Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-10-2019 02
Ran by frozk (administrator) on DESKTOP-99RTRQB (Dell Inc. Vostro 15-3568) (14-10-2019 10:15:57)
Running from C:\Users\frozk\Desktop
Loaded Profiles: frozk (Available Profiles: frozk)
Platform: Windows 10 Home Version 1809 17763.805 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\k127153.inf_amd64_3f3936d8dec668b8\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\k127153.inf_amd64_3f3936d8dec668b8\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\k127153.inf_amd64_3f3936d8dec668b8\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\k127153.inf_amd64_3f3936d8dec668b8\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1908.0.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11910.1001.4.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19091.313.0_x64__8wekyb3d8bbwe\YourPhone.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19072.12011.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(OpenVPN Technologies, Inc. -> ) C:\Program Files\OpenVPN\bin\openvpn-gui.exe
(OpenVPN Technologies, Inc. -> The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated) [File not signed] C:\Windows\System32\valWBFPolicyService.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3926016 2016-05-25] (Dell Inc.) [File not signed]
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320568 2016-09-20] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9269328 2019-01-28] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506384 2019-01-28] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [ACPW06EN] => C:\Program Files\ACD Systems\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe [1234120 2012-12-17] (ACD Systems International Inc -> ACD Systems)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [1213736 2018-11-04] (Waves Inc -> Waves Audio Ltd.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1728266272-2750989280-3366292291-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-1728266272-2750989280-3366292291-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19467544 2018-10-23] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-1728266272-2750989280-3366292291-1001\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [717696 2010-01-16] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1728266272-2750989280-3366292291-1001\...\Run: [OPENVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [672384 2018-04-26] (OpenVPN Technologies, Inc. -> )
GroupPolicy: Restriction - Windows Defender <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {F152EF1F-D301-40EB-9F17-76EC44BA5621} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {F3FE155B-09F7-4244-B28B-FA60EACE8C49} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [14544792 2018-10-23] (Piriform Software Ltd -> Piriform Ltd)
Task: {FF5E513B-8CDA-4A5F-88DB-7FD11B4332FF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1236048 2019-07-24] (Adobe Inc. -> Adobe Systems)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 127.0.0.1	acdid.acdsystems.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{19d783bb-a315-41f3-81e0-941727dcf99f}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5835d931-a39d-4555-923b-4ee6e4aa7831}: [DhcpNameServer] 192.168.43.1

Internet Explorer:
==================
HKU\S-1-5-21-1728266272-2750989280-3366292291-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10000__180811
HKU\S-1-5-21-1728266272-2750989280-3366292291-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-1728266272-2750989280-3366292291-1001 -> DefaultScope {8AF5C88E-E839-41C9-87BD-388382F1258A} URL = 
SearchScopes: HKU\S-1-5-21-1728266272-2750989280-3366292291-1001 -> {8AF5C88E-E839-41C9-87BD-388382F1258A} URL = 
SearchScopes: HKU\S-1-5-21-1728266272-2750989280-3366292291-1001 -> {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = hxxp://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10000__180811&q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation)

Edge: 
======
DownloadDir: C:\Users\frozk\Downloads

FireFox:
========
FF DefaultProfile: 8nqkiiwt.default
FF ProfilePath: C:\Users\frozk\AppData\Roaming\Mozilla\Firefox\Profiles\8nqkiiwt.default [2019-10-14]
FF Homepage: Mozilla\Firefox\Profiles\8nqkiiwt.default -> seznam.cz/
FF NewTab: Mozilla\Firefox\Profiles\8nqkiiwt.default -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10000__180811
FF Extension: (uBlock Origin) - C:\Users\frozk\AppData\Roaming\Mozilla\Firefox\Profiles\8nqkiiwt.default\Extensions\uBlock0@raymondhill.net.xpi [2019-09-27]
FF Extension: (View image) - C:\Users\frozk\AppData\Roaming\Mozilla\Firefox\Profiles\8nqkiiwt.default\Extensions\{287dcf75-bec6-4eec-b4f6-71948a2eea29}.xpi [2019-07-27]
FF Extension: (No Name) - C:\Users\frozk\AppData\Roaming\Mozilla\Firefox\Profiles\8nqkiiwt.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-08-22]
FF SearchPlugin: C:\Users\frozk\AppData\Roaming\Mozilla\Firefox\Profiles\8nqkiiwt.default\searchplugins\securesearch.xml [2018-08-11]
FF Extension: (No Name) - C:\Program Files\Mozilla Firefox\browser\features\{65C4BEDD-3F81-4F60-85D8-816EA9FC8BFD}.xpi [2019-10-14] [not signed]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-07-31] (Adobe Inc. -> Adobe Systems Inc.)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\WINDOWS\System32\drivers\AdminService.exe [424288 2018-05-22] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd -> Disc Soft Ltd)
R2 esifsvc; C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe [1705040 2017-11-22] (Intel Corporation -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [743728 2017-11-08] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [720184 2017-11-08] (Intel(R) Trust Services -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [213648 2017-11-22] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [24192 2018-03-06] (OpenVPN Technologies, Inc. ->  )
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [75392 2018-04-26] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 OpenVPNServiceLegacy; C:\Program Files\OpenVPN\bin\openvpnserv.exe [75392 2018-04-26] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [267768 2019-01-28] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [265640 2018-09-26] (Synaptics Incorporated -> Synaptics Incorporated)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [44544 2015-03-03] (Synaptics Incorporated) [File not signed]
R2 WavesSysSvc; C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [875816 2018-11-04] (Waves Inc -> Waves Audio Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\NisSrv.exe [3004048 2019-09-27] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MsMpEng.exe [103384 2019-09-27] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [41608 2017-12-14] (Techporch Incorporated -> Dell Inc.)
S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2017-12-14] (Techporch Incorporated -> Dell Computer Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 DpmLiteDrv; c:\Program Files\Dell\QuickSet\DpmLiteDrv64.sys [15080 2014-10-15] (Wistron Corporation -> Wistron Corp.)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [69536 2017-11-22] (Intel Corporation -> Intel Corporation)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-08-11] (Disc Soft Ltd -> Disc Soft Ltd)
R3 esif_lf; C:\WINDOWS\System32\drivers\esif_lf.sys [382880 2017-11-22] (Intel Corporation -> Intel Corporation)
R3 HidEventFilter; C:\WINDOWS\System32\drivers\HidEventFilter.sys [54800 2016-08-16] (Intel(R) Software -> Intel Corporation)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-10-14] (Malwarebytes Corporation -> Malwarebytes)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [984032 2017-07-25] (Realtek Semiconductor Corp. -> Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [436224 2016-12-15] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [65960 2018-09-26] (Synaptics Incorporated -> Synaptics Incorporated)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46688 2019-09-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [350136 2019-09-27] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54200 2019-09-27] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-10-14 10:15 - 2019-10-14 10:16 - 000018384 ____C C:\Users\frozk\Desktop\FRST.txt
2019-10-14 10:15 - 2019-10-14 10:16 - 000000000 ____D C:\FRST
2019-10-14 10:15 - 2019-10-14 10:15 - 001616384 _____ (Farbar) C:\Users\frozk\Desktop\FRST64.exe
2019-10-14 09:58 - 2019-10-14 10:06 - 000000000 ____D C:\Users\frozk\AppData\Roaming\hlwxmltmlrx
2019-10-14 09:58 - 2019-10-14 10:06 - 000000000 ____D C:\Program Files\EBJ8L2KSH8
2019-10-14 09:55 - 2019-10-14 09:55 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-10-14 09:54 - 2019-10-14 09:54 - 000001914 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-10-14 09:54 - 2019-10-14 09:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-10-14 09:54 - 2019-10-14 09:54 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-10-14 09:54 - 2019-10-14 09:54 - 000000000 ____D C:\Program Files\Malwarebytes
2019-10-14 09:54 - 2019-08-27 05:50 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-10-14 09:54 - 2019-06-26 13:00 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-10-14 09:49 - 2019-10-14 09:56 - 000000004 _____ C:\ProgramData\lock.dat
2019-10-14 09:49 - 2019-10-14 09:49 - 000000008 _____ C:\ProgramData\ts.dat
2019-10-14 09:49 - 2019-10-14 09:49 - 000000004 _____ C:\ProgramData\irw.atsd
2019-10-14 09:48 - 2019-10-14 10:01 - 000000000 ____D C:\Users\frozk\AppData\Roaming\ac4lxyqquim
2019-10-14 09:48 - 2019-10-14 09:48 - 000000270 __RSH C:\Users\frozk\ntuser.pol
2019-10-14 09:47 - 2019-10-14 09:47 - 000000000 ____D C:\Users\frozk\AppData\Roaming\lighteningplayer
2019-10-14 09:46 - 2019-10-14 10:01 - 000000000 ____D C:\Users\frozk\AppData\Roaming\taeixk0jagz
2019-10-14 09:46 - 2019-10-14 09:59 - 000000000 ____D C:\Program Files (x86)\TwCmYXzjuQS
2019-10-14 09:46 - 2019-10-14 09:48 - 000000270 __RSH C:\ProgramData\ntuser.pol
2019-10-14 09:45 - 2019-10-14 10:01 - 000000000 ____D C:\ProgramData\WIFIService
2019-10-14 09:45 - 2019-10-14 10:01 - 000000000 ____D C:\Program Files (x86)\Ororo
2019-10-14 09:45 - 2019-10-14 09:47 - 000000000 ____D C:\Program Files (x86)\lighteningplayer
2019-10-14 09:45 - 2019-10-14 09:45 - 000001842 ____C C:\Users\frozk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lightening Media Player.lnk
2019-10-14 09:45 - 2019-10-14 09:45 - 000000902 ____C C:\Users\frozk\Desktop\Lightening Media Player.lnk
2019-10-09 21:23 - 2019-10-09 21:23 - 024616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-10-09 21:23 - 2019-10-09 21:23 - 020816384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-10-09 21:23 - 2019-10-09 21:23 - 019284992 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2019-10-09 21:23 - 2019-10-09 21:23 - 019014144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-10-09 21:23 - 2019-10-09 21:23 - 012259840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-10-09 21:23 - 2019-10-09 21:23 - 007921664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-10-09 21:23 - 2019-10-09 21:23 - 006065152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-10-09 21:23 - 2019-10-09 21:23 - 005436696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-10-09 21:23 - 2019-10-09 21:23 - 003702784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-10-09 21:23 - 2019-10-09 21:23 - 003550384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-10-09 21:23 - 2019-10-09 21:23 - 002469440 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-10-09 21:23 - 2019-10-09 21:23 - 002429768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2019-10-09 21:23 - 2019-10-09 21:23 - 002323696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-10-09 21:23 - 2019-10-09 21:23 - 002278240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-10-09 21:23 - 2019-10-09 21:23 - 002160160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2019-10-09 21:23 - 2019-10-09 21:23 - 001289192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2019-10-09 21:23 - 2019-10-09 21:23 - 001201136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-10-09 21:23 - 2019-10-09 21:23 - 001024712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2019-10-09 21:23 - 2019-10-09 21:23 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-10-09 21:23 - 2019-10-09 21:23 - 000829440 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-10-09 21:23 - 2019-10-09 21:23 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2019-10-09 21:23 - 2019-10-09 21:23 - 000687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-10-09 21:23 - 2019-10-09 21:23 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-10-09 21:23 - 2019-10-09 21:23 - 000428032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-10-09 21:23 - 2019-10-09 21:23 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-10-09 21:23 - 2019-10-09 21:23 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-10-09 21:23 - 2019-10-09 21:23 - 000180736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2019-10-09 21:22 - 2019-10-09 21:22 - 026806784 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 023455744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 017485312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 015220224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 012960768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 009680400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-10-09 21:22 - 2019-10-09 21:22 - 008903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 007872000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 007645392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 006542464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 005086208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 004873728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 004628992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 004588544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-10-09 21:22 - 2019-10-09 21:22 - 004057088 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 003567104 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 003387392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 002699768 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 002699264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 002437344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 002421760 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-10-09 21:22 - 2019-10-09 21:22 - 002298880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 002192384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 002110472 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 002072176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 002050560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 002015400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 001994976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 001929728 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 001918792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 001904128 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 001830200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 001751432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 001701880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-10-09 21:22 - 2019-10-09 21:22 - 001677816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 001674480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 001666232 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 001608192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 001590072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 001472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-10-09 21:22 - 2019-10-09 21:22 - 001388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 001344960 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-10-09 21:22 - 2019-10-09 21:22 - 001331536 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 001291264 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 001253688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-10-09 21:22 - 2019-10-09 21:22 - 001247560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2019-10-09 21:22 - 2019-10-09 21:22 - 001224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-10-09 21:22 - 2019-10-09 21:22 - 001098136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 001087800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 001056056 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 001054928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-10-09 21:22 - 2019-10-09 21:22 - 001048888 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-10-09 21:22 - 2019-10-09 21:22 - 000981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 000917816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 000901120 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 000895560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 000883200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 000860160 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2019-10-09 21:22 - 2019-10-09 21:22 - 000851272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 000848896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2019-10-09 21:22 - 2019-10-09 21:22 - 000843264 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 000805296 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
2019-10-09 21:22 - 2019-10-09 21:22 - 000794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 000782336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2019-10-09 21:22 - 2019-10-09 21:22 - 000764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 000764216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 000750592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 000681720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 000670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Devices.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 000662024 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 000657408 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 000652088 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-10-09 21:22 - 2019-10-09 21:22 - 000605496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 000604336 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-10-09 21:22 - 2019-10-09 21:22 - 000595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-10-09 21:22 - 2019-10-09 21:22 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-10-09 21:22 - 2019-10-09 21:22 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 000531976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 000522104 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2019-10-09 21:22 - 2019-10-09 21:22 - 000519992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2019-10-09 21:22 - 2019-10-09 21:22 - 000519168 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 000518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 000508728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-10-09 21:22 - 2019-10-09 21:22 - 000506200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 000495616 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 000462136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 000453432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-10-09 21:22 - 2019-10-09 21:22 - 000449368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 000444728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-10-09 21:22 - 2019-10-09 21:22 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-10-09 21:22 - 2019-10-09 21:22 - 000421176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-10-09 21:22 - 2019-10-09 21:22 - 000387832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 000385336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 000376568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-10-09 21:22 - 2019-10-09 21:22 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 000294512 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 000282424 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FileHistory.exe
2019-10-09 21:22 - 2019-10-09 21:22 - 000224568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2019-10-09 21:22 - 2019-10-09 21:22 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-10-09 21:22 - 2019-10-09 21:22 - 000213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 000213304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-10-09 21:22 - 2019-10-09 21:22 - 000201736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-10-09 21:22 - 2019-10-09 21:22 - 000193336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-10-09 21:22 - 2019-10-09 21:22 - 000163232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2019-10-09 21:22 - 2019-10-09 21:22 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 000147944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2019-10-09 21:22 - 2019-10-09 21:22 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnscmmc.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 000104464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-10-09 21:22 - 2019-10-09 21:22 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2019-10-09 21:22 - 2019-10-09 21:22 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2019-10-09 21:22 - 2019-10-09 21:22 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhuxgraphics.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NAPCRYPT.DLL
2019-10-09 21:22 - 2019-10-09 21:22 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 000039304 _____ (Microsoft Corporation) C:\WINDOWS\system32\NtlmShared.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 000033056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NtlmShared.dll
2019-10-09 21:22 - 2019-10-09 21:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-10-09 21:22 - 2019-10-09 21:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-10-09 21:22 - 2019-10-09 21:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-10-09 21:22 - 2019-10-09 21:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-10-09 21:22 - 2019-10-09 21:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-10-09 21:22 - 2019-10-09 21:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-10-09 21:22 - 2019-10-09 21:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-10-09 21:22 - 2019-10-09 21:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-10-07 17:41 - 2019-10-07 17:42 - 000001574 ____C C:\Users\frozk\Desktop\Transfer2 (PROSPERO).lnk
2019-10-04 08:30 - 2019-10-04 08:30 - 006444544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 006316792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 005767168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 005605560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 005309080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 004344832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 003820976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-10-04 08:30 - 2019-10-04 08:30 - 003428864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 002779784 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 002765312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 002349056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 002279304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 002096640 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-10-04 08:30 - 2019-10-04 08:30 - 002018304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-10-04 08:30 - 2019-10-04 08:30 - 001924976 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplaySwitch.exe
2019-10-04 08:30 - 2019-10-04 08:30 - 001864704 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 001764864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 001750528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 001711104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 001506304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 001315328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 001278808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2019-10-04 08:30 - 2019-10-04 08:30 - 001272120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 001155584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shellstyle.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 001155584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shellstyle.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 001132032 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 001019392 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 001006392 _____ (Microsoft Corporation) C:\WINDOWS\system32\DismApi.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 000993280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 000901632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-10-04 08:30 - 2019-10-04 08:30 - 000840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 000791864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 000773632 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 000767800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DismApi.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 000682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 000661096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 000629248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 000589824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-10-04 08:30 - 2019-10-04 08:30 - 000515448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 000482816 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 000467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 000452992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 000449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\DavSyncProvider.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 000413696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 000384272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-10-04 08:30 - 2019-10-04 08:30 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DavSyncProvider.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 000313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2019-10-04 08:30 - 2019-10-04 08:30 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 000309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 000290616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dism.exe
2019-10-04 08:30 - 2019-10-04 08:30 - 000290304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MbbCx.sys
2019-10-04 08:30 - 2019-10-04 08:30 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 000263360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 000256704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winsta.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 000231224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Dism.exe
2019-10-04 08:30 - 2019-10-04 08:30 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2019-10-04 08:30 - 2019-10-04 08:30 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.OneCore.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 000155968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2019-10-04 08:30 - 2019-10-04 08:30 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spopk.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.XamlHost.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvsetup.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regapi.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 000065608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2019-10-04 08:30 - 2019-10-04 08:30 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2019-10-04 08:30 - 2019-10-04 08:30 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSTheme.exe
2019-10-04 08:30 - 2019-10-04 08:30 - 000038184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PasswordOnWakeSettingFlyout.exe
2019-10-04 08:30 - 2019-10-04 08:30 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shunimpl.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 022135584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 007886848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 007698432 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 006928384 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 006058032 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 005573016 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 005299712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 004737536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 004352472 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-10-04 08:29 - 2019-10-04 08:29 - 004303872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 003978240 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 003634688 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-10-04 08:29 - 2019-10-04 08:29 - 003363640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-10-04 08:29 - 2019-10-04 08:29 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 003198976 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 003000832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 002924344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-10-04 08:29 - 2019-10-04 08:29 - 002848768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 002839040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 002706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-10-04 08:29 - 2019-10-04 08:29 - 002118656 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 001966392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-10-04 08:29 - 2019-10-04 08:29 - 001893376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 001701176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 001674752 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 001484896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 001390888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2019-10-04 08:29 - 2019-10-04 08:29 - 001319424 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 001308672 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 001294272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 001205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 001170432 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 001098056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2019-10-04 08:29 - 2019-10-04 08:29 - 001059328 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2019-10-04 08:29 - 2019-10-04 08:29 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-10-04 08:29 - 2019-10-04 08:29 - 001052984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2019-10-04 08:29 - 2019-10-04 08:29 - 001023488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 001011200 _____ (Microsoft Corporation) C:\WINDOWS\system32\refsutil.exe
2019-10-04 08:29 - 2019-10-04 08:29 - 001005056 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 000987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 000948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 000938296 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 000931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 000890368 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 000888120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pidgenx.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2019-10-04 08:29 - 2019-10-04 08:29 - 000863544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-10-04 08:29 - 2019-10-04 08:29 - 000821048 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 000801792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 000801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 000780408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 000777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 000775216 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 000773632 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 000770096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 000741688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 000690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 000644608 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 000613176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2019-10-04 08:29 - 2019-10-04 08:29 - 000608256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 000605368 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 000598328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 000588600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2019-10-04 08:29 - 2019-10-04 08:29 - 000523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 000505640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 000487936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2019-10-04 08:29 - 2019-10-04 08:29 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 000439096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-10-04 08:29 - 2019-10-04 08:29 - 000434952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-10-04 08:29 - 2019-10-04 08:29 - 000399360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Narrator.exe
2019-10-04 08:29 - 2019-10-04 08:29 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 000373248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 000341392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsta.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 000305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 000278416 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2019-10-04 08:29 - 2019-10-04 08:29 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-10-04 08:29 - 2019-10-04 08:29 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-10-04 08:29 - 2019-10-04 08:29 - 000234808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2019-10-04 08:29 - 2019-10-04 08:29 - 000226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.OneCore.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 000193704 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2019-10-04 08:29 - 2019-10-04 08:29 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2019-10-04 08:29 - 2019-10-04 08:29 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 000169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2019-10-04 08:29 - 2019-10-04 08:29 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\spopk.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 000162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.XamlHost.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 000156512 _____ (Microsoft Corporation) C:\WINDOWS\system32\devobj.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AppExecutionAlias.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_BackgroundApps.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 000138552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2019-10-04 08:29 - 2019-10-04 08:29 - 000135816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devobj.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 000131384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2019-10-04 08:29 - 2019-10-04 08:29 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupcl.exe
2019-10-04 08:29 - 2019-10-04 08:29 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvsetup.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\regapi.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 000094008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2019-10-04 08:29 - 2019-10-04 08:29 - 000093496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2019-10-04 08:29 - 2019-10-04 08:29 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-10-04 08:29 - 2019-10-04 08:29 - 000086840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys
2019-10-04 08:29 - 2019-10-04 08:29 - 000079032 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2019-10-04 08:29 - 2019-10-04 08:29 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\monitor.sys
2019-10-04 08:29 - 2019-10-04 08:29 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Synth3dVsc.sys
2019-10-04 08:29 - 2019-10-04 08:29 - 000057656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dmvsc.sys
2019-10-04 08:29 - 2019-10-04 08:29 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnppolicy.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 000052536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmstorfl.sys
2019-10-04 08:29 - 2019-10-04 08:29 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2019-10-04 08:29 - 2019-10-04 08:29 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSTheme.exe
2019-10-04 08:29 - 2019-10-04 08:29 - 000044912 _____ (Microsoft Corporation) C:\WINDOWS\system32\PasswordOnWakeSettingFlyout.exe
2019-10-04 08:29 - 2019-10-04 08:29 - 000042296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storvsc.sys
2019-10-04 08:29 - 2019-10-04 08:29 - 000042296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msfs.sys
2019-10-04 08:29 - 2019-10-04 08:29 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\shunimpl.dll
2019-10-04 08:29 - 2019-10-04 08:29 - 000018744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msisadrv.sys

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-10-14 10:14 - 2019-05-02 23:02 - 001693846 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-10-14 10:14 - 2018-09-15 19:32 - 000719454 _____ C:\WINDOWS\system32\perfh005.dat
2019-10-14 10:14 - 2018-09-15 19:32 - 000145482 _____ C:\WINDOWS\system32\perfc005.dat
2019-10-14 10:14 - 2018-09-15 09:31 - 000000000 ____D C:\WINDOWS\INF
2019-10-14 10:14 - 2018-08-11 15:10 - 000000000 ____D C:\Download
2019-10-14 10:08 - 2018-08-11 14:15 - 000000000 ___DC C:\Users\frozk\AppData\LocalLow\Mozilla
2019-10-14 10:07 - 2018-09-15 09:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-10-14 10:07 - 2018-08-10 12:12 - 000000000 __SHD C:\Users\frozk\IntelGraphicsProfiles
2019-10-14 10:06 - 2019-05-02 23:00 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-10-14 10:06 - 2018-09-15 08:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-10-14 09:54 - 2018-09-15 09:33 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-10-14 09:48 - 2019-05-02 22:56 - 000000000 ____D C:\Users\frozk
2019-10-14 09:48 - 2018-08-11 14:15 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-10-14 09:46 - 2017-09-29 15:46 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2019-10-14 09:42 - 2019-06-19 16:37 - 000000000 ___DC C:\Users\frozk\AppData\LocalLow\uTorrent
2019-10-14 09:42 - 2018-08-11 19:14 - 000000000 ___DC C:\Users\frozk\AppData\Roaming\DAEMON Tools Lite
2019-10-14 09:42 - 2018-08-11 15:12 - 000000000 ___DC C:\Users\frozk\AppData\Roaming\uTorrent
2019-10-13 19:53 - 2019-05-02 22:54 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-10-13 18:47 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-10-12 16:52 - 2018-09-15 09:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-10-11 07:43 - 2018-08-11 14:15 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-10-11 07:43 - 2018-08-11 14:15 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-10-09 22:07 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-10-09 22:07 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-10-09 22:07 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2019-10-09 22:07 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-10-09 22:07 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-10-09 22:07 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-10-09 22:07 - 2018-09-15 08:09 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-10-09 21:26 - 2018-09-15 09:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-10-09 21:26 - 2018-08-11 13:59 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-10-09 21:24 - 2018-08-11 13:59 - 127230528 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-10-09 19:05 - 2019-01-22 12:57 - 000000000 ___DC C:\Users\frozk\AppData\Local\ElevatedDiagnostics
2019-10-09 13:56 - 2019-04-04 16:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-10-05 08:16 - 2018-08-10 12:12 - 000000000 ___RD C:\Users\frozk\3D Objects
2019-10-05 08:16 - 2018-06-14 06:41 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-10-05 08:03 - 2019-05-02 22:54 - 000467160 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-10-04 23:01 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-10-04 08:31 - 2018-09-15 19:34 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2019-10-04 08:31 - 2018-09-15 19:34 - 000018002 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2019-09-30 16:18 - 2018-08-10 12:12 - 000000000 ___DC C:\Users\frozk\AppData\Local\Packages
2019-09-27 18:47 - 2018-08-11 15:22 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd

==================== Files in the root of some directories ================

2019-10-14 09:49 - 2019-10-14 09:56 - 000000004 _____ () C:\ProgramData\lock.dat
2019-10-14 09:49 - 2019-10-14 09:49 - 000000008 _____ () C:\ProgramData\ts.dat
2019-04-11 00:08 - 2019-04-11 00:08 - 000000132 ____C () C:\Users\frozk\AppData\Roaming\PureRef.ini
2018-12-12 12:25 - 2018-12-12 12:25 - 000007600 ____C () C:\Users\frozk\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================