFRd) LenovoVhid (06/19/2012 10.13.29.733)
"Avast Antivirus" = Avast Premium Security
"Avast Cleanup" = Avast Cleanup Premium
"Avast SecureLine" = Avast SecureLine VPN
"Elantech" = ELAN Touchpad 11.15.0.18_X64
"OneDriveSetup.exe" = Microsoft OneDrive
"ProPlus2021Retail - cs-cz" = Microsoft Office Professional Plus 2021 - cs-cz
"VLC media player" = VLC media player
"VulkanRT1.0.26.0" = Vulkan Run Time Libraries 1.0.26.0
"WinRAR archiver" = WinRAR 6.11 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00F9DB8C-65D7-4D47-AB5F-F698EE38580D}" = Windows Live UX Platform
"{04BE4035-3C8E-4B48-BFB8-1655849C0C8B}" = Windows Live Writer
"{050d4fc8-5d48-4b8f-8972-47c82c46020f}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
"{07AAB66E-4718-422D-9218-4AFB3C922A71}" = Photo Gallery
"{0BE9E708-5DC0-4963-9CFD-0AA519090E79}" = Junk Mail filter update
"{124A05DC-3C47-4EEF-85CE-56D6C1CAE62B}" = Windows Live Writer
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{15BFD731-A10E-43E9-9D18-0F682BC0480F}" = Photo Common
"{19C3AB22-3718-4E4D-B203-242F5001565B}" = Avast Update Helper
"{1D6432B4-E24D-405E-A4AB-D7E6D088CBC9}" = Windows Live Photo Common
"{282975d8-55fe-4991-bbbb-06a72581ce58}" = Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{3D2CF65C-B544-4308-B996-700D3E5F6C4C}" = Movie Maker
"{3EE8FA69-F2A5-4BDB-9E23-3ABB2421B4FA}" = Windows Live Mail
"{41C61308-6CFD-4D54-AB6A-7136ED08A18E}" = Windows Live Communications Platform
"{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}" = Realtek Card Reader
"{63310483-6490-44CD-B351-8F66C2923070}_is1" = FORScan verze 2.3.50.release
"{659CB81C-B54E-4DF1-B618-F35777393A54}" = Windows Live Installer
"{69BCE4AC-9572-3271-A2FB-9423BDA36A43}" = Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24215
"{714E162E-CD4F-4F1B-8302-7F5179409C25}" = Windows Live Writer
"{7EF15AAF-42AC-4CF6-B4B4-C4F0D1D92122}" = Far Cry (Patch 1.4)
"{88B9357F-0845-465F-96B9-50976FB9C6C2}" = Windows Live Messenger
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A470EA9-FF86-4C0E-992C-572BF2B9D6FF}" = Windows Live Essentials
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A48B9CD8-C2BA-4EC9-0081-7260D238C7CF}" = Need for Speed™ Most Wanted
"{AC76BA86-0804-1033-1959-018244601032}" = Adobe Refresh Manager
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B2611F8A-EFE7-4E88-875D-19F0EFAE87E4}" = Windows Live PIMT Platform
"{B455E95A-B804-439F-B533-336B1635AE97}" = NVIDIA PhysX
"{B775C26B-EAA8-4A11-ACBF-76E52DF6B805}" = Windows Live Mail
"{BBF2AC74-720C-3CB3-8291-5E34039232FA}" = Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24215
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{C72D7008-266D-4DD8-BF3C-296B736127F6}" = Mafia
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{CDC1AB00-01FF-4FC7-816A-16C67F0923C0}" = Windows Live SOXE
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1893000-EA77-493C-8DDD-E262436E959B}" = Windows Live SOXE Definitions
"{D5D573DC-D989-4769-9B56-D6A7EA503D7F}" = OneKey Optimizer
"{DD67BE4B-7E62-4215-AFA3-F123A800A389}" = Movie Maker
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E100E2B5-F2EF-4955-AB7A-C3F2125A3BCD}" = Windows Live UX Platform Language Pack
"{e2803110-78b3-4664-a479-3611a381656a}" = Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215
"{E5807449-CA84-42F6-9CE3-A0E2BDA9E24B}" = Windows Live Writer Resources
"{E703613B-BDAB-433E-A66A-DE0263E3D35D}" = Windows Live Messenger
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F37D360D-9308-4BB1-8515-DC6B637B9486}" = Fotogalerie
"{f65db027-aff3-4070-886a-0d87064aabb1}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"AvastAntiTrackPremium" = Avast AntiTrack Premium
"Google Chrome" = Google Chrome
"InstallShield_{D5D573DC-D989-4769-9B56-D6A7EA503D7F}" = OneKey Optimizer
"MAZDA EPC2" = MAZDA EPC2
"Microsoft Edge" = Microsoft Edge
"Microsoft Edge Update" = Microsoft Edge Update
"Microsoft EdgeWebView" = Microsoft Edge WebView2 Runtime
"Steam" = Steam
"WinLiveSuite" = Windows Live Essentials

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"ZoomUMX" = Zoom

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 04.01.2023 14:58:56 | Computer Name = LasVegas | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Služba Šifrování selhala při volání OnIdentity() v objektu System
Writer. Details: AddWin32ServiceFiles: Unable to back up image of service Avast Driver
Updater since QueryServiceConfig API failed System Error: Systém nemůže nalézt uvedený
soubor. .

Error - 05.01.2023 12:36:38 | Computer Name = LasVegas | Source = Application Error | ID = 1000
Description = Název chybující aplikace: RuntimeBroker.exe, verze: 10.0.19041.746,
časové razítko: 0x5b78739c Název chybujícího modulu: combase.dll, verze: 10.0.19041.2311,
časové razítko: 0xf4ecbc84 Kód výjimky: 0xc0000005 Posun chyby: 0x00000000000c19a4
ID
chybujícího procesu: 0x15f4 Čas spuštění chybující aplikace: 0x01d921192483aca7 Cesta
k chybující aplikaci: C:\Windows\System32\RuntimeBroker.exe Cesta k chybujícímu
modulu: C:\WINDOWS\System32\combase.dll ID zprávy: 0caed518-505d-4a4c-a7d1-7d175de9091c
Úplný
název chybujícího balíčku: Microsoft.Windows.Search_1.14.7.19041_neutral_neutral_cw5n1h2txyewy
ID
aplikace související s chybujícím balíčkem: runtimebroker07f4358a809ac99a64a67c1

Error - 05.01.2023 12:40:54 | Computer Name = LasVegas | Source = Microsoft-Windows-RestartManager | ID = 10006
Description = Aplikaci nebo službu Průzkumník Windows nelze ukončit.

Error - 05.01.2023 17:37:00 | Computer Name = LasVegas | Source = VSS | ID = 8194
Description =

Error - 05.01.2023 17:37:19 | Computer Name = LasVegas | Source = VSS | ID = 8193
Description =

Error - 07.01.2023 7:06:22 | Computer Name = LasVegas | Source = VSS | ID = 8194
Description =

Error - 07.01.2023 7:06:45 | Computer Name = LasVegas | Source = VSS | ID = 8193
Description =

Error - 07.01.2023 15:15:16 | Computer Name = LasVegas | Source = ESENT | ID = 455
Description = taskhostw (7252,R,98) WebCacheLocal: Při otevírání souboru protokolu
C:\Users\893\AppData\Local\Microsoft\Windows\WebCache\V01004C8.log došlo k chybě
-1811 (0xfffff8ed).

Error - 07.01.2023 17:38:34 | Computer Name = LasVegas | Source = VSS | ID = 8194
Description =

Error - 07.01.2023 17:38:53 | Computer Name = LasVegas | Source = VSS | ID = 8193
Description =

[ Parameters Events ]
OTL encountered an error while reading this event log. It may be corrupt.
[ State Events ]
OTL encountered an error while reading this event log. It may be corrupt.
Error - 07.01.2023 17:38:57 | Computer Name = LasVegas | Source = Server | ID = 2505
Description = Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{272A51BC-DC46-4F73-8554-969052EE610C},
protože jiný počítač v síti má stejný název. Server nelze spustit.

Error - 07.01.2023 17:38:57 | Computer Name = LasVegas | Source = Server | ID = 2505
Description = Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{272A51BC-DC46-4F73-8554-969052EE610C},
protože jiný počítač v síti má stejný název. Server nelze spustit.

Error - 07.01.2023 17:38:57 | Computer Name = LasVegas | Source = Server | ID = 2505
Description = Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{272A51BC-DC46-4F73-8554-969052EE610C},
protože jiný počítač v síti má stejný název. Server nelze spustit.

Error - 07.01.2023 17:41:27 | Computer Name = LasVegas | Source = DCOM | ID = 10010
Description =

Error - 07.01.2023 17:41:27 | Computer Name = LasVegas | Source = DCOM | ID = 10010
Description =

Error - 07.01.2023 18:08:28 | Computer Name = LasVegas | Source = Server | ID = 2505
Description = Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{272A51BC-DC46-4F73-8554-969052EE610C},
protože jiný počítač v síti má stejný název. Server nelze spustit.

Error - 07.01.2023 18:08:28 | Computer Name = LasVegas | Source = Server | ID = 2505
Description = Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{272A51BC-DC46-4F73-8554-969052EE610C},
protože jiný počítač v síti má stejný název. Server nelze spustit.

Error - 07.01.2023 18:08:28 | Computer Name = LasVegas | Source = Server | ID = 2505
Description = Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{272A51BC-DC46-4F73-8554-969052EE610C},
protože jiný počítač v síti má stejný název. Server nelze spustit.

Error - 07.01.2023 18:08:28 | Computer Name = LasVegas | Source = Server | ID = 2505
Description = Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{272A51BC-DC46-4F73-8554-969052EE610C},
protože jiný počítač v síti má stejný název. Server nelze spustit.

Error - 08.01.2023 6:10:59 | Computer Name = LasVegas | Source = Server | ID = 2505
Description = Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{272A51BC-DC46-4F73-8554-969052EE610C},
protože jiný počítač v síti má stejný název. Server nelze spustit.

Error - 08.01.2023 6:10:59 | Computer Name = LasVegas | Source = Server | ID = 2505
Description = Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{272A51BC-DC46-4F73-8554-969052EE610C},
protože jiný počítač v síti má stejný název. Server nelze spustit.

Error - 08.01.2023 6:10:59 | Computer Name = LasVegas | Source = Server | ID = 2505
Description = Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{272A51BC-DC46-4F73-8554-969052EE610C},
protože jiný počítač v síti má stejný název. Server nelze spustit.

Error - 08.01.2023 6:10:59 | Computer Name = LasVegas | Source = Server | ID = 2505
Description = Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{272A51BC-DC46-4F73-8554-969052EE610C},
protože jiný počítač v síti má stejný název. Server nelze spustit.


< End of report >

[jaro3]

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
SRV:64bit: - (ose64) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE File not found
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
CHR - Extension: No name found = C:\Users\893\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\3.15.2_0\
CHR - Extension: No name found = C:\Users\893\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_1\
CHR - Extension: No name found = C:\Users\893\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppdidpcihajhihmghhhkfnpklgdehold\2.0.8.3101_0\
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found

:Files
C:\FRST
C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job

:Reg
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.