Prosim o kontrolu logu.
Komp je mozno len plny alebo pomalsie nacitava kvoli niecomu inemu.
Dik.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:30-04-2016
Ran by bublinka (administrator) on PRISERKA (23-05-2019 23:37:52)
Running from C:\Users\bublinka\Desktop
Loaded Profiles: bublinka (Available Profiles: bublinka)
Platform: Windows 10 Home Version 1803 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
Failed to access process -> Registry
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
Failed to access process -> Memory Compression
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Windows\System32\SecurityHealthService.exe
(Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe
(McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper.exe
(McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.Service.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McTkSchedulerService.exe
(CloudBees, Inc.) C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe
(Rivet Networks LLC) C:\Program Files\Rivet Networks\SmartByte\RNDBWM.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1542\DSAPI.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1542\pcdrwi.exe
() C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Microsoft Corporation) C:\Windows\System32\SgrmBroker.exe
(DELL) C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe
(Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\eguiProxy.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\SDXHelper.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11425.20190.0_x64__8wekyb3d8bbwe\HxTsr.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19031.17720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17134.580_none_ead976921d8220dc\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760 2015-12-16] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-12-16] (Realtek Semiconductor)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3775816 2014-02-27] (Dell Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\ecmdS.exe [177928 2019-05-23] (ESET)
HKLM-x32\...\Run: [DropboxOEM] => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [462160 2014-09-02] ()
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452272 2012-08-31] (CANON INC.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-242124988-2545093545-445695849-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19645800 2019-02-09] (Piriform Software Ltd)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" "C:\Program Files\McAfee\TrueKey\McAfeeTrueKeyPasswordFilter"
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\WINDOWS\system32\mscoree.dll [2018-04-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\WINDOWS\system32\mscoree.dll [2018-04-12] (Microsoft Corporation)
Startup: C:\Users\bublinka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LibreOffice 4.4.lnk [2015-07-28]
ShortcutTarget: LibreOffice 4.4.lnk -> C:\Program Files (x86)\LibreOffice 4\program\quickstart.exe ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{cd794d0d-69ce-4331-904a-620bfdcb01a5}: [DhcpNameServer] 172.9.1.171
Tcpip\..\Interfaces\{ea9e03d6-90a3-4096-a6fe-177ca5b373b5}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{eca5f92e-6ae5-4ac4-b98c-637f2c554e0b}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{eca5f92e-6ae5-4ac4-b98c-637f2c554e0b}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-242124988-2545093545-445695849-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE13&ocid=UE13DHP
HKU\S-1-5-21-242124988-2545093545-445695849-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
HKU\S-1-5-21-242124988-2545093545-445695849-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?pc=UE13&ocid=UE13DHP
SearchScopes: HKU\S-1-5-21-242124988-2545093545-445695849-1001 -> {8E786F18-A6D8-419F-B12D-3ECF7830B782} URL =
SearchScopes: HKU\S-1-5-21-242124988-2545093545-445695849-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={2DCFE42B-A4EC-47E9-A1BB-FE598A228BE8}&mid=091774608c0447cca1d83f00549b449e-95b5b4cb40459f43a5c44c477930b39a85b5f1df&lang=sk&ds=AVG&coid=avgtbavg&cmpid=0616avz&pr=fr&d=2015-12-05 23:40:02&v=4.3.5.160&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll [2018-04-23] (Intel Security)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-05-23] (Microsoft Corporation)
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll [2018-04-23] (Intel Security)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-03-15] (Microsoft Corporation)
Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll [2018-04-23] (Intel Security)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll [2018-04-23] (Intel Security)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-05-23] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-05-23] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-05-23] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-05-23] (Microsoft Corporation)
FireFox:
========
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-03-15] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-03-15] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-23] (Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-23] (Google LLC)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\bublinka\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\bublinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-05-13]
CHR Extension: (IE Tab) - C:\Users\bublinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2019-05-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\bublinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-06]
CHR Extension: (Chrome Media Router) - C:\Users\bublinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-26]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-04-28] (Adobe)
S3 BcastDVRUserService; C:\Windows\System32\BcastDVRUserService.dll [1364992 2019-03-06] (Microsoft Corporation)
S3 BcastDVRUserService_45c2b; C:\WINDOWS\system32\svchost.exe [85472 2019-01-09] (Microsoft Corporation)
S3 BcastDVRUserService_45c2b; C:\WINDOWS\SysWOW64\svchost.exe [71456 2019-01-09] (Microsoft Corporation)
S3 BluetoothUserService; C:\Windows\System32\Microsoft.Bluetooth.UserService.dll [464384 2018-04-12] (Microsoft Corporation)
S3 BluetoothUserService_45c2b; C:\WINDOWS\system32\svchost.exe [85472 2019-01-09] (Microsoft Corporation)
S3 BluetoothUserService_45c2b; C:\WINDOWS\SysWOW64\svchost.exe [71456 2019-01-09] (Microsoft Corporation)
R3 BTAGService; C:\Windows\System32\BTAGService.dll [514048 2018-11-09] (Microsoft Corporation)
R3 BthAvctpSvc; C:\Windows\System32\BthAvctpSvc.dll [399872 2018-11-09] (Microsoft Corporation)
R3 camsvc; C:\Windows\system32\CapabilityAccessManager.dll [266752 2019-01-09] (Microsoft Corporation)
S2 CDPUserSvc; C:\Windows\System32\CDPUserSvc.dll [453632 2018-10-21] (Microsoft Corporation)
R2 CDPUserSvc_45c2b; C:\WINDOWS\system32\svchost.exe [85472 2019-01-09] (Microsoft Corporation)
R2 CDPUserSvc_45c2b; C:\WINDOWS\SysWOW64\svchost.exe [71456 2019-01-09] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11135560 2019-05-20] (Microsoft Corporation)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [209392 2019-02-28] (Dell Inc.)
S2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3363824 2019-02-28] (Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [218096 2019-02-28] (Dell Inc.)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2016-12-21] (Dell Inc.)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1542\DSAPI.exe [1038144 2019-05-13] (PC-Doctor, Inc.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [35976 2018-11-12] ()
S3 DellProdRegManager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [278568 2014-10-31] (Aviata, Inc.)
S3 DevicePickerUserSvc; C:\Windows\System32\Windows.Devices.Picker.dll [400896 2018-04-12] (Microsoft Corporation)
S3 DevicePickerUserSvc; C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll [312832 2018-04-12] (Microsoft Corporation)
S3 DevicePickerUserSvc_45c2b; C:\WINDOWS\system32\svchost.exe [85472 2019-01-09] (Microsoft Corporation)
S3 DevicePickerUserSvc_45c2b; C:\WINDOWS\SysWOW64\svchost.exe [71456 2019-01-09] (Microsoft Corporation)
S3 DevicesFlowUserSvc; C:\Windows\System32\DevicesFlowBroker.dll [750080 2018-04-12] (Microsoft Corporation)
S3 DevicesFlowUserSvc_45c2b; C:\WINDOWS\system32\svchost.exe [85472 2019-01-09] (Microsoft Corporation)
S3 DevicesFlowUserSvc_45c2b; C:\WINDOWS\SysWOW64\svchost.exe [71456 2019-01-09] (Microsoft Corporation)
S3 diagsvc; C:\Windows\system32\DiagSvc.dll [219648 2018-04-12] (Microsoft Corporation)
R2 DusmSvc; C:\Windows\System32\dusmsvc.dll [356352 2018-12-08] (Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2359312 2019-05-23] (ESET)
S3 FrameServer; C:\Windows\system32\FrameServer.dll [673792 2018-06-08] (Microsoft Corporation)
S3 GoogleChromeElevationService; C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\elevation_service.exe [1268720 2019-04-04] (Google Inc.)
S3 GraphicsPerfSvc; C:\Windows\System32\GraphicsPerfSvc.dll [90624 2018-04-12] (Microsoft Corporation)
S3 HvHost; C:\Windows\System32\hvhostsvc.dll [61736 2018-08-03] (Microsoft Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation)
R3 InstallService; C:\Windows\system32\InstallService.dll [1487360 2018-11-09] (Microsoft Corporation)
R3 InstallService; C:\WINDOWS\SysWOW64\InstallService.dll [1110528 2018-11-09] (Microsoft Corporation)
S3 IpxlatCfgSvc; C:\Windows\System32\IpxlatCfg.dll [63488 2018-04-12] (Microsoft Corporation)
S3 LxpSvc; C:\Windows\System32\LanguageOverlayServer.dll [199680 2018-04-12] (Microsoft Corporation)
S3 NaturalAuthentication; C:\Windows\System32\NaturalAuth.dll [824832 2018-04-12] (Microsoft Corporation)
S3 PrintWorkflowUserSvc; C:\Windows\System32\PrintWorkflowService.dll [170496 2018-04-12] (Microsoft Corporation)
S3 PrintWorkflowUserSvc; C:\WINDOWS\SysWOW64\PrintWorkflowService.dll [138240 2018-04-12] (Microsoft Corporation)
S3 PrintWorkflowUserSvc_45c2b; C:\WINDOWS\system32\svchost.exe [85472 2019-01-09] (Microsoft Corporation)
S3 PrintWorkflowUserSvc_45c2b; C:\WINDOWS\SysWOW64\svchost.exe [71456 2019-01-09] (Microsoft Corporation)
S3 PushToInstall; C:\Windows\system32\PushToInstall.dll [262144 2018-07-14] (Microsoft Corporation)
S3 RmSvc; C:\Windows\System32\RMapi.dll [153600 2018-12-08] (Microsoft Corporation)
R2 RNDBWM; C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe [64184 2018-03-20] (CloudBees, Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312056 2015-12-16] (Realtek Semiconductor)
R2 SecurityHealthService; C:\Windows\system32\SecurityHealthService.exe [760888 2018-07-14] (Microsoft Corporation)
R2 sedsvc; C:\Program Files\rempl\sedsvc.exe [362296 2019-05-11] (Microsoft Corporation)
R3 SEMgrSvc; C:\Windows\system32\SEMgrSvc.dll [1248768 2018-04-12] (Microsoft Corporation)
R2 SgrmBroker; C:\Windows\system32\SgrmBroker.exe [163336 2018-04-12] (Microsoft Corporation)
S3 SharedRealitySvc; C:\Windows\System32\SharedRealitySvc.dll [713216 2018-08-28] (Microsoft Corporation)
S4 shpamsvc; C:\Windows\system32\Windows.SharedPC.AccountManager.dll [195584 2018-04-12] (Microsoft Corporation)
R2 SmartByte Network Service x64; C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe [2011848 2018-03-20] (Rivet Networks)
S3 spectrum; C:\Windows\system32\spectrum.exe [976384 2018-06-08] (Microsoft Corporation)
S4 ssh-agent; C:\Windows\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39896 2019-04-10] (Dell Inc.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [265784 2017-12-19] (Synaptics Incorporated)
R3 TimeBrokerSvc; C:\Windows\System32\TimeBrokerServer.dll [176128 2018-04-12] (Microsoft Corporation)
R3 TokenBroker; C:\Windows\System32\TokenBroker.dll [1395200 2019-01-09] (Microsoft Corporation)
R3 TokenBroker; C:\WINDOWS\SysWOW64\TokenBroker.dll [1000448 2019-01-09] (Microsoft Corporation)
R2 TrueKey; C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.Service.exe [421432 2019-03-09] (McAfee, LLC.)
R2 TrueKeyScheduler; C:\Program Files\McAfee\TrueKey\McTkSchedulerService.exe [421432 2019-03-09] (McAfee, LLC.)
R2 TrueKeyServiceHelper; C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper.exe [194168 2019-03-09] (McAfee, LLC.)
S4 tzautoupdate; C:\WINDOWS\SysWOW64\tzautoupdate.dll [72192 2018-04-12] (Microsoft Corporation)
S3 VacSvc; C:\Windows\System32\vac.dll [411256 2018-04-12] (Microsoft Corporation)
S3 vmicrdv; C:\Windows\System32\icsvcext.dll [309760 2018-04-12] (Microsoft Corporation)
S3 vmicvss; C:\Windows\System32\icsvcext.dll [309760 2018-04-12] (Microsoft Corporation)
S3 WaaSMedicSvc; C:\Windows\System32\WaaSMedicSvc.dll [392704 2019-01-09] (Microsoft Corporation)
S3 WarpJITSvc; C:\Windows\System32\Windows.WARP.JITService.dll [31744 2018-04-12] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4403496 2019-01-09] (Microsoft Corporation)
S3 WFDSConMgrSvc; C:\Windows\System32\wfdsconmgrsvc.dll [681984 2018-07-14] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107160 2019-02-16] (Microsoft Corporation)
S3 wisvc; C:\Windows\system32\flightsettings.dll [858112 2018-06-08] (Microsoft Corporation)
S3 wisvc; C:\WINDOWS\SysWOW64\flightsettings.dll [729088 2018-06-08] (Microsoft Corporation)
S3 wlpasvc; C:\Windows\System32\lpasvc.dll [1364992 2019-02-16] (Microsoft Corporation)
S3 WpcMonSvc; C:\Windows\System32\WpcDesktopMonSvc.dll [1456640 2018-06-04] (Microsoft Corporation)
S2 WpnUserService; C:\Windows\System32\WpnUserService.dll [96768 2018-04-12] (Microsoft Corporation)
R2 WpnUserService_45c2b; C:\WINDOWS\system32\svchost.exe [85472 2019-01-09] (Microsoft Corporation)
R2 WpnUserService_45c2b; C:\WINDOWS\SysWOW64\svchost.exe [71456 2019-01-09] (Microsoft Corporation)
S3 xbgm; C:\Windows\system32\xbgmsvc.exe [59512 2018-04-12] (Microsoft Corporation)
S3 XboxGipSvc; C:\Windows\System32\XboxGipSvc.dll [58880 2018-04-12] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AcpiDev; C:\Windows\System32\drivers\AcpiDev.sys [20480 2018-04-12] (Microsoft Corporation)
R1 afunix; C:\Windows\system32\drivers\afunix.sys [39424 2018-04-12] (Microsoft Corporation)
S3 applockerfltr; C:\Windows\System32\drivers\applockerfltr.sys [18432 2018-04-12] (Microsoft Corporation)
S0 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [533912 2018-04-12] (QLogic Corporation)
R1 bam; C:\Windows\System32\drivers\bam.sys [60320 2018-04-12] (Microsoft Corporation)
S3 bindflt; C:\Windows\system32\drivers\bindflt.sys [92704 2019-01-09] (Microsoft Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [86528 2018-04-12] (Microsoft Corporation)
S0 bttflt; C:\Windows\System32\drivers\bttflt.sys [38304 2018-04-12] (Microsoft Corporation)
R3 CAD; C:\Windows\System32\drivers\CAD.sys [60320 2018-04-12] (Microsoft Corporation)
S0 cht4iscsi; C:\Windows\System32\drivers\cht4sx64.sys [321432 2018-04-12] (Chelsio Communications)
S3 cht4vbd; C:\Windows\System32\drivers\cht4vx64.sys [1836952 2018-04-12] (Chelsio Communications)
R2 CldFlt; C:\Windows\System32\drivers\cldflt.sys [414720 2018-07-14] (Microsoft Corporation)
R4 DBUtil_2_3; C:\WINDOWS\TEMP\DBUtil_2_3.Sys [14840 2019-05-23] ()
R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [40824 2019-02-27] (Dell Inc.)
S3 DellProf; C:\Windows\system32\drivers\DellProf.sys [41208 2018-05-08] (Dell Computer Corporation)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [145600 2019-04-02] (ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15800 2019-05-23] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [188240 2019-04-02] (ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [110000 2019-04-02] (ESET)
S4 hvcrash; C:\Windows\System32\drivers\hvcrash.sys [33184 2018-04-12] (Microsoft Corporation)
S3 hvservice; C:\Windows\System32\drivers\hvservice.sys [76088 2019-03-06] (Microsoft Corporation)
S3 HwNClx0101; C:\Windows\System32\Drivers\mshwnclx.sys [27136 2018-04-12] (Microsoft Corporation)
S3 iagpio; C:\Windows\System32\drivers\iagpio.sys [36864 2018-04-12] (Intel(R) Corporation)
R3 iaioi2c; C:\Windows\System32\drivers\iaioi2ce.sys [67584 2013-11-11] (Intel Corporation)
S3 iaLPSS2i_GPIO2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [79360 2018-04-12] (Intel Corporation)
S3 iaLPSS2i_GPIO2_BXT_P; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [88576 2018-04-12] (Intel Corporation)
S3 iaLPSS2i_I2C_BXT_P; C:\Windows\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [174592 2018-04-12] (Intel Corporation)
S0 iaStorAVC; C:\Windows\System32\drivers\iaStorAVC.sys [885144 2018-04-12] (Intel Corporation)
S3 IndirectKmd; C:\Windows\System32\drivers\IndirectKmd.sys [38912 2018-04-12] (Microsoft Corporation)
R0 iorate; C:\Windows\System32\drivers\iorate.sys [58168 2018-12-08] (Microsoft Corporation)
S3 IPT; C:\Windows\System32\drivers\ipt.sys [32256 2018-04-12] (Microsoft Corporation)
S0 ItSas35i; C:\Windows\System32\drivers\ItSas35i.sys [145816 2018-04-12] (Avago Technologies)
S3 mausbhost; C:\Windows\System32\drivers\mausbhost.sys [505240 2018-04-12] (Microsoft Corporation)
S3 mausbip; C:\Windows\System32\drivers\mausbip.sys [56736 2018-04-12] (Microsoft Corporation)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [274416 2019-04-09] (Malwarebytes)
S0 megasas2i; C:\Windows\System32\drivers\MegaSas2i.sys [75160 2018-04-12] (Avago Technologies)
S0 megasas35i; C:\Windows\System32\drivers\megasas35i.sys [82328 2018-04-12] (Avago Technologies)
R3 Microsoft_Bluetooth_AvrcpTransport; C:\Windows\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [46592 2018-04-12] (Microsoft Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [175104 2018-04-12] (Microsoft Corporation)
S3 nvdimm; C:\Windows\System32\drivers\nvdimm.sys [104448 2018-04-12] (Microsoft Corporation)
S0 percsas2i; C:\Windows\System32\drivers\percsas2i.sys [58776 2018-04-12] (Avago Technologies)
S3 pmem; C:\Windows\System32\drivers\pmem.sys [105984 2018-04-12] (Microsoft Corporation)
S0 Ramdisk; C:\Windows\System32\DRIVERS\ramdisk.sys [39840 2018-04-12] (Microsoft Corporation)
S3 rhproxy; C:\Windows\System32\drivers\rhproxy.sys [104448 2018-04-12] (Microsoft Corporation)
S3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [410848 2015-08-13] (Realsil Semiconductor Corporation)
S0 scmbus; C:\Windows\System32\drivers\scmbus.sys [128920 2018-08-03] (Microsoft Corporation)
S3 SDFRd; C:\Windows\System32\drivers\SDFRd.sys [33176 2018-04-12] (Microsoft Corporation)
R0 SgrmAgent; C:\Windows\System32\drivers\SgrmAgent.sys [63896 2018-04-12] (Microsoft Corporation)
R2 SmbCoSvc; C:\Windows\system32\DRIVERS\SmbCo10X64.sys [119528 2018-03-20] (Rivet Networks, LLC.)
S3 SpatialGraphFilter; C:\Windows\System32\drivers\SpatialGraphFilter.sys [57752 2018-04-12] (Microsoft Corporation)
R3 ST_Accel; C:\Windows\system32\DRIVERS\ST_Accel.sys [83968 2013-11-21] (STMicroelectronics)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [66104 2017-12-19] (Synaptics Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-16] (Intel Corporation)
S3 UcmTcpciCx0101; C:\Windows\System32\Drivers\UcmTcpciCx.sys [152576 2018-04-12] (Microsoft Corporation)
R3 VirtualButtons; C:\Windows\System32\drivers\VirtualButtons.sys [41992 2017-03-31] (Intel Corporation)
S3 vmgid; C:\Windows\System32\drivers\vmgid.sys [10240 2018-08-03] (Microsoft Corporation)
R0 volume; C:\Windows\System32\drivers\volume.sys [16288 2018-04-12] (Microsoft Corporation)
R2 wcifs; C:\Windows\system32\drivers\wcifs.sys [151960 2018-04-12] (Microsoft Corporation)
S3 wcnfs; C:\Windows\system32\drivers\wcnfs.sys [83456 2018-12-08] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation)
S3 WdmCompanionFilter; C:\Windows\System32\drivers\WdmCompanionFilter.sys [21408 2018-04-12] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation)
S3 WinNat; C:\Windows\System32\drivers\winnat.sys [228864 2018-10-21] (Microsoft Corporation)
S3 PCDSRVC{B13A77D3-1EFB46EC-06020300}_0; \??\c:\program files\dell\supportassistagent\pcdr\supportassist\6.0.6992.1466\pcdsrvc_x64.pkms [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
NETSVC: InstallService -> C:\Windows\system32\InstallService.dll (Microsoft Corporation)
NETSVC: LxpSvc -> C:\Windows\System32\LanguageOverlayServer.dll (Microsoft Corporation)
NETSVC: shpamsvc -> C:\Windows\system32\Windows.SharedPC.AccountManager.dll (Microsoft Corporation)
NETSVC: PushToInstall -> C:\Windows\system32\PushToInstall.dll (Microsoft Corporation)
NETSVC: NaturalAuthentication -> C:\Windows\System32\NaturalAuth.dll (Microsoft Corporation)
NETSVC: XboxGipSvc -> C:\Windows\System32\XboxGipSvc.dll (Microsoft Corporation)
NETSVC: TokenBroker -> C:\Windows\System32\TokenBroker.dll (Microsoft Corporation)
NETSVC: wisvc -> C:\Windows\system32\flightsettings.dll (Microsoft Corporation)
NETSVC: WpnService -> C:\Windows\system32\WpnService.dll (Microsoft Corporation)
NETSVCx32: TokenBroker -> C:\Windows\SysWOW64\TokenBroker.dll (Microsoft Corporation)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-05-23 23:37 - 2019-05-23 23:42 - 00029038 _____ C:\Users\bublinka\Desktop\FRST.txt
2019-05-23 23:22 - 2019-05-23 23:22 - 00000000 _____ C:\WINDOWS\invcol.tmp
2019-05-23 23:09 - 2019-05-23 23:10 - 00038560 _____ C:\Users\bublinka\Documents\cc_20190523_230954.reg
2019-05-23 22:11 - 2019-05-23 22:11 - 00002565 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-05-23 22:11 - 2019-05-23 22:11 - 00002537 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project.lnk
2019-05-23 22:11 - 2019-05-23 22:11 - 00002526 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2019-05-23 22:11 - 2019-05-23 22:11 - 00002507 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visio.lnk
2019-05-23 22:11 - 2019-05-23 22:11 - 00002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-05-23 22:11 - 2019-05-23 22:11 - 00002486 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-05-23 22:11 - 2019-05-23 22:11 - 00002482 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-05-23 22:11 - 2019-05-23 22:11 - 00002477 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-05-23 22:11 - 2019-05-23 22:11 - 00002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-05-23 22:11 - 2019-05-23 22:11 - 00002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-05-23 22:11 - 2019-05-23 22:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje balíka Microsoft Office
2019-05-23 22:11 - 2019-05-23 22:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje balíka Microsoft Office
2019-05-23 21:52 - 2019-05-23 22:07 - 00033134 _____ C:\Users\bublinka\Downloads\Addition.txt
2019-05-23 21:38 - 2019-05-23 22:17 - 00036480 _____ C:\Users\bublinka\Downloads\FRST.txt
2019-05-23 21:36 - 2019-05-23 21:36 - 02435072 _____ (Farbar) C:\Users\bublinka\Downloads\FRST64.exe
2019-05-23 20:32 - 2019-05-23 20:36 - 00000000 ____D C:\Users\bublinka\Downloads\Lucinka
2019-05-23 20:23 - 2019-05-23 20:23 - 00020978 _____ C:\Users\bublinka\Downloads\[CzT]Lucinka_Pusinka_Logopedia_2015_SK_1080pHD_ (2).torrent
2019-05-23 18:55 - 2019-05-23 18:56 - 21116984 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2019-04-28 00:12 - 2019-05-23 23:17 - 00000000 ____D C:\ProgramData\McInstTemp0117051556403166
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-05-23 23:37 - 2016-05-01 11:43 - 00000000 ____D C:\FRST
2019-05-23 23:36 - 2018-04-12 01:38 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-05-23 23:31 - 2018-04-12 01:38 - 00000000 ___HD C:\Program Files\WindowsApps
2019-05-23 23:31 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\AppReadiness
2019-05-23 23:25 - 2018-04-12 01:30 - 00000000 ____D C:\WINDOWS\CbsTemp
2019-05-23 23:24 - 2018-11-17 20:06 - 00000000 ____D C:\Program Files\rempl
2019-05-23 23:23 - 2018-06-04 18:54 - 01689050 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-05-23 23:23 - 2018-04-12 17:50 - 00705940 _____ C:\WINDOWS\system32\perfh005.dat
2019-05-23 23:23 - 2018-04-12 17:50 - 00144404 _____ C:\WINDOWS\system32\perfc005.dat
2019-05-23 23:23 - 2018-04-12 01:36 - 00000000 ____D C:\WINDOWS\INF
2019-05-23 23:21 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\Registration
2019-05-23 23:18 - 2015-08-27 00:32 - 00000000 __SHD C:\Users\bublinka\IntelGraphicsProfiles
2019-05-23 23:17 - 2018-06-04 18:31 - 00485200 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-05-23 23:17 - 2016-11-08 13:33 - 00000000 ____D C:\Program Files (x86)\McAfee
2019-05-23 23:16 - 2018-06-04 19:11 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-05-23 23:15 - 2018-04-11 23:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2019-05-23 23:13 - 2018-06-04 18:40 - 00000000 ____D C:\Users\bublinka
2019-05-23 23:07 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2019-05-23 23:03 - 2016-05-03 16:41 - 00000000 ____D C:\Users\bublinka\AppData\Roaming\uTorrent
2019-05-23 22:37 - 2014-11-01 19:42 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2019-05-23 22:24 - 2018-04-12 01:38 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2019-05-23 22:07 - 2018-06-04 19:11 - 00003710 _____ C:\WINDOWS\System32\Tasks\McAfee Remediation (Prepare)
2019-05-23 21:30 - 2018-06-04 18:31 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2019-05-23 20:59 - 2017-12-18 04:43 - 00000000 ____D C:\Users\bublinka\AppData\Local\Packages
2019-05-23 20:20 - 2016-04-14 15:09 - 00015800 _____ (ESET) C:\WINDOWS\system32\Drivers\eelam.sys
2019-05-23 19:00 - 2014-11-01 19:41 - 00000000 ____D C:\ProgramData\PCDr
2019-05-23 18:59 - 2018-06-04 19:11 - 00003456 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-05-23 18:59 - 2018-06-04 19:11 - 00003332 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-05-23 18:56 - 2018-06-04 19:11 - 00004610 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-05-23 18:56 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-05-23 18:55 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\system32\Macromed
2019-05-13 15:24 - 2014-11-01 19:41 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2019-05-13 15:19 - 2017-07-10 15:06 - 00000000 ____D C:\ProgramData\SupportAssist
2019-05-13 15:11 - 2017-04-25 13:34 - 00001181 _____ C:\Users\Public\Desktop\True Key.lnk
2019-05-13 15:11 - 2016-11-08 13:36 - 00001195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk
2019-04-28 00:12 - 2018-06-04 19:11 - 00004470 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
==================== Files in the root of some directories =======
2017-06-02 00:36 - 2017-06-02 00:36 - 0000000 _____ () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-06-04 18:31
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:30-04-2016
Ran by bublinka (2019-05-23 23:43:37)
Running from C:\Users\bublinka\Desktop
Windows 10 Home Version 1803 (X64) (2018-06-04 17:12:37)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-242124988-2545093545-445695849-500 - Administrator - Disabled)
bublinka (S-1-5-21-242124988-2545093545-445695849-1001 - Administrator - Enabled) => C:\Users\bublinka
DefaultAccount (S-1-5-21-242124988-2545093545-445695849-503 - Limited - Disabled)
Guest (S-1-5-21-242124988-2545093545-445695849-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-242124988-2545093545-445695849-1003 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-242124988-2545093545-445695849-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.192 - Adobe)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.2.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MX450 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX450_series) (Version: 1.00 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.44 - Piriform)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.7.5.60 - Dell Inc.)
Dell Customer Connect (HKLM-x32\...\{4FA72FF9-DD64-43A8-8704-6380A11F11D5}) (Version: 1.4.15.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{693A23FB-F28B-4F7A-A720-4C1263F97F43}) (Version: 3.1.1002.0 - Dell Products, LP)
Dell Product Registration (HKLM-x32\...\{24F2AD94-CC1B-4294-B184-D4D31A3186A7}) (Version: 2.42.0012 - Aviata Inc.)
Dell SupportAssist (HKLM\...\{0309AC01-330F-494C-B27D-58E297E4674F}) (Version: 3.2.1.94 - Dell Inc.)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 19.2.17.64 - Synaptics Incorporated)
Dell Update (HKLM-x32\...\{5EBBC1DA-975F-44A0-B438-F325BCD45577}) (Version: 3.0.1 - Dell Inc.)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
Dropbox 20 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 0.9.0 - Dropbox, Inc.)
ESET Security (HKLM\...\{3EB22EED-2263-4174-9F36-09BD15A7AEF8}) (Version: 12.1.34.0 - ESET, spol. s r.o.)
Fotor 3.0.0 (HKLM-x32\...\Fotor) (Version: 3.0.0 - Everimaging Co., Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.103 - Spoločnosť Google Inc.)
Google Update Helper (x32 Version: 1.3.34.11 - Google LLC) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
jwDuplFiles 2.0 (HKLM-x32\...\jwDuplFiles_is1) (Version: - jw)
LibreOffice 4.4.4.3 (HKLM-x32\...\{5B6D82BB-CC1A-431E-8991-3E57855F99C5}) (Version: 4.4.4.3 - The Document Foundation)
McAfee True Key (HKLM\...\TrueKey) (Version: 5.3.138.1 - McAfee, LLC)
Microsoft Office 2016 Professional Plus - sk-sk (HKLM\...\ProplusRetail - sk-sk) (Version: 16.0.11629.20164 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-242124988-2545093545-445695849-1001\...\OneDriveSetup.exe) (Version: 19.033.0218.0006 - Microsoft Corporation)
Microsoft Project Professional 2016 - en-us (HKLM\...\ProjectProRetail - en-us) (Version: 16.0.11629.20164 - Microsoft Corporation)
Microsoft Project Professional 2016 - sk-sk (HKLM\...\ProjectProRetail - sk-sk) (Version: 16.0.11629.20164 - Microsoft Corporation)
Microsoft Visio Professional 2016 - en-us (HKLM\...\VisioProRetail - en-us) (Version: 16.0.11629.20164 - Microsoft Corporation)
Microsoft Visio Professional 2016 - sk-sk (HKLM\...\VisioProRetail - sk-sk) (Version: 16.0.11629.20164 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
MPC-HC 1.7.10 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.10 - MPC-HC Team)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.11629.20164 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.11629.20164 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.11629.20164 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.11629.20164 - Microsoft Corporation) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.21 - Dell Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7544 - Realtek Semiconductor Corp.)
Skype™ 7.36 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.36.101 - Skype Technologies S.A.)
SmartByte Drivers and Services (HKLM\...\{EC62F71A-6CFA-4918-9EBC-99BFF86DB3C9}) (Version: 1.2.600 - Meno vašej spoločnosti)
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.11.0052 - ST Microelectronics)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C3ACFCEA-240F-4DCC-A0C3-DD55FEE6C3C2}) (Version: 2.58.0.0 - Microsoft Corporation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.3 - VideoLAN)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-242124988-2545093545-445695849-1001_Classes\CLSID\{021E4F06-9DCC-49AD-88CF-ECC2DA314C8A}\localserver32 -> C:\Users\bublinka\AppData\Local\Microsoft\OneDrive\19.033.0218.0006\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-242124988-2545093545-445695849-1001_Classes\CLSID\{389510b7-9e58-40d7-98bf-60b911cb0ea9}\localserver32 -> C:\Users\bublinka\AppData\Local\Microsoft\OneDrive\19.033.0218.0006\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-242124988-2545093545-445695849-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\bublinka\AppData\Local\Microsoft\OneDrive\19.033.0218.0006\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-242124988-2545093545-445695849-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-242124988-2545093545-445695849-1001_Classes\CLSID\{94269C4E-071A-4116-90E6-52E557067E4E}\localserver32 -> C:\Users\bublinka\AppData\Local\Microsoft\OneDrive\19.033.0218.0006\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-242124988-2545093545-445695849-1001_Classes\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}\localserver32 -> C:\Users\bublinka\AppData\Local\Microsoft\OneDrive\19.033.0218.0006\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-242124988-2545093545-445695849-1001_Classes\CLSID\{A926714B-7BFC-4D08-A035-80021395FFA8}\localserver32 -> C:\Users\bublinka\AppData\Local\Microsoft\OneDrive\19.033.0218.0006\FileCoAuth.exe (Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {01B66E1D-A38C-4E34-AD5B-CEA2B97F3723} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {01EC02E2-C2FA-428D-86BC-9D2ED37C0E19} - System32\Tasks\{99D82FB3-2385-4717-B8F4-9088690B7994} => Chrome.exe hxxps://ui.skype.com/ui/0/7.40.0.104/sk/go/help.faq.installer?LastError=1603
Task: {042D8A51-5878-4000-9C10-C04AFF122A1F} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleCommand
Task: {04B3E894-DE5B-4C4A-9AA7-CA8F7CE43583} - System32\Tasks\Microsoft\Windows\Management\Provisioning\Cellular => C:\Windows\system32\ProvTool.exe [2018-04-12] (Microsoft Corporation)
Task: {05E14797-9C69-4044-9D9F-FD9E85FCB31D} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-04-28] (Adobe)
Task: {09928EDD-8282-4D2A-8DD3-8FF4A7F31EB4} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_192_pepper.exe [2019-05-23] (Adobe)
Task: {0A02C7EF-953D-4375-8695-251FA52A6C70} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2019-05-20] (Microsoft Corporation)
Task: {0A7AA876-862F-4F81-AA4B-B73950FA632C} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndScanForUpdates
Task: {15F6E1FB-C795-48D3-B776-BF3ACB72A272} - System32\Tasks\Microsoft\Windows\SMB\UninstallSMB1ClientTask => powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& %windir%\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Client"
Task: {1A6B572B-305A-4E8E-89DC-2AB68F501B7B} - System32\Tasks\{A5C32C1C-4276-496E-814E-C24EC7884B4E} => pcalua.exe -a "C:\Program Files\McAfee Security Scan\uninstall.exe"
Task: {1BE936D4-EE40-4F04-84E0-18FFD27C0A6A} - System32\Tasks\Microsoft\Windows\Chkdsk\SyspartRepair => C:\Windows\system32\bcdboot.exe [2018-04-12] (Microsoft Corporation)
Task: {1D50DE34-EC88-4E20-BEFC-D39477A96CEA} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon => C:\Windows\System32\XblGameSaveTask.exe [2018-04-12] (Microsoft Corporation)
Task: {1F8E7195-E1DF-4F2F-8CE4-CB57EFDC7422} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2019-02-09] (Piriform Software Ltd)
Task: {2231CAFE-FABE-41F5-A0B3-842D9319DBF9} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierinstall => C:\Windows\system32\AppHostRegistrationVerifier.exe [2018-06-04] (Microsoft Corporation)
Task: {2631B695-B48B-4E0C-AECF-4D936E22D671} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [2019-04-10] (Dell Inc.)
Task: {28F8D7DF-EB44-4C61-A20B-AF2BEF0BBF3E} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2019-05-23] (Microsoft Corporation)
Task: {294EF281-56B6-4F71-8115-BAC2919EF034} - System32\Tasks\Microsoft\Windows\EDP\EDP App Launch Task
Task: {29F3A47A-C0DC-48D8-ACAF-89413EE0731D} - System32\Tasks\Microsoft\Windows\UNP\RunUpdateNotificationMgr => C:\Windows\System32\UNP\UpdateNotificationMgr.exe [2019-02-16] (Microsoft Corporation)
Task: {2B8C98EC-1B42-437C-A517-1A31A71F1789} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2019-05-23] (Microsoft Corporation)
Task: {2BB692C1-F60F-479E-ADC2-1CAF9422A2AC} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitorToastTask
Task: {2DBD790D-172A-4CFA-B3F7-824D7509680F} - System32\Tasks\Microsoft\Windows\PushToInstall\Registration => Sc.exe start pushtoinstall registration
Task: {2E2F9ADD-000F-4459-B074-DB62A7324E8D} - System32\Tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition => C:\Windows\system32\ClipRenew.exe [2018-04-12] (Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe
Task: {3BD6E422-FB19-48CD-A568-7E535F85B9E8} - System32\Tasks\Dell\Dell Product Registration Update => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [2014-10-31] (Aviata Inc)
Task: {430852CB-A87C-492E-A659-075C7BF1710C} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndContinueUpdates
Task: {457E0773-263C-44AF-A601-CE88231F03F6} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {51D31EBF-545E-411D-A21A-CB34004CC384} - System32\Tasks\Microsoft\Windows\ExploitGuard\ExploitGuard MDM policy Refresh
Task: {541BA5BF-1736-4A3E-B1E5-CE1C9EE13043} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdates
Task: {577C3956-E492-42A5-AEFB-FDC54A537C64} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePolicyChange
Task: {57A7E0DF-F70E-43B1-AA2C-5BA67DBBE753} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefreshTask
Task: {582FC1AC-F302-46B4-A283-5462926E5AB5} - System32\Tasks\Microsoft\Windows\Subscription\LicenseAcquisition => C:\Windows\system32\ClipRenew.exe [2018-04-12] (Microsoft Corporation)
Task: {5DB4FD20-4FF2-4C58-9801-ADD6F0149633} - System32\Tasks\Microsoft\Windows\EDP\EDP Inaccessible Credentials Task
Task: {62331915-A3E9-4B6E-9686-86034377E8CF} - System32\Tasks\Microsoft\Windows\USB\Usb-Notifications
Task: {65A34F07-723D-4150-B109-13BD1AE3DFAA} - System32\Tasks\Microsoft\Windows\InstallService\SmartRetry
Task: {65B55775-10A6-47EB-97F8-4E8CEC576235} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2019-05-23] (Microsoft Corporation)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\Windows\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {6DE4F7DC-0B8D-404A-A6C9-83241658F8CA} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierdaily => C:\Windows\system32\AppHostRegistrationVerifier.exe [2018-06-04] (Microsoft Corporation)
Task: {7138D0D3-1873-4A77-86CF-4840F491C90F} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTask => C:\Windows\System32\XblGameSaveTask.exe [2018-04-12] (Microsoft Corporation)
Task: {71560483-D9E9-4D02-970C-ECDEE5A80C3E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {749E286C-C205-4C7C-B742-BE5023BF06DE} - System32\Tasks\Microsoft\Windows\PushToInstall\LoginCheck => Sc.exe start pushtoinstall login
Task: {78BABCCD-20B8-49B7-B4F8-87490C41C875} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdatesAsUser
Task: {79CA8FC1-01E5-4E56-BF5C-01A81F37C43E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2019-05-23] (Microsoft Corporation)
Task: {7B90F132-1039-441B-99DD-264EC9EC84FB} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {7C145D48-7B72-4F20-BB0F-295358D64475} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2019-05-20] (Microsoft Corporation)
Task: {7D885CF2-5168-4B9A-B79C-32CE5CBCD635} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {7EAE5A6B-00F4-4B9F-A255-E1C163B587A1} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\LocateCommandUserSession
Task: {83A83211-ACB0-4A1D-8987-72CA75E4BFD4} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2017-12-19] (Synaptics Incorporated)
Task: {89D7F92C-2599-494E-B7C9-72ECAAAF4AB7} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\sedlauncher.exe [2019-05-11] (Microsoft Corporation)
Task: {8C9C9D81-3770-4016-865E-B3C8E72EB828} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-12-16] (Realtek Semiconductor)
Task: {8CB4602D-5E79-403F-8CC7-5100DFCDFD56} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {8CCDCCC3-88F0-4860-84BE-5AC16A1C6FA9} - System32\Tasks\Microsoft\Windows\SharedPC\Account Cleanup => Rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
Task: {8DAC8040-1E5E-4D55-B3B0-DFD9D5E21F16} - System32\Tasks\SmartByte Telemetry => C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe [2018-03-20] (DELL)
Task: {8F255F88-A87A-495F-B828-A4AFEC70BDB0} - System32\Tasks\Microsoft\Windows\DirectX\DXGIAdapterCache => C:\Windows\system32\dxgiadaptercache.exe [2018-04-12] (Microsoft Corporation)
Task: {8F42DD19-D14E-4E1A-BF26-510AE17376EB} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {97842C3A-73DD-4B5B-A696-BA06851DAA5C} - System32\Tasks\{3C880F33-978C-47A1-B02C-B2658B44DB11} => Chrome.exe hxxps://ui.skype.com/ui/0/7.40.0.104/sk/abandoninstall?page=tsProgressBar
Task: {97E8D66D-0085-423C-BA11-DD777A1258AB} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask => C:\Windows\system32\MDMAgent.exe [2018-04-12] (Microsoft Corporation)
Task: {9AF63E86-014A-4341-AEAB-DCB9E7B453D7} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2019-05-23] (Microsoft Corporation)
Task: {A305A840-EC8B-4C66-8EA8-5FF15F129CD2} - System32\Tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask => C:\Windows\system32\speech_onecore\common\SpeechModelDownload.exe [2018-04-12] (Microsoft Corporation)
Task: {AA5E519C-6234-454E-BAB7-E294E91CF45E} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-242124988-2545093545-445695849-1001 => C:\Users\bublinka\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {B0952E0A-C54F-4E8B-95E9-90E560086B37} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleWnsCommand
Task: {B14C88F4-4AAC-4F00-A94E-8EA180D7AEDC} - System32\Tasks\Microsoft\Windows\DiskFootprint\StorageSense
Task: {B27B93AE-52E3-4464-BA13-67402C269B4E} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures
Task: {B2F4AC84-A8D0-4524-9363-BFF5A5911A00} - System32\Tasks\Microsoft\Windows\BrokerInfrastructure\BgTaskRegistrationMaintenanceTask
Task: {B9D261F9-B457-487D-9012-F970DABA77B7} - System32\Tasks\Microsoft\Windows\SMB\UninstallSMB1ServerTask => powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& %windir%\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Server"
Task: {BA2025F6-AB93-4EA6-8F10-AB3F0CF026B7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-15] (Google Inc.)
Task: {BE8BA67A-1CC9-4255-A9B4-72015F5E3967} - System32\Tasks\Dell\Dell Product Registration => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [2014-10-31] (Aviata Inc)
Task: {C0A89418-25E8-447B-8E2C-570F6E829059} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {C2098BE2-A29A-4EB1-97F6-F0C57E086D4F} - System32\Tasks\Microsoft\Windows\Speech\HeadsetButtonPress => C:\Windows\system32\speech_onecore\common\SpeechRuntime.exe [2018-06-04] (Microsoft Corporation)
Task: {CBD6BD7F-61B1-4828-A3E2-7EFA77D2902F} - System32\Tasks\0216scUpdateInfo => C:\ProgramData\Avg_Update_0216sc\0216sc_{303F9E5E-1CF4-41CD-91E6-A2E7FEF73ACB}.exe [2016-03-30] ()
Task: {CD7E9DFE-9FC4-47BD-9BAF-EBB480DC6444} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-15] (Google Inc.)
Task: {CDA5D686-5D6C-4730-9907-B66710DC3670} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceLocationRightsChange
Task: {D010978C-B666-4072-B7F3-DD6340CDD629} - System32\Tasks\Microsoft\Windows\EDP\StorageCardEncryption Task
Task: {D1CC320B-9A47-4DB4-AFE4-2BCE1A964E7A} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\ReconcileLanguageResources
Task: {D2EFEDAF-61D5-4C52-9E5A-619AA51D9888} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {D5B3B2C7-8AF0-4D0D-A355-5216778C98D3} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {D65B4809-0CC1-46F2-B373-465C46C62D5E} - System32\Tasks\Microsoft\Windows\WaaSMedic\PerformRemediation
Task: {DD710A69-86C6-4932-97B1-01FB13ACFEF1} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceProtectionStateChanged
Task: {E0862994-9083-482D-A921-27B4860FFA21} - System32\Tasks\Microsoft\Windows\Printing\EduPrintProv => C:\Windows\system32\eduprintprov.exe [2018-04-12] (Microsoft Corporation)
Task: {E5329163-FEE5-4C81-906A-41B97007DFB5} - System32\Tasks\{16BA0183-5E65-4F34-BF82-DD904AA5727A} => Chrome.exe hxxps://ui.skype.com/ui/0/7.40.0.151/sk/abandoninstall?page=tsMain
Task: {E8BFFE70-6A84-49DA-B133-5ABDF88C5EDF} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {E9509E7E-053D-404A-B8D7-47C47BDC88F9} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [2018-12-02] (McAfee, Inc.)
Task: {EA415426-12E9-46BA-911C-4CA3B4CD643F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2019-02-09] (Piriform Software Ltd)
Task: {EFA86FF7-22AE-4997-AFD9-E89E1BF9B7D6} - System32\Tasks\Microsoft\Windows\Device Information\Device => C:\Windows\system32\devicecensus.exe [2019-02-16] (Microsoft Corporation)
Task: {F955A09C-E83A-4AD5-9ABC-7D5D7A055117} - System32\Tasks\Microsoft\Windows\EDP\EDP Auth Task
Task: {F9B0F07E-5A48-4EA4-AC6A-7866579B7CDF} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {FC779438-B7FD-4774-AA55-4DE2A4B098A4} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker MDM policy Refresh
Task: {FF9A60C0-46F6-4B0C-A400-4BCB4DC48F0B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2019-05-23] (Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\bublinka\Documents\ROBOTA - disk\HARTLOVÁ\Nagyová plocha\plocha\Passport mostov.lnk -> C:\Users\nagyova.slavka\Documents\passport.bat (No File)
==================== Loaded Modules (Whitelisted) ==============
2007-03-23 17:36 - 2007-03-23 17:36 - 00022016 _____ () C:\WINDOWS\System32\xrxs1l6.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 00491744 _____ () C:\Windows\System32\InputHost.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 00472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-12-12 09:01 - 2018-11-09 04:17 - 02759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 00491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2019-05-13 15:27 - 2019-05-13 15:27 - 02587976 _____ () C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1542\libprotobuf.dll
2018-11-12 13:46 - 2018-11-12 13:46 - 00035976 _____ () C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
2018-04-12 01:34 - 2018-04-12 01:34 - 00491744 _____ () C:\WINDOWS\SYSTEM32\InputHost.dll
2019-03-16 21:23 - 2019-03-06 10:30 - 02185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-10-24 08:39 - 2018-10-24 08:42 - 00009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2019-05-23 21:04 - 2019-05-23 21:07 - 00060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2019-05-23 21:04 - 2019-05-23 21:07 - 00182272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2019-04-07 09:13 - 2019-04-07 09:14 - 26138624 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
2019-04-07 09:13 - 2019-04-07 09:14 - 00289280 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\SharedUI.dll
2017-12-07 15:39 - 2017-12-07 15:40 - 00902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2018-12-01 21:47 - 2018-12-01 21:49 - 04202208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-04-07 09:13 - 2019-04-07 09:14 - 05709824 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\EntCommon.dll
2019-04-07 09:13 - 2019-04-07 09:14 - 08948224 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\EntPlat.dll
2019-05-23 21:04 - 2019-05-23 21:11 - 00481280 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19031.17720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2019-05-23 21:04 - 2019-05-23 21:07 - 81356800 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19031.17720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2019-05-23 21:04 - 2019-05-23 21:13 - 00012288 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19031.17720.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2017-10-07 11:12 - 2017-10-07 11:15 - 02523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19031.17720.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2019-05-23 21:04 - 2019-05-23 21:11 - 03707904 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19031.17720.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2019-05-23 21:04 - 2019-05-23 21:12 - 13491200 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19031.17720.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2019-05-23 21:04 - 2019-05-23 21:08 - 02867712 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19031.17720.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2019-05-23 21:04 - 2019-05-23 21:13 - 01014784 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19031.17720.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2019-05-23 21:04 - 2019-05-23 21:10 - 00120320 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19031.17720.0_x64__8wekyb3d8bbwe\AppSettingsCppCX.dll
2018-12-12 08:32 - 2018-12-12 08:33 - 04380232 _____ () C:\Program Files\WindowsApps\Microsoft.UI.Xaml.2.0_2.1810.18004.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2016-12-21 11:24 - 2016-12-21 11:24 - 00134008 _____ () C:\Program Files (x86)\Dell Customer Connect\ServiceTagPlusPlus.dll
2015-03-16 11:28 - 2015-03-16 11:28 - 00155528 _____ () C:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudAddService.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudBus.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetSetupSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SerCx2.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\usbaudio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2016-11-08 14:41 - 00000826 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-242124988-2545093545-445695849-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\bublinka\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run32: => "DropboxOEM"
HKU\S-1-5-21-242124988-2545093545-445695849-1001\...\StartupApproved\StartupFolder: => "LibreOffice 4.4.lnk"
HKU\S-1-5-21-242124988-2545093545-445695849-1001\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [WirelessDisplay-Infra-In-TCP] => (Allow) %systemroot%\system32\CastSrv.exe
FirewallRules: [{4F2C7FE1-3B3D-4BDF-AB39-DF5189F08DF0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{27B83E37-FF87-4062-8121-D9451252609C}C:\users\bublinka\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\bublinka\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{1A14C6EA-E98A-4328-8027-8427B35CF961}C:\users\bublinka\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\bublinka\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{36C9F198-EA04-41CA-B685-F0AEFDDCA9F7}] => (Block) C:\users\bublinka\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{FB28A465-F4FE-4C8B-B20D-6F18725EBBE9}] => (Block) C:\users\bublinka\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{8372DFC7-4547-42E3-BF8B-801B275DE631}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{9FBFECBD-CD65-43DF-9EBA-0B00566CD932}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{C6DD7A78-2FB1-4BFD-9213-4AF4057D920D}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{D74BFF13-6A6E-458E-A51B-7890A8F20994}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{24B4AAEE-81F7-4DE5-B113-BBCFDC843B58}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{717D9DB2-8175-4DD9-B822-060ECF582DBE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{20101127-35CF-4431-877A-B1470F9FFBA8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{38C74F7E-8F7B-47C3-9A90-49BB21A2CC8D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
==================== Restore Points =========================
07-04-2019 09:00:24 Windows Update
23-05-2019 22:25:04 Removed Skype™ 7.36
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/23/2019 11:32:01 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
Error: (05/23/2019 11:29:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: DDVDataCollector.exe, verzia: 5.2.8.103, časová značka: 0x5c781a2a
Názov chybujúceho modulu: DDVDataCollector.exe, verzia: 5.2.8.103, časová značka: 0x5c781a2a
Kód výnimky: 0xc0000409
Odstup chyby: 0x00000000001cfb1b
Identifikácia chybujúceho procesu: 0x21fc
Čas spustenia chybujúcej aplikácie: 0xDDVDataCollector.exe0
Cesta chybujúcej aplikácie: DDVDataCollector.exe1
Cesta chybujúceho modulu: DDVDataCollector.exe2
Identifikácia hlásenia: DDVDataCollector.exe3
Celé meno chybujúceho balíka: DDVDataCollector.exe4
Identifikácia chybujúcej aplikácie vzhľadom na balík: DDVDataCollector.exe5
Error: (05/23/2019 11:17:54 PM) (Source: TrueKey) (EventID: 0) (User: )
Description: Zpracování změny relace se nezdařilo. System.ArgumentNullException: Hodnota nemůže být NULL.
v System.Threading.Monitor.Enter(Object obj)
v McAfee.YAP.Service.Common.UsersManager.GetWindowsUsers(Boolean async)
v McAfee.YAP.Service.Service.OnSessionChange(SessionChangeDescription changeDescription)
v System.ServiceProcess.ServiceBase.DeferredSessionChange(Int32 eventType, Int32 sessionId)
Error: (05/23/2019 11:06:45 PM) (Source: ESENT) (EventID: 489) (User: )
Description: CCleaner64 (10576,G,0) An attempt to open the file "C:\Users\bublinka\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" for read only access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).
Error: (05/23/2019 11:04:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: utorrent.exe, verzia: 2.2.1.25534, časová značka: 0x4e4594ce
Názov chybujúceho modulu: GDI32.dll, verzia: 10.0.17134.285, časová značka: 0x40f0d4bd
Kód výnimky: 0xc000041d
Odstup chyby: 0x000063d7
Identifikácia chybujúceho procesu: 0xd98
Čas spustenia chybujúcej aplikácie: 0xutorrent.exe0
Cesta chybujúcej aplikácie: utorrent.exe1
Cesta chybujúceho modulu: utorrent.exe2
Identifikácia hlásenia: utorrent.exe3
Celé meno chybujúceho balíka: utorrent.exe4
Identifikácia chybujúcej aplikácie vzhľadom na balík: utorrent.exe5
Error: (05/23/2019 10:44:25 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Služba Windows Search sa zastavuje, pretože sa vyskytol problém s indexovaním, Nezdařila se fáze obnovení..
Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Vypínání indexovacího modulu (HRESULT : 0x80040d23) (0x80040d23)
Error: (05/23/2019 10:44:25 PM) (Source: Windows Search Service) (EventID: 3602) (User: )
Description: V štádiu obnovovania služby Windows Search sa vyskytla chyba, jej ID je 1. Znova spustite službu. Ak táto chyba pretrváva, znova vytvorte index.
Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Vypínání indexovacího modulu (HRESULT : 0x80040d23) (0x80040d23)
Error: (05/13/2019 03:34:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: DDVDataCollector.exe, verzia: 5.2.8.103, časová značka: 0x5c781a2a
Názov chybujúceho modulu: DDVDataCollector.exe, verzia: 5.2.8.103, časová značka: 0x5c781a2a
Kód výnimky: 0xc0000409
Odstup chyby: 0x00000000001cfb1b
Identifikácia chybujúceho procesu: 0x1490
Čas spustenia chybujúcej aplikácie: 0xDDVDataCollector.exe0
Cesta chybujúcej aplikácie: DDVDataCollector.exe1
Cesta chybujúceho modulu: DDVDataCollector.exe2
Identifikácia hlásenia: DDVDataCollector.exe3
Celé meno chybujúceho balíka: DDVDataCollector.exe4
Identifikácia chybujúcej aplikácie vzhľadom na balík: DDVDataCollector.exe5
Error: (05/13/2019 03:10:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: DDVDataCollector.exe, verzia: 5.2.7.93, časová značka: 0x5bce2506
Názov chybujúceho modulu: DDVDataCollector.exe, verzia: 5.2.7.93, časová značka: 0x5bce2506
Kód výnimky: 0xc0000409
Odstup chyby: 0x00000000001cd3cb
Identifikácia chybujúceho procesu: 0x2078
Čas spustenia chybujúcej aplikácie: 0xDDVDataCollector.exe0
Cesta chybujúcej aplikácie: DDVDataCollector.exe1
Cesta chybujúceho modulu: DDVDataCollector.exe2
Identifikácia hlásenia: DDVDataCollector.exe3
Celé meno chybujúceho balíka: DDVDataCollector.exe4
Identifikácia chybujúcej aplikácie vzhľadom na balík: DDVDataCollector.exe5
Error: (04/07/2019 05:59:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: DDVDataCollector.exe, verzia: 5.2.7.93, časová značka: 0x5bce2506
Názov chybujúceho modulu: DDVDataCollector.exe, verzia: 5.2.7.93, časová značka: 0x5bce2506
Kód výnimky: 0xc0000409
Odstup chyby: 0x00000000001cd3cb
Identifikácia chybujúceho procesu: 0x2e00
Čas spustenia chybujúcej aplikácie: 0xDDVDataCollector.exe0
Cesta chybujúcej aplikácie: DDVDataCollector.exe1
Cesta chybujúceho modulu: DDVDataCollector.exe2
Identifikácia hlásenia: DDVDataCollector.exe3
Celé meno chybujúceho balíka: DDVDataCollector.exe4
Identifikácia chybujúcej aplikácie vzhľadom na balík: DDVDataCollector.exe5
System errors:
=============
Error: (05/23/2019 11:40:23 PM) (Source: DCOM) (EventID: 10016) (User: PRISERKA)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}PRISERKAbublinkaS-1-5-21-242124988-2545093545-445695849-1001LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici
Error: (05/23/2019 11:29:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Dell Data Vault Collector sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (05/23/2019 11:21:06 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
Error: (05/23/2019 11:17:51 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici
Error: (05/23/2019 11:17:41 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici
Error: (05/23/2019 11:17:41 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici
Error: (05/23/2019 11:16:38 PM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
Description: The password notification DLL "C:\Program Files\McAfee\TrueKey\McAfeeTrueKeyPasswordFilter" failed to load with error 126. Please verify that the notification DLL path defined in the registry, HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages, refers to a correct and absolute path (<drive>:\<path>\<filename>.<ext>) and not a relative or invalid path. If the DLL path is correct, please validate that any supporting files are located in the same directory, and that the system account has read access to both the DLL path and any supporting files. Contact the provider of the notification DLL for additional support. Further details can be found on the web at http://go.microsoft.com/fwlink/?LinkId=245898.
Error: (05/23/2019 11:16:38 PM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
Description: The password notification DLL "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" failed to load with error 126. Please verify that the notification DLL path defined in the registry, HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages, refers to a correct and absolute path (<drive>:\<path>\<filename>.<ext>) and not a relative or invalid path. If the DLL path is correct, please validate that any supporting files are located in the same directory, and that the system account has read access to both the DLL path and any supporting files. Contact the provider of the notification DLL for additional support. Further details can be found on the web at http://go.microsoft.com/fwlink/?LinkId=245898.
Error: (05/23/2019 11:16:38 PM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
Description: The password notification DLL C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter failed to load with error 126. Please verify that the notification DLL path defined in the registry, HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages, refers to a correct and absolute path (<drive>:\<path>\<filename>.<ext>) and not a relative or invalid path. If the DLL path is correct, please validate that any supporting files are located in the same directory, and that the system account has read access to both the DLL path and any supporting files. Contact the provider of the notification DLL for additional support. Further details can be found on the web at http://go.microsoft.com/fwlink/?LinkId=245898.
Error: (05/13/2019 03:44:23 PM) (Source: Service Control Manager) (EventID: 7046) (User: )
Description: Nasledujúca služba sa opakovane zastavila pri reakcii na požiadavky riadenia služieb: Služba platformy připojených zařízení
Informujte sa u dodávateľa služby alebo správcu systému, kde možno túto službu vypnúť, kým sa nezistí problém.
Pred vypnutím služby možno budete musieť reštartovať počítač v bezpečnom režime.
CodeIntegrity:
===================================
Date: 2018-10-27 12:43:22.591
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-10-27 12:43:22.387
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-10-26 15:58:30.786
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-10-26 15:58:30.717
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-10-25 10:20:14.440
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-10-25 10:20:14.379
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-10-24 21:17:43.637
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-10-24 21:17:09.345
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-10-24 21:17:07.547
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-10-24 21:16:58.404
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) CPU N3530 @ 2.16GHz
Percentage of memory in use: 72%
Total physical RAM: 3978.2 MB
Available physical RAM: 1099.77 MB
Total Virtual: 6282.2 MB
Available Virtual: 2813.09 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:456.3 GB) (Free:186.52 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: BD0D5174)
Partition: GPT.
==================== End of Addition.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
kontrola logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: kontrola logu
Ahoj 
Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
- Uloz na plochu a ukonci vsetky programy
- Spusti AdwCleaner ako spravca
- Odsuhlas licencne podmienky
- Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
- Nechaj zaskrtnute vsetky nalezy
- Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
- Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
- Otvori sa log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: kontrola logu
# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-04-29.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-24-2019
# Duration: 00:00:22
# OS: Windows 10 Home
# Cleaned: 1
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1339 octets] - [24/05/2019 22:52:18]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-04-29.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-24-2019
# Duration: 00:00:22
# OS: Windows 10 Home
# Cleaned: 1
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1339 octets] - [24/05/2019 22:52:18]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Re: kontrola logu
Pouzivas program McAfee True Key? Ak nie, mozes to odinstalovat. Poprosim o obidva nove logy z FRST.Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: kontrola logu
odinstalovane, nepouzivam.
tu su logy:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:30-04-2016
Ran by bublinka (administrator) on PRISERKA (25-05-2019 10:24:33)
Running from C:\Users\bublinka\Desktop
Loaded Profiles: bublinka (Available Profiles: bublinka)
Platform: Windows 10 Home Version 1803 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
Failed to access process -> Registry
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
Failed to access process -> Memory Compression
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Windows\System32\SecurityHealthService.exe
(CloudBees, Inc.) C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Rivet Networks LLC) C:\Program Files\Rivet Networks\SmartByte\RNDBWM.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17134.760_none_eaef1a361d71e348\TiWorker.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Microsoft Corporation) C:\Windows\System32\MusNotification.exe
(Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
() C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11425.20190.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.1000_x64__kzf8qxf38zg5c\SkypeApp.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.1000_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Aviata Inc) C:\Program Files (x86)\Dell Product Registration\prodreg.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\sc.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\eguiProxy.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760 2015-12-16] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-12-16] (Realtek Semiconductor)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3775816 2014-02-27] (Dell Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\ecmdS.exe [177928 2019-05-23] (ESET)
HKLM-x32\...\Run: [DropboxOEM] => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [462160 2014-09-02] ()
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452272 2012-08-31] (CANON INC.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-242124988-2545093545-445695849-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19645800 2019-02-09] (Piriform Software Ltd)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\WINDOWS\system32\mscoree.dll [2018-04-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\WINDOWS\system32\mscoree.dll [2018-04-12] (Microsoft Corporation)
Startup: C:\Users\bublinka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LibreOffice 4.4.lnk [2015-07-28]
ShortcutTarget: LibreOffice 4.4.lnk -> C:\Program Files (x86)\LibreOffice 4\program\quickstart.exe ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{cd794d0d-69ce-4331-904a-620bfdcb01a5}: [DhcpNameServer] 172.9.1.171
Tcpip\..\Interfaces\{ea9e03d6-90a3-4096-a6fe-177ca5b373b5}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{eca5f92e-6ae5-4ac4-b98c-637f2c554e0b}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{eca5f92e-6ae5-4ac4-b98c-637f2c554e0b}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-242124988-2545093545-445695849-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE13&ocid=UE13DHP
HKU\S-1-5-21-242124988-2545093545-445695849-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
HKU\S-1-5-21-242124988-2545093545-445695849-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?pc=UE13&ocid=UE13DHP
SearchScopes: HKU\S-1-5-21-242124988-2545093545-445695849-1001 -> {8E786F18-A6D8-419F-B12D-3ECF7830B782} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-05-23] (Microsoft Corporation)
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-03-15] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-05-23] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-05-23] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-05-23] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-05-23] (Microsoft Corporation)
FireFox:
========
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-03-15] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-03-15] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-23] (Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-23] (Google LLC)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\bublinka\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\bublinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-05-23]
CHR Extension: (IE Tab) - C:\Users\bublinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2019-05-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\bublinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-06]
CHR Extension: (Chrome Media Router) - C:\Users\bublinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-24]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-04-28] (Adobe)
S3 BcastDVRUserService; C:\Windows\System32\BcastDVRUserService.dll [1364992 2019-05-03] (Microsoft Corporation)
S3 BcastDVRUserService_78829; C:\WINDOWS\system32\svchost.exe [85472 2019-01-09] (Microsoft Corporation)
S3 BcastDVRUserService_78829; C:\WINDOWS\SysWOW64\svchost.exe [71456 2019-01-09] (Microsoft Corporation)
S3 BluetoothUserService; C:\Windows\System32\Microsoft.Bluetooth.UserService.dll [464384 2018-04-12] (Microsoft Corporation)
S3 BluetoothUserService_78829; C:\WINDOWS\system32\svchost.exe [85472 2019-01-09] (Microsoft Corporation)
S3 BluetoothUserService_78829; C:\WINDOWS\SysWOW64\svchost.exe [71456 2019-01-09] (Microsoft Corporation)
R3 BTAGService; C:\Windows\System32\BTAGService.dll [514048 2018-11-09] (Microsoft Corporation)
R3 BthAvctpSvc; C:\Windows\System32\BthAvctpSvc.dll [399872 2018-11-09] (Microsoft Corporation)
R3 camsvc; C:\Windows\system32\CapabilityAccessManager.dll [266752 2019-01-09] (Microsoft Corporation)
S2 CDPUserSvc; C:\Windows\System32\CDPUserSvc.dll [453632 2018-10-21] (Microsoft Corporation)
R2 CDPUserSvc_78829; C:\WINDOWS\system32\svchost.exe [85472 2019-01-09] (Microsoft Corporation)
R2 CDPUserSvc_78829; C:\WINDOWS\SysWOW64\svchost.exe [71456 2019-01-09] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11135560 2019-05-20] (Microsoft Corporation)
S2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [209392 2019-02-28] (Dell Inc.)
S2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3363824 2019-02-28] (Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [218096 2019-02-28] (Dell Inc.)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2016-12-21] (Dell Inc.)
S2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1542\DSAPI.exe [1038144 2019-05-13] (PC-Doctor, Inc.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [35976 2018-11-12] ()
S3 DellProdRegManager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [278568 2014-10-31] (Aviata, Inc.)
S3 DevicePickerUserSvc; C:\Windows\System32\Windows.Devices.Picker.dll [400896 2018-04-12] (Microsoft Corporation)
S3 DevicePickerUserSvc; C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll [312832 2018-04-12] (Microsoft Corporation)
S3 DevicePickerUserSvc_78829; C:\WINDOWS\system32\svchost.exe [85472 2019-01-09] (Microsoft Corporation)
S3 DevicePickerUserSvc_78829; C:\WINDOWS\SysWOW64\svchost.exe [71456 2019-01-09] (Microsoft Corporation)
S3 DevicesFlowUserSvc; C:\Windows\System32\DevicesFlowBroker.dll [750080 2018-04-12] (Microsoft Corporation)
S3 DevicesFlowUserSvc_78829; C:\WINDOWS\system32\svchost.exe [85472 2019-01-09] (Microsoft Corporation)
S3 DevicesFlowUserSvc_78829; C:\WINDOWS\SysWOW64\svchost.exe [71456 2019-01-09] (Microsoft Corporation)
S3 diagsvc; C:\Windows\system32\DiagSvc.dll [219648 2018-04-12] (Microsoft Corporation)
R2 DusmSvc; C:\Windows\System32\dusmsvc.dll [356352 2018-12-08] (Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2359312 2019-05-23] (ESET)
S3 FrameServer; C:\Windows\system32\FrameServer.dll [673792 2018-06-08] (Microsoft Corporation)
S3 GoogleChromeElevationService; C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.169\elevation_service.exe [1267696 2019-05-21] (Google Inc.)
S3 GraphicsPerfSvc; C:\Windows\System32\GraphicsPerfSvc.dll [90624 2018-04-12] (Microsoft Corporation)
S3 HvHost; C:\Windows\System32\hvhostsvc.dll [61736 2018-08-03] (Microsoft Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation)
S3 InstallService; C:\Windows\system32\InstallService.dll [1487360 2018-11-09] (Microsoft Corporation)
S3 InstallService; C:\WINDOWS\SysWOW64\InstallService.dll [1110528 2018-11-09] (Microsoft Corporation)
S3 IpxlatCfgSvc; C:\Windows\System32\IpxlatCfg.dll [63488 2018-04-12] (Microsoft Corporation)
S3 LxpSvc; C:\Windows\System32\LanguageOverlayServer.dll [199680 2018-04-12] (Microsoft Corporation)
S3 NaturalAuthentication; C:\Windows\System32\NaturalAuth.dll [824832 2018-04-12] (Microsoft Corporation)
S3 PrintWorkflowUserSvc; C:\Windows\System32\PrintWorkflowService.dll [170496 2018-04-12] (Microsoft Corporation)
S3 PrintWorkflowUserSvc; C:\WINDOWS\SysWOW64\PrintWorkflowService.dll [138240 2018-04-12] (Microsoft Corporation)
S3 PrintWorkflowUserSvc_78829; C:\WINDOWS\system32\svchost.exe [85472 2019-01-09] (Microsoft Corporation)
S3 PrintWorkflowUserSvc_78829; C:\WINDOWS\SysWOW64\svchost.exe [71456 2019-01-09] (Microsoft Corporation)
S3 PushToInstall; C:\Windows\system32\PushToInstall.dll [262144 2018-07-14] (Microsoft Corporation)
S3 RmSvc; C:\Windows\System32\RMapi.dll [153600 2018-12-08] (Microsoft Corporation)
R2 RNDBWM; C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe [64184 2018-03-20] (CloudBees, Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312056 2015-12-16] (Realtek Semiconductor)
R2 SecurityHealthService; C:\Windows\system32\SecurityHealthService.exe [760888 2018-07-14] (Microsoft Corporation)
S2 sedsvc; C:\Program Files\rempl\sedsvc.exe [362296 2019-05-11] (Microsoft Corporation)
S3 SEMgrSvc; C:\Windows\system32\SEMgrSvc.dll [1248768 2018-04-12] (Microsoft Corporation)
S2 SgrmBroker; C:\Windows\system32\SgrmBroker.exe [163336 2018-04-12] (Microsoft Corporation)
S3 SharedRealitySvc; C:\Windows\System32\SharedRealitySvc.dll [713216 2018-08-28] (Microsoft Corporation)
S4 shpamsvc; C:\Windows\system32\Windows.SharedPC.AccountManager.dll [195584 2018-04-12] (Microsoft Corporation)
R2 SmartByte Network Service x64; C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe [2011848 2018-03-20] (Rivet Networks)
S3 spectrum; C:\Windows\system32\spectrum.exe [976384 2018-06-08] (Microsoft Corporation)
S4 ssh-agent; C:\Windows\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39896 2019-04-10] (Dell Inc.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [265784 2017-12-19] (Synaptics Incorporated)
R3 TimeBrokerSvc; C:\Windows\System32\TimeBrokerServer.dll [176128 2018-04-12] (Microsoft Corporation)
R3 TokenBroker; C:\Windows\System32\TokenBroker.dll [1395200 2019-01-09] (Microsoft Corporation)
R3 TokenBroker; C:\WINDOWS\SysWOW64\TokenBroker.dll [1000448 2019-01-09] (Microsoft Corporation)
S4 tzautoupdate; C:\WINDOWS\SysWOW64\tzautoupdate.dll [72192 2018-04-12] (Microsoft Corporation)
S3 VacSvc; C:\Windows\System32\vac.dll [411256 2018-04-12] (Microsoft Corporation)
S3 vmicrdv; C:\Windows\System32\icsvcext.dll [309760 2018-04-12] (Microsoft Corporation)
S3 vmicvss; C:\Windows\System32\icsvcext.dll [309760 2018-04-12] (Microsoft Corporation)
S3 WaaSMedicSvc; C:\Windows\System32\WaaSMedicSvc.dll [392704 2019-01-09] (Microsoft Corporation)
S3 WarpJITSvc; C:\Windows\System32\Windows.WARP.JITService.dll [31744 2018-04-12] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4413440 2019-03-14] (Microsoft Corporation)
S3 WFDSConMgrSvc; C:\Windows\System32\wfdsconmgrsvc.dll [681984 2018-07-14] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107160 2019-02-16] (Microsoft Corporation)
S3 wisvc; C:\Windows\system32\flightsettings.dll [858112 2018-06-08] (Microsoft Corporation)
S3 wisvc; C:\WINDOWS\SysWOW64\flightsettings.dll [729088 2018-06-08] (Microsoft Corporation)
S3 wlpasvc; C:\Windows\System32\lpasvc.dll [1364992 2019-02-16] (Microsoft Corporation)
S3 WpcMonSvc; C:\Windows\System32\WpcDesktopMonSvc.dll [1456640 2018-06-04] (Microsoft Corporation)
S2 WpnUserService; C:\Windows\System32\WpnUserService.dll [96768 2018-04-12] (Microsoft Corporation)
R2 WpnUserService_78829; C:\WINDOWS\system32\svchost.exe [85472 2019-01-09] (Microsoft Corporation)
R2 WpnUserService_78829; C:\WINDOWS\SysWOW64\svchost.exe [71456 2019-01-09] (Microsoft Corporation)
S3 xbgm; C:\Windows\system32\xbgmsvc.exe [59512 2018-04-12] (Microsoft Corporation)
S3 XboxGipSvc; C:\Windows\System32\XboxGipSvc.dll [58880 2018-04-12] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AcpiDev; C:\Windows\System32\drivers\AcpiDev.sys [20480 2018-04-12] (Microsoft Corporation)
R1 afunix; C:\Windows\system32\drivers\afunix.sys [39424 2018-04-12] (Microsoft Corporation)
S3 applockerfltr; C:\Windows\System32\drivers\applockerfltr.sys [18432 2018-04-12] (Microsoft Corporation)
S0 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [533912 2018-04-12] (QLogic Corporation)
R1 bam; C:\Windows\System32\drivers\bam.sys [60320 2018-04-12] (Microsoft Corporation)
S3 bindflt; C:\Windows\system32\drivers\bindflt.sys [92704 2019-01-09] (Microsoft Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [86528 2018-04-12] (Microsoft Corporation)
S0 bttflt; C:\Windows\System32\drivers\bttflt.sys [38304 2018-04-12] (Microsoft Corporation)
R3 CAD; C:\Windows\System32\drivers\CAD.sys [60320 2018-04-12] (Microsoft Corporation)
S0 cht4iscsi; C:\Windows\System32\drivers\cht4sx64.sys [321432 2018-04-12] (Chelsio Communications)
S3 cht4vbd; C:\Windows\System32\drivers\cht4vx64.sys [1836952 2018-04-12] (Chelsio Communications)
R2 CldFlt; C:\Windows\System32\drivers\cldflt.sys [414720 2019-03-14] (Microsoft Corporation)
R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [40824 2019-02-27] (Dell Inc.)
S3 DellProf; C:\Windows\system32\drivers\DellProf.sys [41208 2018-05-08] (Dell Computer Corporation)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [145600 2019-04-02] (ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15800 2019-05-23] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [188240 2019-04-02] (ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [110000 2019-04-02] (ESET)
S4 hvcrash; C:\Windows\System32\drivers\hvcrash.sys [33184 2018-04-12] (Microsoft Corporation)
S3 hvservice; C:\Windows\System32\drivers\hvservice.sys [76088 2019-05-03] (Microsoft Corporation)
S3 HwNClx0101; C:\Windows\System32\Drivers\mshwnclx.sys [27136 2018-04-12] (Microsoft Corporation)
S3 iagpio; C:\Windows\System32\drivers\iagpio.sys [36864 2018-04-12] (Intel(R) Corporation)
R3 iaioi2c; C:\Windows\System32\drivers\iaioi2ce.sys [67584 2013-11-11] (Intel Corporation)
S3 iaLPSS2i_GPIO2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [79360 2018-04-12] (Intel Corporation)
S3 iaLPSS2i_GPIO2_BXT_P; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [88576 2018-04-12] (Intel Corporation)
S3 iaLPSS2i_I2C_BXT_P; C:\Windows\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [174592 2018-04-12] (Intel Corporation)
S0 iaStorAVC; C:\Windows\System32\drivers\iaStorAVC.sys [885144 2018-04-12] (Intel Corporation)
S3 IndirectKmd; C:\Windows\System32\drivers\IndirectKmd.sys [38912 2018-04-12] (Microsoft Corporation)
R0 iorate; C:\Windows\System32\drivers\iorate.sys [58168 2018-12-08] (Microsoft Corporation)
S3 IPT; C:\Windows\System32\drivers\ipt.sys [32256 2018-04-12] (Microsoft Corporation)
S0 ItSas35i; C:\Windows\System32\drivers\ItSas35i.sys [145816 2018-04-12] (Avago Technologies)
S3 mausbhost; C:\Windows\System32\drivers\mausbhost.sys [505240 2018-04-12] (Microsoft Corporation)
S3 mausbip; C:\Windows\System32\drivers\mausbip.sys [56736 2018-04-12] (Microsoft Corporation)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [274416 2019-04-09] (Malwarebytes)
S0 megasas2i; C:\Windows\System32\drivers\MegaSas2i.sys [75160 2018-04-12] (Avago Technologies)
S0 megasas35i; C:\Windows\System32\drivers\megasas35i.sys [82328 2018-04-12] (Avago Technologies)
R3 Microsoft_Bluetooth_AvrcpTransport; C:\Windows\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [46592 2018-04-12] (Microsoft Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [175104 2018-04-12] (Microsoft Corporation)
S3 nvdimm; C:\Windows\System32\drivers\nvdimm.sys [104448 2018-04-12] (Microsoft Corporation)
S0 percsas2i; C:\Windows\System32\drivers\percsas2i.sys [58776 2018-04-12] (Avago Technologies)
S3 pmem; C:\Windows\System32\drivers\pmem.sys [105984 2018-04-12] (Microsoft Corporation)
S0 Ramdisk; C:\Windows\System32\DRIVERS\ramdisk.sys [39840 2018-04-12] (Microsoft Corporation)
S3 rhproxy; C:\Windows\System32\drivers\rhproxy.sys [104448 2018-04-12] (Microsoft Corporation)
S3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [410848 2015-08-13] (Realsil Semiconductor Corporation)
S0 scmbus; C:\Windows\System32\drivers\scmbus.sys [128920 2018-08-03] (Microsoft Corporation)
S3 SDFRd; C:\Windows\System32\drivers\SDFRd.sys [33176 2018-04-12] (Microsoft Corporation)
R0 SgrmAgent; C:\Windows\System32\drivers\SgrmAgent.sys [63896 2018-04-12] (Microsoft Corporation)
R2 SmbCoSvc; C:\Windows\system32\DRIVERS\SmbCo10X64.sys [119528 2018-03-20] (Rivet Networks, LLC.)
S3 SpatialGraphFilter; C:\Windows\System32\drivers\SpatialGraphFilter.sys [57752 2018-04-12] (Microsoft Corporation)
R3 ST_Accel; C:\Windows\system32\DRIVERS\ST_Accel.sys [83968 2013-11-21] (STMicroelectronics)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [66104 2017-12-19] (Synaptics Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-16] (Intel Corporation)
S3 UcmTcpciCx0101; C:\Windows\System32\Drivers\UcmTcpciCx.sys [152576 2018-04-12] (Microsoft Corporation)
R3 VirtualButtons; C:\Windows\System32\drivers\VirtualButtons.sys [41992 2017-03-31] (Intel Corporation)
S3 vmgid; C:\Windows\System32\drivers\vmgid.sys [10240 2018-08-03] (Microsoft Corporation)
R0 volume; C:\Windows\System32\drivers\volume.sys [16288 2018-04-12] (Microsoft Corporation)
R2 wcifs; C:\Windows\system32\drivers\wcifs.sys [152072 2019-03-14] (Microsoft Corporation)
S3 wcnfs; C:\Windows\system32\drivers\wcnfs.sys [83456 2018-12-08] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation)
S3 WdmCompanionFilter; C:\Windows\System32\drivers\WdmCompanionFilter.sys [21408 2018-04-12] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation)
S3 WinNat; C:\Windows\System32\drivers\winnat.sys [228864 2018-10-21] (Microsoft Corporation)
S3 PCDSRVC{B13A77D3-1EFB46EC-06020300}_0; \??\c:\program files\dell\supportassistagent\pcdr\supportassist\6.0.6992.1466\pcdsrvc_x64.pkms [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
NETSVC: InstallService -> C:\Windows\system32\InstallService.dll (Microsoft Corporation)
NETSVC: LxpSvc -> C:\Windows\System32\LanguageOverlayServer.dll (Microsoft Corporation)
NETSVC: shpamsvc -> C:\Windows\system32\Windows.SharedPC.AccountManager.dll (Microsoft Corporation)
NETSVC: PushToInstall -> C:\Windows\system32\PushToInstall.dll (Microsoft Corporation)
NETSVC: NaturalAuthentication -> C:\Windows\System32\NaturalAuth.dll (Microsoft Corporation)
NETSVC: XboxGipSvc -> C:\Windows\System32\XboxGipSvc.dll (Microsoft Corporation)
NETSVC: TokenBroker -> C:\Windows\System32\TokenBroker.dll (Microsoft Corporation)
NETSVC: wisvc -> C:\Windows\system32\flightsettings.dll (Microsoft Corporation)
NETSVC: WpnService -> C:\Windows\system32\WpnService.dll (Microsoft Corporation)
NETSVCx32: TokenBroker -> C:\Windows\SysWOW64\TokenBroker.dll (Microsoft Corporation)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-05-25 10:12 - 2019-05-25 10:20 - 00000000 ____D C:\ProgramData\McInstTemp0138921558771945
2019-05-24 22:49 - 2019-05-24 22:50 - 07025360 _____ (Malwarebytes) C:\Users\bublinka\Desktop\adwcleaner_7.3.exe
2019-05-24 12:03 - 2019-05-03 08:31 - 09084432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-05-24 12:03 - 2019-05-03 08:31 - 07519888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-05-24 12:03 - 2019-05-03 08:18 - 06569344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-05-24 12:03 - 2019-05-03 08:12 - 25855488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-05-24 12:03 - 2019-05-03 08:10 - 22017024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-05-24 12:03 - 2019-05-03 08:05 - 22716416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-05-24 12:03 - 2019-05-03 07:56 - 05350912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-05-24 12:03 - 2019-05-03 07:54 - 04929024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-05-24 12:02 - 2019-05-03 14:13 - 01376472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-05-24 12:02 - 2019-05-03 13:51 - 03613696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-05-24 12:02 - 2019-05-03 13:51 - 01364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-05-24 12:02 - 2019-05-03 13:50 - 01663488 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-05-24 12:02 - 2019-05-03 13:28 - 02882048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-05-24 12:02 - 2019-05-03 13:25 - 01471488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-05-24 12:02 - 2019-05-03 08:36 - 01035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-05-24 12:02 - 2019-05-03 08:33 - 05625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-05-24 12:02 - 2019-05-03 08:33 - 01219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-05-24 12:02 - 2019-05-03 08:33 - 01027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-05-24 12:02 - 2019-05-03 08:31 - 07436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-05-24 12:02 - 2019-05-03 08:31 - 02811192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-05-24 12:02 - 2019-05-03 08:31 - 02771256 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-05-24 12:02 - 2019-05-03 08:31 - 01459328 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-05-24 12:02 - 2019-05-03 08:19 - 06043712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-05-24 12:02 - 2019-05-03 08:18 - 02258640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-05-24 12:02 - 2019-05-03 08:02 - 19401216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-05-24 12:02 - 2019-05-03 08:02 - 04866048 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-05-24 12:02 - 2019-05-03 08:01 - 08189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-05-24 12:02 - 2019-05-03 08:00 - 06661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-05-24 12:02 - 2019-05-03 08:00 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-05-24 12:02 - 2019-05-03 07:59 - 07593472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-05-24 12:02 - 2019-05-03 07:59 - 05788672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-05-24 12:02 - 2019-05-03 07:59 - 03710976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-05-24 12:02 - 2019-05-03 07:58 - 02175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-05-24 12:02 - 2019-05-03 07:58 - 00894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-05-24 12:02 - 2019-05-03 07:57 - 01826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-05-24 12:02 - 2019-05-03 07:57 - 01560576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-05-24 12:02 - 2019-05-03 07:57 - 01549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-05-24 12:02 - 2019-05-03 07:57 - 00808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-05-24 12:02 - 2019-05-03 07:56 - 01803776 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-05-24 12:02 - 2019-05-03 07:55 - 03090432 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-05-24 12:02 - 2019-05-03 07:55 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-05-24 12:02 - 2019-05-03 07:54 - 01628672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-05-24 12:02 - 2019-05-03 07:54 - 01097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-05-24 12:02 - 2019-05-03 07:54 - 00961024 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-05-24 12:02 - 2019-05-03 07:54 - 00669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-05-24 12:02 - 2019-05-03 07:54 - 00535552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-05-24 12:02 - 2019-04-19 12:54 - 00720200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-05-24 12:02 - 2019-04-19 12:39 - 12754944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-05-24 12:02 - 2019-04-19 11:44 - 01454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-05-24 12:02 - 2019-04-19 11:28 - 11940864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-05-24 12:02 - 2019-04-19 07:07 - 00985400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2019-05-24 12:02 - 2019-04-19 07:06 - 02571632 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-05-24 12:02 - 2019-04-19 07:06 - 00798520 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2019-05-24 12:02 - 2019-04-19 07:01 - 01982008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-05-24 12:02 - 2019-04-19 06:43 - 00150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-05-24 12:02 - 2019-04-19 06:42 - 04384256 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-05-24 12:02 - 2019-04-19 06:39 - 05307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-05-24 12:02 - 2019-04-19 06:39 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-05-24 12:02 - 2019-04-19 06:38 - 02368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-05-24 12:02 - 2019-04-19 06:36 - 02909696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-05-24 12:02 - 2019-04-19 06:35 - 01458688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2019-05-24 12:02 - 2019-04-19 06:35 - 01175552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2019-05-24 12:02 - 2019-04-19 06:35 - 01156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-05-24 12:02 - 2019-04-19 06:35 - 00607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-05-24 12:02 - 2019-04-09 03:48 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-05-24 12:02 - 2019-04-02 14:11 - 01857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2019-05-24 12:02 - 2019-04-02 10:21 - 02467536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-05-24 12:02 - 2019-04-02 10:19 - 00786080 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-05-24 12:02 - 2019-04-02 07:05 - 01989544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-05-24 12:02 - 2019-04-02 07:04 - 00604008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-05-24 12:02 - 2019-03-14 16:52 - 03933296 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-05-24 12:02 - 2019-03-14 16:29 - 00882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2019-05-24 12:02 - 2019-03-14 16:08 - 03611264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-05-24 12:02 - 2019-03-14 10:37 - 01171568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2019-05-24 12:02 - 2019-03-14 10:26 - 02421048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-05-24 12:02 - 2019-03-14 10:26 - 01014344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-05-24 12:02 - 2019-03-14 10:22 - 02700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-05-24 12:02 - 2019-03-14 10:19 - 02969600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-05-24 12:02 - 2019-03-14 10:17 - 02258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-05-24 12:02 - 2019-03-14 09:58 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-05-24 12:02 - 2019-03-14 09:58 - 02509824 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2019-05-24 12:02 - 2019-03-14 09:56 - 03392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-05-24 12:02 - 2019-03-14 09:55 - 03601920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2019-05-24 12:02 - 2019-03-14 09:55 - 02739200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-05-24 12:02 - 2019-03-14 09:51 - 01216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-05-24 12:02 - 2019-03-14 09:51 - 01058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-05-24 12:02 - 2019-03-14 09:50 - 01410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-05-24 12:02 - 2019-03-14 09:50 - 00947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-05-24 12:02 - 2019-03-14 09:50 - 00847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2019-05-24 12:01 - 2019-05-03 14:14 - 00790208 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-05-24 12:01 - 2019-05-03 14:13 - 00396088 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2019-05-24 12:01 - 2019-05-03 13:55 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-05-24 12:01 - 2019-05-03 13:54 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-05-24 12:01 - 2019-05-03 13:52 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-05-24 12:01 - 2019-05-03 13:50 - 04054528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-05-24 12:01 - 2019-05-03 13:49 - 01288704 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-05-24 12:01 - 2019-05-03 13:49 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-05-24 12:01 - 2019-05-03 13:49 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-05-24 12:01 - 2019-05-03 13:43 - 01027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-05-24 12:01 - 2019-05-03 13:25 - 04055040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-05-24 12:01 - 2019-05-03 08:34 - 00159864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2019-05-24 12:01 - 2019-05-03 08:33 - 00709720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-05-24 12:01 - 2019-05-03 08:33 - 00568104 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-05-24 12:01 - 2019-05-03 08:33 - 00134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-05-24 12:01 - 2019-05-03 08:33 - 00076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-05-24 12:01 - 2019-05-03 08:33 - 00063072 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptdll.dll
2019-05-24 12:01 - 2019-05-03 08:32 - 00793640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-05-24 12:01 - 2019-05-03 08:32 - 00776784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-05-24 12:01 - 2019-05-03 08:32 - 00493880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-05-24 12:01 - 2019-05-03 08:32 - 00438984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-05-24 12:01 - 2019-05-03 08:32 - 00209208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-05-24 12:01 - 2019-05-03 08:32 - 00170296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-05-24 12:01 - 2019-05-03 08:32 - 00164664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2019-05-24 12:01 - 2019-05-03 08:31 - 01260480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-05-24 12:01 - 2019-05-03 08:31 - 01141224 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-05-24 12:01 - 2019-05-03 08:31 - 00983632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-05-24 12:01 - 2019-05-03 08:31 - 00545808 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-05-24 12:01 - 2019-05-03 08:31 - 00412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-05-24 12:01 - 2019-05-03 08:31 - 00115728 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-05-24 12:01 - 2019-05-03 08:20 - 00434704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-05-24 12:01 - 2019-05-03 08:20 - 00384976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-05-24 12:01 - 2019-05-03 08:20 - 00192016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-05-24 12:01 - 2019-05-03 08:20 - 00146920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2019-05-24 12:01 - 2019-05-03 08:19 - 00665224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-05-24 12:01 - 2019-05-03 08:19 - 00056288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptdll.dll
2019-05-24 12:01 - 2019-05-03 08:00 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-processor-power-events.dll
2019-05-24 12:01 - 2019-05-03 08:00 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2019-05-24 12:01 - 2019-05-03 07:59 - 00514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-05-24 12:01 - 2019-05-03 07:59 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-05-24 12:01 - 2019-05-03 07:59 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-05-24 12:01 - 2019-05-03 07:58 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-05-24 12:01 - 2019-05-03 07:58 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2019-05-24 12:01 - 2019-05-03 07:56 - 00773632 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2019-05-24 12:01 - 2019-05-03 07:55 - 00659968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2019-05-24 12:01 - 2019-05-03 07:54 - 00778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2019-05-24 12:01 - 2019-05-03 07:54 - 00543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-05-24 12:01 - 2019-05-03 07:54 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-05-24 12:01 - 2019-05-03 07:53 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2019-05-24 12:01 - 2019-05-03 07:53 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2019-05-24 12:01 - 2019-05-03 07:53 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2019-05-24 12:01 - 2019-05-03 07:53 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2019-05-24 12:01 - 2019-05-03 06:38 - 00001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-05-24 12:01 - 2019-04-19 12:55 - 01634920 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-05-24 12:01 - 2019-04-19 12:38 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDSPnf.exe
2019-05-24 12:01 - 2019-04-19 12:38 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfproc.dll
2019-05-24 12:01 - 2019-04-19 12:36 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-05-24 12:01 - 2019-04-19 12:34 - 00522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2019-05-24 12:01 - 2019-04-19 07:06 - 00436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-05-24 12:01 - 2019-04-19 07:06 - 00274232 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-05-24 12:01 - 2019-04-19 07:01 - 00576016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2019-05-24 12:01 - 2019-04-19 07:01 - 00380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-05-24 12:01 - 2019-04-19 06:41 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2019-05-24 12:01 - 2019-04-19 06:41 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\EduPrintProv.exe
2019-05-24 12:01 - 2019-04-19 06:40 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-05-24 12:01 - 2019-04-19 06:40 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpnServiceDS.dll
2019-05-24 12:01 - 2019-04-19 06:40 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2019-05-24 12:01 - 2019-04-19 06:40 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2019-05-24 12:01 - 2019-04-19 06:40 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetDriverInstall.dll
2019-05-24 12:01 - 2019-04-19 06:39 - 00425472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SDDS.dll
2019-05-24 12:01 - 2019-04-19 06:39 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingASDS.dll
2019-05-24 12:01 - 2019-04-19 06:39 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-05-24 12:01 - 2019-04-19 06:39 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2019-05-24 12:01 - 2019-04-19 06:38 - 00593408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-05-24 12:01 - 2019-04-19 06:38 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-05-24 12:01 - 2019-04-19 06:38 - 00304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2019-05-24 12:01 - 2019-04-19 06:38 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2019-05-24 12:01 - 2019-04-19 06:38 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2019-05-24 12:01 - 2019-04-19 06:37 - 00445952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2019-05-24 12:01 - 2019-04-19 06:37 - 00397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2019-05-24 12:01 - 2019-04-19 06:37 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2019-05-24 12:01 - 2019-04-19 06:37 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2019-05-24 12:01 - 2019-04-19 06:37 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2019-05-24 12:01 - 2019-04-19 06:36 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-05-24 12:01 - 2019-04-19 06:36 - 00546816 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2019-05-24 12:01 - 2019-04-19 06:36 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2019-05-24 12:01 - 2019-04-19 06:35 - 01938944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2019-05-24 12:01 - 2019-04-19 06:35 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2019-05-24 12:01 - 2019-04-19 06:35 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-05-24 12:01 - 2019-04-19 06:34 - 00935936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-05-24 12:01 - 2019-04-19 06:34 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-05-24 12:01 - 2019-04-19 06:34 - 00885760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-05-24 12:01 - 2019-04-19 06:34 - 00778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-05-24 12:01 - 2019-04-19 06:34 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2019-05-24 12:01 - 2019-04-19 05:18 - 00806360 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-05-24 12:01 - 2019-04-19 05:18 - 00806360 _____ C:\WINDOWS\system32\locale.nls
2019-05-24 12:01 - 2019-04-02 14:38 - 00094008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-05-24 12:01 - 2019-04-02 14:18 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-05-24 12:01 - 2019-04-02 14:16 - 01030144 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2019-05-24 12:01 - 2019-04-02 14:15 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll
2019-05-24 12:01 - 2019-04-02 14:13 - 01605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-05-24 12:01 - 2019-04-02 14:10 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2019-05-24 12:01 - 2019-04-02 14:10 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2019-05-24 12:01 - 2019-04-02 11:07 - 01586688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2019-05-24 12:01 - 2019-04-02 10:21 - 00735680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-05-24 12:01 - 2019-04-02 10:20 - 02719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-05-24 12:01 - 2019-04-02 09:48 - 00310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2019-05-24 12:01 - 2019-04-02 09:47 - 01214464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-05-24 12:01 - 2019-04-02 09:45 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-05-24 12:01 - 2019-04-02 09:44 - 01724416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-05-24 12:01 - 2019-04-02 09:44 - 01421312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2019-05-24 12:01 - 2019-04-02 07:04 - 00560600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-05-24 12:01 - 2019-04-02 06:41 - 01540096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2019-05-24 12:01 - 2019-04-02 06:41 - 01235968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2019-05-24 12:01 - 2019-04-02 06:41 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-05-24 12:01 - 2019-04-02 06:40 - 01073664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-05-24 12:01 - 2019-03-14 16:51 - 00157192 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2019-05-24 12:01 - 2019-03-14 16:35 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfoext.dll
2019-05-24 12:01 - 2019-03-14 16:34 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-05-24 12:01 - 2019-03-14 16:33 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storqosflt.sys
2019-05-24 12:01 - 2019-03-14 16:33 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\RpcPing.exe
2019-05-24 12:01 - 2019-03-14 16:31 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2019-05-24 12:01 - 2019-03-14 16:30 - 00675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\objsel.dll
2019-05-24 12:01 - 2019-03-14 16:30 - 00440832 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2019-05-24 12:01 - 2019-03-14 16:28 - 00560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsound.dll
2019-05-24 12:01 - 2019-03-14 15:53 - 00559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\objsel.dll
2019-05-24 12:01 - 2019-03-14 15:52 - 00502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsound.dll
2019-05-24 12:01 - 2019-03-14 10:57 - 00611640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-05-24 12:01 - 2019-03-14 10:38 - 00090360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpr.dll
2019-05-24 12:01 - 2019-03-14 10:28 - 00152072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2019-05-24 12:01 - 2019-03-14 10:27 - 00097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpr.dll
2019-05-24 12:01 - 2019-03-14 10:26 - 00481048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2019-05-24 12:01 - 2019-03-14 10:26 - 00175416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-05-24 12:01 - 2019-03-14 10:18 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2019-05-24 12:01 - 2019-03-14 10:18 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-05-24 12:01 - 2019-03-14 10:17 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-05-24 12:01 - 2019-03-14 10:17 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2019-05-24 12:01 - 2019-03-14 10:15 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2019-05-24 12:01 - 2019-03-14 10:15 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-05-24 12:01 - 2019-03-14 10:15 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShellCommonCommonProxyStub.dll
2019-05-24 12:01 - 2019-03-14 10:15 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\negoexts.dll
2019-05-24 12:01 - 2019-03-14 10:14 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-05-24 12:01 - 2019-03-14 10:14 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-05-24 12:01 - 2019-03-14 10:14 - 00735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2019-05-24 12:01 - 2019-03-14 10:14 - 00345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-05-24 12:01 - 2019-03-14 10:14 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2019-05-24 12:01 - 2019-03-14 10:13 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2019-05-24 12:01 - 2019-03-14 09:57 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-05-24 12:01 - 2019-03-14 09:56 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2019-05-24 12:01 - 2019-03-14 09:56 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2019-05-24 12:01 - 2019-03-14 09:56 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2019-05-24 12:01 - 2019-03-14 09:56 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-05-24 12:01 - 2019-03-14 09:55 - 00528896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2019-05-24 12:01 - 2019-03-14 09:55 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2019-05-24 12:01 - 2019-03-14 09:55 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-05-24 12:01 - 2019-03-14 09:55 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2019-05-24 12:01 - 2019-03-14 09:55 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmapi.dll
2019-05-24 12:01 - 2019-03-14 09:55 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntlanman.dll
2019-05-24 12:01 - 2019-03-14 09:55 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\credui.dll
2019-05-24 12:01 - 2019-03-14 09:54 - 00395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-05-24 12:01 - 2019-03-14 09:54 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-05-24 12:01 - 2019-03-14 09:54 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2019-05-24 12:01 - 2019-03-14 09:54 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2019-05-24 12:01 - 2019-03-14 09:54 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2019-05-24 12:01 - 2019-03-14 09:54 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-05-24 12:01 - 2019-03-14 09:54 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\negoexts.dll
2019-05-24 12:01 - 2019-03-14 09:54 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2019-05-24 12:01 - 2019-03-14 09:53 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2019-05-24 12:01 - 2019-03-14 09:53 - 00473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-05-24 12:01 - 2019-03-14 09:53 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-05-24 12:01 - 2019-03-14 09:52 - 00532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2019-05-24 12:01 - 2019-03-14 09:52 - 00404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShellCommonCommonProxyStub.dll
2019-05-24 12:01 - 2019-03-14 09:52 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2019-05-24 12:01 - 2019-03-14 09:51 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\TetheringMgr.dll
2019-05-24 12:01 - 2019-03-14 09:50 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2019-05-24 12:01 - 2019-03-14 09:50 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-05-24 12:01 - 2019-03-14 09:50 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-05-24 12:00 - 2019-05-03 13:43 - 00662328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-05-24 12:00 - 2019-05-03 13:30 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-05-24 12:00 - 2019-05-03 13:30 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-05-24 12:00 - 2019-05-03 13:28 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2019-05-24 12:00 - 2019-05-03 13:27 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2019-05-24 12:00 - 2019-05-03 13:26 - 00425472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-05-24 12:00 - 2019-05-03 08:43 - 00177128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2019-05-24 12:00 - 2019-05-03 08:31 - 01098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-05-24 12:00 - 2019-05-03 08:18 - 01130568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-05-24 12:00 - 2019-05-03 07:59 - 01307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2019-05-24 12:00 - 2019-05-03 07:59 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-05-24 12:00 - 2019-05-03 07:58 - 01708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-05-24 12:00 - 2019-05-03 07:58 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-05-24 12:00 - 2019-05-03 07:58 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-05-24 12:00 - 2019-05-03 07:57 - 01295872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2019-05-24 12:00 - 2019-05-03 07:57 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-05-24 12:00 - 2019-05-03 07:57 - 00561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-05-24 12:00 - 2019-05-03 07:56 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-05-24 12:00 - 2019-05-03 07:56 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-05-24 12:00 - 2019-05-03 07:54 - 00845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-05-24 12:00 - 2019-05-03 07:54 - 00776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-05-24 12:00 - 2019-05-03 07:54 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2019-05-24 12:00 - 2019-05-03 07:54 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-05-24 12:00 - 2019-04-23 09:13 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-05-24 12:00 - 2019-04-23 08:14 - 00868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-05-24 12:00 - 2019-04-19 12:40 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-05-24 12:00 - 2019-04-19 11:37 - 00607960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-05-24 12:00 - 2019-04-19 11:30 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfproc.dll
2019-05-24 12:00 - 2019-04-19 11:26 - 02405888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-05-24 12:00 - 2019-04-19 11:25 - 00423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2019-05-24 12:00 - 2019-04-19 07:06 - 00713264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-05-24 12:00 - 2019-04-19 07:02 - 00831800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2019-05-24 12:00 - 2019-04-19 07:01 - 00581592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-05-24 12:00 - 2019-04-19 06:37 - 00953856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2019-05-24 12:00 - 2019-04-19 06:37 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2019-05-24 12:00 - 2019-04-19 06:36 - 01300992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2019-05-24 12:00 - 2019-04-19 06:36 - 00814592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-05-24 12:00 - 2019-04-19 06:36 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-05-24 12:00 - 2019-04-19 06:35 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2019-05-24 12:00 - 2019-04-19 06:35 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2019-05-24 12:00 - 2019-04-09 03:48 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-05-24 12:00 - 2019-04-09 03:48 - 00376320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2019-05-24 12:00 - 2019-04-09 03:48 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-05-24 12:00 - 2019-04-09 03:48 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-05-24 12:00 - 2019-04-02 11:11 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-05-24 12:00 - 2019-04-02 11:10 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll
2019-05-24 12:00 - 2019-03-14 16:33 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2019-05-24 12:00 - 2019-03-14 15:56 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
2019-05-24 12:00 - 2019-03-14 15:55 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RpcPing.exe
2019-05-24 12:00 - 2019-03-14 15:53 - 00625664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2019-05-24 12:00 - 2019-03-14 15:53 - 00375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2019-05-24 12:00 - 2019-03-14 10:56 - 00375096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-05-24 12:00 - 2019-03-14 10:18 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credui.dll
2019-05-24 12:00 - 2019-03-14 10:17 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcmapi.dll
2019-05-24 12:00 - 2019-03-14 10:17 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntlanman.dll
2019-05-24 12:00 - 2019-03-14 10:14 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-05-24 12:00 - 2019-03-14 10:13 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2019-05-24 12:00 - 2019-03-14 09:55 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncCsp.dll
2019-05-24 12:00 - 2019-03-14 09:55 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\EASPolicyManagerBrokerHost.exe
2019-05-24 12:00 - 2019-03-14 09:50 - 01587712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2019-05-24 12:00 - 2019-03-14 03:57 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2019-05-23 23:43 - 2019-05-23 23:50 - 00049587 _____ C:\Users\bublinka\Desktop\Addition.txt
2019-05-23 23:37 - 2019-05-25 10:24 - 00026724 _____ C:\Users\bublinka\Desktop\FRST.txt
2019-05-23 23:22 - 2019-05-23 23:22 - 00000000 _____ C:\WINDOWS\invcol.tmp
2019-05-23 23:09 - 2019-05-23 23:10 - 00038560 _____ C:\Users\bublinka\Documents\cc_20190523_230954.reg
2019-05-23 22:11 - 2019-05-23 22:11 - 00002565 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-05-23 22:11 - 2019-05-23 22:11 - 00002537 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project.lnk
2019-05-23 22:11 - 2019-05-23 22:11 - 00002526 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2019-05-23 22:11 - 2019-05-23 22:11 - 00002507 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visio.lnk
2019-05-23 22:11 - 2019-05-23 22:11 - 00002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-05-23 22:11 - 2019-05-23 22:11 - 00002486 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-05-23 22:11 - 2019-05-23 22:11 - 00002482 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-05-23 22:11 - 2019-05-23 22:11 - 00002477 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-05-23 22:11 - 2019-05-23 22:11 - 00002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-05-23 22:11 - 2019-05-23 22:11 - 00002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-05-23 22:11 - 2019-05-23 22:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje balíka Microsoft Office
2019-05-23 22:11 - 2019-05-23 22:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje balíka Microsoft Office
2019-05-23 21:52 - 2019-05-23 22:07 - 00033134 _____ C:\Users\bublinka\Downloads\Addition.txt
2019-05-23 21:38 - 2019-05-23 22:17 - 00036480 _____ C:\Users\bublinka\Downloads\FRST.txt
2019-05-23 21:36 - 2019-05-23 21:36 - 02435072 _____ (Farbar) C:\Users\bublinka\Downloads\FRST64.exe
2019-05-23 20:32 - 2019-05-23 20:36 - 00000000 ____D C:\Users\bublinka\Downloads\Lucinka
2019-05-23 20:23 - 2019-05-23 20:23 - 00020978 _____ C:\Users\bublinka\Downloads\[CzT]Lucinka_Pusinka_Logopedia_2015_SK_1080pHD_ (2).torrent
2019-05-23 18:55 - 2019-05-23 18:56 - 21116984 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-05-25 10:25 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\Registration
2019-05-25 10:24 - 2016-05-01 11:43 - 00000000 ____D C:\FRST
2019-05-25 10:23 - 2018-04-12 01:38 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-05-25 10:23 - 2015-08-27 00:32 - 00000000 __SHD C:\Users\bublinka\IntelGraphicsProfiles
2019-05-25 10:20 - 2018-10-30 07:24 - 00000000 ____D C:\Program Files\McAfee
2019-05-25 10:20 - 2018-06-04 19:11 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-05-25 10:20 - 2016-11-08 13:33 - 00000000 ____D C:\Program Files\Common Files\McAfee
2019-05-25 10:20 - 2014-11-01 19:43 - 00000000 ____D C:\ProgramData\McAfee
2019-05-25 10:19 - 2018-04-11 23:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2019-05-25 10:10 - 2018-06-04 18:31 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2019-05-24 23:17 - 2018-04-12 01:38 - 00000000 ___HD C:\Program Files\WindowsApps
2019-05-24 23:06 - 2018-06-04 18:54 - 01689050 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-05-24 23:06 - 2018-04-12 17:50 - 00705940 _____ C:\WINDOWS\system32\perfh005.dat
2019-05-24 23:06 - 2018-04-12 17:50 - 00144404 _____ C:\WINDOWS\system32\perfc005.dat
2019-05-24 23:06 - 2018-04-12 01:36 - 00000000 ____D C:\WINDOWS\INF
2019-05-24 22:59 - 2018-06-04 18:31 - 00485200 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\system32\zu-ZA
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\system32\yo-NG
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\system32\xh-ZA
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\system32\wo-SN
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\system32\tn-ZA
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\system32\ti-ET
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\system32\rw-RW
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\system32\nso-ZA
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\system32\ig-NG
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\system32\chr-CHER-US
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2019-05-24 22:54 - 2018-04-12 01:38 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-05-24 22:54 - 2018-04-12 01:38 - 00000000 ___RD C:\Program Files\Windows Defender
2019-05-24 22:54 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\TextInput
2019-05-24 22:54 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\ShellExperiences
2019-05-24 22:54 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\bcastdvr
2019-05-24 22:52 - 2016-05-01 05:30 - 00000000 ____D C:\AdwCleaner
2019-05-24 13:35 - 2017-10-09 19:32 - 00000000 ____D C:\Users\bublinka\AppData\Local\ElevatedDiagnostics
2019-05-24 13:08 - 2015-07-15 11:35 - 00002315 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-05-24 13:08 - 2015-07-15 11:35 - 00002274 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-05-24 12:45 - 2018-07-19 12:01 - 00000000 ____D C:\Users\bublinka\AppData\Roaming\vlc
2019-05-24 12:04 - 2018-04-12 01:30 - 00000000 ____D C:\WINDOWS\CbsTemp
2019-05-24 11:39 - 2018-07-18 21:37 - 00001141 _____ C:\Users\Public\Desktop\VLC media player.lnk
2019-05-24 08:40 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\AppReadiness
2019-05-24 00:21 - 2015-07-22 09:21 - 00000000 ____D C:\WINDOWS\system32\MRT
2019-05-24 00:09 - 2015-07-22 09:20 - 132445408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-05-23 23:24 - 2018-11-17 20:06 - 00000000 ____D C:\Program Files\rempl
2019-05-23 23:17 - 2016-11-08 13:33 - 00000000 ____D C:\Program Files (x86)\McAfee
2019-05-23 23:13 - 2018-06-04 18:40 - 00000000 ____D C:\Users\bublinka
2019-05-23 23:07 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2019-05-23 23:03 - 2016-05-03 16:41 - 00000000 ____D C:\Users\bublinka\AppData\Roaming\uTorrent
2019-05-23 22:37 - 2014-11-01 19:42 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2019-05-23 22:24 - 2018-04-12 01:38 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2019-05-23 20:59 - 2017-12-18 04:43 - 00000000 ____D C:\Users\bublinka\AppData\Local\Packages
2019-05-23 20:20 - 2016-04-14 15:09 - 00015800 _____ (ESET) C:\WINDOWS\system32\Drivers\eelam.sys
2019-05-23 19:00 - 2014-11-01 19:41 - 00000000 ____D C:\ProgramData\PCDr
2019-05-23 18:59 - 2018-06-04 19:11 - 00003456 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-05-23 18:59 - 2018-06-04 19:11 - 00003332 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-05-23 18:56 - 2018-06-04 19:11 - 00004610 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-05-23 18:56 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-05-23 18:55 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\system32\Macromed
2019-05-13 15:24 - 2014-11-01 19:41 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2019-05-13 15:19 - 2017-07-10 15:06 - 00000000 ____D C:\ProgramData\SupportAssist
2019-05-04 01:53 - 2019-02-17 10:00 - 00835688 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-05-04 01:53 - 2019-02-17 10:00 - 00179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-04-28 00:12 - 2018-06-04 19:11 - 00004470 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
==================== Files in the root of some directories =======
2017-06-02 00:36 - 2017-06-02 00:36 - 0000000 _____ () C:\ProgramData\DP45977C.lfl
Some files in TEMP:
====================
C:\Users\bublinka\AppData\Local\Temp\vlc-3.0.6-win32.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-06-04 18:31
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:30-04-2016
Ran by bublinka (2019-05-23 23:43:37)
Running from C:\Users\bublinka\Desktop
Windows 10 Home Version 1803 (X64) (2018-06-04 17:12:37)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-242124988-2545093545-445695849-500 - Administrator - Disabled)
bublinka (S-1-5-21-242124988-2545093545-445695849-1001 - Administrator - Enabled) => C:\Users\bublinka
DefaultAccount (S-1-5-21-242124988-2545093545-445695849-503 - Limited - Disabled)
Guest (S-1-5-21-242124988-2545093545-445695849-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-242124988-2545093545-445695849-1003 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-242124988-2545093545-445695849-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.192 - Adobe)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.2.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MX450 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX450_series) (Version: 1.00 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.44 - Piriform)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.7.5.60 - Dell Inc.)
Dell Customer Connect (HKLM-x32\...\{4FA72FF9-DD64-43A8-8704-6380A11F11D5}) (Version: 1.4.15.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{693A23FB-F28B-4F7A-A720-4C1263F97F43}) (Version: 3.1.1002.0 - Dell Products, LP)
Dell Product Registration (HKLM-x32\...\{24F2AD94-CC1B-4294-B184-D4D31A3186A7}) (Version: 2.42.0012 - Aviata Inc.)
Dell SupportAssist (HKLM\...\{0309AC01-330F-494C-B27D-58E297E4674F}) (Version: 3.2.1.94 - Dell Inc.)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 19.2.17.64 - Synaptics Incorporated)
Dell Update (HKLM-x32\...\{5EBBC1DA-975F-44A0-B438-F325BCD45577}) (Version: 3.0.1 - Dell Inc.)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
Dropbox 20 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 0.9.0 - Dropbox, Inc.)
ESET Security (HKLM\...\{3EB22EED-2263-4174-9F36-09BD15A7AEF8}) (Version: 12.1.34.0 - ESET, spol. s r.o.)
Fotor 3.0.0 (HKLM-x32\...\Fotor) (Version: 3.0.0 - Everimaging Co., Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.103 - Spoločnosť Google Inc.)
Google Update Helper (x32 Version: 1.3.34.11 - Google LLC) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
jwDuplFiles 2.0 (HKLM-x32\...\jwDuplFiles_is1) (Version: - jw)
LibreOffice 4.4.4.3 (HKLM-x32\...\{5B6D82BB-CC1A-431E-8991-3E57855F99C5}) (Version: 4.4.4.3 - The Document Foundation)
McAfee True Key (HKLM\...\TrueKey) (Version: 5.3.138.1 - McAfee, LLC)
Microsoft Office 2016 Professional Plus - sk-sk (HKLM\...\ProplusRetail - sk-sk) (Version: 16.0.11629.20164 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-242124988-2545093545-445695849-1001\...\OneDriveSetup.exe) (Version: 19.033.0218.0006 - Microsoft Corporation)
Microsoft Project Professional 2016 - en-us (HKLM\...\ProjectProRetail - en-us) (Version: 16.0.11629.20164 - Microsoft Corporation)
Microsoft Project Professional 2016 - sk-sk (HKLM\...\ProjectProRetail - sk-sk) (Version: 16.0.11629.20164 - Microsoft Corporation)
Microsoft Visio Professional 2016 - en-us (HKLM\...\VisioProRetail - en-us) (Version: 16.0.11629.20164 - Microsoft Corporation)
Microsoft Visio Professional 2016 - sk-sk (HKLM\...\VisioProRetail - sk-sk) (Version: 16.0.11629.20164 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
MPC-HC 1.7.10 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.10 - MPC-HC Team)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.11629.20164 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.11629.20164 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.11629.20164 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.11629.20164 - Microsoft Corporation) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.21 - Dell Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7544 - Realtek Semiconductor Corp.)
Skype™ 7.36 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.36.101 - Skype Technologies S.A.)
SmartByte Drivers and Services (HKLM\...\{EC62F71A-6CFA-4918-9EBC-99BFF86DB3C9}) (Version: 1.2.600 - Meno vašej spoločnosti)
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.11.0052 - ST Microelectronics)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C3ACFCEA-240F-4DCC-A0C3-DD55FEE6C3C2}) (Version: 2.58.0.0 - Microsoft Corporation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.3 - VideoLAN)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-242124988-2545093545-445695849-1001_Classes\CLSID\{021E4F06-9DCC-49AD-88CF-ECC2DA314C8A}\localserver32 -> C:\Users\bublinka\AppData\Local\Microsoft\OneDrive\19.033.0218.0006\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-242124988-2545093545-445695849-1001_Classes\CLSID\{389510b7-9e58-40d7-98bf-60b911cb0ea9}\localserver32 -> C:\Users\bublinka\AppData\Local\Microsoft\OneDrive\19.033.0218.0006\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-242124988-2545093545-445695849-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\bublinka\AppData\Local\Microsoft\OneDrive\19.033.0218.0006\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-242124988-2545093545-445695849-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-242124988-2545093545-445695849-1001_Classes\CLSID\{94269C4E-071A-4116-90E6-52E557067E4E}\localserver32 -> C:\Users\bublinka\AppData\Local\Microsoft\OneDrive\19.033.0218.0006\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-242124988-2545093545-445695849-1001_Classes\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}\localserver32 -> C:\Users\bublinka\AppData\Local\Microsoft\OneDrive\19.033.0218.0006\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-242124988-2545093545-445695849-1001_Classes\CLSID\{A926714B-7BFC-4D08-A035-80021395FFA8}\localserver32 -> C:\Users\bublinka\AppData\Local\Microsoft\OneDrive\19.033.0218.0006\FileCoAuth.exe (Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {01B66E1D-A38C-4E34-AD5B-CEA2B97F3723} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {01EC02E2-C2FA-428D-86BC-9D2ED37C0E19} - System32\Tasks\{99D82FB3-2385-4717-B8F4-9088690B7994} => Chrome.exe hxxps://ui.skype.com/ui/0/7.40.0.104/sk/go/help.faq.installer?LastError=1603
Task: {042D8A51-5878-4000-9C10-C04AFF122A1F} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleCommand
Task: {04B3E894-DE5B-4C4A-9AA7-CA8F7CE43583} - System32\Tasks\Microsoft\Windows\Management\Provisioning\Cellular => C:\Windows\system32\ProvTool.exe [2018-04-12] (Microsoft Corporation)
Task: {05E14797-9C69-4044-9D9F-FD9E85FCB31D} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-04-28] (Adobe)
Task: {09928EDD-8282-4D2A-8DD3-8FF4A7F31EB4} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_192_pepper.exe [2019-05-23] (Adobe)
Task: {0A02C7EF-953D-4375-8695-251FA52A6C70} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2019-05-20] (Microsoft Corporation)
Task: {0A7AA876-862F-4F81-AA4B-B73950FA632C} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndScanForUpdates
Task: {15F6E1FB-C795-48D3-B776-BF3ACB72A272} - System32\Tasks\Microsoft\Windows\SMB\UninstallSMB1ClientTask => powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& %windir%\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Client"
Task: {1A6B572B-305A-4E8E-89DC-2AB68F501B7B} - System32\Tasks\{A5C32C1C-4276-496E-814E-C24EC7884B4E} => pcalua.exe -a "C:\Program Files\McAfee Security Scan\uninstall.exe"
Task: {1BE936D4-EE40-4F04-84E0-18FFD27C0A6A} - System32\Tasks\Microsoft\Windows\Chkdsk\SyspartRepair => C:\Windows\system32\bcdboot.exe [2018-04-12] (Microsoft Corporation)
Task: {1D50DE34-EC88-4E20-BEFC-D39477A96CEA} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon => C:\Windows\System32\XblGameSaveTask.exe [2018-04-12] (Microsoft Corporation)
Task: {1F8E7195-E1DF-4F2F-8CE4-CB57EFDC7422} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2019-02-09] (Piriform Software Ltd)
Task: {2231CAFE-FABE-41F5-A0B3-842D9319DBF9} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierinstall => C:\Windows\system32\AppHostRegistrationVerifier.exe [2018-06-04] (Microsoft Corporation)
Task: {2631B695-B48B-4E0C-AECF-4D936E22D671} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [2019-04-10] (Dell Inc.)
Task: {28F8D7DF-EB44-4C61-A20B-AF2BEF0BBF3E} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2019-05-23] (Microsoft Corporation)
Task: {294EF281-56B6-4F71-8115-BAC2919EF034} - System32\Tasks\Microsoft\Windows\EDP\EDP App Launch Task
Task: {29F3A47A-C0DC-48D8-ACAF-89413EE0731D} - System32\Tasks\Microsoft\Windows\UNP\RunUpdateNotificationMgr => C:\Windows\System32\UNP\UpdateNotificationMgr.exe [2019-02-16] (Microsoft Corporation)
Task: {2B8C98EC-1B42-437C-A517-1A31A71F1789} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2019-05-23] (Microsoft Corporation)
Task: {2BB692C1-F60F-479E-ADC2-1CAF9422A2AC} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitorToastTask
Task: {2DBD790D-172A-4CFA-B3F7-824D7509680F} - System32\Tasks\Microsoft\Windows\PushToInstall\Registration => Sc.exe start pushtoinstall registration
Task: {2E2F9ADD-000F-4459-B074-DB62A7324E8D} - System32\Tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition => C:\Windows\system32\ClipRenew.exe [2018-04-12] (Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe
Task: {3BD6E422-FB19-48CD-A568-7E535F85B9E8} - System32\Tasks\Dell\Dell Product Registration Update => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [2014-10-31] (Aviata Inc)
Task: {430852CB-A87C-492E-A659-075C7BF1710C} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndContinueUpdates
Task: {457E0773-263C-44AF-A601-CE88231F03F6} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {51D31EBF-545E-411D-A21A-CB34004CC384} - System32\Tasks\Microsoft\Windows\ExploitGuard\ExploitGuard MDM policy Refresh
Task: {541BA5BF-1736-4A3E-B1E5-CE1C9EE13043} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdates
Task: {577C3956-E492-42A5-AEFB-FDC54A537C64} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePolicyChange
Task: {57A7E0DF-F70E-43B1-AA2C-5BA67DBBE753} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefreshTask
Task: {582FC1AC-F302-46B4-A283-5462926E5AB5} - System32\Tasks\Microsoft\Windows\Subscription\LicenseAcquisition => C:\Windows\system32\ClipRenew.exe [2018-04-12] (Microsoft Corporation)
Task: {5DB4FD20-4FF2-4C58-9801-ADD6F0149633} - System32\Tasks\Microsoft\Windows\EDP\EDP Inaccessible Credentials Task
Task: {62331915-A3E9-4B6E-9686-86034377E8CF} - System32\Tasks\Microsoft\Windows\USB\Usb-Notifications
Task: {65A34F07-723D-4150-B109-13BD1AE3DFAA} - System32\Tasks\Microsoft\Windows\InstallService\SmartRetry
Task: {65B55775-10A6-47EB-97F8-4E8CEC576235} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2019-05-23] (Microsoft Corporation)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\Windows\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {6DE4F7DC-0B8D-404A-A6C9-83241658F8CA} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierdaily => C:\Windows\system32\AppHostRegistrationVerifier.exe [2018-06-04] (Microsoft Corporation)
Task: {7138D0D3-1873-4A77-86CF-4840F491C90F} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTask => C:\Windows\System32\XblGameSaveTask.exe [2018-04-12] (Microsoft Corporation)
Task: {71560483-D9E9-4D02-970C-ECDEE5A80C3E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {749E286C-C205-4C7C-B742-BE5023BF06DE} - System32\Tasks\Microsoft\Windows\PushToInstall\LoginCheck => Sc.exe start pushtoinstall login
Task: {78BABCCD-20B8-49B7-B4F8-87490C41C875} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdatesAsUser
Task: {79CA8FC1-01E5-4E56-BF5C-01A81F37C43E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2019-05-23] (Microsoft Corporation)
Task: {7B90F132-1039-441B-99DD-264EC9EC84FB} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {7C145D48-7B72-4F20-BB0F-295358D64475} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2019-05-20] (Microsoft Corporation)
Task: {7D885CF2-5168-4B9A-B79C-32CE5CBCD635} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {7EAE5A6B-00F4-4B9F-A255-E1C163B587A1} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\LocateCommandUserSession
Task: {83A83211-ACB0-4A1D-8987-72CA75E4BFD4} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2017-12-19] (Synaptics Incorporated)
Task: {89D7F92C-2599-494E-B7C9-72ECAAAF4AB7} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\sedlauncher.exe [2019-05-11] (Microsoft Corporation)
Task: {8C9C9D81-3770-4016-865E-B3C8E72EB828} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-12-16] (Realtek Semiconductor)
Task: {8CB4602D-5E79-403F-8CC7-5100DFCDFD56} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {8CCDCCC3-88F0-4860-84BE-5AC16A1C6FA9} - System32\Tasks\Microsoft\Windows\SharedPC\Account Cleanup => Rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
Task: {8DAC8040-1E5E-4D55-B3B0-DFD9D5E21F16} - System32\Tasks\SmartByte Telemetry => C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe [2018-03-20] (DELL)
Task: {8F255F88-A87A-495F-B828-A4AFEC70BDB0} - System32\Tasks\Microsoft\Windows\DirectX\DXGIAdapterCache => C:\Windows\system32\dxgiadaptercache.exe [2018-04-12] (Microsoft Corporation)
Task: {8F42DD19-D14E-4E1A-BF26-510AE17376EB} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {97842C3A-73DD-4B5B-A696-BA06851DAA5C} - System32\Tasks\{3C880F33-978C-47A1-B02C-B2658B44DB11} => Chrome.exe hxxps://ui.skype.com/ui/0/7.40.0.104/sk/abandoninstall?page=tsProgressBar
Task: {97E8D66D-0085-423C-BA11-DD777A1258AB} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask => C:\Windows\system32\MDMAgent.exe [2018-04-12] (Microsoft Corporation)
Task: {9AF63E86-014A-4341-AEAB-DCB9E7B453D7} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2019-05-23] (Microsoft Corporation)
Task: {A305A840-EC8B-4C66-8EA8-5FF15F129CD2} - System32\Tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask => C:\Windows\system32\speech_onecore\common\SpeechModelDownload.exe [2018-04-12] (Microsoft Corporation)
Task: {AA5E519C-6234-454E-BAB7-E294E91CF45E} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-242124988-2545093545-445695849-1001 => C:\Users\bublinka\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {B0952E0A-C54F-4E8B-95E9-90E560086B37} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleWnsCommand
Task: {B14C88F4-4AAC-4F00-A94E-8EA180D7AEDC} - System32\Tasks\Microsoft\Windows\DiskFootprint\StorageSense
Task: {B27B93AE-52E3-4464-BA13-67402C269B4E} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures
Task: {B2F4AC84-A8D0-4524-9363-BFF5A5911A00} - System32\Tasks\Microsoft\Windows\BrokerInfrastructure\BgTaskRegistrationMaintenanceTask
Task: {B9D261F9-B457-487D-9012-F970DABA77B7} - System32\Tasks\Microsoft\Windows\SMB\UninstallSMB1ServerTask => powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& %windir%\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Server"
Task: {BA2025F6-AB93-4EA6-8F10-AB3F0CF026B7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-15] (Google Inc.)
Task: {BE8BA67A-1CC9-4255-A9B4-72015F5E3967} - System32\Tasks\Dell\Dell Product Registration => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [2014-10-31] (Aviata Inc)
Task: {C0A89418-25E8-447B-8E2C-570F6E829059} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {C2098BE2-A29A-4EB1-97F6-F0C57E086D4F} - System32\Tasks\Microsoft\Windows\Speech\HeadsetButtonPress => C:\Windows\system32\speech_onecore\common\SpeechRuntime.exe [2018-06-04] (Microsoft Corporation)
Task: {CBD6BD7F-61B1-4828-A3E2-7EFA77D2902F} - System32\Tasks\0216scUpdateInfo => C:\ProgramData\Avg_Update_0216sc\0216sc_{303F9E5E-1CF4-41CD-91E6-A2E7FEF73ACB}.exe [2016-03-30] ()
Task: {CD7E9DFE-9FC4-47BD-9BAF-EBB480DC6444} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-15] (Google Inc.)
Task: {CDA5D686-5D6C-4730-9907-B66710DC3670} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceLocationRightsChange
Task: {D010978C-B666-4072-B7F3-DD6340CDD629} - System32\Tasks\Microsoft\Windows\EDP\StorageCardEncryption Task
Task: {D1CC320B-9A47-4DB4-AFE4-2BCE1A964E7A} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\ReconcileLanguageResources
Task: {D2EFEDAF-61D5-4C52-9E5A-619AA51D9888} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {D5B3B2C7-8AF0-4D0D-A355-5216778C98D3} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {D65B4809-0CC1-46F2-B373-465C46C62D5E} - System32\Tasks\Microsoft\Windows\WaaSMedic\PerformRemediation
Task: {DD710A69-86C6-4932-97B1-01FB13ACFEF1} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceProtectionStateChanged
Task: {E0862994-9083-482D-A921-27B4860FFA21} - System32\Tasks\Microsoft\Windows\Printing\EduPrintProv => C:\Windows\system32\eduprintprov.exe [2018-04-12] (Microsoft Corporation)
Task: {E5329163-FEE5-4C81-906A-41B97007DFB5} - System32\Tasks\{16BA0183-5E65-4F34-BF82-DD904AA5727A} => Chrome.exe hxxps://ui.skype.com/ui/0/7.40.0.151/sk/abandoninstall?page=tsMain
Task: {E8BFFE70-6A84-49DA-B133-5ABDF88C5EDF} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {E9509E7E-053D-404A-B8D7-47C47BDC88F9} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [2018-12-02] (McAfee, Inc.)
Task: {EA415426-12E9-46BA-911C-4CA3B4CD643F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2019-02-09] (Piriform Software Ltd)
Task: {EFA86FF7-22AE-4997-AFD9-E89E1BF9B7D6} - System32\Tasks\Microsoft\Windows\Device Information\Device => C:\Windows\system32\devicecensus.exe [2019-02-16] (Microsoft Corporation)
Task: {F955A09C-E83A-4AD5-9ABC-7D5D7A055117} - System32\Tasks\Microsoft\Windows\EDP\EDP Auth Task
Task: {F9B0F07E-5A48-4EA4-AC6A-7866579B7CDF} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {FC779438-B7FD-4774-AA55-4DE2A4B098A4} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker MDM policy Refresh
Task: {FF9A60C0-46F6-4B0C-A400-4BCB4DC48F0B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2019-05-23] (Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\bublinka\Documents\ROBOTA - disk\HARTLOVÁ\Nagyová plocha\plocha\Passport mostov.lnk -> C:\Users\nagyova.slavka\Documents\passport.bat (No File)
==================== Loaded Modules (Whitelisted) ==============
2007-03-23 17:36 - 2007-03-23 17:36 - 00022016 _____ () C:\WINDOWS\System32\xrxs1l6.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 00491744 _____ () C:\Windows\System32\InputHost.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 00472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-12-12 09:01 - 2018-11-09 04:17 - 02759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 00491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2019-05-13 15:27 - 2019-05-13 15:27 - 02587976 _____ () C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1542\libprotobuf.dll
2018-11-12 13:46 - 2018-11-12 13:46 - 00035976 _____ () C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
2018-04-12 01:34 - 2018-04-12 01:34 - 00491744 _____ () C:\WINDOWS\SYSTEM32\InputHost.dll
2019-03-16 21:23 - 2019-03-06 10:30 - 02185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-10-24 08:39 - 2018-10-24 08:42 - 00009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2019-05-23 21:04 - 2019-05-23 21:07 - 00060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2019-05-23 21:04 - 2019-05-23 21:07 - 00182272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2019-04-07 09:13 - 2019-04-07 09:14 - 26138624 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
2019-04-07 09:13 - 2019-04-07 09:14 - 00289280 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\SharedUI.dll
2017-12-07 15:39 - 2017-12-07 15:40 - 00902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2018-12-01 21:47 - 2018-12-01 21:49 - 04202208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-04-07 09:13 - 2019-04-07 09:14 - 05709824 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\EntCommon.dll
2019-04-07 09:13 - 2019-04-07 09:14 - 08948224 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\EntPlat.dll
2019-05-23 21:04 - 2019-05-23 21:11 - 00481280 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19031.17720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2019-05-23 21:04 - 2019-05-23 21:07 - 81356800 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19031.17720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2019-05-23 21:04 - 2019-05-23 21:13 - 00012288 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19031.17720.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2017-10-07 11:12 - 2017-10-07 11:15 - 02523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19031.17720.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2019-05-23 21:04 - 2019-05-23 21:11 - 03707904 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19031.17720.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2019-05-23 21:04 - 2019-05-23 21:12 - 13491200 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19031.17720.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2019-05-23 21:04 - 2019-05-23 21:08 - 02867712 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19031.17720.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2019-05-23 21:04 - 2019-05-23 21:13 - 01014784 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19031.17720.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2019-05-23 21:04 - 2019-05-23 21:10 - 00120320 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19031.17720.0_x64__8wekyb3d8bbwe\AppSettingsCppCX.dll
2018-12-12 08:32 - 2018-12-12 08:33 - 04380232 _____ () C:\Program Files\WindowsApps\Microsoft.UI.Xaml.2.0_2.1810.18004.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2016-12-21 11:24 - 2016-12-21 11:24 - 00134008 _____ () C:\Program Files (x86)\Dell Customer Connect\ServiceTagPlusPlus.dll
2015-03-16 11:28 - 2015-03-16 11:28 - 00155528 _____ () C:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudAddService.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudBus.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetSetupSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SerCx2.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\usbaudio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2016-11-08 14:41 - 00000826 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-242124988-2545093545-445695849-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\bublinka\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run32: => "DropboxOEM"
HKU\S-1-5-21-242124988-2545093545-445695849-1001\...\StartupApproved\StartupFolder: => "LibreOffice 4.4.lnk"
HKU\S-1-5-21-242124988-2545093545-445695849-1001\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [WirelessDisplay-Infra-In-TCP] => (Allow) %systemroot%\system32\CastSrv.exe
FirewallRules: [{4F2C7FE1-3B3D-4BDF-AB39-DF5189F08DF0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{27B83E37-FF87-4062-8121-D9451252609C}C:\users\bublinka\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\bublinka\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{1A14C6EA-E98A-4328-8027-8427B35CF961}C:\users\bublinka\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\bublinka\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{36C9F198-EA04-41CA-B685-F0AEFDDCA9F7}] => (Block) C:\users\bublinka\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{FB28A465-F4FE-4C8B-B20D-6F18725EBBE9}] => (Block) C:\users\bublinka\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{8372DFC7-4547-42E3-BF8B-801B275DE631}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{9FBFECBD-CD65-43DF-9EBA-0B00566CD932}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{C6DD7A78-2FB1-4BFD-9213-4AF4057D920D}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{D74BFF13-6A6E-458E-A51B-7890A8F20994}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{24B4AAEE-81F7-4DE5-B113-BBCFDC843B58}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{717D9DB2-8175-4DD9-B822-060ECF582DBE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{20101127-35CF-4431-877A-B1470F9FFBA8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{38C74F7E-8F7B-47C3-9A90-49BB21A2CC8D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
==================== Restore Points =========================
07-04-2019 09:00:24 Windows Update
23-05-2019 22:25:04 Removed Skype™ 7.36
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/23/2019 11:32:01 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
Error: (05/23/2019 11:29:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: DDVDataCollector.exe, verzia: 5.2.8.103, časová značka: 0x5c781a2a
Názov chybujúceho modulu: DDVDataCollector.exe, verzia: 5.2.8.103, časová značka: 0x5c781a2a
Kód výnimky: 0xc0000409
Odstup chyby: 0x00000000001cfb1b
Identifikácia chybujúceho procesu: 0x21fc
Čas spustenia chybujúcej aplikácie: 0xDDVDataCollector.exe0
Cesta chybujúcej aplikácie: DDVDataCollector.exe1
Cesta chybujúceho modulu: DDVDataCollector.exe2
Identifikácia hlásenia: DDVDataCollector.exe3
Celé meno chybujúceho balíka: DDVDataCollector.exe4
Identifikácia chybujúcej aplikácie vzhľadom na balík: DDVDataCollector.exe5
Error: (05/23/2019 11:17:54 PM) (Source: TrueKey) (EventID: 0) (User: )
Description: Zpracování změny relace se nezdařilo. System.ArgumentNullException: Hodnota nemůže být NULL.
v System.Threading.Monitor.Enter(Object obj)
v McAfee.YAP.Service.Common.UsersManager.GetWindowsUsers(Boolean async)
v McAfee.YAP.Service.Service.OnSessionChange(SessionChangeDescription changeDescription)
v System.ServiceProcess.ServiceBase.DeferredSessionChange(Int32 eventType, Int32 sessionId)
Error: (05/23/2019 11:06:45 PM) (Source: ESENT) (EventID: 489) (User: )
Description: CCleaner64 (10576,G,0) An attempt to open the file "C:\Users\bublinka\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" for read only access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).
Error: (05/23/2019 11:04:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: utorrent.exe, verzia: 2.2.1.25534, časová značka: 0x4e4594ce
Názov chybujúceho modulu: GDI32.dll, verzia: 10.0.17134.285, časová značka: 0x40f0d4bd
Kód výnimky: 0xc000041d
Odstup chyby: 0x000063d7
Identifikácia chybujúceho procesu: 0xd98
Čas spustenia chybujúcej aplikácie: 0xutorrent.exe0
Cesta chybujúcej aplikácie: utorrent.exe1
Cesta chybujúceho modulu: utorrent.exe2
Identifikácia hlásenia: utorrent.exe3
Celé meno chybujúceho balíka: utorrent.exe4
Identifikácia chybujúcej aplikácie vzhľadom na balík: utorrent.exe5
Error: (05/23/2019 10:44:25 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Služba Windows Search sa zastavuje, pretože sa vyskytol problém s indexovaním, Nezdařila se fáze obnovení..
Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Vypínání indexovacího modulu (HRESULT : 0x80040d23) (0x80040d23)
Error: (05/23/2019 10:44:25 PM) (Source: Windows Search Service) (EventID: 3602) (User: )
Description: V štádiu obnovovania služby Windows Search sa vyskytla chyba, jej ID je 1. Znova spustite službu. Ak táto chyba pretrváva, znova vytvorte index.
Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Vypínání indexovacího modulu (HRESULT : 0x80040d23) (0x80040d23)
Error: (05/13/2019 03:34:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: DDVDataCollector.exe, verzia: 5.2.8.103, časová značka: 0x5c781a2a
Názov chybujúceho modulu: DDVDataCollector.exe, verzia: 5.2.8.103, časová značka: 0x5c781a2a
Kód výnimky: 0xc0000409
Odstup chyby: 0x00000000001cfb1b
Identifikácia chybujúceho procesu: 0x1490
Čas spustenia chybujúcej aplikácie: 0xDDVDataCollector.exe0
Cesta chybujúcej aplikácie: DDVDataCollector.exe1
Cesta chybujúceho modulu: DDVDataCollector.exe2
Identifikácia hlásenia: DDVDataCollector.exe3
Celé meno chybujúceho balíka: DDVDataCollector.exe4
Identifikácia chybujúcej aplikácie vzhľadom na balík: DDVDataCollector.exe5
Error: (05/13/2019 03:10:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: DDVDataCollector.exe, verzia: 5.2.7.93, časová značka: 0x5bce2506
Názov chybujúceho modulu: DDVDataCollector.exe, verzia: 5.2.7.93, časová značka: 0x5bce2506
Kód výnimky: 0xc0000409
Odstup chyby: 0x00000000001cd3cb
Identifikácia chybujúceho procesu: 0x2078
Čas spustenia chybujúcej aplikácie: 0xDDVDataCollector.exe0
Cesta chybujúcej aplikácie: DDVDataCollector.exe1
Cesta chybujúceho modulu: DDVDataCollector.exe2
Identifikácia hlásenia: DDVDataCollector.exe3
Celé meno chybujúceho balíka: DDVDataCollector.exe4
Identifikácia chybujúcej aplikácie vzhľadom na balík: DDVDataCollector.exe5
Error: (04/07/2019 05:59:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: DDVDataCollector.exe, verzia: 5.2.7.93, časová značka: 0x5bce2506
Názov chybujúceho modulu: DDVDataCollector.exe, verzia: 5.2.7.93, časová značka: 0x5bce2506
Kód výnimky: 0xc0000409
Odstup chyby: 0x00000000001cd3cb
Identifikácia chybujúceho procesu: 0x2e00
Čas spustenia chybujúcej aplikácie: 0xDDVDataCollector.exe0
Cesta chybujúcej aplikácie: DDVDataCollector.exe1
Cesta chybujúceho modulu: DDVDataCollector.exe2
Identifikácia hlásenia: DDVDataCollector.exe3
Celé meno chybujúceho balíka: DDVDataCollector.exe4
Identifikácia chybujúcej aplikácie vzhľadom na balík: DDVDataCollector.exe5
System errors:
=============
Error: (05/23/2019 11:40:23 PM) (Source: DCOM) (EventID: 10016) (User: PRISERKA)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}PRISERKAbublinkaS-1-5-21-242124988-2545093545-445695849-1001LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici
Error: (05/23/2019 11:29:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Dell Data Vault Collector sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (05/23/2019 11:21:06 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
Error: (05/23/2019 11:17:51 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici
Error: (05/23/2019 11:17:41 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici
Error: (05/23/2019 11:17:41 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici
Error: (05/23/2019 11:16:38 PM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
Description: The password notification DLL "C:\Program Files\McAfee\TrueKey\McAfeeTrueKeyPasswordFilter" failed to load with error 126. Please verify that the notification DLL path defined in the registry, HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages, refers to a correct and absolute path (<drive>:\<path>\<filename>.<ext>) and not a relative or invalid path. If the DLL path is correct, please validate that any supporting files are located in the same directory, and that the system account has read access to both the DLL path and any supporting files. Contact the provider of the notification DLL for additional support. Further details can be found on the web at http://go.microsoft.com/fwlink/?LinkId=245898.
Error: (05/23/2019 11:16:38 PM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
Description: The password notification DLL "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" failed to load with error 126. Please verify that the notification DLL path defined in the registry, HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages, refers to a correct and absolute path (<drive>:\<path>\<filename>.<ext>) and not a relative or invalid path. If the DLL path is correct, please validate that any supporting files are located in the same directory, and that the system account has read access to both the DLL path and any supporting files. Contact the provider of the notification DLL for additional support. Further details can be found on the web at http://go.microsoft.com/fwlink/?LinkId=245898.
Error: (05/23/2019 11:16:38 PM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
Description: The password notification DLL C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter failed to load with error 126. Please verify that the notification DLL path defined in the registry, HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages, refers to a correct and absolute path (<drive>:\<path>\<filename>.<ext>) and not a relative or invalid path. If the DLL path is correct, please validate that any supporting files are located in the same directory, and that the system account has read access to both the DLL path and any supporting files. Contact the provider of the notification DLL for additional support. Further details can be found on the web at http://go.microsoft.com/fwlink/?LinkId=245898.
Error: (05/13/2019 03:44:23 PM) (Source: Service Control Manager) (EventID: 7046) (User: )
Description: Nasledujúca služba sa opakovane zastavila pri reakcii na požiadavky riadenia služieb: Služba platformy připojených zařízení
Informujte sa u dodávateľa služby alebo správcu systému, kde možno túto službu vypnúť, kým sa nezistí problém.
Pred vypnutím služby možno budete musieť reštartovať počítač v bezpečnom režime.
CodeIntegrity:
===================================
Date: 2018-10-27 12:43:22.591
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-10-27 12:43:22.387
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-10-26 15:58:30.786
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-10-26 15:58:30.717
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-10-25 10:20:14.440
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-10-25 10:20:14.379
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-10-24 21:17:43.637
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-10-24 21:17:09.345
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-10-24 21:17:07.547
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-10-24 21:16:58.404
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) CPU N3530 @ 2.16GHz
Percentage of memory in use: 72%
Total physical RAM: 3978.2 MB
Available physical RAM: 1099.77 MB
Total Virtual: 6282.2 MB
Available Virtual: 2813.09 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:456.3 GB) (Free:186.52 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: BD0D5174)
Partition: GPT.
==================== End of Addition.txt ============================
tu su logy:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:30-04-2016
Ran by bublinka (administrator) on PRISERKA (25-05-2019 10:24:33)
Running from C:\Users\bublinka\Desktop
Loaded Profiles: bublinka (Available Profiles: bublinka)
Platform: Windows 10 Home Version 1803 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
Failed to access process -> Registry
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
Failed to access process -> Memory Compression
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Windows\System32\SecurityHealthService.exe
(CloudBees, Inc.) C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Rivet Networks LLC) C:\Program Files\Rivet Networks\SmartByte\RNDBWM.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17134.760_none_eaef1a361d71e348\TiWorker.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Microsoft Corporation) C:\Windows\System32\MusNotification.exe
(Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
() C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11425.20190.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.1000_x64__kzf8qxf38zg5c\SkypeApp.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.1000_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Aviata Inc) C:\Program Files (x86)\Dell Product Registration\prodreg.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\sc.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\eguiProxy.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760 2015-12-16] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-12-16] (Realtek Semiconductor)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3775816 2014-02-27] (Dell Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\ecmdS.exe [177928 2019-05-23] (ESET)
HKLM-x32\...\Run: [DropboxOEM] => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [462160 2014-09-02] ()
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452272 2012-08-31] (CANON INC.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-242124988-2545093545-445695849-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19645800 2019-02-09] (Piriform Software Ltd)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\WINDOWS\system32\mscoree.dll [2018-04-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\WINDOWS\system32\mscoree.dll [2018-04-12] (Microsoft Corporation)
Startup: C:\Users\bublinka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LibreOffice 4.4.lnk [2015-07-28]
ShortcutTarget: LibreOffice 4.4.lnk -> C:\Program Files (x86)\LibreOffice 4\program\quickstart.exe ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{cd794d0d-69ce-4331-904a-620bfdcb01a5}: [DhcpNameServer] 172.9.1.171
Tcpip\..\Interfaces\{ea9e03d6-90a3-4096-a6fe-177ca5b373b5}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{eca5f92e-6ae5-4ac4-b98c-637f2c554e0b}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{eca5f92e-6ae5-4ac4-b98c-637f2c554e0b}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-242124988-2545093545-445695849-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE13&ocid=UE13DHP
HKU\S-1-5-21-242124988-2545093545-445695849-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
HKU\S-1-5-21-242124988-2545093545-445695849-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?pc=UE13&ocid=UE13DHP
SearchScopes: HKU\S-1-5-21-242124988-2545093545-445695849-1001 -> {8E786F18-A6D8-419F-B12D-3ECF7830B782} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-05-23] (Microsoft Corporation)
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-03-15] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-05-23] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-05-23] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-05-23] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-05-23] (Microsoft Corporation)
FireFox:
========
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-03-15] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-03-15] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-23] (Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-23] (Google LLC)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\bublinka\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\bublinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-05-23]
CHR Extension: (IE Tab) - C:\Users\bublinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2019-05-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\bublinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-06]
CHR Extension: (Chrome Media Router) - C:\Users\bublinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-24]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-04-28] (Adobe)
S3 BcastDVRUserService; C:\Windows\System32\BcastDVRUserService.dll [1364992 2019-05-03] (Microsoft Corporation)
S3 BcastDVRUserService_78829; C:\WINDOWS\system32\svchost.exe [85472 2019-01-09] (Microsoft Corporation)
S3 BcastDVRUserService_78829; C:\WINDOWS\SysWOW64\svchost.exe [71456 2019-01-09] (Microsoft Corporation)
S3 BluetoothUserService; C:\Windows\System32\Microsoft.Bluetooth.UserService.dll [464384 2018-04-12] (Microsoft Corporation)
S3 BluetoothUserService_78829; C:\WINDOWS\system32\svchost.exe [85472 2019-01-09] (Microsoft Corporation)
S3 BluetoothUserService_78829; C:\WINDOWS\SysWOW64\svchost.exe [71456 2019-01-09] (Microsoft Corporation)
R3 BTAGService; C:\Windows\System32\BTAGService.dll [514048 2018-11-09] (Microsoft Corporation)
R3 BthAvctpSvc; C:\Windows\System32\BthAvctpSvc.dll [399872 2018-11-09] (Microsoft Corporation)
R3 camsvc; C:\Windows\system32\CapabilityAccessManager.dll [266752 2019-01-09] (Microsoft Corporation)
S2 CDPUserSvc; C:\Windows\System32\CDPUserSvc.dll [453632 2018-10-21] (Microsoft Corporation)
R2 CDPUserSvc_78829; C:\WINDOWS\system32\svchost.exe [85472 2019-01-09] (Microsoft Corporation)
R2 CDPUserSvc_78829; C:\WINDOWS\SysWOW64\svchost.exe [71456 2019-01-09] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11135560 2019-05-20] (Microsoft Corporation)
S2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [209392 2019-02-28] (Dell Inc.)
S2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3363824 2019-02-28] (Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [218096 2019-02-28] (Dell Inc.)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2016-12-21] (Dell Inc.)
S2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1542\DSAPI.exe [1038144 2019-05-13] (PC-Doctor, Inc.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [35976 2018-11-12] ()
S3 DellProdRegManager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [278568 2014-10-31] (Aviata, Inc.)
S3 DevicePickerUserSvc; C:\Windows\System32\Windows.Devices.Picker.dll [400896 2018-04-12] (Microsoft Corporation)
S3 DevicePickerUserSvc; C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll [312832 2018-04-12] (Microsoft Corporation)
S3 DevicePickerUserSvc_78829; C:\WINDOWS\system32\svchost.exe [85472 2019-01-09] (Microsoft Corporation)
S3 DevicePickerUserSvc_78829; C:\WINDOWS\SysWOW64\svchost.exe [71456 2019-01-09] (Microsoft Corporation)
S3 DevicesFlowUserSvc; C:\Windows\System32\DevicesFlowBroker.dll [750080 2018-04-12] (Microsoft Corporation)
S3 DevicesFlowUserSvc_78829; C:\WINDOWS\system32\svchost.exe [85472 2019-01-09] (Microsoft Corporation)
S3 DevicesFlowUserSvc_78829; C:\WINDOWS\SysWOW64\svchost.exe [71456 2019-01-09] (Microsoft Corporation)
S3 diagsvc; C:\Windows\system32\DiagSvc.dll [219648 2018-04-12] (Microsoft Corporation)
R2 DusmSvc; C:\Windows\System32\dusmsvc.dll [356352 2018-12-08] (Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2359312 2019-05-23] (ESET)
S3 FrameServer; C:\Windows\system32\FrameServer.dll [673792 2018-06-08] (Microsoft Corporation)
S3 GoogleChromeElevationService; C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.169\elevation_service.exe [1267696 2019-05-21] (Google Inc.)
S3 GraphicsPerfSvc; C:\Windows\System32\GraphicsPerfSvc.dll [90624 2018-04-12] (Microsoft Corporation)
S3 HvHost; C:\Windows\System32\hvhostsvc.dll [61736 2018-08-03] (Microsoft Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation)
S3 InstallService; C:\Windows\system32\InstallService.dll [1487360 2018-11-09] (Microsoft Corporation)
S3 InstallService; C:\WINDOWS\SysWOW64\InstallService.dll [1110528 2018-11-09] (Microsoft Corporation)
S3 IpxlatCfgSvc; C:\Windows\System32\IpxlatCfg.dll [63488 2018-04-12] (Microsoft Corporation)
S3 LxpSvc; C:\Windows\System32\LanguageOverlayServer.dll [199680 2018-04-12] (Microsoft Corporation)
S3 NaturalAuthentication; C:\Windows\System32\NaturalAuth.dll [824832 2018-04-12] (Microsoft Corporation)
S3 PrintWorkflowUserSvc; C:\Windows\System32\PrintWorkflowService.dll [170496 2018-04-12] (Microsoft Corporation)
S3 PrintWorkflowUserSvc; C:\WINDOWS\SysWOW64\PrintWorkflowService.dll [138240 2018-04-12] (Microsoft Corporation)
S3 PrintWorkflowUserSvc_78829; C:\WINDOWS\system32\svchost.exe [85472 2019-01-09] (Microsoft Corporation)
S3 PrintWorkflowUserSvc_78829; C:\WINDOWS\SysWOW64\svchost.exe [71456 2019-01-09] (Microsoft Corporation)
S3 PushToInstall; C:\Windows\system32\PushToInstall.dll [262144 2018-07-14] (Microsoft Corporation)
S3 RmSvc; C:\Windows\System32\RMapi.dll [153600 2018-12-08] (Microsoft Corporation)
R2 RNDBWM; C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe [64184 2018-03-20] (CloudBees, Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312056 2015-12-16] (Realtek Semiconductor)
R2 SecurityHealthService; C:\Windows\system32\SecurityHealthService.exe [760888 2018-07-14] (Microsoft Corporation)
S2 sedsvc; C:\Program Files\rempl\sedsvc.exe [362296 2019-05-11] (Microsoft Corporation)
S3 SEMgrSvc; C:\Windows\system32\SEMgrSvc.dll [1248768 2018-04-12] (Microsoft Corporation)
S2 SgrmBroker; C:\Windows\system32\SgrmBroker.exe [163336 2018-04-12] (Microsoft Corporation)
S3 SharedRealitySvc; C:\Windows\System32\SharedRealitySvc.dll [713216 2018-08-28] (Microsoft Corporation)
S4 shpamsvc; C:\Windows\system32\Windows.SharedPC.AccountManager.dll [195584 2018-04-12] (Microsoft Corporation)
R2 SmartByte Network Service x64; C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe [2011848 2018-03-20] (Rivet Networks)
S3 spectrum; C:\Windows\system32\spectrum.exe [976384 2018-06-08] (Microsoft Corporation)
S4 ssh-agent; C:\Windows\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39896 2019-04-10] (Dell Inc.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [265784 2017-12-19] (Synaptics Incorporated)
R3 TimeBrokerSvc; C:\Windows\System32\TimeBrokerServer.dll [176128 2018-04-12] (Microsoft Corporation)
R3 TokenBroker; C:\Windows\System32\TokenBroker.dll [1395200 2019-01-09] (Microsoft Corporation)
R3 TokenBroker; C:\WINDOWS\SysWOW64\TokenBroker.dll [1000448 2019-01-09] (Microsoft Corporation)
S4 tzautoupdate; C:\WINDOWS\SysWOW64\tzautoupdate.dll [72192 2018-04-12] (Microsoft Corporation)
S3 VacSvc; C:\Windows\System32\vac.dll [411256 2018-04-12] (Microsoft Corporation)
S3 vmicrdv; C:\Windows\System32\icsvcext.dll [309760 2018-04-12] (Microsoft Corporation)
S3 vmicvss; C:\Windows\System32\icsvcext.dll [309760 2018-04-12] (Microsoft Corporation)
S3 WaaSMedicSvc; C:\Windows\System32\WaaSMedicSvc.dll [392704 2019-01-09] (Microsoft Corporation)
S3 WarpJITSvc; C:\Windows\System32\Windows.WARP.JITService.dll [31744 2018-04-12] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4413440 2019-03-14] (Microsoft Corporation)
S3 WFDSConMgrSvc; C:\Windows\System32\wfdsconmgrsvc.dll [681984 2018-07-14] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107160 2019-02-16] (Microsoft Corporation)
S3 wisvc; C:\Windows\system32\flightsettings.dll [858112 2018-06-08] (Microsoft Corporation)
S3 wisvc; C:\WINDOWS\SysWOW64\flightsettings.dll [729088 2018-06-08] (Microsoft Corporation)
S3 wlpasvc; C:\Windows\System32\lpasvc.dll [1364992 2019-02-16] (Microsoft Corporation)
S3 WpcMonSvc; C:\Windows\System32\WpcDesktopMonSvc.dll [1456640 2018-06-04] (Microsoft Corporation)
S2 WpnUserService; C:\Windows\System32\WpnUserService.dll [96768 2018-04-12] (Microsoft Corporation)
R2 WpnUserService_78829; C:\WINDOWS\system32\svchost.exe [85472 2019-01-09] (Microsoft Corporation)
R2 WpnUserService_78829; C:\WINDOWS\SysWOW64\svchost.exe [71456 2019-01-09] (Microsoft Corporation)
S3 xbgm; C:\Windows\system32\xbgmsvc.exe [59512 2018-04-12] (Microsoft Corporation)
S3 XboxGipSvc; C:\Windows\System32\XboxGipSvc.dll [58880 2018-04-12] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AcpiDev; C:\Windows\System32\drivers\AcpiDev.sys [20480 2018-04-12] (Microsoft Corporation)
R1 afunix; C:\Windows\system32\drivers\afunix.sys [39424 2018-04-12] (Microsoft Corporation)
S3 applockerfltr; C:\Windows\System32\drivers\applockerfltr.sys [18432 2018-04-12] (Microsoft Corporation)
S0 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [533912 2018-04-12] (QLogic Corporation)
R1 bam; C:\Windows\System32\drivers\bam.sys [60320 2018-04-12] (Microsoft Corporation)
S3 bindflt; C:\Windows\system32\drivers\bindflt.sys [92704 2019-01-09] (Microsoft Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [86528 2018-04-12] (Microsoft Corporation)
S0 bttflt; C:\Windows\System32\drivers\bttflt.sys [38304 2018-04-12] (Microsoft Corporation)
R3 CAD; C:\Windows\System32\drivers\CAD.sys [60320 2018-04-12] (Microsoft Corporation)
S0 cht4iscsi; C:\Windows\System32\drivers\cht4sx64.sys [321432 2018-04-12] (Chelsio Communications)
S3 cht4vbd; C:\Windows\System32\drivers\cht4vx64.sys [1836952 2018-04-12] (Chelsio Communications)
R2 CldFlt; C:\Windows\System32\drivers\cldflt.sys [414720 2019-03-14] (Microsoft Corporation)
R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [40824 2019-02-27] (Dell Inc.)
S3 DellProf; C:\Windows\system32\drivers\DellProf.sys [41208 2018-05-08] (Dell Computer Corporation)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [145600 2019-04-02] (ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15800 2019-05-23] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [188240 2019-04-02] (ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [110000 2019-04-02] (ESET)
S4 hvcrash; C:\Windows\System32\drivers\hvcrash.sys [33184 2018-04-12] (Microsoft Corporation)
S3 hvservice; C:\Windows\System32\drivers\hvservice.sys [76088 2019-05-03] (Microsoft Corporation)
S3 HwNClx0101; C:\Windows\System32\Drivers\mshwnclx.sys [27136 2018-04-12] (Microsoft Corporation)
S3 iagpio; C:\Windows\System32\drivers\iagpio.sys [36864 2018-04-12] (Intel(R) Corporation)
R3 iaioi2c; C:\Windows\System32\drivers\iaioi2ce.sys [67584 2013-11-11] (Intel Corporation)
S3 iaLPSS2i_GPIO2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [79360 2018-04-12] (Intel Corporation)
S3 iaLPSS2i_GPIO2_BXT_P; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [88576 2018-04-12] (Intel Corporation)
S3 iaLPSS2i_I2C_BXT_P; C:\Windows\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [174592 2018-04-12] (Intel Corporation)
S0 iaStorAVC; C:\Windows\System32\drivers\iaStorAVC.sys [885144 2018-04-12] (Intel Corporation)
S3 IndirectKmd; C:\Windows\System32\drivers\IndirectKmd.sys [38912 2018-04-12] (Microsoft Corporation)
R0 iorate; C:\Windows\System32\drivers\iorate.sys [58168 2018-12-08] (Microsoft Corporation)
S3 IPT; C:\Windows\System32\drivers\ipt.sys [32256 2018-04-12] (Microsoft Corporation)
S0 ItSas35i; C:\Windows\System32\drivers\ItSas35i.sys [145816 2018-04-12] (Avago Technologies)
S3 mausbhost; C:\Windows\System32\drivers\mausbhost.sys [505240 2018-04-12] (Microsoft Corporation)
S3 mausbip; C:\Windows\System32\drivers\mausbip.sys [56736 2018-04-12] (Microsoft Corporation)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [274416 2019-04-09] (Malwarebytes)
S0 megasas2i; C:\Windows\System32\drivers\MegaSas2i.sys [75160 2018-04-12] (Avago Technologies)
S0 megasas35i; C:\Windows\System32\drivers\megasas35i.sys [82328 2018-04-12] (Avago Technologies)
R3 Microsoft_Bluetooth_AvrcpTransport; C:\Windows\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [46592 2018-04-12] (Microsoft Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [175104 2018-04-12] (Microsoft Corporation)
S3 nvdimm; C:\Windows\System32\drivers\nvdimm.sys [104448 2018-04-12] (Microsoft Corporation)
S0 percsas2i; C:\Windows\System32\drivers\percsas2i.sys [58776 2018-04-12] (Avago Technologies)
S3 pmem; C:\Windows\System32\drivers\pmem.sys [105984 2018-04-12] (Microsoft Corporation)
S0 Ramdisk; C:\Windows\System32\DRIVERS\ramdisk.sys [39840 2018-04-12] (Microsoft Corporation)
S3 rhproxy; C:\Windows\System32\drivers\rhproxy.sys [104448 2018-04-12] (Microsoft Corporation)
S3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [410848 2015-08-13] (Realsil Semiconductor Corporation)
S0 scmbus; C:\Windows\System32\drivers\scmbus.sys [128920 2018-08-03] (Microsoft Corporation)
S3 SDFRd; C:\Windows\System32\drivers\SDFRd.sys [33176 2018-04-12] (Microsoft Corporation)
R0 SgrmAgent; C:\Windows\System32\drivers\SgrmAgent.sys [63896 2018-04-12] (Microsoft Corporation)
R2 SmbCoSvc; C:\Windows\system32\DRIVERS\SmbCo10X64.sys [119528 2018-03-20] (Rivet Networks, LLC.)
S3 SpatialGraphFilter; C:\Windows\System32\drivers\SpatialGraphFilter.sys [57752 2018-04-12] (Microsoft Corporation)
R3 ST_Accel; C:\Windows\system32\DRIVERS\ST_Accel.sys [83968 2013-11-21] (STMicroelectronics)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [66104 2017-12-19] (Synaptics Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-16] (Intel Corporation)
S3 UcmTcpciCx0101; C:\Windows\System32\Drivers\UcmTcpciCx.sys [152576 2018-04-12] (Microsoft Corporation)
R3 VirtualButtons; C:\Windows\System32\drivers\VirtualButtons.sys [41992 2017-03-31] (Intel Corporation)
S3 vmgid; C:\Windows\System32\drivers\vmgid.sys [10240 2018-08-03] (Microsoft Corporation)
R0 volume; C:\Windows\System32\drivers\volume.sys [16288 2018-04-12] (Microsoft Corporation)
R2 wcifs; C:\Windows\system32\drivers\wcifs.sys [152072 2019-03-14] (Microsoft Corporation)
S3 wcnfs; C:\Windows\system32\drivers\wcnfs.sys [83456 2018-12-08] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation)
S3 WdmCompanionFilter; C:\Windows\System32\drivers\WdmCompanionFilter.sys [21408 2018-04-12] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation)
S3 WinNat; C:\Windows\System32\drivers\winnat.sys [228864 2018-10-21] (Microsoft Corporation)
S3 PCDSRVC{B13A77D3-1EFB46EC-06020300}_0; \??\c:\program files\dell\supportassistagent\pcdr\supportassist\6.0.6992.1466\pcdsrvc_x64.pkms [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
NETSVC: InstallService -> C:\Windows\system32\InstallService.dll (Microsoft Corporation)
NETSVC: LxpSvc -> C:\Windows\System32\LanguageOverlayServer.dll (Microsoft Corporation)
NETSVC: shpamsvc -> C:\Windows\system32\Windows.SharedPC.AccountManager.dll (Microsoft Corporation)
NETSVC: PushToInstall -> C:\Windows\system32\PushToInstall.dll (Microsoft Corporation)
NETSVC: NaturalAuthentication -> C:\Windows\System32\NaturalAuth.dll (Microsoft Corporation)
NETSVC: XboxGipSvc -> C:\Windows\System32\XboxGipSvc.dll (Microsoft Corporation)
NETSVC: TokenBroker -> C:\Windows\System32\TokenBroker.dll (Microsoft Corporation)
NETSVC: wisvc -> C:\Windows\system32\flightsettings.dll (Microsoft Corporation)
NETSVC: WpnService -> C:\Windows\system32\WpnService.dll (Microsoft Corporation)
NETSVCx32: TokenBroker -> C:\Windows\SysWOW64\TokenBroker.dll (Microsoft Corporation)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-05-25 10:12 - 2019-05-25 10:20 - 00000000 ____D C:\ProgramData\McInstTemp0138921558771945
2019-05-24 22:49 - 2019-05-24 22:50 - 07025360 _____ (Malwarebytes) C:\Users\bublinka\Desktop\adwcleaner_7.3.exe
2019-05-24 12:03 - 2019-05-03 08:31 - 09084432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-05-24 12:03 - 2019-05-03 08:31 - 07519888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-05-24 12:03 - 2019-05-03 08:18 - 06569344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-05-24 12:03 - 2019-05-03 08:12 - 25855488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-05-24 12:03 - 2019-05-03 08:10 - 22017024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-05-24 12:03 - 2019-05-03 08:05 - 22716416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-05-24 12:03 - 2019-05-03 07:56 - 05350912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-05-24 12:03 - 2019-05-03 07:54 - 04929024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-05-24 12:02 - 2019-05-03 14:13 - 01376472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-05-24 12:02 - 2019-05-03 13:51 - 03613696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-05-24 12:02 - 2019-05-03 13:51 - 01364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-05-24 12:02 - 2019-05-03 13:50 - 01663488 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-05-24 12:02 - 2019-05-03 13:28 - 02882048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-05-24 12:02 - 2019-05-03 13:25 - 01471488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-05-24 12:02 - 2019-05-03 08:36 - 01035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-05-24 12:02 - 2019-05-03 08:33 - 05625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-05-24 12:02 - 2019-05-03 08:33 - 01219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-05-24 12:02 - 2019-05-03 08:33 - 01027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-05-24 12:02 - 2019-05-03 08:31 - 07436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-05-24 12:02 - 2019-05-03 08:31 - 02811192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-05-24 12:02 - 2019-05-03 08:31 - 02771256 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-05-24 12:02 - 2019-05-03 08:31 - 01459328 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-05-24 12:02 - 2019-05-03 08:19 - 06043712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-05-24 12:02 - 2019-05-03 08:18 - 02258640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-05-24 12:02 - 2019-05-03 08:02 - 19401216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-05-24 12:02 - 2019-05-03 08:02 - 04866048 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-05-24 12:02 - 2019-05-03 08:01 - 08189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-05-24 12:02 - 2019-05-03 08:00 - 06661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-05-24 12:02 - 2019-05-03 08:00 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-05-24 12:02 - 2019-05-03 07:59 - 07593472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-05-24 12:02 - 2019-05-03 07:59 - 05788672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-05-24 12:02 - 2019-05-03 07:59 - 03710976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-05-24 12:02 - 2019-05-03 07:58 - 02175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-05-24 12:02 - 2019-05-03 07:58 - 00894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-05-24 12:02 - 2019-05-03 07:57 - 01826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-05-24 12:02 - 2019-05-03 07:57 - 01560576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-05-24 12:02 - 2019-05-03 07:57 - 01549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-05-24 12:02 - 2019-05-03 07:57 - 00808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-05-24 12:02 - 2019-05-03 07:56 - 01803776 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-05-24 12:02 - 2019-05-03 07:55 - 03090432 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-05-24 12:02 - 2019-05-03 07:55 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-05-24 12:02 - 2019-05-03 07:54 - 01628672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-05-24 12:02 - 2019-05-03 07:54 - 01097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-05-24 12:02 - 2019-05-03 07:54 - 00961024 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-05-24 12:02 - 2019-05-03 07:54 - 00669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-05-24 12:02 - 2019-05-03 07:54 - 00535552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-05-24 12:02 - 2019-04-19 12:54 - 00720200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-05-24 12:02 - 2019-04-19 12:39 - 12754944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-05-24 12:02 - 2019-04-19 11:44 - 01454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-05-24 12:02 - 2019-04-19 11:28 - 11940864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-05-24 12:02 - 2019-04-19 07:07 - 00985400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2019-05-24 12:02 - 2019-04-19 07:06 - 02571632 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-05-24 12:02 - 2019-04-19 07:06 - 00798520 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2019-05-24 12:02 - 2019-04-19 07:01 - 01982008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-05-24 12:02 - 2019-04-19 06:43 - 00150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-05-24 12:02 - 2019-04-19 06:42 - 04384256 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-05-24 12:02 - 2019-04-19 06:39 - 05307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-05-24 12:02 - 2019-04-19 06:39 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-05-24 12:02 - 2019-04-19 06:38 - 02368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-05-24 12:02 - 2019-04-19 06:36 - 02909696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-05-24 12:02 - 2019-04-19 06:35 - 01458688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2019-05-24 12:02 - 2019-04-19 06:35 - 01175552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2019-05-24 12:02 - 2019-04-19 06:35 - 01156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-05-24 12:02 - 2019-04-19 06:35 - 00607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-05-24 12:02 - 2019-04-09 03:48 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-05-24 12:02 - 2019-04-02 14:11 - 01857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2019-05-24 12:02 - 2019-04-02 10:21 - 02467536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-05-24 12:02 - 2019-04-02 10:19 - 00786080 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-05-24 12:02 - 2019-04-02 07:05 - 01989544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-05-24 12:02 - 2019-04-02 07:04 - 00604008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-05-24 12:02 - 2019-03-14 16:52 - 03933296 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-05-24 12:02 - 2019-03-14 16:29 - 00882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2019-05-24 12:02 - 2019-03-14 16:08 - 03611264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-05-24 12:02 - 2019-03-14 10:37 - 01171568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2019-05-24 12:02 - 2019-03-14 10:26 - 02421048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-05-24 12:02 - 2019-03-14 10:26 - 01014344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-05-24 12:02 - 2019-03-14 10:22 - 02700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-05-24 12:02 - 2019-03-14 10:19 - 02969600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-05-24 12:02 - 2019-03-14 10:17 - 02258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-05-24 12:02 - 2019-03-14 09:58 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-05-24 12:02 - 2019-03-14 09:58 - 02509824 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2019-05-24 12:02 - 2019-03-14 09:56 - 03392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-05-24 12:02 - 2019-03-14 09:55 - 03601920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2019-05-24 12:02 - 2019-03-14 09:55 - 02739200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-05-24 12:02 - 2019-03-14 09:51 - 01216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-05-24 12:02 - 2019-03-14 09:51 - 01058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-05-24 12:02 - 2019-03-14 09:50 - 01410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-05-24 12:02 - 2019-03-14 09:50 - 00947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-05-24 12:02 - 2019-03-14 09:50 - 00847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2019-05-24 12:01 - 2019-05-03 14:14 - 00790208 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-05-24 12:01 - 2019-05-03 14:13 - 00396088 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2019-05-24 12:01 - 2019-05-03 13:55 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-05-24 12:01 - 2019-05-03 13:54 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-05-24 12:01 - 2019-05-03 13:52 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-05-24 12:01 - 2019-05-03 13:50 - 04054528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-05-24 12:01 - 2019-05-03 13:49 - 01288704 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-05-24 12:01 - 2019-05-03 13:49 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-05-24 12:01 - 2019-05-03 13:49 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-05-24 12:01 - 2019-05-03 13:43 - 01027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-05-24 12:01 - 2019-05-03 13:25 - 04055040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-05-24 12:01 - 2019-05-03 08:34 - 00159864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2019-05-24 12:01 - 2019-05-03 08:33 - 00709720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-05-24 12:01 - 2019-05-03 08:33 - 00568104 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-05-24 12:01 - 2019-05-03 08:33 - 00134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-05-24 12:01 - 2019-05-03 08:33 - 00076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-05-24 12:01 - 2019-05-03 08:33 - 00063072 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptdll.dll
2019-05-24 12:01 - 2019-05-03 08:32 - 00793640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-05-24 12:01 - 2019-05-03 08:32 - 00776784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-05-24 12:01 - 2019-05-03 08:32 - 00493880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-05-24 12:01 - 2019-05-03 08:32 - 00438984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-05-24 12:01 - 2019-05-03 08:32 - 00209208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-05-24 12:01 - 2019-05-03 08:32 - 00170296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-05-24 12:01 - 2019-05-03 08:32 - 00164664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2019-05-24 12:01 - 2019-05-03 08:31 - 01260480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-05-24 12:01 - 2019-05-03 08:31 - 01141224 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-05-24 12:01 - 2019-05-03 08:31 - 00983632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-05-24 12:01 - 2019-05-03 08:31 - 00545808 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-05-24 12:01 - 2019-05-03 08:31 - 00412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-05-24 12:01 - 2019-05-03 08:31 - 00115728 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-05-24 12:01 - 2019-05-03 08:20 - 00434704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-05-24 12:01 - 2019-05-03 08:20 - 00384976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-05-24 12:01 - 2019-05-03 08:20 - 00192016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-05-24 12:01 - 2019-05-03 08:20 - 00146920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2019-05-24 12:01 - 2019-05-03 08:19 - 00665224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-05-24 12:01 - 2019-05-03 08:19 - 00056288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptdll.dll
2019-05-24 12:01 - 2019-05-03 08:00 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-processor-power-events.dll
2019-05-24 12:01 - 2019-05-03 08:00 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2019-05-24 12:01 - 2019-05-03 07:59 - 00514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-05-24 12:01 - 2019-05-03 07:59 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-05-24 12:01 - 2019-05-03 07:59 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-05-24 12:01 - 2019-05-03 07:58 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-05-24 12:01 - 2019-05-03 07:58 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2019-05-24 12:01 - 2019-05-03 07:56 - 00773632 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2019-05-24 12:01 - 2019-05-03 07:55 - 00659968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2019-05-24 12:01 - 2019-05-03 07:54 - 00778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2019-05-24 12:01 - 2019-05-03 07:54 - 00543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-05-24 12:01 - 2019-05-03 07:54 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-05-24 12:01 - 2019-05-03 07:53 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2019-05-24 12:01 - 2019-05-03 07:53 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2019-05-24 12:01 - 2019-05-03 07:53 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2019-05-24 12:01 - 2019-05-03 07:53 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2019-05-24 12:01 - 2019-05-03 06:38 - 00001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-05-24 12:01 - 2019-04-19 12:55 - 01634920 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-05-24 12:01 - 2019-04-19 12:38 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDSPnf.exe
2019-05-24 12:01 - 2019-04-19 12:38 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfproc.dll
2019-05-24 12:01 - 2019-04-19 12:36 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-05-24 12:01 - 2019-04-19 12:34 - 00522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2019-05-24 12:01 - 2019-04-19 07:06 - 00436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-05-24 12:01 - 2019-04-19 07:06 - 00274232 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-05-24 12:01 - 2019-04-19 07:01 - 00576016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2019-05-24 12:01 - 2019-04-19 07:01 - 00380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-05-24 12:01 - 2019-04-19 06:41 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2019-05-24 12:01 - 2019-04-19 06:41 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\EduPrintProv.exe
2019-05-24 12:01 - 2019-04-19 06:40 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-05-24 12:01 - 2019-04-19 06:40 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpnServiceDS.dll
2019-05-24 12:01 - 2019-04-19 06:40 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2019-05-24 12:01 - 2019-04-19 06:40 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2019-05-24 12:01 - 2019-04-19 06:40 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetDriverInstall.dll
2019-05-24 12:01 - 2019-04-19 06:39 - 00425472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SDDS.dll
2019-05-24 12:01 - 2019-04-19 06:39 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingASDS.dll
2019-05-24 12:01 - 2019-04-19 06:39 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-05-24 12:01 - 2019-04-19 06:39 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2019-05-24 12:01 - 2019-04-19 06:38 - 00593408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-05-24 12:01 - 2019-04-19 06:38 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-05-24 12:01 - 2019-04-19 06:38 - 00304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2019-05-24 12:01 - 2019-04-19 06:38 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2019-05-24 12:01 - 2019-04-19 06:38 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2019-05-24 12:01 - 2019-04-19 06:37 - 00445952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2019-05-24 12:01 - 2019-04-19 06:37 - 00397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2019-05-24 12:01 - 2019-04-19 06:37 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2019-05-24 12:01 - 2019-04-19 06:37 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2019-05-24 12:01 - 2019-04-19 06:37 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2019-05-24 12:01 - 2019-04-19 06:36 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-05-24 12:01 - 2019-04-19 06:36 - 00546816 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2019-05-24 12:01 - 2019-04-19 06:36 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2019-05-24 12:01 - 2019-04-19 06:35 - 01938944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2019-05-24 12:01 - 2019-04-19 06:35 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2019-05-24 12:01 - 2019-04-19 06:35 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-05-24 12:01 - 2019-04-19 06:34 - 00935936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-05-24 12:01 - 2019-04-19 06:34 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-05-24 12:01 - 2019-04-19 06:34 - 00885760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-05-24 12:01 - 2019-04-19 06:34 - 00778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-05-24 12:01 - 2019-04-19 06:34 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2019-05-24 12:01 - 2019-04-19 05:18 - 00806360 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-05-24 12:01 - 2019-04-19 05:18 - 00806360 _____ C:\WINDOWS\system32\locale.nls
2019-05-24 12:01 - 2019-04-02 14:38 - 00094008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-05-24 12:01 - 2019-04-02 14:18 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-05-24 12:01 - 2019-04-02 14:16 - 01030144 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2019-05-24 12:01 - 2019-04-02 14:15 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll
2019-05-24 12:01 - 2019-04-02 14:13 - 01605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-05-24 12:01 - 2019-04-02 14:10 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2019-05-24 12:01 - 2019-04-02 14:10 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2019-05-24 12:01 - 2019-04-02 11:07 - 01586688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2019-05-24 12:01 - 2019-04-02 10:21 - 00735680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-05-24 12:01 - 2019-04-02 10:20 - 02719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-05-24 12:01 - 2019-04-02 09:48 - 00310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2019-05-24 12:01 - 2019-04-02 09:47 - 01214464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-05-24 12:01 - 2019-04-02 09:45 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-05-24 12:01 - 2019-04-02 09:44 - 01724416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-05-24 12:01 - 2019-04-02 09:44 - 01421312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2019-05-24 12:01 - 2019-04-02 07:04 - 00560600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-05-24 12:01 - 2019-04-02 06:41 - 01540096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2019-05-24 12:01 - 2019-04-02 06:41 - 01235968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2019-05-24 12:01 - 2019-04-02 06:41 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-05-24 12:01 - 2019-04-02 06:40 - 01073664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-05-24 12:01 - 2019-03-14 16:51 - 00157192 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2019-05-24 12:01 - 2019-03-14 16:35 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfoext.dll
2019-05-24 12:01 - 2019-03-14 16:34 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-05-24 12:01 - 2019-03-14 16:33 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storqosflt.sys
2019-05-24 12:01 - 2019-03-14 16:33 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\RpcPing.exe
2019-05-24 12:01 - 2019-03-14 16:31 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2019-05-24 12:01 - 2019-03-14 16:30 - 00675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\objsel.dll
2019-05-24 12:01 - 2019-03-14 16:30 - 00440832 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2019-05-24 12:01 - 2019-03-14 16:28 - 00560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsound.dll
2019-05-24 12:01 - 2019-03-14 15:53 - 00559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\objsel.dll
2019-05-24 12:01 - 2019-03-14 15:52 - 00502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsound.dll
2019-05-24 12:01 - 2019-03-14 10:57 - 00611640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-05-24 12:01 - 2019-03-14 10:38 - 00090360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpr.dll
2019-05-24 12:01 - 2019-03-14 10:28 - 00152072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2019-05-24 12:01 - 2019-03-14 10:27 - 00097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpr.dll
2019-05-24 12:01 - 2019-03-14 10:26 - 00481048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2019-05-24 12:01 - 2019-03-14 10:26 - 00175416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-05-24 12:01 - 2019-03-14 10:18 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2019-05-24 12:01 - 2019-03-14 10:18 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-05-24 12:01 - 2019-03-14 10:17 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-05-24 12:01 - 2019-03-14 10:17 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2019-05-24 12:01 - 2019-03-14 10:15 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2019-05-24 12:01 - 2019-03-14 10:15 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-05-24 12:01 - 2019-03-14 10:15 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShellCommonCommonProxyStub.dll
2019-05-24 12:01 - 2019-03-14 10:15 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\negoexts.dll
2019-05-24 12:01 - 2019-03-14 10:14 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-05-24 12:01 - 2019-03-14 10:14 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-05-24 12:01 - 2019-03-14 10:14 - 00735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2019-05-24 12:01 - 2019-03-14 10:14 - 00345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-05-24 12:01 - 2019-03-14 10:14 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2019-05-24 12:01 - 2019-03-14 10:13 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2019-05-24 12:01 - 2019-03-14 09:57 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-05-24 12:01 - 2019-03-14 09:56 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2019-05-24 12:01 - 2019-03-14 09:56 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2019-05-24 12:01 - 2019-03-14 09:56 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2019-05-24 12:01 - 2019-03-14 09:56 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-05-24 12:01 - 2019-03-14 09:55 - 00528896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2019-05-24 12:01 - 2019-03-14 09:55 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2019-05-24 12:01 - 2019-03-14 09:55 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-05-24 12:01 - 2019-03-14 09:55 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2019-05-24 12:01 - 2019-03-14 09:55 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmapi.dll
2019-05-24 12:01 - 2019-03-14 09:55 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntlanman.dll
2019-05-24 12:01 - 2019-03-14 09:55 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\credui.dll
2019-05-24 12:01 - 2019-03-14 09:54 - 00395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-05-24 12:01 - 2019-03-14 09:54 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-05-24 12:01 - 2019-03-14 09:54 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2019-05-24 12:01 - 2019-03-14 09:54 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2019-05-24 12:01 - 2019-03-14 09:54 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2019-05-24 12:01 - 2019-03-14 09:54 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-05-24 12:01 - 2019-03-14 09:54 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\negoexts.dll
2019-05-24 12:01 - 2019-03-14 09:54 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2019-05-24 12:01 - 2019-03-14 09:53 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2019-05-24 12:01 - 2019-03-14 09:53 - 00473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-05-24 12:01 - 2019-03-14 09:53 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-05-24 12:01 - 2019-03-14 09:52 - 00532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2019-05-24 12:01 - 2019-03-14 09:52 - 00404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShellCommonCommonProxyStub.dll
2019-05-24 12:01 - 2019-03-14 09:52 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2019-05-24 12:01 - 2019-03-14 09:51 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\TetheringMgr.dll
2019-05-24 12:01 - 2019-03-14 09:50 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2019-05-24 12:01 - 2019-03-14 09:50 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-05-24 12:01 - 2019-03-14 09:50 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-05-24 12:00 - 2019-05-03 13:43 - 00662328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-05-24 12:00 - 2019-05-03 13:30 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-05-24 12:00 - 2019-05-03 13:30 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-05-24 12:00 - 2019-05-03 13:28 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2019-05-24 12:00 - 2019-05-03 13:27 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2019-05-24 12:00 - 2019-05-03 13:26 - 00425472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-05-24 12:00 - 2019-05-03 08:43 - 00177128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2019-05-24 12:00 - 2019-05-03 08:31 - 01098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-05-24 12:00 - 2019-05-03 08:18 - 01130568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-05-24 12:00 - 2019-05-03 07:59 - 01307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2019-05-24 12:00 - 2019-05-03 07:59 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-05-24 12:00 - 2019-05-03 07:58 - 01708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-05-24 12:00 - 2019-05-03 07:58 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-05-24 12:00 - 2019-05-03 07:58 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-05-24 12:00 - 2019-05-03 07:57 - 01295872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2019-05-24 12:00 - 2019-05-03 07:57 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-05-24 12:00 - 2019-05-03 07:57 - 00561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-05-24 12:00 - 2019-05-03 07:56 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-05-24 12:00 - 2019-05-03 07:56 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-05-24 12:00 - 2019-05-03 07:54 - 00845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-05-24 12:00 - 2019-05-03 07:54 - 00776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-05-24 12:00 - 2019-05-03 07:54 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2019-05-24 12:00 - 2019-05-03 07:54 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-05-24 12:00 - 2019-04-23 09:13 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-05-24 12:00 - 2019-04-23 08:14 - 00868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-05-24 12:00 - 2019-04-19 12:40 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-05-24 12:00 - 2019-04-19 11:37 - 00607960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-05-24 12:00 - 2019-04-19 11:30 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfproc.dll
2019-05-24 12:00 - 2019-04-19 11:26 - 02405888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-05-24 12:00 - 2019-04-19 11:25 - 00423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2019-05-24 12:00 - 2019-04-19 07:06 - 00713264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-05-24 12:00 - 2019-04-19 07:02 - 00831800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2019-05-24 12:00 - 2019-04-19 07:01 - 00581592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-05-24 12:00 - 2019-04-19 06:37 - 00953856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2019-05-24 12:00 - 2019-04-19 06:37 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2019-05-24 12:00 - 2019-04-19 06:36 - 01300992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2019-05-24 12:00 - 2019-04-19 06:36 - 00814592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-05-24 12:00 - 2019-04-19 06:36 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-05-24 12:00 - 2019-04-19 06:35 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2019-05-24 12:00 - 2019-04-19 06:35 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2019-05-24 12:00 - 2019-04-09 03:48 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-05-24 12:00 - 2019-04-09 03:48 - 00376320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2019-05-24 12:00 - 2019-04-09 03:48 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-05-24 12:00 - 2019-04-09 03:48 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-05-24 12:00 - 2019-04-02 11:11 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-05-24 12:00 - 2019-04-02 11:10 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll
2019-05-24 12:00 - 2019-03-14 16:33 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2019-05-24 12:00 - 2019-03-14 15:56 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
2019-05-24 12:00 - 2019-03-14 15:55 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RpcPing.exe
2019-05-24 12:00 - 2019-03-14 15:53 - 00625664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2019-05-24 12:00 - 2019-03-14 15:53 - 00375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2019-05-24 12:00 - 2019-03-14 10:56 - 00375096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-05-24 12:00 - 2019-03-14 10:18 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credui.dll
2019-05-24 12:00 - 2019-03-14 10:17 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcmapi.dll
2019-05-24 12:00 - 2019-03-14 10:17 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntlanman.dll
2019-05-24 12:00 - 2019-03-14 10:14 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-05-24 12:00 - 2019-03-14 10:13 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2019-05-24 12:00 - 2019-03-14 09:55 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncCsp.dll
2019-05-24 12:00 - 2019-03-14 09:55 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\EASPolicyManagerBrokerHost.exe
2019-05-24 12:00 - 2019-03-14 09:50 - 01587712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2019-05-24 12:00 - 2019-03-14 03:57 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2019-05-23 23:43 - 2019-05-23 23:50 - 00049587 _____ C:\Users\bublinka\Desktop\Addition.txt
2019-05-23 23:37 - 2019-05-25 10:24 - 00026724 _____ C:\Users\bublinka\Desktop\FRST.txt
2019-05-23 23:22 - 2019-05-23 23:22 - 00000000 _____ C:\WINDOWS\invcol.tmp
2019-05-23 23:09 - 2019-05-23 23:10 - 00038560 _____ C:\Users\bublinka\Documents\cc_20190523_230954.reg
2019-05-23 22:11 - 2019-05-23 22:11 - 00002565 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-05-23 22:11 - 2019-05-23 22:11 - 00002537 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project.lnk
2019-05-23 22:11 - 2019-05-23 22:11 - 00002526 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2019-05-23 22:11 - 2019-05-23 22:11 - 00002507 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visio.lnk
2019-05-23 22:11 - 2019-05-23 22:11 - 00002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-05-23 22:11 - 2019-05-23 22:11 - 00002486 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-05-23 22:11 - 2019-05-23 22:11 - 00002482 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-05-23 22:11 - 2019-05-23 22:11 - 00002477 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-05-23 22:11 - 2019-05-23 22:11 - 00002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-05-23 22:11 - 2019-05-23 22:11 - 00002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-05-23 22:11 - 2019-05-23 22:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje balíka Microsoft Office
2019-05-23 22:11 - 2019-05-23 22:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje balíka Microsoft Office
2019-05-23 21:52 - 2019-05-23 22:07 - 00033134 _____ C:\Users\bublinka\Downloads\Addition.txt
2019-05-23 21:38 - 2019-05-23 22:17 - 00036480 _____ C:\Users\bublinka\Downloads\FRST.txt
2019-05-23 21:36 - 2019-05-23 21:36 - 02435072 _____ (Farbar) C:\Users\bublinka\Downloads\FRST64.exe
2019-05-23 20:32 - 2019-05-23 20:36 - 00000000 ____D C:\Users\bublinka\Downloads\Lucinka
2019-05-23 20:23 - 2019-05-23 20:23 - 00020978 _____ C:\Users\bublinka\Downloads\[CzT]Lucinka_Pusinka_Logopedia_2015_SK_1080pHD_ (2).torrent
2019-05-23 18:55 - 2019-05-23 18:56 - 21116984 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-05-25 10:25 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\Registration
2019-05-25 10:24 - 2016-05-01 11:43 - 00000000 ____D C:\FRST
2019-05-25 10:23 - 2018-04-12 01:38 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-05-25 10:23 - 2015-08-27 00:32 - 00000000 __SHD C:\Users\bublinka\IntelGraphicsProfiles
2019-05-25 10:20 - 2018-10-30 07:24 - 00000000 ____D C:\Program Files\McAfee
2019-05-25 10:20 - 2018-06-04 19:11 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-05-25 10:20 - 2016-11-08 13:33 - 00000000 ____D C:\Program Files\Common Files\McAfee
2019-05-25 10:20 - 2014-11-01 19:43 - 00000000 ____D C:\ProgramData\McAfee
2019-05-25 10:19 - 2018-04-11 23:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2019-05-25 10:10 - 2018-06-04 18:31 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2019-05-24 23:17 - 2018-04-12 01:38 - 00000000 ___HD C:\Program Files\WindowsApps
2019-05-24 23:06 - 2018-06-04 18:54 - 01689050 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-05-24 23:06 - 2018-04-12 17:50 - 00705940 _____ C:\WINDOWS\system32\perfh005.dat
2019-05-24 23:06 - 2018-04-12 17:50 - 00144404 _____ C:\WINDOWS\system32\perfc005.dat
2019-05-24 23:06 - 2018-04-12 01:36 - 00000000 ____D C:\WINDOWS\INF
2019-05-24 22:59 - 2018-06-04 18:31 - 00485200 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\system32\zu-ZA
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\system32\yo-NG
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\system32\xh-ZA
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\system32\wo-SN
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\system32\tn-ZA
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\system32\ti-ET
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\system32\rw-RW
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\system32\nso-ZA
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\system32\ig-NG
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\system32\chr-CHER-US
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2019-05-24 22:54 - 2018-04-12 17:51 - 00000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2019-05-24 22:54 - 2018-04-12 01:38 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-05-24 22:54 - 2018-04-12 01:38 - 00000000 ___RD C:\Program Files\Windows Defender
2019-05-24 22:54 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\TextInput
2019-05-24 22:54 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\ShellExperiences
2019-05-24 22:54 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\bcastdvr
2019-05-24 22:52 - 2016-05-01 05:30 - 00000000 ____D C:\AdwCleaner
2019-05-24 13:35 - 2017-10-09 19:32 - 00000000 ____D C:\Users\bublinka\AppData\Local\ElevatedDiagnostics
2019-05-24 13:08 - 2015-07-15 11:35 - 00002315 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-05-24 13:08 - 2015-07-15 11:35 - 00002274 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-05-24 12:45 - 2018-07-19 12:01 - 00000000 ____D C:\Users\bublinka\AppData\Roaming\vlc
2019-05-24 12:04 - 2018-04-12 01:30 - 00000000 ____D C:\WINDOWS\CbsTemp
2019-05-24 11:39 - 2018-07-18 21:37 - 00001141 _____ C:\Users\Public\Desktop\VLC media player.lnk
2019-05-24 08:40 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\AppReadiness
2019-05-24 00:21 - 2015-07-22 09:21 - 00000000 ____D C:\WINDOWS\system32\MRT
2019-05-24 00:09 - 2015-07-22 09:20 - 132445408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-05-23 23:24 - 2018-11-17 20:06 - 00000000 ____D C:\Program Files\rempl
2019-05-23 23:17 - 2016-11-08 13:33 - 00000000 ____D C:\Program Files (x86)\McAfee
2019-05-23 23:13 - 2018-06-04 18:40 - 00000000 ____D C:\Users\bublinka
2019-05-23 23:07 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2019-05-23 23:03 - 2016-05-03 16:41 - 00000000 ____D C:\Users\bublinka\AppData\Roaming\uTorrent
2019-05-23 22:37 - 2014-11-01 19:42 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2019-05-23 22:24 - 2018-04-12 01:38 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2019-05-23 20:59 - 2017-12-18 04:43 - 00000000 ____D C:\Users\bublinka\AppData\Local\Packages
2019-05-23 20:20 - 2016-04-14 15:09 - 00015800 _____ (ESET) C:\WINDOWS\system32\Drivers\eelam.sys
2019-05-23 19:00 - 2014-11-01 19:41 - 00000000 ____D C:\ProgramData\PCDr
2019-05-23 18:59 - 2018-06-04 19:11 - 00003456 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-05-23 18:59 - 2018-06-04 19:11 - 00003332 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-05-23 18:56 - 2018-06-04 19:11 - 00004610 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-05-23 18:56 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-05-23 18:55 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\system32\Macromed
2019-05-13 15:24 - 2014-11-01 19:41 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2019-05-13 15:19 - 2017-07-10 15:06 - 00000000 ____D C:\ProgramData\SupportAssist
2019-05-04 01:53 - 2019-02-17 10:00 - 00835688 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-05-04 01:53 - 2019-02-17 10:00 - 00179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-04-28 00:12 - 2018-06-04 19:11 - 00004470 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
==================== Files in the root of some directories =======
2017-06-02 00:36 - 2017-06-02 00:36 - 0000000 _____ () C:\ProgramData\DP45977C.lfl
Some files in TEMP:
====================
C:\Users\bublinka\AppData\Local\Temp\vlc-3.0.6-win32.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-06-04 18:31
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:30-04-2016
Ran by bublinka (2019-05-23 23:43:37)
Running from C:\Users\bublinka\Desktop
Windows 10 Home Version 1803 (X64) (2018-06-04 17:12:37)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-242124988-2545093545-445695849-500 - Administrator - Disabled)
bublinka (S-1-5-21-242124988-2545093545-445695849-1001 - Administrator - Enabled) => C:\Users\bublinka
DefaultAccount (S-1-5-21-242124988-2545093545-445695849-503 - Limited - Disabled)
Guest (S-1-5-21-242124988-2545093545-445695849-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-242124988-2545093545-445695849-1003 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-242124988-2545093545-445695849-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.192 - Adobe)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.2.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MX450 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX450_series) (Version: 1.00 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.44 - Piriform)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.7.5.60 - Dell Inc.)
Dell Customer Connect (HKLM-x32\...\{4FA72FF9-DD64-43A8-8704-6380A11F11D5}) (Version: 1.4.15.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{693A23FB-F28B-4F7A-A720-4C1263F97F43}) (Version: 3.1.1002.0 - Dell Products, LP)
Dell Product Registration (HKLM-x32\...\{24F2AD94-CC1B-4294-B184-D4D31A3186A7}) (Version: 2.42.0012 - Aviata Inc.)
Dell SupportAssist (HKLM\...\{0309AC01-330F-494C-B27D-58E297E4674F}) (Version: 3.2.1.94 - Dell Inc.)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 19.2.17.64 - Synaptics Incorporated)
Dell Update (HKLM-x32\...\{5EBBC1DA-975F-44A0-B438-F325BCD45577}) (Version: 3.0.1 - Dell Inc.)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
Dropbox 20 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 0.9.0 - Dropbox, Inc.)
ESET Security (HKLM\...\{3EB22EED-2263-4174-9F36-09BD15A7AEF8}) (Version: 12.1.34.0 - ESET, spol. s r.o.)
Fotor 3.0.0 (HKLM-x32\...\Fotor) (Version: 3.0.0 - Everimaging Co., Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.103 - Spoločnosť Google Inc.)
Google Update Helper (x32 Version: 1.3.34.11 - Google LLC) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
jwDuplFiles 2.0 (HKLM-x32\...\jwDuplFiles_is1) (Version: - jw)
LibreOffice 4.4.4.3 (HKLM-x32\...\{5B6D82BB-CC1A-431E-8991-3E57855F99C5}) (Version: 4.4.4.3 - The Document Foundation)
McAfee True Key (HKLM\...\TrueKey) (Version: 5.3.138.1 - McAfee, LLC)
Microsoft Office 2016 Professional Plus - sk-sk (HKLM\...\ProplusRetail - sk-sk) (Version: 16.0.11629.20164 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-242124988-2545093545-445695849-1001\...\OneDriveSetup.exe) (Version: 19.033.0218.0006 - Microsoft Corporation)
Microsoft Project Professional 2016 - en-us (HKLM\...\ProjectProRetail - en-us) (Version: 16.0.11629.20164 - Microsoft Corporation)
Microsoft Project Professional 2016 - sk-sk (HKLM\...\ProjectProRetail - sk-sk) (Version: 16.0.11629.20164 - Microsoft Corporation)
Microsoft Visio Professional 2016 - en-us (HKLM\...\VisioProRetail - en-us) (Version: 16.0.11629.20164 - Microsoft Corporation)
Microsoft Visio Professional 2016 - sk-sk (HKLM\...\VisioProRetail - sk-sk) (Version: 16.0.11629.20164 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
MPC-HC 1.7.10 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.10 - MPC-HC Team)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.11629.20164 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.11629.20164 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.11629.20164 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.11629.20164 - Microsoft Corporation) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.21 - Dell Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7544 - Realtek Semiconductor Corp.)
Skype™ 7.36 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.36.101 - Skype Technologies S.A.)
SmartByte Drivers and Services (HKLM\...\{EC62F71A-6CFA-4918-9EBC-99BFF86DB3C9}) (Version: 1.2.600 - Meno vašej spoločnosti)
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.11.0052 - ST Microelectronics)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C3ACFCEA-240F-4DCC-A0C3-DD55FEE6C3C2}) (Version: 2.58.0.0 - Microsoft Corporation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.3 - VideoLAN)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-242124988-2545093545-445695849-1001_Classes\CLSID\{021E4F06-9DCC-49AD-88CF-ECC2DA314C8A}\localserver32 -> C:\Users\bublinka\AppData\Local\Microsoft\OneDrive\19.033.0218.0006\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-242124988-2545093545-445695849-1001_Classes\CLSID\{389510b7-9e58-40d7-98bf-60b911cb0ea9}\localserver32 -> C:\Users\bublinka\AppData\Local\Microsoft\OneDrive\19.033.0218.0006\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-242124988-2545093545-445695849-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\bublinka\AppData\Local\Microsoft\OneDrive\19.033.0218.0006\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-242124988-2545093545-445695849-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-242124988-2545093545-445695849-1001_Classes\CLSID\{94269C4E-071A-4116-90E6-52E557067E4E}\localserver32 -> C:\Users\bublinka\AppData\Local\Microsoft\OneDrive\19.033.0218.0006\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-242124988-2545093545-445695849-1001_Classes\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}\localserver32 -> C:\Users\bublinka\AppData\Local\Microsoft\OneDrive\19.033.0218.0006\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-242124988-2545093545-445695849-1001_Classes\CLSID\{A926714B-7BFC-4D08-A035-80021395FFA8}\localserver32 -> C:\Users\bublinka\AppData\Local\Microsoft\OneDrive\19.033.0218.0006\FileCoAuth.exe (Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {01B66E1D-A38C-4E34-AD5B-CEA2B97F3723} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {01EC02E2-C2FA-428D-86BC-9D2ED37C0E19} - System32\Tasks\{99D82FB3-2385-4717-B8F4-9088690B7994} => Chrome.exe hxxps://ui.skype.com/ui/0/7.40.0.104/sk/go/help.faq.installer?LastError=1603
Task: {042D8A51-5878-4000-9C10-C04AFF122A1F} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleCommand
Task: {04B3E894-DE5B-4C4A-9AA7-CA8F7CE43583} - System32\Tasks\Microsoft\Windows\Management\Provisioning\Cellular => C:\Windows\system32\ProvTool.exe [2018-04-12] (Microsoft Corporation)
Task: {05E14797-9C69-4044-9D9F-FD9E85FCB31D} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-04-28] (Adobe)
Task: {09928EDD-8282-4D2A-8DD3-8FF4A7F31EB4} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_192_pepper.exe [2019-05-23] (Adobe)
Task: {0A02C7EF-953D-4375-8695-251FA52A6C70} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2019-05-20] (Microsoft Corporation)
Task: {0A7AA876-862F-4F81-AA4B-B73950FA632C} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndScanForUpdates
Task: {15F6E1FB-C795-48D3-B776-BF3ACB72A272} - System32\Tasks\Microsoft\Windows\SMB\UninstallSMB1ClientTask => powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& %windir%\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Client"
Task: {1A6B572B-305A-4E8E-89DC-2AB68F501B7B} - System32\Tasks\{A5C32C1C-4276-496E-814E-C24EC7884B4E} => pcalua.exe -a "C:\Program Files\McAfee Security Scan\uninstall.exe"
Task: {1BE936D4-EE40-4F04-84E0-18FFD27C0A6A} - System32\Tasks\Microsoft\Windows\Chkdsk\SyspartRepair => C:\Windows\system32\bcdboot.exe [2018-04-12] (Microsoft Corporation)
Task: {1D50DE34-EC88-4E20-BEFC-D39477A96CEA} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon => C:\Windows\System32\XblGameSaveTask.exe [2018-04-12] (Microsoft Corporation)
Task: {1F8E7195-E1DF-4F2F-8CE4-CB57EFDC7422} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2019-02-09] (Piriform Software Ltd)
Task: {2231CAFE-FABE-41F5-A0B3-842D9319DBF9} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierinstall => C:\Windows\system32\AppHostRegistrationVerifier.exe [2018-06-04] (Microsoft Corporation)
Task: {2631B695-B48B-4E0C-AECF-4D936E22D671} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [2019-04-10] (Dell Inc.)
Task: {28F8D7DF-EB44-4C61-A20B-AF2BEF0BBF3E} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2019-05-23] (Microsoft Corporation)
Task: {294EF281-56B6-4F71-8115-BAC2919EF034} - System32\Tasks\Microsoft\Windows\EDP\EDP App Launch Task
Task: {29F3A47A-C0DC-48D8-ACAF-89413EE0731D} - System32\Tasks\Microsoft\Windows\UNP\RunUpdateNotificationMgr => C:\Windows\System32\UNP\UpdateNotificationMgr.exe [2019-02-16] (Microsoft Corporation)
Task: {2B8C98EC-1B42-437C-A517-1A31A71F1789} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2019-05-23] (Microsoft Corporation)
Task: {2BB692C1-F60F-479E-ADC2-1CAF9422A2AC} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitorToastTask
Task: {2DBD790D-172A-4CFA-B3F7-824D7509680F} - System32\Tasks\Microsoft\Windows\PushToInstall\Registration => Sc.exe start pushtoinstall registration
Task: {2E2F9ADD-000F-4459-B074-DB62A7324E8D} - System32\Tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition => C:\Windows\system32\ClipRenew.exe [2018-04-12] (Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe
Task: {3BD6E422-FB19-48CD-A568-7E535F85B9E8} - System32\Tasks\Dell\Dell Product Registration Update => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [2014-10-31] (Aviata Inc)
Task: {430852CB-A87C-492E-A659-075C7BF1710C} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndContinueUpdates
Task: {457E0773-263C-44AF-A601-CE88231F03F6} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {51D31EBF-545E-411D-A21A-CB34004CC384} - System32\Tasks\Microsoft\Windows\ExploitGuard\ExploitGuard MDM policy Refresh
Task: {541BA5BF-1736-4A3E-B1E5-CE1C9EE13043} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdates
Task: {577C3956-E492-42A5-AEFB-FDC54A537C64} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePolicyChange
Task: {57A7E0DF-F70E-43B1-AA2C-5BA67DBBE753} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefreshTask
Task: {582FC1AC-F302-46B4-A283-5462926E5AB5} - System32\Tasks\Microsoft\Windows\Subscription\LicenseAcquisition => C:\Windows\system32\ClipRenew.exe [2018-04-12] (Microsoft Corporation)
Task: {5DB4FD20-4FF2-4C58-9801-ADD6F0149633} - System32\Tasks\Microsoft\Windows\EDP\EDP Inaccessible Credentials Task
Task: {62331915-A3E9-4B6E-9686-86034377E8CF} - System32\Tasks\Microsoft\Windows\USB\Usb-Notifications
Task: {65A34F07-723D-4150-B109-13BD1AE3DFAA} - System32\Tasks\Microsoft\Windows\InstallService\SmartRetry
Task: {65B55775-10A6-47EB-97F8-4E8CEC576235} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2019-05-23] (Microsoft Corporation)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\Windows\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {6DE4F7DC-0B8D-404A-A6C9-83241658F8CA} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierdaily => C:\Windows\system32\AppHostRegistrationVerifier.exe [2018-06-04] (Microsoft Corporation)
Task: {7138D0D3-1873-4A77-86CF-4840F491C90F} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTask => C:\Windows\System32\XblGameSaveTask.exe [2018-04-12] (Microsoft Corporation)
Task: {71560483-D9E9-4D02-970C-ECDEE5A80C3E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {749E286C-C205-4C7C-B742-BE5023BF06DE} - System32\Tasks\Microsoft\Windows\PushToInstall\LoginCheck => Sc.exe start pushtoinstall login
Task: {78BABCCD-20B8-49B7-B4F8-87490C41C875} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdatesAsUser
Task: {79CA8FC1-01E5-4E56-BF5C-01A81F37C43E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2019-05-23] (Microsoft Corporation)
Task: {7B90F132-1039-441B-99DD-264EC9EC84FB} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {7C145D48-7B72-4F20-BB0F-295358D64475} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2019-05-20] (Microsoft Corporation)
Task: {7D885CF2-5168-4B9A-B79C-32CE5CBCD635} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {7EAE5A6B-00F4-4B9F-A255-E1C163B587A1} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\LocateCommandUserSession
Task: {83A83211-ACB0-4A1D-8987-72CA75E4BFD4} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2017-12-19] (Synaptics Incorporated)
Task: {89D7F92C-2599-494E-B7C9-72ECAAAF4AB7} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\sedlauncher.exe [2019-05-11] (Microsoft Corporation)
Task: {8C9C9D81-3770-4016-865E-B3C8E72EB828} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-12-16] (Realtek Semiconductor)
Task: {8CB4602D-5E79-403F-8CC7-5100DFCDFD56} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {8CCDCCC3-88F0-4860-84BE-5AC16A1C6FA9} - System32\Tasks\Microsoft\Windows\SharedPC\Account Cleanup => Rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
Task: {8DAC8040-1E5E-4D55-B3B0-DFD9D5E21F16} - System32\Tasks\SmartByte Telemetry => C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe [2018-03-20] (DELL)
Task: {8F255F88-A87A-495F-B828-A4AFEC70BDB0} - System32\Tasks\Microsoft\Windows\DirectX\DXGIAdapterCache => C:\Windows\system32\dxgiadaptercache.exe [2018-04-12] (Microsoft Corporation)
Task: {8F42DD19-D14E-4E1A-BF26-510AE17376EB} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {97842C3A-73DD-4B5B-A696-BA06851DAA5C} - System32\Tasks\{3C880F33-978C-47A1-B02C-B2658B44DB11} => Chrome.exe hxxps://ui.skype.com/ui/0/7.40.0.104/sk/abandoninstall?page=tsProgressBar
Task: {97E8D66D-0085-423C-BA11-DD777A1258AB} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask => C:\Windows\system32\MDMAgent.exe [2018-04-12] (Microsoft Corporation)
Task: {9AF63E86-014A-4341-AEAB-DCB9E7B453D7} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2019-05-23] (Microsoft Corporation)
Task: {A305A840-EC8B-4C66-8EA8-5FF15F129CD2} - System32\Tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask => C:\Windows\system32\speech_onecore\common\SpeechModelDownload.exe [2018-04-12] (Microsoft Corporation)
Task: {AA5E519C-6234-454E-BAB7-E294E91CF45E} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-242124988-2545093545-445695849-1001 => C:\Users\bublinka\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {B0952E0A-C54F-4E8B-95E9-90E560086B37} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleWnsCommand
Task: {B14C88F4-4AAC-4F00-A94E-8EA180D7AEDC} - System32\Tasks\Microsoft\Windows\DiskFootprint\StorageSense
Task: {B27B93AE-52E3-4464-BA13-67402C269B4E} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures
Task: {B2F4AC84-A8D0-4524-9363-BFF5A5911A00} - System32\Tasks\Microsoft\Windows\BrokerInfrastructure\BgTaskRegistrationMaintenanceTask
Task: {B9D261F9-B457-487D-9012-F970DABA77B7} - System32\Tasks\Microsoft\Windows\SMB\UninstallSMB1ServerTask => powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& %windir%\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Server"
Task: {BA2025F6-AB93-4EA6-8F10-AB3F0CF026B7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-15] (Google Inc.)
Task: {BE8BA67A-1CC9-4255-A9B4-72015F5E3967} - System32\Tasks\Dell\Dell Product Registration => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [2014-10-31] (Aviata Inc)
Task: {C0A89418-25E8-447B-8E2C-570F6E829059} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {C2098BE2-A29A-4EB1-97F6-F0C57E086D4F} - System32\Tasks\Microsoft\Windows\Speech\HeadsetButtonPress => C:\Windows\system32\speech_onecore\common\SpeechRuntime.exe [2018-06-04] (Microsoft Corporation)
Task: {CBD6BD7F-61B1-4828-A3E2-7EFA77D2902F} - System32\Tasks\0216scUpdateInfo => C:\ProgramData\Avg_Update_0216sc\0216sc_{303F9E5E-1CF4-41CD-91E6-A2E7FEF73ACB}.exe [2016-03-30] ()
Task: {CD7E9DFE-9FC4-47BD-9BAF-EBB480DC6444} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-15] (Google Inc.)
Task: {CDA5D686-5D6C-4730-9907-B66710DC3670} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceLocationRightsChange
Task: {D010978C-B666-4072-B7F3-DD6340CDD629} - System32\Tasks\Microsoft\Windows\EDP\StorageCardEncryption Task
Task: {D1CC320B-9A47-4DB4-AFE4-2BCE1A964E7A} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\ReconcileLanguageResources
Task: {D2EFEDAF-61D5-4C52-9E5A-619AA51D9888} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {D5B3B2C7-8AF0-4D0D-A355-5216778C98D3} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {D65B4809-0CC1-46F2-B373-465C46C62D5E} - System32\Tasks\Microsoft\Windows\WaaSMedic\PerformRemediation
Task: {DD710A69-86C6-4932-97B1-01FB13ACFEF1} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceProtectionStateChanged
Task: {E0862994-9083-482D-A921-27B4860FFA21} - System32\Tasks\Microsoft\Windows\Printing\EduPrintProv => C:\Windows\system32\eduprintprov.exe [2018-04-12] (Microsoft Corporation)
Task: {E5329163-FEE5-4C81-906A-41B97007DFB5} - System32\Tasks\{16BA0183-5E65-4F34-BF82-DD904AA5727A} => Chrome.exe hxxps://ui.skype.com/ui/0/7.40.0.151/sk/abandoninstall?page=tsMain
Task: {E8BFFE70-6A84-49DA-B133-5ABDF88C5EDF} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {E9509E7E-053D-404A-B8D7-47C47BDC88F9} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [2018-12-02] (McAfee, Inc.)
Task: {EA415426-12E9-46BA-911C-4CA3B4CD643F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2019-02-09] (Piriform Software Ltd)
Task: {EFA86FF7-22AE-4997-AFD9-E89E1BF9B7D6} - System32\Tasks\Microsoft\Windows\Device Information\Device => C:\Windows\system32\devicecensus.exe [2019-02-16] (Microsoft Corporation)
Task: {F955A09C-E83A-4AD5-9ABC-7D5D7A055117} - System32\Tasks\Microsoft\Windows\EDP\EDP Auth Task
Task: {F9B0F07E-5A48-4EA4-AC6A-7866579B7CDF} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {FC779438-B7FD-4774-AA55-4DE2A4B098A4} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker MDM policy Refresh
Task: {FF9A60C0-46F6-4B0C-A400-4BCB4DC48F0B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2019-05-23] (Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\bublinka\Documents\ROBOTA - disk\HARTLOVÁ\Nagyová plocha\plocha\Passport mostov.lnk -> C:\Users\nagyova.slavka\Documents\passport.bat (No File)
==================== Loaded Modules (Whitelisted) ==============
2007-03-23 17:36 - 2007-03-23 17:36 - 00022016 _____ () C:\WINDOWS\System32\xrxs1l6.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 00491744 _____ () C:\Windows\System32\InputHost.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 00472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-12-12 09:01 - 2018-11-09 04:17 - 02759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 00491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2019-05-13 15:27 - 2019-05-13 15:27 - 02587976 _____ () C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1542\libprotobuf.dll
2018-11-12 13:46 - 2018-11-12 13:46 - 00035976 _____ () C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
2018-04-12 01:34 - 2018-04-12 01:34 - 00491744 _____ () C:\WINDOWS\SYSTEM32\InputHost.dll
2019-03-16 21:23 - 2019-03-06 10:30 - 02185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-10-24 08:39 - 2018-10-24 08:42 - 00009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2019-05-23 21:04 - 2019-05-23 21:07 - 00060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2019-05-23 21:04 - 2019-05-23 21:07 - 00182272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2019-04-07 09:13 - 2019-04-07 09:14 - 26138624 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
2019-04-07 09:13 - 2019-04-07 09:14 - 00289280 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\SharedUI.dll
2017-12-07 15:39 - 2017-12-07 15:40 - 00902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2018-12-01 21:47 - 2018-12-01 21:49 - 04202208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-04-07 09:13 - 2019-04-07 09:14 - 05709824 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\EntCommon.dll
2019-04-07 09:13 - 2019-04-07 09:14 - 08948224 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\EntPlat.dll
2019-05-23 21:04 - 2019-05-23 21:11 - 00481280 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19031.17720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2019-05-23 21:04 - 2019-05-23 21:07 - 81356800 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19031.17720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2019-05-23 21:04 - 2019-05-23 21:13 - 00012288 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19031.17720.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2017-10-07 11:12 - 2017-10-07 11:15 - 02523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19031.17720.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2019-05-23 21:04 - 2019-05-23 21:11 - 03707904 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19031.17720.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2019-05-23 21:04 - 2019-05-23 21:12 - 13491200 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19031.17720.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2019-05-23 21:04 - 2019-05-23 21:08 - 02867712 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19031.17720.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2019-05-23 21:04 - 2019-05-23 21:13 - 01014784 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19031.17720.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2019-05-23 21:04 - 2019-05-23 21:10 - 00120320 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19031.17720.0_x64__8wekyb3d8bbwe\AppSettingsCppCX.dll
2018-12-12 08:32 - 2018-12-12 08:33 - 04380232 _____ () C:\Program Files\WindowsApps\Microsoft.UI.Xaml.2.0_2.1810.18004.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2016-12-21 11:24 - 2016-12-21 11:24 - 00134008 _____ () C:\Program Files (x86)\Dell Customer Connect\ServiceTagPlusPlus.dll
2015-03-16 11:28 - 2015-03-16 11:28 - 00155528 _____ () C:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudAddService.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudBus.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetSetupSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SerCx2.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\usbaudio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2016-11-08 14:41 - 00000826 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-242124988-2545093545-445695849-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\bublinka\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run32: => "DropboxOEM"
HKU\S-1-5-21-242124988-2545093545-445695849-1001\...\StartupApproved\StartupFolder: => "LibreOffice 4.4.lnk"
HKU\S-1-5-21-242124988-2545093545-445695849-1001\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [WirelessDisplay-Infra-In-TCP] => (Allow) %systemroot%\system32\CastSrv.exe
FirewallRules: [{4F2C7FE1-3B3D-4BDF-AB39-DF5189F08DF0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{27B83E37-FF87-4062-8121-D9451252609C}C:\users\bublinka\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\bublinka\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{1A14C6EA-E98A-4328-8027-8427B35CF961}C:\users\bublinka\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\bublinka\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{36C9F198-EA04-41CA-B685-F0AEFDDCA9F7}] => (Block) C:\users\bublinka\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{FB28A465-F4FE-4C8B-B20D-6F18725EBBE9}] => (Block) C:\users\bublinka\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{8372DFC7-4547-42E3-BF8B-801B275DE631}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{9FBFECBD-CD65-43DF-9EBA-0B00566CD932}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{C6DD7A78-2FB1-4BFD-9213-4AF4057D920D}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{D74BFF13-6A6E-458E-A51B-7890A8F20994}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{24B4AAEE-81F7-4DE5-B113-BBCFDC843B58}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{717D9DB2-8175-4DD9-B822-060ECF582DBE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{20101127-35CF-4431-877A-B1470F9FFBA8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{38C74F7E-8F7B-47C3-9A90-49BB21A2CC8D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
==================== Restore Points =========================
07-04-2019 09:00:24 Windows Update
23-05-2019 22:25:04 Removed Skype™ 7.36
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/23/2019 11:32:01 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
Error: (05/23/2019 11:29:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: DDVDataCollector.exe, verzia: 5.2.8.103, časová značka: 0x5c781a2a
Názov chybujúceho modulu: DDVDataCollector.exe, verzia: 5.2.8.103, časová značka: 0x5c781a2a
Kód výnimky: 0xc0000409
Odstup chyby: 0x00000000001cfb1b
Identifikácia chybujúceho procesu: 0x21fc
Čas spustenia chybujúcej aplikácie: 0xDDVDataCollector.exe0
Cesta chybujúcej aplikácie: DDVDataCollector.exe1
Cesta chybujúceho modulu: DDVDataCollector.exe2
Identifikácia hlásenia: DDVDataCollector.exe3
Celé meno chybujúceho balíka: DDVDataCollector.exe4
Identifikácia chybujúcej aplikácie vzhľadom na balík: DDVDataCollector.exe5
Error: (05/23/2019 11:17:54 PM) (Source: TrueKey) (EventID: 0) (User: )
Description: Zpracování změny relace se nezdařilo. System.ArgumentNullException: Hodnota nemůže být NULL.
v System.Threading.Monitor.Enter(Object obj)
v McAfee.YAP.Service.Common.UsersManager.GetWindowsUsers(Boolean async)
v McAfee.YAP.Service.Service.OnSessionChange(SessionChangeDescription changeDescription)
v System.ServiceProcess.ServiceBase.DeferredSessionChange(Int32 eventType, Int32 sessionId)
Error: (05/23/2019 11:06:45 PM) (Source: ESENT) (EventID: 489) (User: )
Description: CCleaner64 (10576,G,0) An attempt to open the file "C:\Users\bublinka\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" for read only access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).
Error: (05/23/2019 11:04:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: utorrent.exe, verzia: 2.2.1.25534, časová značka: 0x4e4594ce
Názov chybujúceho modulu: GDI32.dll, verzia: 10.0.17134.285, časová značka: 0x40f0d4bd
Kód výnimky: 0xc000041d
Odstup chyby: 0x000063d7
Identifikácia chybujúceho procesu: 0xd98
Čas spustenia chybujúcej aplikácie: 0xutorrent.exe0
Cesta chybujúcej aplikácie: utorrent.exe1
Cesta chybujúceho modulu: utorrent.exe2
Identifikácia hlásenia: utorrent.exe3
Celé meno chybujúceho balíka: utorrent.exe4
Identifikácia chybujúcej aplikácie vzhľadom na balík: utorrent.exe5
Error: (05/23/2019 10:44:25 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Služba Windows Search sa zastavuje, pretože sa vyskytol problém s indexovaním, Nezdařila se fáze obnovení..
Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Vypínání indexovacího modulu (HRESULT : 0x80040d23) (0x80040d23)
Error: (05/23/2019 10:44:25 PM) (Source: Windows Search Service) (EventID: 3602) (User: )
Description: V štádiu obnovovania služby Windows Search sa vyskytla chyba, jej ID je 1. Znova spustite službu. Ak táto chyba pretrváva, znova vytvorte index.
Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Vypínání indexovacího modulu (HRESULT : 0x80040d23) (0x80040d23)
Error: (05/13/2019 03:34:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: DDVDataCollector.exe, verzia: 5.2.8.103, časová značka: 0x5c781a2a
Názov chybujúceho modulu: DDVDataCollector.exe, verzia: 5.2.8.103, časová značka: 0x5c781a2a
Kód výnimky: 0xc0000409
Odstup chyby: 0x00000000001cfb1b
Identifikácia chybujúceho procesu: 0x1490
Čas spustenia chybujúcej aplikácie: 0xDDVDataCollector.exe0
Cesta chybujúcej aplikácie: DDVDataCollector.exe1
Cesta chybujúceho modulu: DDVDataCollector.exe2
Identifikácia hlásenia: DDVDataCollector.exe3
Celé meno chybujúceho balíka: DDVDataCollector.exe4
Identifikácia chybujúcej aplikácie vzhľadom na balík: DDVDataCollector.exe5
Error: (05/13/2019 03:10:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: DDVDataCollector.exe, verzia: 5.2.7.93, časová značka: 0x5bce2506
Názov chybujúceho modulu: DDVDataCollector.exe, verzia: 5.2.7.93, časová značka: 0x5bce2506
Kód výnimky: 0xc0000409
Odstup chyby: 0x00000000001cd3cb
Identifikácia chybujúceho procesu: 0x2078
Čas spustenia chybujúcej aplikácie: 0xDDVDataCollector.exe0
Cesta chybujúcej aplikácie: DDVDataCollector.exe1
Cesta chybujúceho modulu: DDVDataCollector.exe2
Identifikácia hlásenia: DDVDataCollector.exe3
Celé meno chybujúceho balíka: DDVDataCollector.exe4
Identifikácia chybujúcej aplikácie vzhľadom na balík: DDVDataCollector.exe5
Error: (04/07/2019 05:59:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: DDVDataCollector.exe, verzia: 5.2.7.93, časová značka: 0x5bce2506
Názov chybujúceho modulu: DDVDataCollector.exe, verzia: 5.2.7.93, časová značka: 0x5bce2506
Kód výnimky: 0xc0000409
Odstup chyby: 0x00000000001cd3cb
Identifikácia chybujúceho procesu: 0x2e00
Čas spustenia chybujúcej aplikácie: 0xDDVDataCollector.exe0
Cesta chybujúcej aplikácie: DDVDataCollector.exe1
Cesta chybujúceho modulu: DDVDataCollector.exe2
Identifikácia hlásenia: DDVDataCollector.exe3
Celé meno chybujúceho balíka: DDVDataCollector.exe4
Identifikácia chybujúcej aplikácie vzhľadom na balík: DDVDataCollector.exe5
System errors:
=============
Error: (05/23/2019 11:40:23 PM) (Source: DCOM) (EventID: 10016) (User: PRISERKA)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}PRISERKAbublinkaS-1-5-21-242124988-2545093545-445695849-1001LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici
Error: (05/23/2019 11:29:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Dell Data Vault Collector sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (05/23/2019 11:21:06 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
Error: (05/23/2019 11:17:51 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici
Error: (05/23/2019 11:17:41 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici
Error: (05/23/2019 11:17:41 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici
Error: (05/23/2019 11:16:38 PM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
Description: The password notification DLL "C:\Program Files\McAfee\TrueKey\McAfeeTrueKeyPasswordFilter" failed to load with error 126. Please verify that the notification DLL path defined in the registry, HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages, refers to a correct and absolute path (<drive>:\<path>\<filename>.<ext>) and not a relative or invalid path. If the DLL path is correct, please validate that any supporting files are located in the same directory, and that the system account has read access to both the DLL path and any supporting files. Contact the provider of the notification DLL for additional support. Further details can be found on the web at http://go.microsoft.com/fwlink/?LinkId=245898.
Error: (05/23/2019 11:16:38 PM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
Description: The password notification DLL "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" failed to load with error 126. Please verify that the notification DLL path defined in the registry, HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages, refers to a correct and absolute path (<drive>:\<path>\<filename>.<ext>) and not a relative or invalid path. If the DLL path is correct, please validate that any supporting files are located in the same directory, and that the system account has read access to both the DLL path and any supporting files. Contact the provider of the notification DLL for additional support. Further details can be found on the web at http://go.microsoft.com/fwlink/?LinkId=245898.
Error: (05/23/2019 11:16:38 PM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
Description: The password notification DLL C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter failed to load with error 126. Please verify that the notification DLL path defined in the registry, HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages, refers to a correct and absolute path (<drive>:\<path>\<filename>.<ext>) and not a relative or invalid path. If the DLL path is correct, please validate that any supporting files are located in the same directory, and that the system account has read access to both the DLL path and any supporting files. Contact the provider of the notification DLL for additional support. Further details can be found on the web at http://go.microsoft.com/fwlink/?LinkId=245898.
Error: (05/13/2019 03:44:23 PM) (Source: Service Control Manager) (EventID: 7046) (User: )
Description: Nasledujúca služba sa opakovane zastavila pri reakcii na požiadavky riadenia služieb: Služba platformy připojených zařízení
Informujte sa u dodávateľa služby alebo správcu systému, kde možno túto službu vypnúť, kým sa nezistí problém.
Pred vypnutím služby možno budete musieť reštartovať počítač v bezpečnom režime.
CodeIntegrity:
===================================
Date: 2018-10-27 12:43:22.591
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-10-27 12:43:22.387
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-10-26 15:58:30.786
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-10-26 15:58:30.717
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-10-25 10:20:14.440
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-10-25 10:20:14.379
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-10-24 21:17:43.637
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-10-24 21:17:09.345
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-10-24 21:17:07.547
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-10-24 21:16:58.404
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) CPU N3530 @ 2.16GHz
Percentage of memory in use: 72%
Total physical RAM: 3978.2 MB
Available physical RAM: 1099.77 MB
Total Virtual: 6282.2 MB
Available Virtual: 2813.09 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:456.3 GB) (Free:186.52 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: BD0D5174)
Partition: GPT.
==================== End of Addition.txt ============================
Re: kontrola logu
Logy su vytvorene zastaralou FRST verziou (Version:30-04-2016). Stiahni najnovsiu verziu z https://www.bleepingcomputer.com/downlo ... scan-tool/ a vytvor logy este raz.Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: kontrola logu
stahovala som novu, ked som temu zadavala. Preco nacital staru verziu, netusim...ale neva. Tak toto by mal byt z novej.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-05.2019
Ran by bublinka (administrator) on PRISERKA (Dell Inc. Inspiron 11 - 3147) (25-05-2019 21:06:03)
Running from C:\Users\bublinka\Desktop
Loaded Profiles: bublinka (Available Profiles: bublinka)
Platform: Windows 10 Home Version 1803 17134.765 (X64) Language: Čeština (Česká republika)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.1000_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19031.17720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc. -> Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(Farbar) [File not signed] C:\Users\bublinka\Desktop\FRST64.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.1000_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Rivet Networks LLC -> CloudBees, Inc.) C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe
(Rivet Networks LLC -> DELL) C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe
(Rivet Networks LLC -> Rivet Networks LLC) C:\Program Files\Rivet Networks\SmartByte\RNDBWM.exe
(Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Wistron Corporation -> Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760 2015-12-16] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-12-16] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3775816 2014-02-27] (Wistron Corporation -> Dell Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\ecmdS.exe [177928 2019-05-23] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [DropboxOEM] => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [462160 2014-09-02] (Dropbox, Inc -> )
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452272 2012-08-31] (Canon Inc. -> CANON INC.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe"
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-242124988-2545093545-445695849-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19645800 2019-02-09] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.169\Installer\chrmstp.exe [2019-05-24] (Google LLC -> Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2014-02-26] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2014-02-26] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
Startup: C:\Users\bublinka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LibreOffice 4.4.lnk [2015-07-28]
ShortcutTarget: LibreOffice 4.4.lnk -> C:\Program Files (x86)\LibreOffice 4\program\quickstart.exe (The Document Foundation -> )
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {01B66E1D-A38C-4E34-AD5B-CEA2B97F3723} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {01EC02E2-C2FA-428D-86BC-9D2ED37C0E19} - System32\Tasks\{99D82FB3-2385-4717-B8F4-9088690B7994} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxps://ui.skype.com/ui/0/7.40.0.104/sk/go/help.faq.installer?LastError=1603
Task: {05E14797-9C69-4044-9D9F-FD9E85FCB31D} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-04-28] (Adobe Inc. -> Adobe)
Task: {09928EDD-8282-4D2A-8DD3-8FF4A7F31EB4} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_192_pepper.exe [1452600 2019-05-23] (Adobe Inc. -> Adobe)
Task: {0A02C7EF-953D-4375-8695-251FA52A6C70} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26165840 2019-05-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {1A6B572B-305A-4E8E-89DC-2AB68F501B7B} - System32\Tasks\{A5C32C1C-4276-496E-814E-C24EC7884B4E} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files\McAfee Security Scan\uninstall.exe"
Task: {1F8E7195-E1DF-4F2F-8CE4-CB57EFDC7422} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [14679256 2019-02-09] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {2631B695-B48B-4E0C-AECF-4D936E22D671} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1512920 2019-04-10] (Dell Inc. -> Dell Inc.)
Task: {28F8D7DF-EB44-4C61-A20B-AF2BEF0BBF3E} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1448064 2019-05-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {2B8C98EC-1B42-437C-A517-1A31A71F1789} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1448064 2019-05-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3BD6E422-FB19-48CD-A568-7E535F85B9E8} - System32\Tasks\Dell\Dell Product Registration Update => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [157216 2014-10-31] (Leader Technologies Inc -> Aviata Inc)
Task: {457E0773-263C-44AF-A601-CE88231F03F6} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {65B55775-10A6-47EB-97F8-4E8CEC576235} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [113088 2019-05-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {71560483-D9E9-4D02-970C-ECDEE5A80C3E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {79CA8FC1-01E5-4E56-BF5C-01A81F37C43E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4469888 2019-05-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {7B90F132-1039-441B-99DD-264EC9EC84FB} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {7C145D48-7B72-4F20-BB0F-295358D64475} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26165840 2019-05-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {7D885CF2-5168-4B9A-B79C-32CE5CBCD635} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {83A83211-ACB0-4A1D-8987-72CA75E4BFD4} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [4167224 2017-12-19] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {8C9C9D81-3770-4016-865E-B3C8E72EB828} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-12-16] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {8CB4602D-5E79-403F-8CC7-5100DFCDFD56} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {8DAC8040-1E5E-4D55-B3B0-DFD9D5E21F16} - System32\Tasks\SmartByte Telemetry => C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe [30912 2018-03-20] (Rivet Networks LLC -> DELL)
Task: {8F42DD19-D14E-4E1A-BF26-510AE17376EB} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {97842C3A-73DD-4B5B-A696-BA06851DAA5C} - System32\Tasks\{3C880F33-978C-47A1-B02C-B2658B44DB11} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxps://ui.skype.com/ui/0/7.40.0.104/sk/abandoninstall?page=tsProgressBar
Task: {9AF63E86-014A-4341-AEAB-DCB9E7B453D7} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [113088 2019-05-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {AA5E519C-6234-454E-BAB7-E294E91CF45E} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-242124988-2545093545-445695849-1001 => C:\Users\bublinka\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {BA2025F6-AB93-4EA6-8F10-AB3F0CF026B7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-07-15] (Google Inc -> Google Inc.)
Task: {BE8BA67A-1CC9-4255-A9B4-72015F5E3967} - System32\Tasks\Dell\Dell Product Registration => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [157216 2014-10-31] (Leader Technologies Inc -> Aviata Inc)
Task: {C0A89418-25E8-447B-8E2C-570F6E829059} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {CBD6BD7F-61B1-4828-A3E2-7EFA77D2902F} - System32\Tasks\0216scUpdateInfo => C:\ProgramData\Avg_Update_0216sc\0216sc_{303F9E5E-1CF4-41CD-91E6-A2E7FEF73ACB}.exe [2970184 2016-03-30] (AVG Technologies CZ, s.r.o. -> )
Task: {CD7E9DFE-9FC4-47BD-9BAF-EBB480DC6444} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-07-15] (Google Inc -> Google Inc.)
Task: {D2EFEDAF-61D5-4C52-9E5A-619AA51D9888} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {D5B3B2C7-8AF0-4D0D-A355-5216778C98D3} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {E5329163-FEE5-4C81-906A-41B97007DFB5} - System32\Tasks\{16BA0183-5E65-4F34-BF82-DD904AA5727A} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxps://ui.skype.com/ui/0/7.40.0.151/sk/abandoninstall?page=tsMain
Task: {E8BFFE70-6A84-49DA-B133-5ABDF88C5EDF} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {EA415426-12E9-46BA-911C-4CA3B4CD643F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-09] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {F9B0F07E-5A48-4EA4-AC6A-7866579B7CDF} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {FF9A60C0-46F6-4B0C-A400-4BCB4DC48F0B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4469888 2019-05-23] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{cd794d0d-69ce-4331-904a-620bfdcb01a5}: [DhcpNameServer] 172.9.1.171
Tcpip\..\Interfaces\{ea9e03d6-90a3-4096-a6fe-177ca5b373b5}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{eca5f92e-6ae5-4ac4-b98c-637f2c554e0b}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{eca5f92e-6ae5-4ac4-b98c-637f2c554e0b}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-242124988-2545093545-445695849-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
SearchScopes: HKU\S-1-5-21-242124988-2545093545-445695849-1001 -> {8E786F18-A6D8-419F-B12D-3ECF7830B782} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-05-23] (Microsoft Corporation -> Microsoft Corporation)
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-03-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-05-23] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-05-23] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-05-23] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-05-23] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-03-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-03-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-23] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-23] (Google Inc -> Google LLC)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\bublinka\AppData\Local\Google\Chrome\User Data\Default [2019-05-25]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\bublinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-05-23]
CHR Extension: (IE Tab) - C:\Users\bublinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2019-05-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\bublinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-06]
CHR Extension: (Chrome Media Router) - C:\Users\bublinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-24]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11135560 2019-05-20] (Microsoft Corporation -> Microsoft Corporation)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [209392 2019-02-28] (Dell Inc -> Dell Inc.)
S2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3363824 2019-02-28] (Dell Inc -> Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [218096 2019-02-28] (Dell Inc -> Dell Inc.)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2016-12-21] (Dell Inc -> Dell Inc.)
S2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1542\DSAPI.exe [1038144 2019-05-13] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [35976 2018-11-12] (Dell Inc -> )
S3 DellProdRegManager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [278568 2014-10-31] (Leader Technologies Inc -> Aviata, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2359312 2019-05-23] (ESET, spol. s r.o. -> ESET)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel(R) pGFX -> Intel Corporation)
R2 RNDBWM; C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe [64184 2018-03-20] (Rivet Networks LLC -> CloudBees, Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312056 2015-12-16] (Realtek Semiconductor Corp -> Realtek Semiconductor)
R2 SmartByte Network Service x64; C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe [2011848 2018-03-20] (Rivet Networks LLC -> Rivet Networks)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39896 2019-04-10] (Dell Inc. -> Dell Inc.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [265784 2017-12-19] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4413440 2019-03-14] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107160 2019-02-16] (Microsoft Corporation -> Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 athr; C:\WINDOWS\System32\drivers\athw8x.sys [4233728 2018-04-12] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.)
R3 BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [610336 2016-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros)
R3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [40824 2019-02-27] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2018-05-08] (Techporch Incorporated -> Dell Computer Corporation)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [10752 2013-01-25] (Microsoft Windows Hardware Compatibility Publisher -> OSR Open Systems Resources, Inc.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [145600 2019-04-02] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15800 2019-05-23] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [188240 2019-04-02] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [110000 2019-04-02] (ESET, spol. s r.o. -> ESET)
R3 iaioi2c; C:\WINDOWS\System32\drivers\iaioi2ce.sys [67584 2013-11-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [274416 2019-04-09] (Malwarebytes Corporation -> Malwarebytes)
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [410848 2015-08-13] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
R2 SmbCoSvc; C:\WINDOWS\system32\DRIVERS\SmbCo10X64.sys [119528 2018-03-20] (Rivet Networks LLC -> Rivet Networks, LLC.)
R0 stdcfltn; C:\WINDOWS\System32\DRIVERS\stdcfltn.sys [22168 2012-07-13] (STMicroelectronics -> ST Microelectronics)
R3 ST_Accel; C:\WINDOWS\system32\DRIVERS\ST_Accel.sys [83968 2013-11-21] (Microsoft Windows Hardware Compatibility Publisher -> STMicroelectronics)
R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [66104 2017-12-19] (Synaptics Incorporated -> Synaptics Incorporated)
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [88592 2014-01-16] (Intel Corporation - Client Components Group -> Intel Corporation)
R3 VirtualButtons; C:\WINDOWS\System32\drivers\VirtualButtons.sys [41992 2017-03-31] (Intel(R) Software -> Intel Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 PCDSRVC{B13A77D3-1EFB46EC-06020300}_0; \??\c:\program files\dell\supportassistagent\pcdr\supportassist\6.0.6992.1466\pcdsrvc_x64.pkms [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-05-25 21:05 - 2019-05-25 21:05 - 002435072 _____ (Farbar) C:\Users\bublinka\Downloads\FRST64 (1).exe
2019-05-25 21:05 - 2019-05-25 21:05 - 002435072 _____ (Farbar) C:\Users\bublinka\Desktop\FRST64 (1).exe
2019-05-25 10:12 - 2019-05-25 10:20 - 000000000 ____D C:\ProgramData\McInstTemp0138921558771945
2019-05-24 22:49 - 2019-05-24 22:50 - 007025360 _____ (Malwarebytes) C:\Users\bublinka\Desktop\adwcleaner_7.3.exe
2019-05-24 12:03 - 2019-05-03 08:31 - 009084432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-05-24 12:03 - 2019-05-03 08:31 - 007519888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-05-24 12:03 - 2019-05-03 08:18 - 006569344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-05-24 12:03 - 2019-05-03 08:12 - 025855488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-05-24 12:03 - 2019-05-03 08:10 - 022017024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-05-24 12:03 - 2019-05-03 08:05 - 022716416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-05-24 12:03 - 2019-05-03 07:56 - 005350912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-05-24 12:03 - 2019-05-03 07:54 - 004929024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-05-24 12:02 - 2019-05-03 14:13 - 001376472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-05-24 12:02 - 2019-05-03 13:51 - 003613696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-05-24 12:02 - 2019-05-03 13:51 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-05-24 12:02 - 2019-05-03 13:50 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-05-24 12:02 - 2019-05-03 13:28 - 002882048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-05-24 12:02 - 2019-05-03 13:25 - 001471488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-05-24 12:02 - 2019-05-03 08:36 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-05-24 12:02 - 2019-05-03 08:33 - 005625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-05-24 12:02 - 2019-05-03 08:33 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-05-24 12:02 - 2019-05-03 08:33 - 001027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-05-24 12:02 - 2019-05-03 08:31 - 007436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-05-24 12:02 - 2019-05-03 08:31 - 002811192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-05-24 12:02 - 2019-05-03 08:31 - 002771256 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-05-24 12:02 - 2019-05-03 08:31 - 001459328 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-05-24 12:02 - 2019-05-03 08:19 - 006043712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-05-24 12:02 - 2019-05-03 08:18 - 002258640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-05-24 12:02 - 2019-05-03 08:02 - 019401216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-05-24 12:02 - 2019-05-03 08:02 - 004866048 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-05-24 12:02 - 2019-05-03 08:01 - 008189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-05-24 12:02 - 2019-05-03 08:00 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-05-24 12:02 - 2019-05-03 08:00 - 003400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-05-24 12:02 - 2019-05-03 07:59 - 007593472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-05-24 12:02 - 2019-05-03 07:59 - 005788672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-05-24 12:02 - 2019-05-03 07:59 - 003710976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-05-24 12:02 - 2019-05-03 07:58 - 002175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-05-24 12:02 - 2019-05-03 07:58 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-05-24 12:02 - 2019-05-03 07:57 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-05-24 12:02 - 2019-05-03 07:57 - 001560576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-05-24 12:02 - 2019-05-03 07:57 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-05-24 12:02 - 2019-05-03 07:57 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-05-24 12:02 - 2019-05-03 07:56 - 001803776 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-05-24 12:02 - 2019-05-03 07:55 - 003090432 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-05-24 12:02 - 2019-05-03 07:55 - 002166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-05-24 12:02 - 2019-05-03 07:54 - 001628672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-05-24 12:02 - 2019-05-03 07:54 - 001097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-05-24 12:02 - 2019-05-03 07:54 - 000961024 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-05-24 12:02 - 2019-05-03 07:54 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-05-24 12:02 - 2019-05-03 07:54 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-05-24 12:02 - 2019-04-19 12:54 - 000720200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-05-24 12:02 - 2019-04-19 12:39 - 012754944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-05-24 12:02 - 2019-04-19 11:44 - 001454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-05-24 12:02 - 2019-04-19 11:28 - 011940864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-05-24 12:02 - 2019-04-19 07:07 - 000985400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2019-05-24 12:02 - 2019-04-19 07:06 - 002571632 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-05-24 12:02 - 2019-04-19 07:06 - 000798520 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2019-05-24 12:02 - 2019-04-19 07:01 - 001982008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-05-24 12:02 - 2019-04-19 06:43 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-05-24 12:02 - 2019-04-19 06:42 - 004384256 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-05-24 12:02 - 2019-04-19 06:39 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-05-24 12:02 - 2019-04-19 06:39 - 000567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-05-24 12:02 - 2019-04-19 06:38 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-05-24 12:02 - 2019-04-19 06:36 - 002909696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-05-24 12:02 - 2019-04-19 06:35 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2019-05-24 12:02 - 2019-04-19 06:35 - 001175552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2019-05-24 12:02 - 2019-04-19 06:35 - 001156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-05-24 12:02 - 2019-04-19 06:35 - 000607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-05-24 12:02 - 2019-04-09 03:48 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-05-24 12:02 - 2019-04-02 14:11 - 001857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2019-05-24 12:02 - 2019-04-02 10:21 - 002467536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-05-24 12:02 - 2019-04-02 10:19 - 000786080 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-05-24 12:02 - 2019-04-02 07:05 - 001989544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-05-24 12:02 - 2019-04-02 07:04 - 000604008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-05-24 12:02 - 2019-03-14 16:52 - 003933296 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-05-24 12:02 - 2019-03-14 16:29 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2019-05-24 12:02 - 2019-03-14 16:08 - 003611264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-05-24 12:02 - 2019-03-14 10:37 - 001171568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2019-05-24 12:02 - 2019-03-14 10:26 - 002421048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-05-24 12:02 - 2019-03-14 10:26 - 001014344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-05-24 12:02 - 2019-03-14 10:22 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-05-24 12:02 - 2019-03-14 10:19 - 002969600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-05-24 12:02 - 2019-03-14 10:17 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-05-24 12:02 - 2019-03-14 09:58 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-05-24 12:02 - 2019-03-14 09:58 - 002509824 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2019-05-24 12:02 - 2019-03-14 09:56 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-05-24 12:02 - 2019-03-14 09:55 - 003601920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2019-05-24 12:02 - 2019-03-14 09:55 - 002739200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-05-24 12:02 - 2019-03-14 09:51 - 001216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-05-24 12:02 - 2019-03-14 09:51 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-05-24 12:02 - 2019-03-14 09:50 - 001410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-05-24 12:02 - 2019-03-14 09:50 - 000947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-05-24 12:02 - 2019-03-14 09:50 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2019-05-24 12:01 - 2019-05-03 14:14 - 000790208 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-05-24 12:01 - 2019-05-03 14:13 - 000396088 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2019-05-24 12:01 - 2019-05-03 13:55 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-05-24 12:01 - 2019-05-03 13:54 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-05-24 12:01 - 2019-05-03 13:52 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-05-24 12:01 - 2019-05-03 13:50 - 004054528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-05-24 12:01 - 2019-05-03 13:49 - 001288704 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-05-24 12:01 - 2019-05-03 13:49 - 000488448 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-05-24 12:01 - 2019-05-03 13:49 - 000210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-05-24 12:01 - 2019-05-03 13:43 - 001027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-05-24 12:01 - 2019-05-03 13:25 - 004055040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-05-24 12:01 - 2019-05-03 08:34 - 000159864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2019-05-24 12:01 - 2019-05-03 08:33 - 000709720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-05-24 12:01 - 2019-05-03 08:33 - 000568104 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-05-24 12:01 - 2019-05-03 08:33 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-05-24 12:01 - 2019-05-03 08:33 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-05-24 12:01 - 2019-05-03 08:33 - 000063072 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptdll.dll
2019-05-24 12:01 - 2019-05-03 08:32 - 000793640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-05-24 12:01 - 2019-05-03 08:32 - 000776784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-05-24 12:01 - 2019-05-03 08:32 - 000493880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-05-24 12:01 - 2019-05-03 08:32 - 000438984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-05-24 12:01 - 2019-05-03 08:32 - 000209208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-05-24 12:01 - 2019-05-03 08:32 - 000170296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-05-24 12:01 - 2019-05-03 08:32 - 000164664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2019-05-24 12:01 - 2019-05-03 08:31 - 001260480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-05-24 12:01 - 2019-05-03 08:31 - 001141224 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-05-24 12:01 - 2019-05-03 08:31 - 000983632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-05-24 12:01 - 2019-05-03 08:31 - 000545808 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-05-24 12:01 - 2019-05-03 08:31 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-05-24 12:01 - 2019-05-03 08:31 - 000115728 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-05-24 12:01 - 2019-05-03 08:20 - 000434704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-05-24 12:01 - 2019-05-03 08:20 - 000384976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-05-24 12:01 - 2019-05-03 08:20 - 000192016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-05-24 12:01 - 2019-05-03 08:20 - 000146920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2019-05-24 12:01 - 2019-05-03 08:19 - 000665224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-05-24 12:01 - 2019-05-03 08:19 - 000056288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptdll.dll
2019-05-24 12:01 - 2019-05-03 08:00 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-processor-power-events.dll
2019-05-24 12:01 - 2019-05-03 08:00 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2019-05-24 12:01 - 2019-05-03 07:59 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-05-24 12:01 - 2019-05-03 07:59 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-05-24 12:01 - 2019-05-03 07:59 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-05-24 12:01 - 2019-05-03 07:58 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-05-24 12:01 - 2019-05-03 07:58 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2019-05-24 12:01 - 2019-05-03 07:56 - 000773632 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2019-05-24 12:01 - 2019-05-03 07:55 - 000659968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2019-05-24 12:01 - 2019-05-03 07:54 - 000778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2019-05-24 12:01 - 2019-05-03 07:54 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-05-24 12:01 - 2019-05-03 07:54 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-05-24 12:01 - 2019-05-03 07:53 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2019-05-24 12:01 - 2019-05-03 07:53 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2019-05-24 12:01 - 2019-05-03 07:53 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2019-05-24 12:01 - 2019-05-03 07:53 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2019-05-24 12:01 - 2019-05-03 06:38 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-05-24 12:01 - 2019-04-19 12:55 - 001634920 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-05-24 12:01 - 2019-04-19 12:38 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDSPnf.exe
2019-05-24 12:01 - 2019-04-19 12:38 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfproc.dll
2019-05-24 12:01 - 2019-04-19 12:36 - 000346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-05-24 12:01 - 2019-04-19 12:34 - 000522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2019-05-24 12:01 - 2019-04-19 07:06 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-05-24 12:01 - 2019-04-19 07:06 - 000274232 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-05-24 12:01 - 2019-04-19 07:01 - 000576016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2019-05-24 12:01 - 2019-04-19 07:01 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-05-24 12:01 - 2019-04-19 06:41 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2019-05-24 12:01 - 2019-04-19 06:41 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\EduPrintProv.exe
2019-05-24 12:01 - 2019-04-19 06:40 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-05-24 12:01 - 2019-04-19 06:40 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpnServiceDS.dll
2019-05-24 12:01 - 2019-04-19 06:40 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2019-05-24 12:01 - 2019-04-19 06:40 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2019-05-24 12:01 - 2019-04-19 06:40 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetDriverInstall.dll
2019-05-24 12:01 - 2019-04-19 06:39 - 000425472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SDDS.dll
2019-05-24 12:01 - 2019-04-19 06:39 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingASDS.dll
2019-05-24 12:01 - 2019-04-19 06:39 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-05-24 12:01 - 2019-04-19 06:39 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2019-05-24 12:01 - 2019-04-19 06:38 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-05-24 12:01 - 2019-04-19 06:38 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-05-24 12:01 - 2019-04-19 06:38 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2019-05-24 12:01 - 2019-04-19 06:38 - 000300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2019-05-24 12:01 - 2019-04-19 06:38 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2019-05-24 12:01 - 2019-04-19 06:37 - 000445952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2019-05-24 12:01 - 2019-04-19 06:37 - 000397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2019-05-24 12:01 - 2019-04-19 06:37 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2019-05-24 12:01 - 2019-04-19 06:37 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2019-05-24 12:01 - 2019-04-19 06:37 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2019-05-24 12:01 - 2019-04-19 06:36 - 000827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-05-24 12:01 - 2019-04-19 06:36 - 000546816 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2019-05-24 12:01 - 2019-04-19 06:36 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2019-05-24 12:01 - 2019-04-19 06:35 - 001938944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2019-05-24 12:01 - 2019-04-19 06:35 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2019-05-24 12:01 - 2019-04-19 06:35 - 000523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-05-24 12:01 - 2019-04-19 06:34 - 000935936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-05-24 12:01 - 2019-04-19 06:34 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-05-24 12:01 - 2019-04-19 06:34 - 000885760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-05-24 12:01 - 2019-04-19 06:34 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-05-24 12:01 - 2019-04-19 06:34 - 000653312 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2019-05-24 12:01 - 2019-04-19 05:18 - 000806360 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-05-24 12:01 - 2019-04-19 05:18 - 000806360 _____ C:\WINDOWS\system32\locale.nls
2019-05-24 12:01 - 2019-04-02 14:38 - 000094008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-05-24 12:01 - 2019-04-02 14:18 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-05-24 12:01 - 2019-04-02 14:16 - 001030144 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2019-05-24 12:01 - 2019-04-02 14:15 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll
2019-05-24 12:01 - 2019-04-02 14:13 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-05-24 12:01 - 2019-04-02 14:10 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2019-05-24 12:01 - 2019-04-02 14:10 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2019-05-24 12:01 - 2019-04-02 11:07 - 001586688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2019-05-24 12:01 - 2019-04-02 10:21 - 000735680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-05-24 12:01 - 2019-04-02 10:20 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-05-24 12:01 - 2019-04-02 09:48 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2019-05-24 12:01 - 2019-04-02 09:47 - 001214464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-05-24 12:01 - 2019-04-02 09:45 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-05-24 12:01 - 2019-04-02 09:44 - 001724416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-05-24 12:01 - 2019-04-02 09:44 - 001421312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2019-05-24 12:01 - 2019-04-02 07:04 - 000560600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-05-24 12:01 - 2019-04-02 06:41 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2019-05-24 12:01 - 2019-04-02 06:41 - 001235968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2019-05-24 12:01 - 2019-04-02 06:41 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-05-24 12:01 - 2019-04-02 06:40 - 001073664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-05-24 12:01 - 2019-03-14 16:51 - 000157192 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2019-05-24 12:01 - 2019-03-14 16:35 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfoext.dll
2019-05-24 12:01 - 2019-03-14 16:34 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-05-24 12:01 - 2019-03-14 16:33 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storqosflt.sys
2019-05-24 12:01 - 2019-03-14 16:33 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\RpcPing.exe
2019-05-24 12:01 - 2019-03-14 16:31 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2019-05-24 12:01 - 2019-03-14 16:30 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\objsel.dll
2019-05-24 12:01 - 2019-03-14 16:30 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2019-05-24 12:01 - 2019-03-14 16:28 - 000560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsound.dll
2019-05-24 12:01 - 2019-03-14 15:53 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\objsel.dll
2019-05-24 12:01 - 2019-03-14 15:52 - 000502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsound.dll
2019-05-24 12:01 - 2019-03-14 10:57 - 000611640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-05-24 12:01 - 2019-03-14 10:38 - 000090360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpr.dll
2019-05-24 12:01 - 2019-03-14 10:28 - 000152072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2019-05-24 12:01 - 2019-03-14 10:27 - 000097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpr.dll
2019-05-24 12:01 - 2019-03-14 10:26 - 000481048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2019-05-24 12:01 - 2019-03-14 10:26 - 000175416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-05-24 12:01 - 2019-03-14 10:18 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2019-05-24 12:01 - 2019-03-14 10:18 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-05-24 12:01 - 2019-03-14 10:17 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-05-24 12:01 - 2019-03-14 10:17 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2019-05-24 12:01 - 2019-03-14 10:15 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2019-05-24 12:01 - 2019-03-14 10:15 - 000318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-05-24 12:01 - 2019-03-14 10:15 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShellCommonCommonProxyStub.dll
2019-05-24 12:01 - 2019-03-14 10:15 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\negoexts.dll
2019-05-24 12:01 - 2019-03-14 10:14 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-05-24 12:01 - 2019-03-14 10:14 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-05-24 12:01 - 2019-03-14 10:14 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2019-05-24 12:01 - 2019-03-14 10:14 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-05-24 12:01 - 2019-03-14 10:14 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2019-05-24 12:01 - 2019-03-14 10:13 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2019-05-24 12:01 - 2019-03-14 09:57 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-05-24 12:01 - 2019-03-14 09:56 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2019-05-24 12:01 - 2019-03-14 09:56 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2019-05-24 12:01 - 2019-03-14 09:56 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2019-05-24 12:01 - 2019-03-14 09:56 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-05-24 12:01 - 2019-03-14 09:55 - 000528896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2019-05-24 12:01 - 2019-03-14 09:55 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2019-05-24 12:01 - 2019-03-14 09:55 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-05-24 12:01 - 2019-03-14 09:55 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2019-05-24 12:01 - 2019-03-14 09:55 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmapi.dll
2019-05-24 12:01 - 2019-03-14 09:55 - 000069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntlanman.dll
2019-05-24 12:01 - 2019-03-14 09:55 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\credui.dll
2019-05-24 12:01 - 2019-03-14 09:54 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-05-24 12:01 - 2019-03-14 09:54 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-05-24 12:01 - 2019-03-14 09:54 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2019-05-24 12:01 - 2019-03-14 09:54 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2019-05-24 12:01 - 2019-03-14 09:54 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2019-05-24 12:01 - 2019-03-14 09:54 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-05-24 12:01 - 2019-03-14 09:54 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\negoexts.dll
2019-05-24 12:01 - 2019-03-14 09:54 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2019-05-24 12:01 - 2019-03-14 09:53 - 000787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2019-05-24 12:01 - 2019-03-14 09:53 - 000473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-05-24 12:01 - 2019-03-14 09:53 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-05-24 12:01 - 2019-03-14 09:52 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2019-05-24 12:01 - 2019-03-14 09:52 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShellCommonCommonProxyStub.dll
2019-05-24 12:01 - 2019-03-14 09:52 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2019-05-24 12:01 - 2019-03-14 09:51 - 000226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\TetheringMgr.dll
2019-05-24 12:01 - 2019-03-14 09:50 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2019-05-24 12:01 - 2019-03-14 09:50 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-05-24 12:01 - 2019-03-14 09:50 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-05-24 12:00 - 2019-05-03 13:43 - 000662328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-05-24 12:00 - 2019-05-03 13:30 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-05-24 12:00 - 2019-05-03 13:30 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-05-24 12:00 - 2019-05-03 13:28 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2019-05-24 12:00 - 2019-05-03 13:27 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2019-05-24 12:00 - 2019-05-03 13:26 - 000425472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-05-24 12:00 - 2019-05-03 08:43 - 000177128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2019-05-24 12:00 - 2019-05-03 08:31 - 001098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-05-24 12:00 - 2019-05-03 08:18 - 001130568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-05-24 12:00 - 2019-05-03 07:59 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2019-05-24 12:00 - 2019-05-03 07:59 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-05-24 12:00 - 2019-05-03 07:58 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-05-24 12:00 - 2019-05-03 07:58 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-05-24 12:00 - 2019-05-03 07:58 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-05-24 12:00 - 2019-05-03 07:57 - 001295872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2019-05-24 12:00 - 2019-05-03 07:57 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-05-24 12:00 - 2019-05-03 07:57 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-05-24 12:00 - 2019-05-03 07:56 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-05-24 12:00 - 2019-05-03 07:56 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-05-24 12:00 - 2019-05-03 07:54 - 000845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-05-24 12:00 - 2019-05-03 07:54 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-05-24 12:00 - 2019-05-03 07:54 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2019-05-24 12:00 - 2019-05-03 07:54 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-05-24 12:00 - 2019-04-23 09:13 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-05-24 12:00 - 2019-04-23 08:14 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-05-24 12:00 - 2019-04-19 12:40 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-05-24 12:00 - 2019-04-19 11:37 - 000607960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-05-24 12:00 - 2019-04-19 11:30 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfproc.dll
2019-05-24 12:00 - 2019-04-19 11:26 - 002405888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-05-24 12:00 - 2019-04-19 11:25 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2019-05-24 12:00 - 2019-04-19 07:06 - 000713264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-05-24 12:00 - 2019-04-19 07:02 - 000831800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2019-05-24 12:00 - 2019-04-19 07:01 - 000581592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-05-24 12:00 - 2019-04-19 06:37 - 000953856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2019-05-24 12:00 - 2019-04-19 06:37 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2019-05-24 12:00 - 2019-04-19 06:36 - 001300992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2019-05-24 12:00 - 2019-04-19 06:36 - 000814592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-05-24 12:00 - 2019-04-19 06:36 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-05-24 12:00 - 2019-04-19 06:35 - 000535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2019-05-24 12:00 - 2019-04-19 06:35 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2019-05-24 12:00 - 2019-04-09 03:48 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-05-24 12:00 - 2019-04-09 03:48 - 000376320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2019-05-24 12:00 - 2019-04-09 03:48 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-05-24 12:00 - 2019-04-09 03:48 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-05-24 12:00 - 2019-04-02 11:11 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-05-24 12:00 - 2019-04-02 11:10 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll
2019-05-24 12:00 - 2019-03-14 16:33 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2019-05-24 12:00 - 2019-03-14 15:56 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
2019-05-24 12:00 - 2019-03-14 15:55 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RpcPing.exe
2019-05-24 12:00 - 2019-03-14 15:53 - 000625664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2019-05-24 12:00 - 2019-03-14 15:53 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2019-05-24 12:00 - 2019-03-14 10:56 - 000375096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-05-24 12:00 - 2019-03-14 10:18 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credui.dll
2019-05-24 12:00 - 2019-03-14 10:17 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcmapi.dll
2019-05-24 12:00 - 2019-03-14 10:17 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntlanman.dll
2019-05-24 12:00 - 2019-03-14 10:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-05-24 12:00 - 2019-03-14 10:13 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2019-05-24 12:00 - 2019-03-14 09:55 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncCsp.dll
2019-05-24 12:00 - 2019-03-14 09:55 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\EASPolicyManagerBrokerHost.exe
2019-05-24 12:00 - 2019-03-14 09:50 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2019-05-24 12:00 - 2019-03-14 03:57 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2019-05-23 23:43 - 2019-05-23 23:50 - 000049587 _____ C:\Users\bublinka\Desktop\Addition.txt
2019-05-23 23:37 - 2019-05-25 21:09 - 000026208 _____ C:\Users\bublinka\Desktop\FRST.txt
2019-05-23 23:22 - 2019-05-23 23:22 - 000000000 _____ C:\WINDOWS\invcol.tmp
2019-05-23 23:09 - 2019-05-23 23:10 - 000038560 _____ C:\Users\bublinka\Documents\cc_20190523_230954.reg
2019-05-23 22:11 - 2019-05-23 22:11 - 000002565 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-05-23 22:11 - 2019-05-23 22:11 - 000002537 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project.lnk
2019-05-23 22:11 - 2019-05-23 22:11 - 000002526 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2019-05-23 22:11 - 2019-05-23 22:11 - 000002507 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visio.lnk
2019-05-23 22:11 - 2019-05-23 22:11 - 000002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-05-23 22:11 - 2019-05-23 22:11 - 000002486 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-05-23 22:11 - 2019-05-23 22:11 - 000002482 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-05-23 22:11 - 2019-05-23 22:11 - 000002477 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-05-23 22:11 - 2019-05-23 22:11 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-05-23 22:11 - 2019-05-23 22:11 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-05-23 22:11 - 2019-05-23 22:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje balíka Microsoft Office
2019-05-23 22:11 - 2019-05-23 22:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje balíka Microsoft Office
2019-05-23 21:52 - 2019-05-23 22:07 - 000033134 _____ C:\Users\bublinka\Downloads\Addition.txt
2019-05-23 21:38 - 2019-05-23 22:17 - 000036480 _____ C:\Users\bublinka\Downloads\FRST.txt
2019-05-23 21:36 - 2019-05-23 21:36 - 002435072 _____ (Farbar) C:\Users\bublinka\Downloads\FRST64.exe
2019-05-23 20:32 - 2019-05-23 20:36 - 000000000 ____D C:\Users\bublinka\Downloads\Lucinka
2019-05-23 20:23 - 2019-05-23 20:23 - 000020978 _____ C:\Users\bublinka\Downloads\[CzT]Lucinka_Pusinka_Logopedia_2015_SK_1080pHD_ (2).torrent
2019-05-23 18:55 - 2019-05-23 18:56 - 021116984 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-05-25 21:10 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-05-25 21:06 - 2016-05-01 11:43 - 000000000 ____D C:\FRST
2019-05-25 12:25 - 2018-06-04 18:31 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-05-25 10:25 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\Registration
2019-05-25 10:23 - 2015-08-27 00:32 - 000000000 __SHD C:\Users\bublinka\IntelGraphicsProfiles
2019-05-25 10:20 - 2018-10-30 07:24 - 000000000 ____D C:\Program Files\McAfee
2019-05-25 10:20 - 2018-06-04 19:11 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-05-25 10:20 - 2016-11-08 13:33 - 000000000 ____D C:\Program Files\Common Files\McAfee
2019-05-25 10:20 - 2014-11-01 19:43 - 000000000 ____D C:\ProgramData\McAfee
2019-05-25 10:19 - 2018-04-11 23:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-05-25 09:20 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-05-24 23:17 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-05-24 23:06 - 2018-06-04 18:54 - 001689050 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-05-24 23:06 - 2018-04-12 17:50 - 000705940 _____ C:\WINDOWS\system32\perfh005.dat
2019-05-24 23:06 - 2018-04-12 17:50 - 000144404 _____ C:\WINDOWS\system32\perfc005.dat
2019-05-24 23:06 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-05-24 22:59 - 2018-06-04 18:31 - 000485200 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-05-24 22:54 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-05-24 22:54 - 2018-04-12 01:38 - 000000000 ___RD C:\Program Files\Windows Defender
2019-05-24 22:54 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-05-24 22:54 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-05-24 22:54 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-05-24 22:52 - 2016-05-01 05:30 - 000000000 ____D C:\AdwCleaner
2019-05-24 13:35 - 2017-10-09 19:32 - 000000000 ____D C:\Users\bublinka\AppData\Local\ElevatedDiagnostics
2019-05-24 13:08 - 2015-07-15 11:35 - 000002315 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-05-24 13:08 - 2015-07-15 11:35 - 000002274 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-05-24 12:51 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-05-24 12:45 - 2018-07-19 12:01 - 000000000 ____D C:\Users\bublinka\AppData\Roaming\vlc
2019-05-24 11:39 - 2018-07-18 21:37 - 000001141 _____ C:\Users\Public\Desktop\VLC media player.lnk
2019-05-24 00:21 - 2015-07-22 09:21 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-05-24 00:09 - 2015-07-22 09:20 - 132445408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-05-23 23:24 - 2018-11-17 20:06 - 000000000 ____D C:\Program Files\rempl
2019-05-23 23:17 - 2016-11-08 13:33 - 000000000 ____D C:\Program Files (x86)\McAfee
2019-05-23 23:13 - 2018-06-04 18:40 - 000000000 ____D C:\Users\bublinka
2019-05-23 23:07 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-05-23 23:03 - 2016-05-03 16:41 - 000000000 ____D C:\Users\bublinka\AppData\Roaming\uTorrent
2019-05-23 22:37 - 2014-11-01 19:42 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-05-23 22:24 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-05-23 20:59 - 2017-12-18 04:43 - 000000000 ____D C:\Users\bublinka\AppData\Local\Packages
2019-05-23 20:20 - 2016-04-14 15:09 - 000015800 _____ (ESET) C:\WINDOWS\system32\Drivers\eelam.sys
2019-05-23 19:00 - 2014-11-01 19:41 - 000000000 ____D C:\ProgramData\PCDr
2019-05-23 18:59 - 2018-06-04 19:11 - 000003456 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-05-23 18:59 - 2018-06-04 19:11 - 000003332 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-05-23 18:56 - 2018-06-04 19:11 - 000004610 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-05-23 18:56 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-05-23 18:55 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-05-13 15:24 - 2014-11-01 19:41 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2019-05-13 15:19 - 2017-07-10 15:06 - 000000000 ____D C:\ProgramData\SupportAssist
2019-05-04 01:53 - 2019-02-17 10:00 - 000835688 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-05-04 01:53 - 2019-02-17 10:00 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-04-28 00:12 - 2018-06-04 19:11 - 000004470 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-05.2019
Ran by bublinka (25-05-2019 21:11:15)
Running from C:\Users\bublinka\Desktop
Windows 10 Home Version 1803 17134.765 (X64) (2018-06-04 17:12:37)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-242124988-2545093545-445695849-500 - Administrator - Disabled)
bublinka (S-1-5-21-242124988-2545093545-445695849-1001 - Administrator - Enabled) => C:\Users\bublinka
DefaultAccount (S-1-5-21-242124988-2545093545-445695849-503 - Limited - Disabled)
Guest (S-1-5-21-242124988-2545093545-445695849-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-242124988-2545093545-445695849-1003 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-242124988-2545093545-445695849-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.192 - Adobe)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.2.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MX450 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX450_series) (Version: 1.00 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.44 - Piriform)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.7.5.60 - Dell Inc.)
Dell Customer Connect (HKLM-x32\...\{4FA72FF9-DD64-43A8-8704-6380A11F11D5}) (Version: 1.4.15.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{693A23FB-F28B-4F7A-A720-4C1263F97F43}) (Version: 3.1.1002.0 - Dell Products, LP)
Dell Product Registration (HKLM-x32\...\{24F2AD94-CC1B-4294-B184-D4D31A3186A7}) (Version: 2.42.0012 - Aviata Inc.)
Dell SupportAssist (HKLM\...\{0309AC01-330F-494C-B27D-58E297E4674F}) (Version: 3.2.1.94 - Dell Inc.)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 19.2.17.64 - Synaptics Incorporated)
Dell Update (HKLM-x32\...\{5EBBC1DA-975F-44A0-B438-F325BCD45577}) (Version: 3.0.1 - Dell Inc.)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
Dropbox 20 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 0.9.0 - Dropbox, Inc.)
ESET Security (HKLM\...\{3EB22EED-2263-4174-9F36-09BD15A7AEF8}) (Version: 12.1.34.0 - ESET, spol. s r.o.)
Fotor 3.0.0 (HKLM-x32\...\Fotor) (Version: 3.0.0 - Everimaging Co., Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 74.0.3729.169 - Spoločnosť Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
jwDuplFiles 2.0 (HKLM-x32\...\jwDuplFiles_is1) (Version: - jw)
LibreOffice 4.4.4.3 (HKLM-x32\...\{5B6D82BB-CC1A-431E-8991-3E57855F99C5}) (Version: 4.4.4.3 - The Document Foundation)
Microsoft Office 2016 Professional Plus - sk-sk (HKLM\...\ProplusRetail - sk-sk) (Version: 16.0.11629.20164 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-242124988-2545093545-445695849-1001\...\OneDriveSetup.exe) (Version: 19.033.0218.0006 - Microsoft Corporation)
Microsoft Project Professional 2016 - en-us (HKLM\...\ProjectProRetail - en-us) (Version: 16.0.11629.20164 - Microsoft Corporation)
Microsoft Project Professional 2016 - sk-sk (HKLM\...\ProjectProRetail - sk-sk) (Version: 16.0.11629.20164 - Microsoft Corporation)
Microsoft Visio Professional 2016 - en-us (HKLM\...\VisioProRetail - en-us) (Version: 16.0.11629.20164 - Microsoft Corporation)
Microsoft Visio Professional 2016 - sk-sk (HKLM\...\VisioProRetail - sk-sk) (Version: 16.0.11629.20164 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
MPC-HC 1.7.10 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.10 - MPC-HC Team)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11629.20164 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11629.20164 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11629.20164 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.11629.20164 - Microsoft Corporation) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.21 - Dell Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7544 - Realtek Semiconductor Corp.)
Skype™ 7.36 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.36.101 - Skype Technologies S.A.)
SmartByte Drivers and Services (HKLM\...\{EC62F71A-6CFA-4918-9EBC-99BFF86DB3C9}) (Version: 1.2.600 - Meno vašej spoločnosti)
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.11.0052 - ST Microelectronics)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C3ACFCEA-240F-4DCC-A0C3-DD55FEE6C3C2}) (Version: 2.58.0.0 - Microsoft Corporation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Packages:
=========
9 zip -> C:\Program Files\WindowsApps\184MagikHub.9zip_3.1.58.0_x64__hvr7qkvwfhvx6 [2019-02-22] (Magik Hub)
Adobe Revel -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobeRevel_1.5.101.6_x64__ynb6jyjzte8ga [2015-07-22] (Adobe Systems Incorporated)
Asistent pre telefón Microsoft -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1802.311.0_x64__8wekyb3d8bbwe [2018-02-14] (Microsoft Corporation)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1510.1.0_x86__kgqvnymyfvs32 [2019-05-24] (king.com)
Dell SupportAssist for PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.2.4.0_x64__htrsf667h5kn2 [2019-05-13] (Dell Inc)
Doplnok pre Fotografie -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2018-09-13] (Microsoft Corporation)
Facebook -> C:\Program Files\WindowsApps\Facebook.Facebook_186.2191.46880.0_x86__8xx8rvfyw5nnt [2019-04-02] (Facebook Inc)
Flipboard -> C:\Program Files\WindowsApps\Flipboard.Flipboard_2.1.3.0_neutral__3f5azkryzdbc4 [2017-07-15] (Flipboard)
McAfee® Central for Dell -> C:\Program Files\WindowsApps\McAfeeInc.01.McAfeeSecurityAdvisorforDell_5.0.167.1_x64__n49tcsmxt2t2c [2018-03-27] (McAfee Inc)
Microsoft Telefón -> C:\Program Files\WindowsApps\Microsoft.CommsPhone_3.43.20002.1000_x64__8wekyb3d8bbwe [2018-09-09] (Microsoft Corporation)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.5.2.0_x64__8wekyb3d8bbwe [2019-05-23] (Microsoft Corporation)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-09] (Twitter Inc.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-242124988-2545093545-445695849-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIcon.DLL [2014-06-04] (SoftThinks -> )
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayNotBackuped.DLL [2014-06-04] (SoftThinks -> )
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2019-05-23] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2019-05-23] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2019-05-23] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\bublinka\Documents\ROBOTA - disk\HARTLOVÁ\Nagyová plocha\plocha\Passport mostov.lnk -> C:\Users\nagyova.slavka\Documents\passport.bat (No File)
==================== Loaded Modules (Whitelisted) ==============
2018-07-01 23:05 - 2012-08-31 10:30 - 000313344 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNSS_SKY.DLL
2016-01-30 20:05 - 2012-07-31 09:48 - 000359936 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL
2016-04-29 20:33 - 2016-05-01 11:43 - 002377216 _____ (Farbar) [File not signed] C:\Users\bublinka\Desktop\FRST64.exe
2018-03-20 13:25 - 2018-03-20 13:25 - 000099840 _____ (Rivet Networks) [File not signed] C:\Program Files\Rivet Networks\SmartByte\KillerNetworkServicePS.dll
2016-09-14 18:44 - 2016-09-14 18:44 - 001430016 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\Rivet Networks\SmartByte\x64\SQLite.Interop.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2016-11-08 14:41 - 000000826 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-242124988-2545093545-445695849-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\bublinka\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKLM\...\StartupApproved\Run32: => "DropboxOEM"
HKU\S-1-5-21-242124988-2545093545-445695849-1001\...\StartupApproved\StartupFolder: => "LibreOffice 4.4.lnk"
HKU\S-1-5-21-242124988-2545093545-445695849-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-242124988-2545093545-445695849-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-242124988-2545093545-445695849-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{4F2C7FE1-3B3D-4BDF-AB39-DF5189F08DF0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{27B83E37-FF87-4062-8121-D9451252609C}C:\users\bublinka\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\bublinka\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{1A14C6EA-E98A-4328-8027-8427B35CF961}C:\users\bublinka\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\bublinka\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{36C9F198-EA04-41CA-B685-F0AEFDDCA9F7}] => (Block) C:\users\bublinka\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{FB28A465-F4FE-4C8B-B20D-6F18725EBBE9}] => (Block) C:\users\bublinka\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{8372DFC7-4547-42E3-BF8B-801B275DE631}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9FBFECBD-CD65-43DF-9EBA-0B00566CD932}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C6DD7A78-2FB1-4BFD-9213-4AF4057D920D}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{D74BFF13-6A6E-458E-A51B-7890A8F20994}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{24B4AAEE-81F7-4DE5-B113-BBCFDC843B58}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{717D9DB2-8175-4DD9-B822-060ECF582DBE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{38C74F7E-8F7B-47C3-9A90-49BB21A2CC8D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F0E4F2A6-AE04-42F7-9719-97B54389B3C6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
==================== Restore Points =========================
23-05-2019 22:25:04 Removed Skype™ 7.36
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/25/2019 10:32:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: DDVDataCollector.exe, verzia: 5.2.8.103, časová značka: 0x5c781a2a
Názov chybujúceho modulu: DDVDataCollector.exe, verzia: 5.2.8.103, časová značka: 0x5c781a2a
Kód výnimky: 0xc0000409
Odstup chyby: 0x00000000001cfb1b
Identifikácia chybujúceho procesu: 0xdd0
Čas spustenia chybujúcej aplikácie: 0x01d512d3a8268287
Cesta chybujúcej aplikácie: C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
Cesta chybujúceho modulu: C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
Identifikácia hlásenia: 9c56f536-6a4b-40aa-9347-884ebc47e53a
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:
Error: (05/24/2019 11:14:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: DDVDataCollector.exe, verzia: 5.2.8.103, časová značka: 0x5c781a2a
Názov chybujúceho modulu: DDVDataCollector.exe, verzia: 5.2.8.103, časová značka: 0x5c781a2a
Kód výnimky: 0xc0000409
Odstup chyby: 0x00000000001cfb1b
Identifikácia chybujúceho procesu: 0x24c4
Čas spustenia chybujúcej aplikácie: 0x01d51274c4c8b2b7
Cesta chybujúcej aplikácie: C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
Cesta chybujúceho modulu: C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
Identifikácia hlásenia: b24d78c3-6ac7-45bf-b535-945e09b9d5da
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:
Error: (05/24/2019 10:53:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: svchost.exe, verzia: 10.0.17134.556, časová značka: 0xf23cada5
Názov chybujúceho modulu: PhoneDataSync.dll_unloaded, verzia: 10.0.17134.1, časová značka: 0xa73f20d7
Kód výnimky: 0xc0000005
Odstup chyby: 0x0000000000032adf
Identifikácia chybujúceho procesu: 0x1f90
Čas spustenia chybujúcej aplikácie: 0x01d511fb96ae923f
Cesta chybujúcej aplikácie: c:\windows\system32\svchost.exe
Cesta chybujúceho modulu: PhoneDataSync.dll
Identifikácia hlásenia: 07b1a4a4-5a62-49b1-b3a9-784edace0fdf
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:
Error: (05/24/2019 03:52:53 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Microsoft.Photos.exe version 2019.19031.17720.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 2c60
Start Time: 01d5122aaad6a03d
Termination Time: 4294967295
Application Path: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19031.17720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
Report Id: 88ff1726-5d9c-4dae-93c5-1c30ea95a2dc
Faulting package full name: Microsoft.Windows.Photos_2019.19031.17720.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: App
Error: (05/24/2019 02:10:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Microsoft.Photos.exe version 2019.19031.17720.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 2994
Start Time: 01d5122489c42b5f
Termination Time: 4294967295
Application Path: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19031.17720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
Report Id: 7f9ae114-8879-443d-8688-3e97c56deaed
Faulting package full name: Microsoft.Windows.Photos_2019.19031.17720.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: App
Error: (05/24/2019 09:02:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: DDVDataCollector.exe, verzia: 5.2.8.103, časová značka: 0x5c781a2a
Názov chybujúceho modulu: DDVDataCollector.exe, verzia: 5.2.8.103, časová značka: 0x5c781a2a
Kód výnimky: 0xc0000409
Odstup chyby: 0x00000000001cfb1b
Identifikácia chybujúceho procesu: 0x2b70
Čas spustenia chybujúcej aplikácie: 0x01d511fdca91f527
Cesta chybujúcej aplikácie: C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
Cesta chybujúceho modulu: C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
Identifikácia hlásenia: 7cc244b1-09af-49e4-beb4-373459859ed0
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:
Error: (05/24/2019 12:27:38 AM) (Source: TrueKey) (EventID: 0) (User: )
Description: Event-ID 0
Error: (05/23/2019 11:32:01 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest".Error in manifest or policy file "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" on line 1.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
System errors:
=============
Error: (05/25/2019 09:03:44 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The specifické pro aplikaci permission settings do not grant Místní Aktivace permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (pomocí LRPC) running in the application container Není k dispozici SID (Není k dispozici). This security permission can be modified using the Component Services administrative tool.
Error: (05/25/2019 09:03:12 PM) (Source: DCOM) (EventID: 10016) (User: PRISERKA)
Description: The specifické pro aplikaci permission settings do not grant Místní Aktivace permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user PRISERKA\bublinka SID (S-1-5-21-242124988-2545093545-445695849-1001) from address LocalHost (pomocí LRPC) running in the application container Není k dispozici SID (Není k dispozici). This security permission can be modified using the Component Services administrative tool.
Error: (05/25/2019 10:37:29 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The specifické pro aplikaci permission settings do not grant Místní Aktivace permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (pomocí LRPC) running in the application container Není k dispozici SID (Není k dispozici). This security permission can be modified using the Component Services administrative tool.
Error: (05/25/2019 10:36:44 AM) (Source: DCOM) (EventID: 10016) (User: PRISERKA)
Description: The specifické pro aplikaci permission settings do not grant Místní Aktivace permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user PRISERKA\bublinka SID (S-1-5-21-242124988-2545093545-445695849-1001) from address LocalHost (pomocí LRPC) running in the application container Není k dispozici SID (Není k dispozici). This security permission can be modified using the Component Services administrative tool.
Error: (05/25/2019 10:32:26 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Dell Data Vault Collector sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (05/25/2019 10:26:40 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {784E29F4-5EBE-4279-9948-1E8FE941646D} did not register with DCOM within the required timeout.
Error: (05/25/2019 10:23:52 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Dell Hardware Support zlyhalo kvôli nasledujúcej chybe:
The service did not respond to the start or control request in a timely fashion.
Error: (05/25/2019 10:23:52 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby Dell Hardware Support bol dosiahnutý časový limit (60000 ms).
CodeIntegrity:
===================================
Date: 2018-10-27 12:43:22.591
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-10-27 12:43:22.387
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-10-26 15:58:30.786
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-10-26 15:58:30.717
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-10-25 10:20:14.440
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-10-25 10:20:14.379
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-10-24 21:17:43.637
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-10-24 21:17:09.345
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
==================== Memory info ===========================
BIOS: Dell Inc. A10 04/22/2016
Motherboard: Dell Inc. Type2 - Board Product Name1
Processor: Intel(R) Pentium(R) CPU N3530 @ 2.16GHz
Percentage of memory in use: 86%
Total physical RAM: 3978.2 MB
Available physical RAM: 521.13 MB
Total Virtual: 6282.2 MB
Available Virtual: 1759.7 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:456.3 GB) (Free:182.49 GB) NTFS
\\?\Volume{beb03a34-657d-4c5c-a037-3bb957838fe8}\ (WINRETOOLS) (Fixed) (Total:0.73 GB) (Free:0.3 GB) NTFS
\\?\Volume{4ce03397-df49-48ea-a51f-200d859cd87c}\ () (Fixed) (Total:0.82 GB) (Free:0.34 GB) NTFS
\\?\Volume{b2051262-3bcd-4ac1-b163-ff7fb3e88120}\ (PBR Image) (Fixed) (Total:7.25 GB) (Free:0.73 GB) NTFS
\\?\Volume{bed2cd9e-d1af-443c-8eb1-a1228670659b}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.46 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: BD0D5174)
Partition: GPT.
==================== End of Addition.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-05.2019
Ran by bublinka (administrator) on PRISERKA (Dell Inc. Inspiron 11 - 3147) (25-05-2019 21:06:03)
Running from C:\Users\bublinka\Desktop
Loaded Profiles: bublinka (Available Profiles: bublinka)
Platform: Windows 10 Home Version 1803 17134.765 (X64) Language: Čeština (Česká republika)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.1000_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19031.17720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc. -> Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(Farbar) [File not signed] C:\Users\bublinka\Desktop\FRST64.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.1000_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Rivet Networks LLC -> CloudBees, Inc.) C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe
(Rivet Networks LLC -> DELL) C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe
(Rivet Networks LLC -> Rivet Networks LLC) C:\Program Files\Rivet Networks\SmartByte\RNDBWM.exe
(Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Wistron Corporation -> Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760 2015-12-16] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-12-16] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3775816 2014-02-27] (Wistron Corporation -> Dell Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\ecmdS.exe [177928 2019-05-23] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [DropboxOEM] => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [462160 2014-09-02] (Dropbox, Inc -> )
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452272 2012-08-31] (Canon Inc. -> CANON INC.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe"
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-242124988-2545093545-445695849-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19645800 2019-02-09] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.169\Installer\chrmstp.exe [2019-05-24] (Google LLC -> Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2014-02-26] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2014-02-26] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
Startup: C:\Users\bublinka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LibreOffice 4.4.lnk [2015-07-28]
ShortcutTarget: LibreOffice 4.4.lnk -> C:\Program Files (x86)\LibreOffice 4\program\quickstart.exe (The Document Foundation -> )
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {01B66E1D-A38C-4E34-AD5B-CEA2B97F3723} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {01EC02E2-C2FA-428D-86BC-9D2ED37C0E19} - System32\Tasks\{99D82FB3-2385-4717-B8F4-9088690B7994} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxps://ui.skype.com/ui/0/7.40.0.104/sk/go/help.faq.installer?LastError=1603
Task: {05E14797-9C69-4044-9D9F-FD9E85FCB31D} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-04-28] (Adobe Inc. -> Adobe)
Task: {09928EDD-8282-4D2A-8DD3-8FF4A7F31EB4} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_192_pepper.exe [1452600 2019-05-23] (Adobe Inc. -> Adobe)
Task: {0A02C7EF-953D-4375-8695-251FA52A6C70} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26165840 2019-05-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {1A6B572B-305A-4E8E-89DC-2AB68F501B7B} - System32\Tasks\{A5C32C1C-4276-496E-814E-C24EC7884B4E} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files\McAfee Security Scan\uninstall.exe"
Task: {1F8E7195-E1DF-4F2F-8CE4-CB57EFDC7422} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [14679256 2019-02-09] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {2631B695-B48B-4E0C-AECF-4D936E22D671} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1512920 2019-04-10] (Dell Inc. -> Dell Inc.)
Task: {28F8D7DF-EB44-4C61-A20B-AF2BEF0BBF3E} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1448064 2019-05-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {2B8C98EC-1B42-437C-A517-1A31A71F1789} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1448064 2019-05-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3BD6E422-FB19-48CD-A568-7E535F85B9E8} - System32\Tasks\Dell\Dell Product Registration Update => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [157216 2014-10-31] (Leader Technologies Inc -> Aviata Inc)
Task: {457E0773-263C-44AF-A601-CE88231F03F6} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {65B55775-10A6-47EB-97F8-4E8CEC576235} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [113088 2019-05-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {71560483-D9E9-4D02-970C-ECDEE5A80C3E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {79CA8FC1-01E5-4E56-BF5C-01A81F37C43E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4469888 2019-05-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {7B90F132-1039-441B-99DD-264EC9EC84FB} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {7C145D48-7B72-4F20-BB0F-295358D64475} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26165840 2019-05-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {7D885CF2-5168-4B9A-B79C-32CE5CBCD635} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {83A83211-ACB0-4A1D-8987-72CA75E4BFD4} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [4167224 2017-12-19] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {8C9C9D81-3770-4016-865E-B3C8E72EB828} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-12-16] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {8CB4602D-5E79-403F-8CC7-5100DFCDFD56} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {8DAC8040-1E5E-4D55-B3B0-DFD9D5E21F16} - System32\Tasks\SmartByte Telemetry => C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe [30912 2018-03-20] (Rivet Networks LLC -> DELL)
Task: {8F42DD19-D14E-4E1A-BF26-510AE17376EB} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {97842C3A-73DD-4B5B-A696-BA06851DAA5C} - System32\Tasks\{3C880F33-978C-47A1-B02C-B2658B44DB11} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxps://ui.skype.com/ui/0/7.40.0.104/sk/abandoninstall?page=tsProgressBar
Task: {9AF63E86-014A-4341-AEAB-DCB9E7B453D7} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [113088 2019-05-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {AA5E519C-6234-454E-BAB7-E294E91CF45E} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-242124988-2545093545-445695849-1001 => C:\Users\bublinka\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {BA2025F6-AB93-4EA6-8F10-AB3F0CF026B7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-07-15] (Google Inc -> Google Inc.)
Task: {BE8BA67A-1CC9-4255-A9B4-72015F5E3967} - System32\Tasks\Dell\Dell Product Registration => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [157216 2014-10-31] (Leader Technologies Inc -> Aviata Inc)
Task: {C0A89418-25E8-447B-8E2C-570F6E829059} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {CBD6BD7F-61B1-4828-A3E2-7EFA77D2902F} - System32\Tasks\0216scUpdateInfo => C:\ProgramData\Avg_Update_0216sc\0216sc_{303F9E5E-1CF4-41CD-91E6-A2E7FEF73ACB}.exe [2970184 2016-03-30] (AVG Technologies CZ, s.r.o. -> )
Task: {CD7E9DFE-9FC4-47BD-9BAF-EBB480DC6444} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-07-15] (Google Inc -> Google Inc.)
Task: {D2EFEDAF-61D5-4C52-9E5A-619AA51D9888} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {D5B3B2C7-8AF0-4D0D-A355-5216778C98D3} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {E5329163-FEE5-4C81-906A-41B97007DFB5} - System32\Tasks\{16BA0183-5E65-4F34-BF82-DD904AA5727A} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxps://ui.skype.com/ui/0/7.40.0.151/sk/abandoninstall?page=tsMain
Task: {E8BFFE70-6A84-49DA-B133-5ABDF88C5EDF} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {EA415426-12E9-46BA-911C-4CA3B4CD643F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-09] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {F9B0F07E-5A48-4EA4-AC6A-7866579B7CDF} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {FF9A60C0-46F6-4B0C-A400-4BCB4DC48F0B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4469888 2019-05-23] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{cd794d0d-69ce-4331-904a-620bfdcb01a5}: [DhcpNameServer] 172.9.1.171
Tcpip\..\Interfaces\{ea9e03d6-90a3-4096-a6fe-177ca5b373b5}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{eca5f92e-6ae5-4ac4-b98c-637f2c554e0b}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{eca5f92e-6ae5-4ac4-b98c-637f2c554e0b}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-242124988-2545093545-445695849-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
SearchScopes: HKU\S-1-5-21-242124988-2545093545-445695849-1001 -> {8E786F18-A6D8-419F-B12D-3ECF7830B782} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-05-23] (Microsoft Corporation -> Microsoft Corporation)
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-03-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-05-23] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-05-23] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-05-23] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-05-23] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-03-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-03-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-23] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-23] (Google Inc -> Google LLC)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\bublinka\AppData\Local\Google\Chrome\User Data\Default [2019-05-25]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\bublinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-05-23]
CHR Extension: (IE Tab) - C:\Users\bublinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2019-05-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\bublinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-06]
CHR Extension: (Chrome Media Router) - C:\Users\bublinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-24]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11135560 2019-05-20] (Microsoft Corporation -> Microsoft Corporation)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [209392 2019-02-28] (Dell Inc -> Dell Inc.)
S2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3363824 2019-02-28] (Dell Inc -> Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [218096 2019-02-28] (Dell Inc -> Dell Inc.)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2016-12-21] (Dell Inc -> Dell Inc.)
S2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1542\DSAPI.exe [1038144 2019-05-13] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [35976 2018-11-12] (Dell Inc -> )
S3 DellProdRegManager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [278568 2014-10-31] (Leader Technologies Inc -> Aviata, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2359312 2019-05-23] (ESET, spol. s r.o. -> ESET)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel(R) pGFX -> Intel Corporation)
R2 RNDBWM; C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe [64184 2018-03-20] (Rivet Networks LLC -> CloudBees, Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312056 2015-12-16] (Realtek Semiconductor Corp -> Realtek Semiconductor)
R2 SmartByte Network Service x64; C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe [2011848 2018-03-20] (Rivet Networks LLC -> Rivet Networks)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39896 2019-04-10] (Dell Inc. -> Dell Inc.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [265784 2017-12-19] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4413440 2019-03-14] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107160 2019-02-16] (Microsoft Corporation -> Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 athr; C:\WINDOWS\System32\drivers\athw8x.sys [4233728 2018-04-12] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.)
R3 BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [610336 2016-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros)
R3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [40824 2019-02-27] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2018-05-08] (Techporch Incorporated -> Dell Computer Corporation)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [10752 2013-01-25] (Microsoft Windows Hardware Compatibility Publisher -> OSR Open Systems Resources, Inc.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [145600 2019-04-02] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15800 2019-05-23] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [188240 2019-04-02] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [110000 2019-04-02] (ESET, spol. s r.o. -> ESET)
R3 iaioi2c; C:\WINDOWS\System32\drivers\iaioi2ce.sys [67584 2013-11-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [274416 2019-04-09] (Malwarebytes Corporation -> Malwarebytes)
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [410848 2015-08-13] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
R2 SmbCoSvc; C:\WINDOWS\system32\DRIVERS\SmbCo10X64.sys [119528 2018-03-20] (Rivet Networks LLC -> Rivet Networks, LLC.)
R0 stdcfltn; C:\WINDOWS\System32\DRIVERS\stdcfltn.sys [22168 2012-07-13] (STMicroelectronics -> ST Microelectronics)
R3 ST_Accel; C:\WINDOWS\system32\DRIVERS\ST_Accel.sys [83968 2013-11-21] (Microsoft Windows Hardware Compatibility Publisher -> STMicroelectronics)
R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [66104 2017-12-19] (Synaptics Incorporated -> Synaptics Incorporated)
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [88592 2014-01-16] (Intel Corporation - Client Components Group -> Intel Corporation)
R3 VirtualButtons; C:\WINDOWS\System32\drivers\VirtualButtons.sys [41992 2017-03-31] (Intel(R) Software -> Intel Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 PCDSRVC{B13A77D3-1EFB46EC-06020300}_0; \??\c:\program files\dell\supportassistagent\pcdr\supportassist\6.0.6992.1466\pcdsrvc_x64.pkms [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-05-25 21:05 - 2019-05-25 21:05 - 002435072 _____ (Farbar) C:\Users\bublinka\Downloads\FRST64 (1).exe
2019-05-25 21:05 - 2019-05-25 21:05 - 002435072 _____ (Farbar) C:\Users\bublinka\Desktop\FRST64 (1).exe
2019-05-25 10:12 - 2019-05-25 10:20 - 000000000 ____D C:\ProgramData\McInstTemp0138921558771945
2019-05-24 22:49 - 2019-05-24 22:50 - 007025360 _____ (Malwarebytes) C:\Users\bublinka\Desktop\adwcleaner_7.3.exe
2019-05-24 12:03 - 2019-05-03 08:31 - 009084432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-05-24 12:03 - 2019-05-03 08:31 - 007519888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-05-24 12:03 - 2019-05-03 08:18 - 006569344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-05-24 12:03 - 2019-05-03 08:12 - 025855488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-05-24 12:03 - 2019-05-03 08:10 - 022017024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-05-24 12:03 - 2019-05-03 08:05 - 022716416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-05-24 12:03 - 2019-05-03 07:56 - 005350912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-05-24 12:03 - 2019-05-03 07:54 - 004929024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-05-24 12:02 - 2019-05-03 14:13 - 001376472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-05-24 12:02 - 2019-05-03 13:51 - 003613696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-05-24 12:02 - 2019-05-03 13:51 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-05-24 12:02 - 2019-05-03 13:50 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-05-24 12:02 - 2019-05-03 13:28 - 002882048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-05-24 12:02 - 2019-05-03 13:25 - 001471488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-05-24 12:02 - 2019-05-03 08:36 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-05-24 12:02 - 2019-05-03 08:33 - 005625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-05-24 12:02 - 2019-05-03 08:33 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-05-24 12:02 - 2019-05-03 08:33 - 001027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-05-24 12:02 - 2019-05-03 08:31 - 007436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-05-24 12:02 - 2019-05-03 08:31 - 002811192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-05-24 12:02 - 2019-05-03 08:31 - 002771256 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-05-24 12:02 - 2019-05-03 08:31 - 001459328 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-05-24 12:02 - 2019-05-03 08:19 - 006043712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-05-24 12:02 - 2019-05-03 08:18 - 002258640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-05-24 12:02 - 2019-05-03 08:02 - 019401216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-05-24 12:02 - 2019-05-03 08:02 - 004866048 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-05-24 12:02 - 2019-05-03 08:01 - 008189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-05-24 12:02 - 2019-05-03 08:00 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-05-24 12:02 - 2019-05-03 08:00 - 003400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-05-24 12:02 - 2019-05-03 07:59 - 007593472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-05-24 12:02 - 2019-05-03 07:59 - 005788672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-05-24 12:02 - 2019-05-03 07:59 - 003710976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-05-24 12:02 - 2019-05-03 07:58 - 002175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-05-24 12:02 - 2019-05-03 07:58 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-05-24 12:02 - 2019-05-03 07:57 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-05-24 12:02 - 2019-05-03 07:57 - 001560576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-05-24 12:02 - 2019-05-03 07:57 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-05-24 12:02 - 2019-05-03 07:57 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-05-24 12:02 - 2019-05-03 07:56 - 001803776 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-05-24 12:02 - 2019-05-03 07:55 - 003090432 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-05-24 12:02 - 2019-05-03 07:55 - 002166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-05-24 12:02 - 2019-05-03 07:54 - 001628672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-05-24 12:02 - 2019-05-03 07:54 - 001097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-05-24 12:02 - 2019-05-03 07:54 - 000961024 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-05-24 12:02 - 2019-05-03 07:54 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-05-24 12:02 - 2019-05-03 07:54 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-05-24 12:02 - 2019-04-19 12:54 - 000720200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-05-24 12:02 - 2019-04-19 12:39 - 012754944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-05-24 12:02 - 2019-04-19 11:44 - 001454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-05-24 12:02 - 2019-04-19 11:28 - 011940864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-05-24 12:02 - 2019-04-19 07:07 - 000985400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2019-05-24 12:02 - 2019-04-19 07:06 - 002571632 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-05-24 12:02 - 2019-04-19 07:06 - 000798520 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2019-05-24 12:02 - 2019-04-19 07:01 - 001982008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-05-24 12:02 - 2019-04-19 06:43 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-05-24 12:02 - 2019-04-19 06:42 - 004384256 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-05-24 12:02 - 2019-04-19 06:39 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-05-24 12:02 - 2019-04-19 06:39 - 000567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-05-24 12:02 - 2019-04-19 06:38 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-05-24 12:02 - 2019-04-19 06:36 - 002909696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-05-24 12:02 - 2019-04-19 06:35 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2019-05-24 12:02 - 2019-04-19 06:35 - 001175552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2019-05-24 12:02 - 2019-04-19 06:35 - 001156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-05-24 12:02 - 2019-04-19 06:35 - 000607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-05-24 12:02 - 2019-04-09 03:48 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-05-24 12:02 - 2019-04-02 14:11 - 001857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2019-05-24 12:02 - 2019-04-02 10:21 - 002467536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-05-24 12:02 - 2019-04-02 10:19 - 000786080 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-05-24 12:02 - 2019-04-02 07:05 - 001989544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-05-24 12:02 - 2019-04-02 07:04 - 000604008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-05-24 12:02 - 2019-03-14 16:52 - 003933296 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-05-24 12:02 - 2019-03-14 16:29 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2019-05-24 12:02 - 2019-03-14 16:08 - 003611264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-05-24 12:02 - 2019-03-14 10:37 - 001171568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2019-05-24 12:02 - 2019-03-14 10:26 - 002421048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-05-24 12:02 - 2019-03-14 10:26 - 001014344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-05-24 12:02 - 2019-03-14 10:22 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-05-24 12:02 - 2019-03-14 10:19 - 002969600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-05-24 12:02 - 2019-03-14 10:17 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-05-24 12:02 - 2019-03-14 09:58 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-05-24 12:02 - 2019-03-14 09:58 - 002509824 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2019-05-24 12:02 - 2019-03-14 09:56 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-05-24 12:02 - 2019-03-14 09:55 - 003601920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2019-05-24 12:02 - 2019-03-14 09:55 - 002739200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-05-24 12:02 - 2019-03-14 09:51 - 001216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-05-24 12:02 - 2019-03-14 09:51 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-05-24 12:02 - 2019-03-14 09:50 - 001410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-05-24 12:02 - 2019-03-14 09:50 - 000947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-05-24 12:02 - 2019-03-14 09:50 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2019-05-24 12:01 - 2019-05-03 14:14 - 000790208 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-05-24 12:01 - 2019-05-03 14:13 - 000396088 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2019-05-24 12:01 - 2019-05-03 13:55 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-05-24 12:01 - 2019-05-03 13:54 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-05-24 12:01 - 2019-05-03 13:52 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-05-24 12:01 - 2019-05-03 13:50 - 004054528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-05-24 12:01 - 2019-05-03 13:49 - 001288704 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-05-24 12:01 - 2019-05-03 13:49 - 000488448 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-05-24 12:01 - 2019-05-03 13:49 - 000210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-05-24 12:01 - 2019-05-03 13:43 - 001027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-05-24 12:01 - 2019-05-03 13:25 - 004055040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-05-24 12:01 - 2019-05-03 08:34 - 000159864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2019-05-24 12:01 - 2019-05-03 08:33 - 000709720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-05-24 12:01 - 2019-05-03 08:33 - 000568104 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-05-24 12:01 - 2019-05-03 08:33 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-05-24 12:01 - 2019-05-03 08:33 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-05-24 12:01 - 2019-05-03 08:33 - 000063072 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptdll.dll
2019-05-24 12:01 - 2019-05-03 08:32 - 000793640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-05-24 12:01 - 2019-05-03 08:32 - 000776784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-05-24 12:01 - 2019-05-03 08:32 - 000493880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-05-24 12:01 - 2019-05-03 08:32 - 000438984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-05-24 12:01 - 2019-05-03 08:32 - 000209208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-05-24 12:01 - 2019-05-03 08:32 - 000170296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-05-24 12:01 - 2019-05-03 08:32 - 000164664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2019-05-24 12:01 - 2019-05-03 08:31 - 001260480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-05-24 12:01 - 2019-05-03 08:31 - 001141224 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-05-24 12:01 - 2019-05-03 08:31 - 000983632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-05-24 12:01 - 2019-05-03 08:31 - 000545808 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-05-24 12:01 - 2019-05-03 08:31 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-05-24 12:01 - 2019-05-03 08:31 - 000115728 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-05-24 12:01 - 2019-05-03 08:20 - 000434704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-05-24 12:01 - 2019-05-03 08:20 - 000384976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-05-24 12:01 - 2019-05-03 08:20 - 000192016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-05-24 12:01 - 2019-05-03 08:20 - 000146920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2019-05-24 12:01 - 2019-05-03 08:19 - 000665224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-05-24 12:01 - 2019-05-03 08:19 - 000056288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptdll.dll
2019-05-24 12:01 - 2019-05-03 08:00 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-processor-power-events.dll
2019-05-24 12:01 - 2019-05-03 08:00 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2019-05-24 12:01 - 2019-05-03 07:59 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-05-24 12:01 - 2019-05-03 07:59 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-05-24 12:01 - 2019-05-03 07:59 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-05-24 12:01 - 2019-05-03 07:58 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-05-24 12:01 - 2019-05-03 07:58 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2019-05-24 12:01 - 2019-05-03 07:56 - 000773632 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2019-05-24 12:01 - 2019-05-03 07:55 - 000659968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2019-05-24 12:01 - 2019-05-03 07:54 - 000778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2019-05-24 12:01 - 2019-05-03 07:54 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-05-24 12:01 - 2019-05-03 07:54 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-05-24 12:01 - 2019-05-03 07:53 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2019-05-24 12:01 - 2019-05-03 07:53 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2019-05-24 12:01 - 2019-05-03 07:53 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2019-05-24 12:01 - 2019-05-03 07:53 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2019-05-24 12:01 - 2019-05-03 06:38 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-05-24 12:01 - 2019-04-19 12:55 - 001634920 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-05-24 12:01 - 2019-04-19 12:38 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDSPnf.exe
2019-05-24 12:01 - 2019-04-19 12:38 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfproc.dll
2019-05-24 12:01 - 2019-04-19 12:36 - 000346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-05-24 12:01 - 2019-04-19 12:34 - 000522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2019-05-24 12:01 - 2019-04-19 07:06 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-05-24 12:01 - 2019-04-19 07:06 - 000274232 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-05-24 12:01 - 2019-04-19 07:01 - 000576016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2019-05-24 12:01 - 2019-04-19 07:01 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-05-24 12:01 - 2019-04-19 06:41 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2019-05-24 12:01 - 2019-04-19 06:41 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\EduPrintProv.exe
2019-05-24 12:01 - 2019-04-19 06:40 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-05-24 12:01 - 2019-04-19 06:40 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpnServiceDS.dll
2019-05-24 12:01 - 2019-04-19 06:40 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2019-05-24 12:01 - 2019-04-19 06:40 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2019-05-24 12:01 - 2019-04-19 06:40 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetDriverInstall.dll
2019-05-24 12:01 - 2019-04-19 06:39 - 000425472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SDDS.dll
2019-05-24 12:01 - 2019-04-19 06:39 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingASDS.dll
2019-05-24 12:01 - 2019-04-19 06:39 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-05-24 12:01 - 2019-04-19 06:39 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2019-05-24 12:01 - 2019-04-19 06:38 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-05-24 12:01 - 2019-04-19 06:38 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-05-24 12:01 - 2019-04-19 06:38 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2019-05-24 12:01 - 2019-04-19 06:38 - 000300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2019-05-24 12:01 - 2019-04-19 06:38 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2019-05-24 12:01 - 2019-04-19 06:37 - 000445952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2019-05-24 12:01 - 2019-04-19 06:37 - 000397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2019-05-24 12:01 - 2019-04-19 06:37 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2019-05-24 12:01 - 2019-04-19 06:37 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2019-05-24 12:01 - 2019-04-19 06:37 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2019-05-24 12:01 - 2019-04-19 06:36 - 000827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-05-24 12:01 - 2019-04-19 06:36 - 000546816 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2019-05-24 12:01 - 2019-04-19 06:36 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2019-05-24 12:01 - 2019-04-19 06:35 - 001938944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2019-05-24 12:01 - 2019-04-19 06:35 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2019-05-24 12:01 - 2019-04-19 06:35 - 000523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-05-24 12:01 - 2019-04-19 06:34 - 000935936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-05-24 12:01 - 2019-04-19 06:34 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-05-24 12:01 - 2019-04-19 06:34 - 000885760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-05-24 12:01 - 2019-04-19 06:34 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-05-24 12:01 - 2019-04-19 06:34 - 000653312 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2019-05-24 12:01 - 2019-04-19 05:18 - 000806360 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-05-24 12:01 - 2019-04-19 05:18 - 000806360 _____ C:\WINDOWS\system32\locale.nls
2019-05-24 12:01 - 2019-04-02 14:38 - 000094008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-05-24 12:01 - 2019-04-02 14:18 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-05-24 12:01 - 2019-04-02 14:16 - 001030144 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2019-05-24 12:01 - 2019-04-02 14:15 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll
2019-05-24 12:01 - 2019-04-02 14:13 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-05-24 12:01 - 2019-04-02 14:10 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2019-05-24 12:01 - 2019-04-02 14:10 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2019-05-24 12:01 - 2019-04-02 11:07 - 001586688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2019-05-24 12:01 - 2019-04-02 10:21 - 000735680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-05-24 12:01 - 2019-04-02 10:20 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-05-24 12:01 - 2019-04-02 09:48 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2019-05-24 12:01 - 2019-04-02 09:47 - 001214464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-05-24 12:01 - 2019-04-02 09:45 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-05-24 12:01 - 2019-04-02 09:44 - 001724416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-05-24 12:01 - 2019-04-02 09:44 - 001421312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2019-05-24 12:01 - 2019-04-02 07:04 - 000560600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-05-24 12:01 - 2019-04-02 06:41 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2019-05-24 12:01 - 2019-04-02 06:41 - 001235968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2019-05-24 12:01 - 2019-04-02 06:41 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-05-24 12:01 - 2019-04-02 06:40 - 001073664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-05-24 12:01 - 2019-03-14 16:51 - 000157192 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2019-05-24 12:01 - 2019-03-14 16:35 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfoext.dll
2019-05-24 12:01 - 2019-03-14 16:34 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-05-24 12:01 - 2019-03-14 16:33 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storqosflt.sys
2019-05-24 12:01 - 2019-03-14 16:33 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\RpcPing.exe
2019-05-24 12:01 - 2019-03-14 16:31 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2019-05-24 12:01 - 2019-03-14 16:30 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\objsel.dll
2019-05-24 12:01 - 2019-03-14 16:30 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2019-05-24 12:01 - 2019-03-14 16:28 - 000560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsound.dll
2019-05-24 12:01 - 2019-03-14 15:53 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\objsel.dll
2019-05-24 12:01 - 2019-03-14 15:52 - 000502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsound.dll
2019-05-24 12:01 - 2019-03-14 10:57 - 000611640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-05-24 12:01 - 2019-03-14 10:38 - 000090360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpr.dll
2019-05-24 12:01 - 2019-03-14 10:28 - 000152072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2019-05-24 12:01 - 2019-03-14 10:27 - 000097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpr.dll
2019-05-24 12:01 - 2019-03-14 10:26 - 000481048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2019-05-24 12:01 - 2019-03-14 10:26 - 000175416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-05-24 12:01 - 2019-03-14 10:18 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2019-05-24 12:01 - 2019-03-14 10:18 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-05-24 12:01 - 2019-03-14 10:17 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-05-24 12:01 - 2019-03-14 10:17 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2019-05-24 12:01 - 2019-03-14 10:15 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2019-05-24 12:01 - 2019-03-14 10:15 - 000318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-05-24 12:01 - 2019-03-14 10:15 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShellCommonCommonProxyStub.dll
2019-05-24 12:01 - 2019-03-14 10:15 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\negoexts.dll
2019-05-24 12:01 - 2019-03-14 10:14 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-05-24 12:01 - 2019-03-14 10:14 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-05-24 12:01 - 2019-03-14 10:14 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2019-05-24 12:01 - 2019-03-14 10:14 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-05-24 12:01 - 2019-03-14 10:14 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2019-05-24 12:01 - 2019-03-14 10:13 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2019-05-24 12:01 - 2019-03-14 09:57 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-05-24 12:01 - 2019-03-14 09:56 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2019-05-24 12:01 - 2019-03-14 09:56 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2019-05-24 12:01 - 2019-03-14 09:56 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2019-05-24 12:01 - 2019-03-14 09:56 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-05-24 12:01 - 2019-03-14 09:55 - 000528896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2019-05-24 12:01 - 2019-03-14 09:55 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2019-05-24 12:01 - 2019-03-14 09:55 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-05-24 12:01 - 2019-03-14 09:55 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2019-05-24 12:01 - 2019-03-14 09:55 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmapi.dll
2019-05-24 12:01 - 2019-03-14 09:55 - 000069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntlanman.dll
2019-05-24 12:01 - 2019-03-14 09:55 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\credui.dll
2019-05-24 12:01 - 2019-03-14 09:54 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-05-24 12:01 - 2019-03-14 09:54 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-05-24 12:01 - 2019-03-14 09:54 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2019-05-24 12:01 - 2019-03-14 09:54 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2019-05-24 12:01 - 2019-03-14 09:54 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2019-05-24 12:01 - 2019-03-14 09:54 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-05-24 12:01 - 2019-03-14 09:54 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\negoexts.dll
2019-05-24 12:01 - 2019-03-14 09:54 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2019-05-24 12:01 - 2019-03-14 09:53 - 000787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2019-05-24 12:01 - 2019-03-14 09:53 - 000473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-05-24 12:01 - 2019-03-14 09:53 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-05-24 12:01 - 2019-03-14 09:52 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2019-05-24 12:01 - 2019-03-14 09:52 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShellCommonCommonProxyStub.dll
2019-05-24 12:01 - 2019-03-14 09:52 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2019-05-24 12:01 - 2019-03-14 09:51 - 000226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\TetheringMgr.dll
2019-05-24 12:01 - 2019-03-14 09:50 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2019-05-24 12:01 - 2019-03-14 09:50 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-05-24 12:01 - 2019-03-14 09:50 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-05-24 12:00 - 2019-05-03 13:43 - 000662328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-05-24 12:00 - 2019-05-03 13:30 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-05-24 12:00 - 2019-05-03 13:30 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-05-24 12:00 - 2019-05-03 13:28 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2019-05-24 12:00 - 2019-05-03 13:27 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2019-05-24 12:00 - 2019-05-03 13:26 - 000425472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-05-24 12:00 - 2019-05-03 08:43 - 000177128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2019-05-24 12:00 - 2019-05-03 08:31 - 001098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-05-24 12:00 - 2019-05-03 08:18 - 001130568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-05-24 12:00 - 2019-05-03 07:59 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2019-05-24 12:00 - 2019-05-03 07:59 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-05-24 12:00 - 2019-05-03 07:58 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-05-24 12:00 - 2019-05-03 07:58 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-05-24 12:00 - 2019-05-03 07:58 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-05-24 12:00 - 2019-05-03 07:57 - 001295872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2019-05-24 12:00 - 2019-05-03 07:57 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-05-24 12:00 - 2019-05-03 07:57 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-05-24 12:00 - 2019-05-03 07:56 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-05-24 12:00 - 2019-05-03 07:56 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-05-24 12:00 - 2019-05-03 07:54 - 000845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-05-24 12:00 - 2019-05-03 07:54 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-05-24 12:00 - 2019-05-03 07:54 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2019-05-24 12:00 - 2019-05-03 07:54 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-05-24 12:00 - 2019-04-23 09:13 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-05-24 12:00 - 2019-04-23 08:14 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-05-24 12:00 - 2019-04-19 12:40 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-05-24 12:00 - 2019-04-19 11:37 - 000607960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-05-24 12:00 - 2019-04-19 11:30 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfproc.dll
2019-05-24 12:00 - 2019-04-19 11:26 - 002405888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-05-24 12:00 - 2019-04-19 11:25 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2019-05-24 12:00 - 2019-04-19 07:06 - 000713264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-05-24 12:00 - 2019-04-19 07:02 - 000831800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2019-05-24 12:00 - 2019-04-19 07:01 - 000581592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-05-24 12:00 - 2019-04-19 06:37 - 000953856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2019-05-24 12:00 - 2019-04-19 06:37 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2019-05-24 12:00 - 2019-04-19 06:36 - 001300992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2019-05-24 12:00 - 2019-04-19 06:36 - 000814592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-05-24 12:00 - 2019-04-19 06:36 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-05-24 12:00 - 2019-04-19 06:35 - 000535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2019-05-24 12:00 - 2019-04-19 06:35 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2019-05-24 12:00 - 2019-04-09 03:48 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-05-24 12:00 - 2019-04-09 03:48 - 000376320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2019-05-24 12:00 - 2019-04-09 03:48 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-05-24 12:00 - 2019-04-09 03:48 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-05-24 12:00 - 2019-04-02 11:11 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-05-24 12:00 - 2019-04-02 11:10 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll
2019-05-24 12:00 - 2019-03-14 16:33 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2019-05-24 12:00 - 2019-03-14 15:56 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
2019-05-24 12:00 - 2019-03-14 15:55 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RpcPing.exe
2019-05-24 12:00 - 2019-03-14 15:53 - 000625664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2019-05-24 12:00 - 2019-03-14 15:53 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2019-05-24 12:00 - 2019-03-14 10:56 - 000375096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-05-24 12:00 - 2019-03-14 10:18 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credui.dll
2019-05-24 12:00 - 2019-03-14 10:17 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcmapi.dll
2019-05-24 12:00 - 2019-03-14 10:17 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntlanman.dll
2019-05-24 12:00 - 2019-03-14 10:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-05-24 12:00 - 2019-03-14 10:13 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2019-05-24 12:00 - 2019-03-14 09:55 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncCsp.dll
2019-05-24 12:00 - 2019-03-14 09:55 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\EASPolicyManagerBrokerHost.exe
2019-05-24 12:00 - 2019-03-14 09:50 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2019-05-24 12:00 - 2019-03-14 03:57 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2019-05-23 23:43 - 2019-05-23 23:50 - 000049587 _____ C:\Users\bublinka\Desktop\Addition.txt
2019-05-23 23:37 - 2019-05-25 21:09 - 000026208 _____ C:\Users\bublinka\Desktop\FRST.txt
2019-05-23 23:22 - 2019-05-23 23:22 - 000000000 _____ C:\WINDOWS\invcol.tmp
2019-05-23 23:09 - 2019-05-23 23:10 - 000038560 _____ C:\Users\bublinka\Documents\cc_20190523_230954.reg
2019-05-23 22:11 - 2019-05-23 22:11 - 000002565 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-05-23 22:11 - 2019-05-23 22:11 - 000002537 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project.lnk
2019-05-23 22:11 - 2019-05-23 22:11 - 000002526 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2019-05-23 22:11 - 2019-05-23 22:11 - 000002507 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visio.lnk
2019-05-23 22:11 - 2019-05-23 22:11 - 000002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-05-23 22:11 - 2019-05-23 22:11 - 000002486 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-05-23 22:11 - 2019-05-23 22:11 - 000002482 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-05-23 22:11 - 2019-05-23 22:11 - 000002477 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-05-23 22:11 - 2019-05-23 22:11 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-05-23 22:11 - 2019-05-23 22:11 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-05-23 22:11 - 2019-05-23 22:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje balíka Microsoft Office
2019-05-23 22:11 - 2019-05-23 22:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje balíka Microsoft Office
2019-05-23 21:52 - 2019-05-23 22:07 - 000033134 _____ C:\Users\bublinka\Downloads\Addition.txt
2019-05-23 21:38 - 2019-05-23 22:17 - 000036480 _____ C:\Users\bublinka\Downloads\FRST.txt
2019-05-23 21:36 - 2019-05-23 21:36 - 002435072 _____ (Farbar) C:\Users\bublinka\Downloads\FRST64.exe
2019-05-23 20:32 - 2019-05-23 20:36 - 000000000 ____D C:\Users\bublinka\Downloads\Lucinka
2019-05-23 20:23 - 2019-05-23 20:23 - 000020978 _____ C:\Users\bublinka\Downloads\[CzT]Lucinka_Pusinka_Logopedia_2015_SK_1080pHD_ (2).torrent
2019-05-23 18:55 - 2019-05-23 18:56 - 021116984 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-05-25 21:10 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-05-25 21:06 - 2016-05-01 11:43 - 000000000 ____D C:\FRST
2019-05-25 12:25 - 2018-06-04 18:31 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-05-25 10:25 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\Registration
2019-05-25 10:23 - 2015-08-27 00:32 - 000000000 __SHD C:\Users\bublinka\IntelGraphicsProfiles
2019-05-25 10:20 - 2018-10-30 07:24 - 000000000 ____D C:\Program Files\McAfee
2019-05-25 10:20 - 2018-06-04 19:11 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-05-25 10:20 - 2016-11-08 13:33 - 000000000 ____D C:\Program Files\Common Files\McAfee
2019-05-25 10:20 - 2014-11-01 19:43 - 000000000 ____D C:\ProgramData\McAfee
2019-05-25 10:19 - 2018-04-11 23:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-05-25 09:20 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-05-24 23:17 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-05-24 23:06 - 2018-06-04 18:54 - 001689050 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-05-24 23:06 - 2018-04-12 17:50 - 000705940 _____ C:\WINDOWS\system32\perfh005.dat
2019-05-24 23:06 - 2018-04-12 17:50 - 000144404 _____ C:\WINDOWS\system32\perfc005.dat
2019-05-24 23:06 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-05-24 22:59 - 2018-06-04 18:31 - 000485200 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-05-24 22:54 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-05-24 22:54 - 2018-04-12 01:38 - 000000000 ___RD C:\Program Files\Windows Defender
2019-05-24 22:54 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-05-24 22:54 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-05-24 22:54 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-05-24 22:52 - 2016-05-01 05:30 - 000000000 ____D C:\AdwCleaner
2019-05-24 13:35 - 2017-10-09 19:32 - 000000000 ____D C:\Users\bublinka\AppData\Local\ElevatedDiagnostics
2019-05-24 13:08 - 2015-07-15 11:35 - 000002315 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-05-24 13:08 - 2015-07-15 11:35 - 000002274 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-05-24 12:51 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-05-24 12:45 - 2018-07-19 12:01 - 000000000 ____D C:\Users\bublinka\AppData\Roaming\vlc
2019-05-24 11:39 - 2018-07-18 21:37 - 000001141 _____ C:\Users\Public\Desktop\VLC media player.lnk
2019-05-24 00:21 - 2015-07-22 09:21 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-05-24 00:09 - 2015-07-22 09:20 - 132445408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-05-23 23:24 - 2018-11-17 20:06 - 000000000 ____D C:\Program Files\rempl
2019-05-23 23:17 - 2016-11-08 13:33 - 000000000 ____D C:\Program Files (x86)\McAfee
2019-05-23 23:13 - 2018-06-04 18:40 - 000000000 ____D C:\Users\bublinka
2019-05-23 23:07 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-05-23 23:03 - 2016-05-03 16:41 - 000000000 ____D C:\Users\bublinka\AppData\Roaming\uTorrent
2019-05-23 22:37 - 2014-11-01 19:42 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-05-23 22:24 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-05-23 20:59 - 2017-12-18 04:43 - 000000000 ____D C:\Users\bublinka\AppData\Local\Packages
2019-05-23 20:20 - 2016-04-14 15:09 - 000015800 _____ (ESET) C:\WINDOWS\system32\Drivers\eelam.sys
2019-05-23 19:00 - 2014-11-01 19:41 - 000000000 ____D C:\ProgramData\PCDr
2019-05-23 18:59 - 2018-06-04 19:11 - 000003456 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-05-23 18:59 - 2018-06-04 19:11 - 000003332 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-05-23 18:56 - 2018-06-04 19:11 - 000004610 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-05-23 18:56 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-05-23 18:55 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-05-13 15:24 - 2014-11-01 19:41 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2019-05-13 15:19 - 2017-07-10 15:06 - 000000000 ____D C:\ProgramData\SupportAssist
2019-05-04 01:53 - 2019-02-17 10:00 - 000835688 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-05-04 01:53 - 2019-02-17 10:00 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-04-28 00:12 - 2018-06-04 19:11 - 000004470 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-05.2019
Ran by bublinka (25-05-2019 21:11:15)
Running from C:\Users\bublinka\Desktop
Windows 10 Home Version 1803 17134.765 (X64) (2018-06-04 17:12:37)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-242124988-2545093545-445695849-500 - Administrator - Disabled)
bublinka (S-1-5-21-242124988-2545093545-445695849-1001 - Administrator - Enabled) => C:\Users\bublinka
DefaultAccount (S-1-5-21-242124988-2545093545-445695849-503 - Limited - Disabled)
Guest (S-1-5-21-242124988-2545093545-445695849-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-242124988-2545093545-445695849-1003 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-242124988-2545093545-445695849-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.192 - Adobe)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.2.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MX450 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX450_series) (Version: 1.00 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.44 - Piriform)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.7.5.60 - Dell Inc.)
Dell Customer Connect (HKLM-x32\...\{4FA72FF9-DD64-43A8-8704-6380A11F11D5}) (Version: 1.4.15.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{693A23FB-F28B-4F7A-A720-4C1263F97F43}) (Version: 3.1.1002.0 - Dell Products, LP)
Dell Product Registration (HKLM-x32\...\{24F2AD94-CC1B-4294-B184-D4D31A3186A7}) (Version: 2.42.0012 - Aviata Inc.)
Dell SupportAssist (HKLM\...\{0309AC01-330F-494C-B27D-58E297E4674F}) (Version: 3.2.1.94 - Dell Inc.)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 19.2.17.64 - Synaptics Incorporated)
Dell Update (HKLM-x32\...\{5EBBC1DA-975F-44A0-B438-F325BCD45577}) (Version: 3.0.1 - Dell Inc.)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
Dropbox 20 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 0.9.0 - Dropbox, Inc.)
ESET Security (HKLM\...\{3EB22EED-2263-4174-9F36-09BD15A7AEF8}) (Version: 12.1.34.0 - ESET, spol. s r.o.)
Fotor 3.0.0 (HKLM-x32\...\Fotor) (Version: 3.0.0 - Everimaging Co., Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 74.0.3729.169 - Spoločnosť Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
jwDuplFiles 2.0 (HKLM-x32\...\jwDuplFiles_is1) (Version: - jw)
LibreOffice 4.4.4.3 (HKLM-x32\...\{5B6D82BB-CC1A-431E-8991-3E57855F99C5}) (Version: 4.4.4.3 - The Document Foundation)
Microsoft Office 2016 Professional Plus - sk-sk (HKLM\...\ProplusRetail - sk-sk) (Version: 16.0.11629.20164 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-242124988-2545093545-445695849-1001\...\OneDriveSetup.exe) (Version: 19.033.0218.0006 - Microsoft Corporation)
Microsoft Project Professional 2016 - en-us (HKLM\...\ProjectProRetail - en-us) (Version: 16.0.11629.20164 - Microsoft Corporation)
Microsoft Project Professional 2016 - sk-sk (HKLM\...\ProjectProRetail - sk-sk) (Version: 16.0.11629.20164 - Microsoft Corporation)
Microsoft Visio Professional 2016 - en-us (HKLM\...\VisioProRetail - en-us) (Version: 16.0.11629.20164 - Microsoft Corporation)
Microsoft Visio Professional 2016 - sk-sk (HKLM\...\VisioProRetail - sk-sk) (Version: 16.0.11629.20164 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
MPC-HC 1.7.10 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.10 - MPC-HC Team)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11629.20164 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11629.20164 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11629.20164 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.11629.20164 - Microsoft Corporation) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.21 - Dell Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7544 - Realtek Semiconductor Corp.)
Skype™ 7.36 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.36.101 - Skype Technologies S.A.)
SmartByte Drivers and Services (HKLM\...\{EC62F71A-6CFA-4918-9EBC-99BFF86DB3C9}) (Version: 1.2.600 - Meno vašej spoločnosti)
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.11.0052 - ST Microelectronics)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C3ACFCEA-240F-4DCC-A0C3-DD55FEE6C3C2}) (Version: 2.58.0.0 - Microsoft Corporation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Packages:
=========
9 zip -> C:\Program Files\WindowsApps\184MagikHub.9zip_3.1.58.0_x64__hvr7qkvwfhvx6 [2019-02-22] (Magik Hub)
Adobe Revel -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobeRevel_1.5.101.6_x64__ynb6jyjzte8ga [2015-07-22] (Adobe Systems Incorporated)
Asistent pre telefón Microsoft -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1802.311.0_x64__8wekyb3d8bbwe [2018-02-14] (Microsoft Corporation)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1510.1.0_x86__kgqvnymyfvs32 [2019-05-24] (king.com)
Dell SupportAssist for PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.2.4.0_x64__htrsf667h5kn2 [2019-05-13] (Dell Inc)
Doplnok pre Fotografie -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2018-09-13] (Microsoft Corporation)
Facebook -> C:\Program Files\WindowsApps\Facebook.Facebook_186.2191.46880.0_x86__8xx8rvfyw5nnt [2019-04-02] (Facebook Inc)
Flipboard -> C:\Program Files\WindowsApps\Flipboard.Flipboard_2.1.3.0_neutral__3f5azkryzdbc4 [2017-07-15] (Flipboard)
McAfee® Central for Dell -> C:\Program Files\WindowsApps\McAfeeInc.01.McAfeeSecurityAdvisorforDell_5.0.167.1_x64__n49tcsmxt2t2c [2018-03-27] (McAfee Inc)
Microsoft Telefón -> C:\Program Files\WindowsApps\Microsoft.CommsPhone_3.43.20002.1000_x64__8wekyb3d8bbwe [2018-09-09] (Microsoft Corporation)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.5.2.0_x64__8wekyb3d8bbwe [2019-05-23] (Microsoft Corporation)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-09] (Twitter Inc.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-242124988-2545093545-445695849-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIcon.DLL [2014-06-04] (SoftThinks -> )
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayNotBackuped.DLL [2014-06-04] (SoftThinks -> )
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2019-05-23] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2019-05-23] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2019-05-23] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\bublinka\Documents\ROBOTA - disk\HARTLOVÁ\Nagyová plocha\plocha\Passport mostov.lnk -> C:\Users\nagyova.slavka\Documents\passport.bat (No File)
==================== Loaded Modules (Whitelisted) ==============
2018-07-01 23:05 - 2012-08-31 10:30 - 000313344 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNSS_SKY.DLL
2016-01-30 20:05 - 2012-07-31 09:48 - 000359936 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL
2016-04-29 20:33 - 2016-05-01 11:43 - 002377216 _____ (Farbar) [File not signed] C:\Users\bublinka\Desktop\FRST64.exe
2018-03-20 13:25 - 2018-03-20 13:25 - 000099840 _____ (Rivet Networks) [File not signed] C:\Program Files\Rivet Networks\SmartByte\KillerNetworkServicePS.dll
2016-09-14 18:44 - 2016-09-14 18:44 - 001430016 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\Rivet Networks\SmartByte\x64\SQLite.Interop.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2016-11-08 14:41 - 000000826 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-242124988-2545093545-445695849-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\bublinka\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKLM\...\StartupApproved\Run32: => "DropboxOEM"
HKU\S-1-5-21-242124988-2545093545-445695849-1001\...\StartupApproved\StartupFolder: => "LibreOffice 4.4.lnk"
HKU\S-1-5-21-242124988-2545093545-445695849-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-242124988-2545093545-445695849-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-242124988-2545093545-445695849-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{4F2C7FE1-3B3D-4BDF-AB39-DF5189F08DF0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{27B83E37-FF87-4062-8121-D9451252609C}C:\users\bublinka\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\bublinka\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{1A14C6EA-E98A-4328-8027-8427B35CF961}C:\users\bublinka\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\bublinka\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{36C9F198-EA04-41CA-B685-F0AEFDDCA9F7}] => (Block) C:\users\bublinka\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{FB28A465-F4FE-4C8B-B20D-6F18725EBBE9}] => (Block) C:\users\bublinka\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{8372DFC7-4547-42E3-BF8B-801B275DE631}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9FBFECBD-CD65-43DF-9EBA-0B00566CD932}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C6DD7A78-2FB1-4BFD-9213-4AF4057D920D}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{D74BFF13-6A6E-458E-A51B-7890A8F20994}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{24B4AAEE-81F7-4DE5-B113-BBCFDC843B58}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{717D9DB2-8175-4DD9-B822-060ECF582DBE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{38C74F7E-8F7B-47C3-9A90-49BB21A2CC8D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F0E4F2A6-AE04-42F7-9719-97B54389B3C6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
==================== Restore Points =========================
23-05-2019 22:25:04 Removed Skype™ 7.36
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/25/2019 10:32:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: DDVDataCollector.exe, verzia: 5.2.8.103, časová značka: 0x5c781a2a
Názov chybujúceho modulu: DDVDataCollector.exe, verzia: 5.2.8.103, časová značka: 0x5c781a2a
Kód výnimky: 0xc0000409
Odstup chyby: 0x00000000001cfb1b
Identifikácia chybujúceho procesu: 0xdd0
Čas spustenia chybujúcej aplikácie: 0x01d512d3a8268287
Cesta chybujúcej aplikácie: C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
Cesta chybujúceho modulu: C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
Identifikácia hlásenia: 9c56f536-6a4b-40aa-9347-884ebc47e53a
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:
Error: (05/24/2019 11:14:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: DDVDataCollector.exe, verzia: 5.2.8.103, časová značka: 0x5c781a2a
Názov chybujúceho modulu: DDVDataCollector.exe, verzia: 5.2.8.103, časová značka: 0x5c781a2a
Kód výnimky: 0xc0000409
Odstup chyby: 0x00000000001cfb1b
Identifikácia chybujúceho procesu: 0x24c4
Čas spustenia chybujúcej aplikácie: 0x01d51274c4c8b2b7
Cesta chybujúcej aplikácie: C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
Cesta chybujúceho modulu: C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
Identifikácia hlásenia: b24d78c3-6ac7-45bf-b535-945e09b9d5da
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:
Error: (05/24/2019 10:53:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: svchost.exe, verzia: 10.0.17134.556, časová značka: 0xf23cada5
Názov chybujúceho modulu: PhoneDataSync.dll_unloaded, verzia: 10.0.17134.1, časová značka: 0xa73f20d7
Kód výnimky: 0xc0000005
Odstup chyby: 0x0000000000032adf
Identifikácia chybujúceho procesu: 0x1f90
Čas spustenia chybujúcej aplikácie: 0x01d511fb96ae923f
Cesta chybujúcej aplikácie: c:\windows\system32\svchost.exe
Cesta chybujúceho modulu: PhoneDataSync.dll
Identifikácia hlásenia: 07b1a4a4-5a62-49b1-b3a9-784edace0fdf
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:
Error: (05/24/2019 03:52:53 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Microsoft.Photos.exe version 2019.19031.17720.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 2c60
Start Time: 01d5122aaad6a03d
Termination Time: 4294967295
Application Path: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19031.17720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
Report Id: 88ff1726-5d9c-4dae-93c5-1c30ea95a2dc
Faulting package full name: Microsoft.Windows.Photos_2019.19031.17720.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: App
Error: (05/24/2019 02:10:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Microsoft.Photos.exe version 2019.19031.17720.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 2994
Start Time: 01d5122489c42b5f
Termination Time: 4294967295
Application Path: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19031.17720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
Report Id: 7f9ae114-8879-443d-8688-3e97c56deaed
Faulting package full name: Microsoft.Windows.Photos_2019.19031.17720.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: App
Error: (05/24/2019 09:02:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: DDVDataCollector.exe, verzia: 5.2.8.103, časová značka: 0x5c781a2a
Názov chybujúceho modulu: DDVDataCollector.exe, verzia: 5.2.8.103, časová značka: 0x5c781a2a
Kód výnimky: 0xc0000409
Odstup chyby: 0x00000000001cfb1b
Identifikácia chybujúceho procesu: 0x2b70
Čas spustenia chybujúcej aplikácie: 0x01d511fdca91f527
Cesta chybujúcej aplikácie: C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
Cesta chybujúceho modulu: C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
Identifikácia hlásenia: 7cc244b1-09af-49e4-beb4-373459859ed0
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:
Error: (05/24/2019 12:27:38 AM) (Source: TrueKey) (EventID: 0) (User: )
Description: Event-ID 0
Error: (05/23/2019 11:32:01 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest".Error in manifest or policy file "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" on line 1.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
System errors:
=============
Error: (05/25/2019 09:03:44 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The specifické pro aplikaci permission settings do not grant Místní Aktivace permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (pomocí LRPC) running in the application container Není k dispozici SID (Není k dispozici). This security permission can be modified using the Component Services administrative tool.
Error: (05/25/2019 09:03:12 PM) (Source: DCOM) (EventID: 10016) (User: PRISERKA)
Description: The specifické pro aplikaci permission settings do not grant Místní Aktivace permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user PRISERKA\bublinka SID (S-1-5-21-242124988-2545093545-445695849-1001) from address LocalHost (pomocí LRPC) running in the application container Není k dispozici SID (Není k dispozici). This security permission can be modified using the Component Services administrative tool.
Error: (05/25/2019 10:37:29 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The specifické pro aplikaci permission settings do not grant Místní Aktivace permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (pomocí LRPC) running in the application container Není k dispozici SID (Není k dispozici). This security permission can be modified using the Component Services administrative tool.
Error: (05/25/2019 10:36:44 AM) (Source: DCOM) (EventID: 10016) (User: PRISERKA)
Description: The specifické pro aplikaci permission settings do not grant Místní Aktivace permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user PRISERKA\bublinka SID (S-1-5-21-242124988-2545093545-445695849-1001) from address LocalHost (pomocí LRPC) running in the application container Není k dispozici SID (Není k dispozici). This security permission can be modified using the Component Services administrative tool.
Error: (05/25/2019 10:32:26 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Dell Data Vault Collector sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (05/25/2019 10:26:40 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {784E29F4-5EBE-4279-9948-1E8FE941646D} did not register with DCOM within the required timeout.
Error: (05/25/2019 10:23:52 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Dell Hardware Support zlyhalo kvôli nasledujúcej chybe:
The service did not respond to the start or control request in a timely fashion.
Error: (05/25/2019 10:23:52 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby Dell Hardware Support bol dosiahnutý časový limit (60000 ms).
CodeIntegrity:
===================================
Date: 2018-10-27 12:43:22.591
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-10-27 12:43:22.387
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-10-26 15:58:30.786
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-10-26 15:58:30.717
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-10-25 10:20:14.440
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-10-25 10:20:14.379
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-10-24 21:17:43.637
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-10-24 21:17:09.345
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
==================== Memory info ===========================
BIOS: Dell Inc. A10 04/22/2016
Motherboard: Dell Inc. Type2 - Board Product Name1
Processor: Intel(R) Pentium(R) CPU N3530 @ 2.16GHz
Percentage of memory in use: 86%
Total physical RAM: 3978.2 MB
Available physical RAM: 521.13 MB
Total Virtual: 6282.2 MB
Available Virtual: 1759.7 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:456.3 GB) (Free:182.49 GB) NTFS
\\?\Volume{beb03a34-657d-4c5c-a037-3bb957838fe8}\ (WINRETOOLS) (Fixed) (Total:0.73 GB) (Free:0.3 GB) NTFS
\\?\Volume{4ce03397-df49-48ea-a51f-200d859cd87c}\ () (Fixed) (Total:0.82 GB) (Free:0.34 GB) NTFS
\\?\Volume{b2051262-3bcd-4ac1-b163-ff7fb3e88120}\ (PBR Image) (Fixed) (Total:7.25 GB) (Free:0.73 GB) NTFS
\\?\Volume{bed2cd9e-d1af-443c-8eb1-a1228670659b}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.46 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: BD0D5174)
Partition: GPT.
==================== End of Addition.txt ============================
Re: kontrola logu
Otvor poznamkovy blok (Win+R -> notepad -> enter)
- Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:
Kód: Vybrat vše
Start CloseProcesses: CreateRestorePoint: PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" Task: {01B66E1D-A38C-4E34-AD5B-CEA2B97F3723} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {1A6B572B-305A-4E8E-89DC-2AB68F501B7B} - System32\Tasks\{A5C32C1C-4276-496E-814E-C24EC7884B4E} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files\McAfee Security Scan\uninstall.exe" Task: {457E0773-263C-44AF-A601-CE88231F03F6} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {71560483-D9E9-4D02-970C-ECDEE5A80C3E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {7B90F132-1039-441B-99DD-264EC9EC84FB} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION Task: {7D885CF2-5168-4B9A-B79C-32CE5CBCD635} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {8CB4602D-5E79-403F-8CC7-5100DFCDFD56} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {8F42DD19-D14E-4E1A-BF26-510AE17376EB} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {C0A89418-25E8-447B-8E2C-570F6E829059} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {CBD6BD7F-61B1-4828-A3E2-7EFA77D2902F} - System32\Tasks\0216scUpdateInfo => C:\ProgramData\Avg_Update_0216sc\0216sc_{303F9E5E-1CF4-41CD-91E6-A2E7FEF73ACB}.exe [2970184 2016-03-30] (AVG Technologies CZ, s.r.o. -> ) Task: {D2EFEDAF-61D5-4C52-9E5A-619AA51D9888} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {D5B3B2C7-8AF0-4D0D-A355-5216778C98D3} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {E8BFFE70-6A84-49DA-B133-5ABDF88C5EDF} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {F9B0F07E-5A48-4EA4-AC6A-7866579B7CDF} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION HKU\S-1-5-21-242124988-2545093545-445695849-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB SearchScopes: HKU\S-1-5-21-242124988-2545093545-445695849-1001 -> {8E786F18-A6D8-419F-B12D-3ECF7830B782} URL = BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File S3 PCDSRVC{B13A77D3-1EFB46EC-06020300}_0; \??\c:\program files\dell\supportassistagent\pcdr\supportassist\6.0.6992.1466\pcdsrvc_x64.pkms [X] 2019-05-25 10:12 - 2019-05-25 10:20 - 000000000 ____D C:\ProgramData\McInstTemp0138921558771945 2019-05-23 23:22 - 2019-05-23 23:22 - 000000000 _____ C:\WINDOWS\invcol.tmp 2019-05-25 10:20 - 2018-10-30 07:24 - 000000000 ____D C:\Program Files\McAfee 2019-05-25 10:20 - 2016-11-08 13:33 - 000000000 ____D C:\Program Files\Common Files\McAfee 2019-05-25 10:20 - 2014-11-01 19:43 - 000000000 ____D C:\ProgramData\McAfee 2019-05-23 23:17 - 2016-11-08 13:33 - 000000000 ____D C:\Program Files (x86)\McAfee ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File C:\Program Files\McAfee Security Scan C:\Program Files\TrueKey Hosts: EmptyTemp: End - Uloz na plochu s nazvom fixlist.txt
- Spusti znovu FRST a klikni na Fix
- Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
- Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: kontrola logu
Fix result of Farbar Recovery Scan Tool (x64) Version: 26-05.2019
Ran by bublinka (26-05-2019 13:39:49) Run:1
Running from C:\Users\bublinka\Desktop
Loaded Profiles: bublinka (Available Profiles: bublinka)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
Task: {01B66E1D-A38C-4E34-AD5B-CEA2B97F3723} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {1A6B572B-305A-4E8E-89DC-2AB68F501B7B} - System32\Tasks\{A5C32C1C-4276-496E-814E-C24EC7884B4E} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files\McAfee Security Scan\uninstall.exe"
Task: {457E0773-263C-44AF-A601-CE88231F03F6} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {71560483-D9E9-4D02-970C-ECDEE5A80C3E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {7B90F132-1039-441B-99DD-264EC9EC84FB} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {7D885CF2-5168-4B9A-B79C-32CE5CBCD635} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {8CB4602D-5E79-403F-8CC7-5100DFCDFD56} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {8F42DD19-D14E-4E1A-BF26-510AE17376EB} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {C0A89418-25E8-447B-8E2C-570F6E829059} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {CBD6BD7F-61B1-4828-A3E2-7EFA77D2902F} - System32\Tasks\0216scUpdateInfo => C:\ProgramData\Avg_Update_0216sc\0216sc_{303F9E5E-1CF4-41CD-91E6-A2E7FEF73ACB}.exe [2970184 2016-03-30] (AVG Technologies CZ, s.r.o. -> )
Task: {D2EFEDAF-61D5-4C52-9E5A-619AA51D9888} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {D5B3B2C7-8AF0-4D0D-A355-5216778C98D3} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {E8BFFE70-6A84-49DA-B133-5ABDF88C5EDF} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {F9B0F07E-5A48-4EA4-AC6A-7866579B7CDF} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
HKU\S-1-5-21-242124988-2545093545-445695849-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
SearchScopes: HKU\S-1-5-21-242124988-2545093545-445695849-1001 -> {8E786F18-A6D8-419F-B12D-3ECF7830B782} URL =
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
S3 PCDSRVC{B13A77D3-1EFB46EC-06020300}_0; \??\c:\program files\dell\supportassistagent\pcdr\supportassist\6.0.6992.1466\pcdsrvc_x64.pkms [X]
2019-05-25 10:12 - 2019-05-25 10:20 - 000000000 ____D C:\ProgramData\McInstTemp0138921558771945
2019-05-23 23:22 - 2019-05-23 23:22 - 000000000 _____ C:\WINDOWS\invcol.tmp
2019-05-25 10:20 - 2018-10-30 07:24 - 000000000 ____D C:\Program Files\McAfee
2019-05-25 10:20 - 2016-11-08 13:33 - 000000000 ____D C:\Program Files\Common Files\McAfee
2019-05-25 10:20 - 2014-11-01 19:43 - 000000000 ____D C:\ProgramData\McAfee
2019-05-23 23:17 - 2016-11-08 13:33 - 000000000 ____D C:\Program Files (x86)\McAfee
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
C:\Program Files\McAfee Security Scan
C:\Program Files\TrueKey
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========
Count : 4450
Average :
Sum : 7698843020
Maximum :
Minimum :
Property : Length
========= End of Powershell: =========
HKLM\System\CurrentControlSet\Control\Lsa\\Notification Packages => value restored successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{01B66E1D-A38C-4E34-AD5B-CEA2B97F3723}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{01B66E1D-A38C-4E34-AD5B-CEA2B97F3723}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1A6B572B-305A-4E8E-89DC-2AB68F501B7B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1A6B572B-305A-4E8E-89DC-2AB68F501B7B}" => removed successfully
C:\WINDOWS\System32\Tasks\{A5C32C1C-4276-496E-814E-C24EC7884B4E} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A5C32C1C-4276-496E-814E-C24EC7884B4E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{457E0773-263C-44AF-A601-CE88231F03F6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{457E0773-263C-44AF-A601-CE88231F03F6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{71560483-D9E9-4D02-970C-ECDEE5A80C3E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{71560483-D9E9-4D02-970C-ECDEE5A80C3E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7B90F132-1039-441B-99DD-264EC9EC84FB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7B90F132-1039-441B-99DD-264EC9EC84FB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7D885CF2-5168-4B9A-B79C-32CE5CBCD635}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7D885CF2-5168-4B9A-B79C-32CE5CBCD635}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8CB4602D-5E79-403F-8CC7-5100DFCDFD56}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8CB4602D-5E79-403F-8CC7-5100DFCDFD56}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8F42DD19-D14E-4E1A-BF26-510AE17376EB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8F42DD19-D14E-4E1A-BF26-510AE17376EB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C0A89418-25E8-447B-8E2C-570F6E829059}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C0A89418-25E8-447B-8E2C-570F6E829059}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CBD6BD7F-61B1-4828-A3E2-7EFA77D2902F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CBD6BD7F-61B1-4828-A3E2-7EFA77D2902F}" => removed successfully
C:\WINDOWS\System32\Tasks\0216scUpdateInfo => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0216scUpdateInfo" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D2EFEDAF-61D5-4C52-9E5A-619AA51D9888}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D2EFEDAF-61D5-4C52-9E5A-619AA51D9888}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D5B3B2C7-8AF0-4D0D-A355-5216778C98D3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D5B3B2C7-8AF0-4D0D-A355-5216778C98D3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E8BFFE70-6A84-49DA-B133-5ABDF88C5EDF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E8BFFE70-6A84-49DA-B133-5ABDF88C5EDF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F9B0F07E-5A48-4EA4-AC6A-7866579B7CDF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F9B0F07E-5A48-4EA4-AC6A-7866579B7CDF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
HKU\S-1-5-21-242124988-2545093545-445695849-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKU\S-1-5-21-242124988-2545093545-445695849-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8E786F18-A6D8-419F-B12D-3ECF7830B782} => removed successfully
HKLM\Software\Classes\CLSID\{8E786F18-A6D8-419F-B12D-3ECF7830B782} => not found
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} => removed successfully
HKLM\Software\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => not found
HKLM\System\CurrentControlSet\Services\PCDSRVC{B13A77D3-1EFB46EC-06020300}_0 => removed successfully
PCDSRVC{B13A77D3-1EFB46EC-06020300}_0 => service removed successfully
C:\ProgramData\McInstTemp0138921558771945 => moved successfully
C:\WINDOWS\invcol.tmp => moved successfully
C:\Program Files\McAfee => moved successfully
C:\Program Files\Common Files\McAfee => moved successfully
C:\ProgramData\McAfee => moved successfully
C:\Program Files (x86)\McAfee => moved successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\CLSID\{B298D29A-A6ED-11DE-BA8C-A68E55D89593} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\CLSID\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\CLSID\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\CLSID\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => not found
"C:\Program Files\McAfee Security Scan" => not found
"C:\Program Files\TrueKey" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 9461760 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 233937465 B
Java, Flash, Steam htmlcache => 570 B
Windows/system/drivers => 44462872 B
Edge => 28668 B
Chrome => 364279350 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 9296659 B
systemprofile32 => 0 B
LocalService => 3610 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
bublinka => 55850499 B
RecycleBin => 0 B
EmptyTemp: => 684.1 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 13:47:03 ====
Ran by bublinka (26-05-2019 13:39:49) Run:1
Running from C:\Users\bublinka\Desktop
Loaded Profiles: bublinka (Available Profiles: bublinka)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
Task: {01B66E1D-A38C-4E34-AD5B-CEA2B97F3723} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {1A6B572B-305A-4E8E-89DC-2AB68F501B7B} - System32\Tasks\{A5C32C1C-4276-496E-814E-C24EC7884B4E} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files\McAfee Security Scan\uninstall.exe"
Task: {457E0773-263C-44AF-A601-CE88231F03F6} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {71560483-D9E9-4D02-970C-ECDEE5A80C3E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {7B90F132-1039-441B-99DD-264EC9EC84FB} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {7D885CF2-5168-4B9A-B79C-32CE5CBCD635} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {8CB4602D-5E79-403F-8CC7-5100DFCDFD56} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {8F42DD19-D14E-4E1A-BF26-510AE17376EB} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {C0A89418-25E8-447B-8E2C-570F6E829059} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {CBD6BD7F-61B1-4828-A3E2-7EFA77D2902F} - System32\Tasks\0216scUpdateInfo => C:\ProgramData\Avg_Update_0216sc\0216sc_{303F9E5E-1CF4-41CD-91E6-A2E7FEF73ACB}.exe [2970184 2016-03-30] (AVG Technologies CZ, s.r.o. -> )
Task: {D2EFEDAF-61D5-4C52-9E5A-619AA51D9888} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {D5B3B2C7-8AF0-4D0D-A355-5216778C98D3} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {E8BFFE70-6A84-49DA-B133-5ABDF88C5EDF} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {F9B0F07E-5A48-4EA4-AC6A-7866579B7CDF} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
HKU\S-1-5-21-242124988-2545093545-445695849-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
SearchScopes: HKU\S-1-5-21-242124988-2545093545-445695849-1001 -> {8E786F18-A6D8-419F-B12D-3ECF7830B782} URL =
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
S3 PCDSRVC{B13A77D3-1EFB46EC-06020300}_0; \??\c:\program files\dell\supportassistagent\pcdr\supportassist\6.0.6992.1466\pcdsrvc_x64.pkms [X]
2019-05-25 10:12 - 2019-05-25 10:20 - 000000000 ____D C:\ProgramData\McInstTemp0138921558771945
2019-05-23 23:22 - 2019-05-23 23:22 - 000000000 _____ C:\WINDOWS\invcol.tmp
2019-05-25 10:20 - 2018-10-30 07:24 - 000000000 ____D C:\Program Files\McAfee
2019-05-25 10:20 - 2016-11-08 13:33 - 000000000 ____D C:\Program Files\Common Files\McAfee
2019-05-25 10:20 - 2014-11-01 19:43 - 000000000 ____D C:\ProgramData\McAfee
2019-05-23 23:17 - 2016-11-08 13:33 - 000000000 ____D C:\Program Files (x86)\McAfee
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
C:\Program Files\McAfee Security Scan
C:\Program Files\TrueKey
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========
Count : 4450
Average :
Sum : 7698843020
Maximum :
Minimum :
Property : Length
========= End of Powershell: =========
HKLM\System\CurrentControlSet\Control\Lsa\\Notification Packages => value restored successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{01B66E1D-A38C-4E34-AD5B-CEA2B97F3723}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{01B66E1D-A38C-4E34-AD5B-CEA2B97F3723}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1A6B572B-305A-4E8E-89DC-2AB68F501B7B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1A6B572B-305A-4E8E-89DC-2AB68F501B7B}" => removed successfully
C:\WINDOWS\System32\Tasks\{A5C32C1C-4276-496E-814E-C24EC7884B4E} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A5C32C1C-4276-496E-814E-C24EC7884B4E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{457E0773-263C-44AF-A601-CE88231F03F6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{457E0773-263C-44AF-A601-CE88231F03F6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{71560483-D9E9-4D02-970C-ECDEE5A80C3E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{71560483-D9E9-4D02-970C-ECDEE5A80C3E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7B90F132-1039-441B-99DD-264EC9EC84FB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7B90F132-1039-441B-99DD-264EC9EC84FB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7D885CF2-5168-4B9A-B79C-32CE5CBCD635}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7D885CF2-5168-4B9A-B79C-32CE5CBCD635}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8CB4602D-5E79-403F-8CC7-5100DFCDFD56}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8CB4602D-5E79-403F-8CC7-5100DFCDFD56}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8F42DD19-D14E-4E1A-BF26-510AE17376EB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8F42DD19-D14E-4E1A-BF26-510AE17376EB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C0A89418-25E8-447B-8E2C-570F6E829059}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C0A89418-25E8-447B-8E2C-570F6E829059}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CBD6BD7F-61B1-4828-A3E2-7EFA77D2902F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CBD6BD7F-61B1-4828-A3E2-7EFA77D2902F}" => removed successfully
C:\WINDOWS\System32\Tasks\0216scUpdateInfo => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0216scUpdateInfo" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D2EFEDAF-61D5-4C52-9E5A-619AA51D9888}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D2EFEDAF-61D5-4C52-9E5A-619AA51D9888}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D5B3B2C7-8AF0-4D0D-A355-5216778C98D3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D5B3B2C7-8AF0-4D0D-A355-5216778C98D3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E8BFFE70-6A84-49DA-B133-5ABDF88C5EDF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E8BFFE70-6A84-49DA-B133-5ABDF88C5EDF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F9B0F07E-5A48-4EA4-AC6A-7866579B7CDF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F9B0F07E-5A48-4EA4-AC6A-7866579B7CDF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
HKU\S-1-5-21-242124988-2545093545-445695849-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKU\S-1-5-21-242124988-2545093545-445695849-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8E786F18-A6D8-419F-B12D-3ECF7830B782} => removed successfully
HKLM\Software\Classes\CLSID\{8E786F18-A6D8-419F-B12D-3ECF7830B782} => not found
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} => removed successfully
HKLM\Software\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => not found
HKLM\System\CurrentControlSet\Services\PCDSRVC{B13A77D3-1EFB46EC-06020300}_0 => removed successfully
PCDSRVC{B13A77D3-1EFB46EC-06020300}_0 => service removed successfully
C:\ProgramData\McInstTemp0138921558771945 => moved successfully
C:\WINDOWS\invcol.tmp => moved successfully
C:\Program Files\McAfee => moved successfully
C:\Program Files\Common Files\McAfee => moved successfully
C:\ProgramData\McAfee => moved successfully
C:\Program Files (x86)\McAfee => moved successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\CLSID\{B298D29A-A6ED-11DE-BA8C-A68E55D89593} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\CLSID\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\CLSID\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\CLSID\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => not found
"C:\Program Files\McAfee Security Scan" => not found
"C:\Program Files\TrueKey" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 9461760 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 233937465 B
Java, Flash, Steam htmlcache => 570 B
Windows/system/drivers => 44462872 B
Edge => 28668 B
Chrome => 364279350 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 9296659 B
systemprofile32 => 0 B
LocalService => 3610 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
bublinka => 55850499 B
RecycleBin => 0 B
EmptyTemp: => 684.1 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 13:47:03 ====
Re: kontrola logu
Plocha ma cca 7 GB. Presun vsetky subory a zlozky z plochy do dokumentov a na ploche nechaj iba odkazy/zastupcov. Prilis velka velkost plochy moze sposobit spomalenie systemu. Ako to vyzera s PC? Nastala nejaka zmena alebo su este s PC nejake problemy?Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: kontrola logu
Zajtra sa na to pozriem. Odpisujem z mobilu.Pozriem sa, co som nechtiac na plochu kopla s tak velkym suborom.
Dam vediet, ci sa zrychlil.
No zatial celkovo uz lepsie isiel.
Dam vediet, ci sa zrychlil.
No zatial celkovo uz lepsie isiel.
Re: kontrola logu
Subory presunute. Ci nastala zmena vyrazna, zatial nevnimam. No celkovo ok.
Dakujem
Dakujem
Re: kontrola logu
Tak este upraceme po pouzitych nastrojoch:
- Stiahni DelFix: https://toolslib.net/downloads/finish/2-delfix/
- Uloz na plochu a spusti
- Nechaj oznacenu moznost "Remove disinfection tools"
- Klikni na "Run"
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: kontrola logu
OK, tak to by bolo vsetko
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Přispějete na provoz fóra?