Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14-08-2019
Ran by DELL (administrator) on DELL-PC (Dell Inc. Latitude E6530) (20-08-2019 18:26:25)
Running from C:\Users\DELL\Downloads
Loaded Profiles: DELL (Available Profiles: DELL)
Platform: Microsoft Windows 10 Pro Version 1809 17763.678 (X86) Language: Slovenčina (Slovensko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Dell Inc.) [File not signed] C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE
(Dell Inc.) [File not signed] C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
(Dell Inc.) [File not signed] C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19071.895.0_x86__8wekyb3d8bbwe\YourPhone.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Renesas Electronics Corporation -> Renesas Electronics Corporation) C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [8103424 2014-01-15] (Dell Inc.) [File not signed]
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [618160 2019-02-16] (ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.)
HKLM\...\Run: [NUSB3MON] => C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation -> Renesas Electronics Corporation)
HKLM\...\Run: [USB3MON] => C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-07-18] (Intel Corporation -> Intel Corporation)
HKLM\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [414176 2018-11-22] (Power Software Limited -> Power Software Ltd)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [232328 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-527371810-1592208594-1481903311-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [16835256 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-527371810-1592208594-1481903311-1000\...\MountPoints2: {94abd227-c359-11e9-aeaa-2cd05a86ddf4} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-527371810-1592208594-1481903311-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [28672 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
Startup: C:\Users\DELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Orezávač obrazovky a spúšťač programu OneNote 2007.lnk [2019-04-12]
ShortcutTarget: Orezávač obrazovky a spúšťač programu OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {166E2075-D5D5-4990-9DA4-89C38ADA21CD} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {1D312CFA-8190-451A-8B41-FA8B86DB7543} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {24FA84A0-E087-48EC-BC51-2B9C4C815D78} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40b4-8963-D3C761B18371}
Task: {367F930A-A3DB-4112-B1F1-50E92A171C88} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {39586BBD-A52A-42ED-A8DC-2C6643812FCA} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {42E2BF71-4293-4431-B797-106DA732E6DF} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {44FAFC2C-5817-4E3D-A2CB-DBABA7BCB28A} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {59DBE66E-3189-4EAD-8086-1A9B5B60922D} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {5DF17F05-47DF-459F-9B0E-41DFCAB22B31} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {60DA142B-3CF4-474B-99CC-4BFE751BC6B2} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {6EC61E76-B727-464C-B2FF-A64718849B07} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {72E1F0F7-4B9E-47A2-A819-3065853C1577} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61}
Task: {75EF7594-5906-485A-AE2D-681F1380B1DD} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {8547642E-C842-4F2E-AA92-C66C72C87DD0} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3230600 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
Task: {8657634B-8EDD-49D5-BB12-41418245E4F5} - System32\Tasks\nWizard_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2052144 2017-03-14] (NVIDIA Corporation -> )
Task: {870DEAA8-C53E-4C60-A970-E8C7207F280F} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9CD84E7B-DD9D-4D2A-B307-726936890E1A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9D3937B9-6E62-4D16-9189-8A19181E7E30} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A500735E-7976-49FE-8303-5BBDC0A4696F} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A9AC791B-EC07-458D-99CF-F29DB6DB5AEA} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B4FBCC9E-5A17-41DD-B186-630F696E4203} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B7BE75DF-26E2-4649-9FAD-EF675D70F366} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {B8CB0B35-B006-45C0-B963-031B3761E984} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1}
Task: {B8F5A058-8200-4DAC-915D-F1C0BE565408} - System32\Tasks\{A2DD10D9-6C94-4A47-8A59-C505FFE5DE10} => C:\Windows\system32\pcalua.exe -a "E:\Instal E6530\Zmazat\DIAG_Network_Intel_A09_x64-YMH42_setup_ZPE.exe" -d "E:\Instal E6530\Zmazat"
Task: {BD166CFA-2DAE-4CFC-9CDE-60E7C268A17F} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {CCAD4620-6EF3-4B86-A153-F3D7B57EC5E2} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [628024 2016-02-19] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
Task: {D0BBB1E3-C830-4E38-9C5A-37864CC75D7E} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1695112 2019-08-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {D19C5C44-EC7E-4622-ABF2-D7275BF26378} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D5D3EB08-B1DE-4BDA-8312-14184E1154E4} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E2B49E31-40AB-4928-9A30-F7C2738A9B1A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E3EFA5FD-3E3E-42C7-BFCD-FDAC460614DA} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E79B2998-8F63-451A-A56D-26EDC0A5098A} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47c2-B62A-B7C4CED925CB}
Task: {E87F8226-67CF-414C-857A-F1EA90887757} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1236048 2019-07-24] (Adobe Inc. -> Adobe Systems)
Task: {EC7BBBAB-B51B-4AAE-9AA6-41B77AF24F3E} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
Task: {F73AE186-AEAA-42C3-A91E-8CFAFEECE652} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {FAC719A2-5E5D-4395-B7FD-17B5D20EC73A} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FCB8E765-3F15-413D-864F-4D01B5A05504} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16835256 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 195.146.128.62
Tcpip\..\Interfaces\{20B6AA30-FE04-4E58-9240-1B9A4258DD3E}: [DhcpNameServer] 192.168.1.1 195.146.128.62
Tcpip\..\Interfaces\{3BE8DB99-FF1C-4BC0-AD98-A74F087B236F}: [DhcpNameServer] 192.168.1.1 195.146.128.62
Internet Explorer:
==================
HKU\S-1-5-21-527371810-1592208594-1481903311-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
SearchScopes: HKU\S-1-5-21-527371810-1592208594-1481903311-1000 -> {99DE3153-E283-4F43-962D-248CA99E4D9F} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13554
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKU\S-1-5-21-527371810-1592208594-1481903311-1000 -> No Name - {C500C267-63BF-451F-8797-4D720C9A2ED9} - No File
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF DefaultProfile: 4izo1xz2.default
FF ProfilePath: C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\4izo1xz2.default [2019-08-20]
FF Extension: (Slovak (SK) Language Pack) - C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\4izo1xz2.default\Extensions\langpack-sk@firefox.mozilla.org.xpi [2019-08-18]
FF Extension: (Slovenská kontrola preklepov) - C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\4izo1xz2.default\Extensions\sk@dictionaries.addons.mozilla.org.xpi [2019-04-05]
FF Extension: (Avast SafePrice | Porovnanie, ponuky, kupóny) - C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\4izo1xz2.default\Extensions\sp@avast.com.xpi [2019-08-20]
FF Extension: (Avast Online Security) - C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\4izo1xz2.default\Extensions\wrc@avast.com.xpi [2019-08-20]
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-29] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-29] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [88136 2019-07-24] (Adobe Inc. -> Adobe Systems)
R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [87296 2019-02-16] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [4869072 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [356792 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
R2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [1730840 2015-10-29] (Broadcom Corporation -> Broadcom Corporation.)
S3 cphs; C:\WINDOWS\system32\IntelCpHeciSvc.exe [290208 2015-07-30] (Intel Corporation - pGFX -> Intel Corporation)
S3 ICCS; C:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [169752 2012-04-24] (Intel Corporation -> Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [283552 2015-07-30] (Intel Corporation - pGFX -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [728360 2016-02-19] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
R2 Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [121240 2013-01-03] (Intel Corporation -> Intel Corporation)
R2 jhi_service; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [209184 2016-05-25] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3594288 2019-08-18] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3266088 2019-08-18] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [91648 2018-09-15] (Microsoft Corporation -> Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [5456896 2014-01-15] (Dell Inc.) [File not signed]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [34480 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [174256 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [225600 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [171000 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [56288 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
S0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [14976 2019-08-20] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [219912 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [40688 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [140376 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [100984 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
S0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [72792 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [783016 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [404312 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [176240 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [313840 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
R3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [164136 2019-02-16] (Broadcom Corporation -> Broadcom Corporation.)
R3 BCM42RLY; C:\WINDOWS\System32\drivers\BCM42RLY.sys [19664 2014-01-15] (Broadcom Corporation -> Broadcom Corporation)
R3 BCM43XX; C:\WINDOWS\system32\DRIVERS\bcmwl63.sys [6795992 2019-02-16] (Broadcom Corporation -> Broadcom Corporation)
S3 btwampfl; C:\WINDOWS\system32\DRIVERS\btwampfl.sys [186688 2019-02-16] (Broadcom Corporation -> Broadcom Corporation.)
S3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [31560 2019-02-16] (WDKTestCert Andy_Chen6,131219483243550933 -> OSR Open Systems Resources, Inc.)
R3 e1cexpress; C:\WINDOWS\system32\DRIVERS\e1c6532.sys [391120 2019-02-16] (Intel(R) INTELNPG1 -> Intel Corporation)
R3 ICCWDT; C:\WINDOWS\System32\drivers\ICCWDT.sys [34360 2019-02-16] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 intaud_WaveExtensible; C:\WINDOWS\system32\drivers\intelaud.sys [44096 2015-06-26] (Intel(R) Wireless Display -> Intel Corporation)
R3 iwdbus; C:\WINDOWS\System32\drivers\iwdbus.sys [35904 2015-06-26] (Intel(R) Wireless Display -> Intel Corporation)
R3 MEI; C:\WINDOWS\System32\drivers\TeeDriverW8.sys [163896 2019-02-16] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 NAL; C:\WINDOWS\system32\Drivers\iqvw32.sys [31048 2013-02-21] (Intel Corporation -> Intel Corporation )
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvdm.inf_x86_435be23e36dc297f\nvlddmkm.sys [12227512 2017-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
S0 nvpciflt; C:\WINDOWS\System32\DRIVERS\nvpciflt.sys [44592 2017-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
R0 stdcfltn; C:\WINDOWS\System32\DRIVERS\stdcfltn.sys [26768 2016-10-07] (STMICROELECTRONICS S.R.L. -> ST Microelectronics)
R3 ST_Accel; C:\WINDOWS\system32\DRIVERS\ST_Accel.sys [130216 2016-10-12] (STMICROELECTRONICS S.R.L. -> STMicroelectronics)
S3 UrsSynopsys; C:\WINDOWS\System32\drivers\urssynopsys.sys [21304 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [38904 2018-09-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [279592 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [46120 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [192512 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-08-20 18:26 - 2019-08-20 18:27 - 000024663 _____ C:\Users\DELL\Downloads\FRST.txt
2019-08-20 18:26 - 2019-08-20 18:26 - 000000000 ____D C:\FRST
2019-08-20 18:25 - 2019-08-20 18:25 - 001612800 _____ (Farbar) C:\Users\DELL\Downloads\FRST64.exe
2019-08-20 18:25 - 2019-08-20 18:25 - 001448960 _____ (Farbar) C:\Users\DELL\Downloads\FRST.exe
2019-08-20 18:09 - 2019-08-20 18:09 - 000002160 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2019-08-20 18:09 - 2019-08-20 18:09 - 000002148 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2019-08-20 18:09 - 2019-08-20 18:09 - 000000000 ____D C:\Users\DELL\AppData\Roaming\AVAST Software
2019-08-20 18:06 - 2019-08-20 18:05 - 000783016 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-08-20 18:06 - 2019-08-20 18:05 - 000404312 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-08-20 18:06 - 2019-08-20 18:05 - 000313840 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-08-20 18:06 - 2019-08-20 18:05 - 000312200 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-08-20 18:06 - 2019-08-20 18:05 - 000225600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-08-20 18:06 - 2019-08-20 18:05 - 000219912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-08-20 18:06 - 2019-08-20 18:05 - 000176240 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-08-20 18:06 - 2019-08-20 18:05 - 000174256 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-08-20 18:06 - 2019-08-20 18:05 - 000171000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-08-20 18:06 - 2019-08-20 18:05 - 000140376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-08-20 18:06 - 2019-08-20 18:05 - 000100984 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-08-20 18:06 - 2019-08-20 18:05 - 000072792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-08-20 18:06 - 2019-08-20 18:05 - 000056288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-08-20 18:06 - 2019-08-20 18:05 - 000040688 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-08-20 18:06 - 2019-08-20 18:05 - 000034480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-08-20 18:06 - 2019-08-20 18:05 - 000014976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2019-08-20 18:03 - 2019-08-20 18:03 - 000000000 ____D C:\Program Files\AVAST Software
2019-08-20 18:00 - 2019-08-20 18:00 - 000230080 _____ (AVAST Software) C:\Users\DELL\Downloads\avast_free_antivirus_setup_online.exe
2019-08-18 19:33 - 2019-08-18 19:33 - 007921664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 005115384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 003906560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 003550384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 002460160 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 002393088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 001659192 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 001520640 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 001466880 _____ C:\WINDOWS\system32\rdpnano.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 001413632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msjet40.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 001043968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2019-08-18 19:33 - 2019-08-18 19:33 - 000991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000897536 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000687896 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
2019-08-18 19:33 - 2019-08-18 19:33 - 000673520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2019-08-18 19:33 - 2019-08-18 19:33 - 000671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000652288 _____ (Microsoft Corporation) C:\WINDOWS\system32\assignedaccessmanagersvc.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000644408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2019-08-18 19:33 - 2019-08-18 19:33 - 000607744 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000573440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfh264enc.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000501248 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000464896 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessManager.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-08-18 19:33 - 2019-08-18 19:33 - 000360960 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2PGraph.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrd3x40.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000351744 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2psvc.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2019-08-18 19:33 - 2019-08-18 19:33 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrd2x40.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000311808 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000226912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2019-08-18 19:33 - 2019-08-18 19:33 - 000221200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
2019-08-18 19:33 - 2019-08-18 19:33 - 000207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MbbCx.sys
2019-08-18 19:33 - 2019-08-18 19:33 - 000203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscobj.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CXHProvisioningServer.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2pnetsh.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2019-08-18 19:33 - 2019-08-18 19:33 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2019-08-18 19:33 - 2019-08-18 19:33 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2019-08-18 19:33 - 2019-08-18 19:33 - 000079160 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000074664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2019-08-18 19:33 - 2019-08-18 19:33 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Groupinghc.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000058882 _____ C:\WINDOWS\system32\srms.dat
2019-08-18 19:33 - 2019-08-18 19:33 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000027152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhv.sys
2019-08-18 19:32 - 2019-08-18 19:32 - 020816896 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 019011584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 012244992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 006065152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 004628992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 003738624 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 002942976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 002278792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 002017792 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-08-18 19:32 - 2019-08-18 19:32 - 002013696 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 001905664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 001763328 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 001506304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 001485312 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 001458784 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 001167360 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 001136640 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 001105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 001019568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2019-08-18 19:32 - 2019-08-18 19:32 - 001009208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000876344 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000664064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000451104 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000428032 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000362496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msexcl40.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\esentutl.exe
2019-08-18 19:32 - 2019-08-18 19:32 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2019-08-18 19:32 - 2019-08-18 19:32 - 000280576 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-08-18 19:32 - 2019-08-18 19:32 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msltus40.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpsrv.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2019-08-18 19:32 - 2019-08-18 19:32 - 000180736 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-08-18 19:32 - 2019-08-18 19:32 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\fsutil.exe
2019-08-18 19:32 - 2019-08-18 19:32 - 000148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMPushRouterCore.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSoftwareInstallationClient.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompMgmtLauncher.exe
2019-08-18 19:32 - 2019-08-18 19:32 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2019-08-18 19:31 - 2019-08-18 19:31 - 006899512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-08-18 19:31 - 2019-08-18 19:31 - 002784256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 002711864 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-08-18 19:31 - 2019-08-18 19:31 - 002711552 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 002593544 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 002173456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-08-18 19:31 - 2019-08-18 19:31 - 002137400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-08-18 19:31 - 2019-08-18 19:31 - 002039336 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 001726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 001468944 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 001358344 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-08-18 19:31 - 2019-08-18 19:31 - 001291776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 001278808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2019-08-18 19:31 - 2019-08-18 19:31 - 001220480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-08-18 19:31 - 2019-08-18 19:31 - 001206272 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 001095464 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-08-18 19:31 - 2019-08-18 19:31 - 001044480 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 001029120 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 001013760 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000994272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-08-18 19:31 - 2019-08-18 19:31 - 000982840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-08-18 19:31 - 2019-08-18 19:31 - 000841232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2019-08-18 19:31 - 2019-08-18 19:31 - 000778384 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000770096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000763904 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000668072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000660032 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-08-18 19:31 - 2019-08-18 19:31 - 000654336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-08-18 19:31 - 2019-08-18 19:31 - 000626488 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000602424 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000580024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000546632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-08-18 19:31 - 2019-08-18 19:31 - 000540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000467256 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000444728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-08-18 19:31 - 2019-08-18 19:31 - 000442168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2019-08-18 19:31 - 2019-08-18 19:31 - 000415752 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000398928 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000389432 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000387832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000386576 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000382776 _____ (Microsoft Corporation) C:\WINDOWS\system32\halmacpi.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000382776 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000374584 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000364344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2019-08-18 19:31 - 2019-08-18 19:31 - 000362496 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000331792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-08-18 19:31 - 2019-08-18 19:31 - 000305976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2019-08-18 19:31 - 2019-08-18 19:31 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000278840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-08-18 19:31 - 2019-08-18 19:31 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000265528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000228880 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2019-08-18 19:31 - 2019-08-18 19:31 - 000207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000199696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-08-18 19:31 - 2019-08-18 19:31 - 000197832 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPHLPAPI.DLL
2019-08-18 19:31 - 2019-08-18 19:31 - 000195384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2019-08-18 19:31 - 2019-08-18 19:31 - 000193040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-08-18 19:31 - 2019-08-18 19:31 - 000189712 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000173216 _____ (Microsoft Corporation) C:\WINDOWS\system32\xmllite.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000160784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-08-18 19:31 - 2019-08-18 19:31 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000138768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-08-18 19:31 - 2019-08-18 19:31 - 000137056 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000118480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000106296 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000061240 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000031248 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-08-18 19:31 - 2019-08-18 19:31 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 020658416 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 006544552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 006308016 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 004882904 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-08-18 19:30 - 2019-08-18 19:30 - 004344832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 004007424 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 003283968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 002928640 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 002706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-08-18 19:30 - 2019-08-18 19:30 - 002472448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 002443264 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 002402304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 002054968 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 001618944 ____R (The ICU Project) C:\WINDOWS\system32\icuin.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 001477432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 001377280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 001344368 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 001222160 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 001159168 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 001096704 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2019-08-18 19:30 - 2019-08-18 19:30 - 001004032 _____ (Microsoft Corporation) C:\WINDOWS\system32\APMon.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000993792 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000964608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000828728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2019-08-18 19:30 - 2019-08-18 19:30 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000788480 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000763392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000713728 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000701888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2019-08-18 19:30 - 2019-08-18 19:30 - 000700928 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000652528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000617784 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000603280 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000551096 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-08-18 19:30 - 2019-08-18 19:30 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000441856 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-08-18 19:30 - 2019-08-18 19:30 - 000427688 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000413696 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2019-08-18 19:30 - 2019-08-18 19:30 - 000372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000348672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-08-18 19:30 - 2019-08-18 19:30 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingDiagSpp.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000331808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-08-18 19:30 - 2019-08-18 19:30 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\SDDS.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000289688 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingASDS.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000264704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmd.exe
2019-08-18 19:30 - 2019-08-18 19:30 - 000219448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000213520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\DesktopSwitcherDataModel.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpnServiceDS.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2019-08-18 19:30 - 2019-08-18 19:30 - 000141448 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
2019-08-18 19:30 - 2019-08-18 19:30 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000125016 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000096744 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2019-08-18 19:30 - 2019-08-18 19:30 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2019-08-18 19:30 - 2019-08-18 19:30 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvsetup.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000078136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-08-18 19:30 - 2019-08-18 19:30 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiskSnapshot.exe
2019-08-18 19:30 - 2019-08-18 19:30 - 000072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingFilterDS.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2019-08-18 19:30 - 2019-08-18 19:30 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2019-08-18 19:30 - 2019-08-18 19:30 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsUpdateElevatedInstaller.exe
2019-08-18 19:30 - 2019-08-18 19:30 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
2019-08-18 19:30 - 2019-08-18 19:30 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\shunimpl.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 015221248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 006441472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 005764608 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 005210904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 004764896 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 004016128 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 003818632 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-08-18 19:29 - 2019-08-18 19:29 - 003427328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 002846720 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 002765312 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 002645504 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 002566456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-08-18 19:29 - 2019-08-18 19:29 - 002346496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 002186752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 002023936 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2019-08-18 19:29 - 2019-08-18 19:29 - 002022096 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 001899160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 001853952 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-08-18 19:29 - 2019-08-18 19:29 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 001570816 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 001444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 001321984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 001294488 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 001239552 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 001223168 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 001098136 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 001085968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 001075712 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000990720 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-08-18 19:29 - 2019-08-18 19:29 - 000808960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000808960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000800736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2019-08-18 19:29 - 2019-08-18 19:29 - 000794936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2019-08-18 19:29 - 2019-08-18 19:29 - 000791040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000755064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000730112 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000721672 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2019-08-18 19:29 - 2019-08-18 19:29 - 000688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000671544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-08-18 19:29 - 2019-08-18 19:29 - 000604160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000553664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000540720 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000520200 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-08-18 19:29 - 2019-08-18 19:29 - 000516112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2019-08-18 19:29 - 2019-08-18 19:29 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2019-08-18 19:29 - 2019-08-18 19:29 - 000414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000362496 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-08-18 19:29 - 2019-08-18 19:29 - 000347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000341816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-08-18 19:29 - 2019-08-18 19:29 - 000338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000333128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000297984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000284984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000279920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShellCommonCommonProxyStub.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.internal.shellcommon.shareexperience.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2019-08-18 19:29 - 2019-08-18 19:29 - 000187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiCloudStore.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000152576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComposableShellProxyStub.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000149520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\appsruprov.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000134760 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000122680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000114128 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2019-08-18 19:29 - 2019-08-18 19:29 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2019-08-18 19:29 - 2019-08-18 19:29 - 000087864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShellExtFramework.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2019-08-18 19:29 - 2019-08-18 19:29 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2019-08-18 19:29 - 2019-08-18 19:29 - 000054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.PlatformDiagnosticsAndUsageDataSettings.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessRuntime.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2019-08-18 19:28 - 2019-08-18 19:28 - 001713976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.AppAgent.dll
2019-08-18 19:28 - 2019-08-18 19:28 - 001522488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems32.dll
2019-08-18 19:28 - 2019-08-18 19:28 - 001258512 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2019-08-18 19:28 - 2019-08-18 19:28 - 000937472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-08-18 19:28 - 2019-08-18 19:28 - 000927264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2019-08-18 19:28 - 2019-08-18 19:28 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2019-08-18 19:28 - 2019-08-18 19:28 - 000631824 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2019-08-18 19:28 - 2019-08-18 19:28 - 000539448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-08-18 19:28 - 2019-08-18 19:28 - 000526864 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2019-08-18 19:28 - 2019-08-18 19:28 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2013CustomActions.dll
2019-08-18 19:28 - 2019-08-18 19:28 - 000499000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-08-18 19:28 - 2019-08-18 19:28 - 000477712 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2019-08-18 19:28 - 2019-08-18 19:28 - 000414760 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-08-18 19:28 - 2019-08-18 19:28 - 000365880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2019-08-18 19:28 - 2019-08-18 19:28 - 000283664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2019-08-18 19:28 - 2019-08-18 19:28 - 000241168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2019-08-18 19:28 - 2019-08-18 19:28 - 000236856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2019-08-18 19:28 - 2019-08-18 19:28 - 000190264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2019-08-18 19:28 - 2019-08-18 19:28 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-08-18 19:28 - 2019-08-18 19:28 - 000158008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-08-18 19:28 - 2019-08-18 19:28 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSrv.exe
2019-08-18 19:28 - 2019-08-18 19:28 - 000091424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2019-08-18 19:28 - 2019-08-18 19:28 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
2019-08-18 19:28 - 2019-08-18 19:28 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2019-08-18 19:28 - 2019-08-18 19:28 - 000026424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uefi.sys
2019-08-18 19:21 - 2019-08-20 17:54 - 000000000 ____D C:\Program Files\Mozilla Firefox
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-08-20 18:19 - 2019-02-16 09:11 - 000000000 ____D C:\Users\DELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-08-20 18:19 - 2019-02-16 09:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-08-20 18:19 - 2019-02-16 09:11 - 000000000 ____D C:\Program Files\WinRAR
2019-08-20 18:19 - 2019-02-16 08:24 - 000001034 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-08-20 18:18 - 2019-04-04 11:13 - 000000000 ____D C:\Program Files\Google
2019-08-20 18:06 - 2018-09-15 07:10 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-08-20 18:02 - 2019-02-16 15:03 - 000912284 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-08-20 18:02 - 2019-02-16 08:31 - 000000000 ____D C:\ProgramData\AVAST Software
2019-08-20 18:02 - 2018-09-15 07:09 - 000000000 ____D C:\WINDOWS\INF
2019-08-20 17:59 - 2019-04-05 08:08 - 000000000 ____D C:\Users\DELL\AppData\LocalLow\Mozilla
2019-08-20 17:58 - 2019-02-15 21:41 - 000000000 __SHD C:\Users\DELL\IntelGraphicsProfiles
2019-08-20 17:58 - 2018-09-15 07:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-08-20 17:57 - 2019-02-16 15:09 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-08-20 17:57 - 2019-02-15 21:36 - 000000000 ____D C:\ProgramData\NVIDIA
2019-08-20 17:56 - 2019-02-16 15:10 - 000000000 ____D C:\Users\DELL\AppData\Local\Packages
2019-08-20 17:56 - 2018-09-15 07:10 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-08-20 17:56 - 2018-09-15 06:08 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-08-20 17:55 - 2019-02-15 21:37 - 000606264 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2019-08-20 17:55 - 2019-02-15 21:32 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2019-08-20 17:54 - 2019-02-15 21:33 - 000000000 ____D C:\Program Files\Common Files\AV
2019-08-20 17:52 - 2018-09-15 07:10 - 000000000 ___HD C:\Program Files\WindowsApps
2019-08-20 17:48 - 2019-04-05 08:08 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2019-08-20 17:45 - 2018-09-15 06:08 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-08-20 16:52 - 2019-04-05 08:08 - 000001186 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-08-20 16:51 - 2019-02-16 15:11 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-08-20 16:51 - 2019-02-16 15:11 - 000000000 ___RD C:\Users\DELL\3D Objects
2019-08-20 16:49 - 2019-02-16 14:56 - 000436424 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-08-20 16:45 - 2018-09-15 07:10 - 000000000 ___SD C:\WINDOWS\system32\UNP
2019-08-20 16:45 - 2018-09-15 07:10 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-08-20 16:45 - 2018-09-15 07:10 - 000000000 ____D C:\WINDOWS\system32\migwiz
2019-08-20 16:45 - 2018-09-15 07:10 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-08-20 16:45 - 2018-09-15 06:08 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-08-20 16:44 - 2018-09-15 15:19 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-08-20 16:44 - 2018-09-15 07:10 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-08-20 16:44 - 2018-09-15 07:10 - 000000000 ___RD C:\Program Files\Windows Defender
2019-08-20 16:44 - 2018-09-15 07:10 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-08-20 16:44 - 2018-09-15 07:10 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-08-20 16:44 - 2018-09-15 07:10 - 000000000 ____D C:\WINDOWS\Provisioning
2019-08-20 16:44 - 2018-09-15 07:10 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-08-20 16:44 - 2018-09-15 07:10 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-08-20 16:42 - 2019-02-16 14:56 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-08-18 19:42 - 2018-09-15 07:02 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-08-18 19:31 - 2019-02-16 05:32 - 000408644 __RSH C:\bootmgr
2019-08-18 19:13 - 2019-02-16 06:20 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-08-18 19:11 - 2019-02-15 23:20 - 131096328 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 14-08-2019
Ran by DELL (20-08-2019 18:28:06)
Running from C:\Users\DELL\Downloads
Microsoft Windows 10 Pro Version 1809 17763.678 (X86) (2019-02-16 13:10:32)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-527371810-1592208594-1481903311-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-527371810-1592208594-1481903311-503 - Limited - Disabled)
DELL (S-1-5-21-527371810-1592208594-1481903311-1000 - Administrator - Enabled) => C:\Users\DELL
Guest (S-1-5-21-527371810-1592208594-1481903311-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-527371810-1592208594-1481903311-1002 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-527371810-1592208594-1481903311-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Reader XI (11.0.23) - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Aktualizácia Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-041B-0000-0000000FF1CE}_ENTERPRISE_{9A8C39B0-D27F-4F81-BE74-2FECF164707E}) (Version: - Microsoft)
Aktualizácia Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-041B-0000-0000000FF1CE}_ENTERPRISE_{CE23B3DC-18CC-46FC-A309-81D6670F8D3D}) (Version: - Microsoft)
Aktualizácia Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-041B-0000-0000000FF1CE}_ENTERPRISE_{D6DBF512-87C0-4F6A-8FB9-AC3A389D9DE5}) (Version: - Microsoft)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 19.7.2388 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.60 - Piriform)
Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 10.2207.101.120 - ALPS ELECTRIC CO., LTD.)
DisplayLink Core Software (HKLM\...\{1727AE80-36D8-46E9-9837-06A72F771B5A}) (Version: 7.2.47873.0 - DisplayLink Corp.)
DisplayLink Graphics (HKLM\...\{E987ACF0-5BBB-4EF8-836C-80468AFA4AD8}) (Version: 7.2.47873.0 - DisplayLink Corp.)
DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 6.30.223.215 - Dell Inc.)
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6491.0 - IDT)
Intel(R) Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.6.1194 - Intel Corporation)
Intel(R) Network Connections 18.1.59.00 (HKLM\...\PROSetDX) (Version: 18.1.59.00 - Intel)
Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.5059 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.9.254 - Intel Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 68.0.2 (x86 en-US) (HKLM\...\Mozilla Firefox 68.0.2 (x86 en-US)) (Version: 68.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 68.0.2.7164 - Mozilla)
NVIDIA Grafický ovládač 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.54 - NVIDIA Corporation)
NVIDIA nView 148.03 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 148.03 - NVIDIA Corporation)
NVIDIA Ovládač 3D Vision 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.54 - NVIDIA Corporation)
NVIDIA Ovládač zvuku HD 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
Ovládací panel NVIDIA 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 376.54 - NVIDIA Corporation) Hidden
PowerISO (HKLM\...\PowerISO) (Version: 7.3 - Power Software Ltd)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.27.0 - Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.27.0 - Renesas Electronics Corporation)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 9.21a - Ghisler Software GmbH)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VC_CRT_x86 (HKLM\...\{8054D734-39C7-463D-B764-9C883982B8F9}) (Version: 1.02.0000 - Intel Corporation) Hidden
WinRAR 5.71 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Packages:
=========
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_2.4.521.0_x86__rz1tebttyb220 [2019-03-27] (Dolby Laboratories)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x86__6mqt6hf9g46tw [2019-02-16] (Fitbit)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-16] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.12124.0_x86__8wekyb3d8bbwe [2019-08-18] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x86__8wekyb3d8bbwe [2019-06-17] (Microsoft Studios) [MS Ad]
MSN Počasie -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905.0_x86__8wekyb3d8bbwe [2019-08-20] (Microsoft Corporation) [MS Ad]
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_2.2.9.0_x86__nfy108tqq3p12 [2019-02-16] (Thumbmunkeys Ltd) [MS Ad]
Pošta a kalendár -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x86__8wekyb3d8bbwe [2019-08-18] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-527371810-1592208594-1481903311-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-527371810-1592208594-1481903311-1000_Classes\CLSID\{E7629152-0A34-4487-B787-5D1144304455}\localserver32 -> no filepath
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2018-11-22] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2018-11-22] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers5: [00nView] -> {1E9B04FB-F9E5-4718-997B-B8DA88302A48} => C:\Program Files\NVIDIA Corporation\nview\nvshell.dll [2017-03-14] (NVIDIA Corporation -> )
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2015-07-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2018-11-22] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2019-02-16 15:04 - 2019-02-16 15:04 - 000068608 _____ (Broadcom Corporation) [File not signed] C:\WINDOWS\assembly\GAC_32\bcmwlrmt\6.30.223.0__6d6a20262490fcdc\bcmwlrmt.dll
2019-02-15 21:14 - 2014-01-15 03:03 - 000052224 _____ (Broadcom Corporation) [File not signed] C:\WINDOWS\SYSTEM32\wltrynt.dll
2019-02-15 21:14 - 2014-01-15 03:03 - 003061248 _____ (Dell Inc.) [File not signed] C:\Program Files\Dell\DW WLAN Card\bcmpeerapi.dll
2019-02-16 10:51 - 2013-07-18 10:42 - 000073728 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
2019-04-14 16:51 - 2019-04-14 16:51 - 000097280 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.DLL
2019-02-16 15:30 - 2016-12-29 14:29 - 000315400 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\_nvstapisvr.dll
2019-02-15 21:14 - 2014-01-15 03:03 - 000273920 _____ (TODO: <Company name>) [File not signed] C:\Program Files\Dell\DW WLAN Card\bcmfshapi.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:04 - 2019-02-15 21:45 - 000000950 ____R C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 app.drivereasy.com
149.202.196.40 dow0.drivereasy.com
149.202.196.40 dow1.drivereasy.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Dell\DW WLAN Card;;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\UCRT\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-527371810-1592208594-1481903311-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg
DNS Servers: 192.168.1.1 - 195.146.128.62
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
MSCONFIG\startupreg: SysTrayApp => C:\Program Files\IDT\WDM\sttray.exe
HKLM\...\StartupApproved\Run: => "PWRISOVM.EXE"
HKU\S-1-5-21-527371810-1592208594-1481903311-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-527371810-1592208594-1481903311-1000\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{4852BA22-E303-4FD8-9C46-C72D4BC69C90}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{AB24780B-E2D8-4524-BA7B-96D9DEC620C8}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{422F204D-14E3-46E2-95A0-07168A48D2DB}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DEF2151B-DDDE-42B1-A1E5-B190DF2A9551}] => (Allow) LPort=1688
FirewallRules: [{E32B9BF3-0C1C-4C36-8F22-129FFF3381DA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4AC64AC2-4387-42C6-87A3-398378968798}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
==================== Restore Points =========================
24-07-2019 10:53:48 Windows Update
18-08-2019 19:10:26 Windows Update
==================== Faulty Device Manager Devices =============
Name: Airplane Mode Switch
Description: Airplane Mode Switch
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Dell Inc
Service: DellRbtn
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/20/2019 06:02:27 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (08/20/2019 06:02:26 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (08/20/2019 05:56:09 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (08/20/2019 05:56:09 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (08/20/2019 05:53:39 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.
Error: (08/20/2019 05:40:58 PM) (Source: MsiInstaller) (EventID: 1023) (User: NT AUTHORITY)
Description: Produkt: Kaspersky Free – Aktualizáciu KIS 2019 MP0 family (Patch g) sa nepodarilo nainštalovať. Kód chyby je 1603. Ďalšie informácie sú uvedené v súbore denníka C:\WINDOWS\TEMP\MSIf0932.LOG.
Error: (08/20/2019 04:56:44 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (08/20/2019 04:56:43 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
System errors:
=============
Error: (08/20/2019 06:24:31 PM) (Source: DCOM) (EventID: 10016) (User: DELL-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user DELL-PC\DELL SID (S-1-5-21-527371810-1592208594-1481903311-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (08/20/2019 06:24:31 PM) (Source: DCOM) (EventID: 10016) (User: DELL-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user DELL-PC\DELL SID (S-1-5-21-527371810-1592208594-1481903311-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (08/20/2019 06:17:39 PM) (Source: DCOM) (EventID: 10016) (User: DELL-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user DELL-PC\DELL SID (S-1-5-21-527371810-1592208594-1481903311-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (08/20/2019 06:15:51 PM) (Source: DCOM) (EventID: 10016) (User: DELL-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user DELL-PC\DELL SID (S-1-5-21-527371810-1592208594-1481903311-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (08/20/2019 06:00:31 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.WscBrokerManager
and APPID
Unavailable
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (08/20/2019 06:00:31 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.WscDataProtection
and APPID
Unavailable
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (08/20/2019 06:00:31 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.SecurityAppBroker
and APPID
Unavailable
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (08/20/2019 05:58:09 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Windows Defender:
===================================
Date: 2019-02-16 14:24:27.004
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Trojan:Win32/Occamy.C
ID: 2147726780
Severity: Závažná
Category: Trójsky kôň
Path: file:_I:\Zmazat\Driver Easy Professional\Driver Easy Professional\Crack\Patch.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Signature Version: AV: 1.273.933.0, AS: 1.273.933.0, NIS: 1.273.933.0
Engine Version: AM: 1.1.15100.1, NIS: 1.1.15100.1
Date: 2019-02-16 14:23:54.415
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Trojan:Win32/Occamy.C
ID: 2147726780
Severity: Závažná
Category: Trójsky kôň
Path: file:_I:\Zmazat\Driver Easy Professional\Driver Easy Professional\Crack\Patch.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Signature Version: AV: 1.273.933.0, AS: 1.273.933.0, NIS: 1.273.933.0
Engine Version: AM: 1.1.15100.1, NIS: 1.1.15100.1
Date: 2019-02-16 14:23:27.990
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Trojan:Win32/Occamy.C
ID: 2147726780
Severity: Závažná
Category: Trójsky kôň
Path: file:_I:\Zmazat\Driver Easy Professional\Driver Easy Professional\Crack\Patch.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Signature Version: AV: 1.273.933.0, AS: 1.273.933.0, NIS: 1.273.933.0
Engine Version: AM: 1.1.15100.1, NIS: 1.1.15100.1
CodeIntegrity:
===================================
Date: 2019-08-20 18:18:00.445
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume2\PROGRAM FILES\AVAST SOFTWARE\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2019-08-18 19:55:19.760
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.stdformat.dll that did not meet the Microsoft signing level requirements.
Date: 2019-08-18 19:55:19.682
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\adodb.dll that did not meet the Microsoft signing level requirements.
Date: 2019-08-18 19:55:19.620
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\msdatasrc.dll that did not meet the Microsoft signing level requirements.
Date: 2019-08-18 19:55:17.743
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.stdformat.dll that did not meet the Microsoft signing level requirements.
Date: 2019-08-18 19:55:17.627
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\adodb.dll that did not meet the Microsoft signing level requirements.
Date: 2019-08-18 19:55:17.579
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\msdatasrc.dll that did not meet the Microsoft signing level requirements.
Date: 2019-08-18 19:55:13.944
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Dell Inc. A22 11/30/2018
Motherboard: Dell Inc. 07Y85M
Processor: Intel(R) Core(TM) i7-3630QM CPU @ 2.40GHz
Percentage of memory in use: 67%
Total physical RAM: 3259 MB
Available physical RAM: 1046.17 MB
Total Virtual: 6587 MB
Available Virtual: 3993.01 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:102.21 GB) (Free:74.14 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:0.1 GB) (Free:0.08 GB) NTFS
Drive e: () (Fixed) (Total:195.31 GB) (Free:173.65 GB) NTFS
\\?\Volume{32723148-3150-11e9-b6e5-806e6f6e6963}\ () (Fixed) (Total:0.47 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: 65D7E6F6)
Partition 1: (Not Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=102.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=481 MB) - (Type=27)
Partition 4: (Not Active) - (Size=195.3 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
poprosim o preventivku
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: poprosim o preventivku
Ahoj 
Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
- Uloz na plochu a ukonci vsetky programy
- Spusti AdwCleaner ako spravca
- Odsuhlas licencne podmienky
- Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
- Nechaj zaskrtnute vsetky nalezy
- Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
- Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
- Otvori sa log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: poprosim o preventivku
Ahoj
# -------------------------------
# Malwarebytes AdwCleaner 7.4.0.0
# -------------------------------
# Build: 07-23-2019
# Database: 2019-08-21.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 08-22-2019
# Duration: 00:00:04
# OS: Windows 10 Pro
# Cleaned: 3
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files\Seznam.cz
Deleted C:\Users\DELL\AppData\Roaming\Seznam.cz
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Seznam.cz
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1448 octets] - [22/08/2019 09:32:29]
AdwCleaner[S01].txt - [1509 octets] - [22/08/2019 09:34:27]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
# -------------------------------
# Malwarebytes AdwCleaner 7.4.0.0
# -------------------------------
# Build: 07-23-2019
# Database: 2019-08-21.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 08-22-2019
# Duration: 00:00:04
# OS: Windows 10 Pro
# Cleaned: 3
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files\Seznam.cz
Deleted C:\Users\DELL\AppData\Roaming\Seznam.cz
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Seznam.cz
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1448 octets] - [22/08/2019 09:32:29]
AdwCleaner[S01].txt - [1509 octets] - [22/08/2019 09:34:27]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
Re: poprosim o preventivku
Poprosim o obidva nove logy z FRST.Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: poprosim o preventivku
Ahoj
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 22-08-2019
Ran by DELL (administrator) on DELL-PC (Dell Inc. Latitude E6530) (23-08-2019 09:12:27)
Running from C:\Users\DELL\Desktop
Loaded Profiles: DELL (Available Profiles: DELL)
Platform: Microsoft Windows 10 Pro Version 1809 17763.678 (X86) Language: Slovenčina (Slovensko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Dell Inc.) [File not signed] C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE
(Dell Inc.) [File not signed] C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
(Dell Inc.) [File not signed] C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19051.16210.0_x86__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11906.1001.24.0_x86__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19071.901.0_x86__8wekyb3d8bbwe\YourPhone.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\x86_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17763.649_none_220d598194935132\TiWorker.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Renesas Electronics Corporation -> Renesas Electronics Corporation) C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [8103424 2014-01-15] (Dell Inc.) [File not signed]
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [618160 2019-02-16] (ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.)
HKLM\...\Run: [NUSB3MON] => C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation -> Renesas Electronics Corporation)
HKLM\...\Run: [USB3MON] => C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-07-18] (Intel Corporation -> Intel Corporation)
HKLM\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [414176 2018-11-22] (Power Software Limited -> Power Software Ltd)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [232328 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-527371810-1592208594-1481903311-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [16835256 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-527371810-1592208594-1481903311-1000\...\MountPoints2: {94abd227-c359-11e9-aeaa-2cd05a86ddf4} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-527371810-1592208594-1481903311-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [28672 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
Startup: C:\Users\DELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Orezávač obrazovky a spúšťač programu OneNote 2007.lnk [2019-04-12]
ShortcutTarget: Orezávač obrazovky a spúšťač programu OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {166E2075-D5D5-4990-9DA4-89C38ADA21CD} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {1D312CFA-8190-451A-8B41-FA8B86DB7543} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {24FA84A0-E087-48EC-BC51-2B9C4C815D78} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40b4-8963-D3C761B18371}
Task: {367F930A-A3DB-4112-B1F1-50E92A171C88} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {39586BBD-A52A-42ED-A8DC-2C6643812FCA} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {42E2BF71-4293-4431-B797-106DA732E6DF} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {44FAFC2C-5817-4E3D-A2CB-DBABA7BCB28A} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {59DBE66E-3189-4EAD-8086-1A9B5B60922D} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {5DF17F05-47DF-459F-9B0E-41DFCAB22B31} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {60DA142B-3CF4-474B-99CC-4BFE751BC6B2} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {6EC61E76-B727-464C-B2FF-A64718849B07} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {72E1F0F7-4B9E-47A2-A819-3065853C1577} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61}
Task: {75EF7594-5906-485A-AE2D-681F1380B1DD} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {8547642E-C842-4F2E-AA92-C66C72C87DD0} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3230600 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
Task: {8657634B-8EDD-49D5-BB12-41418245E4F5} - System32\Tasks\nWizard_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2052144 2017-03-14] (NVIDIA Corporation -> )
Task: {870DEAA8-C53E-4C60-A970-E8C7207F280F} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9CD84E7B-DD9D-4D2A-B307-726936890E1A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9D3937B9-6E62-4D16-9189-8A19181E7E30} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A500735E-7976-49FE-8303-5BBDC0A4696F} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A9AC791B-EC07-458D-99CF-F29DB6DB5AEA} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B4FBCC9E-5A17-41DD-B186-630F696E4203} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B7BE75DF-26E2-4649-9FAD-EF675D70F366} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {B8CB0B35-B006-45C0-B963-031B3761E984} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1}
Task: {B8F5A058-8200-4DAC-915D-F1C0BE565408} - System32\Tasks\{A2DD10D9-6C94-4A47-8A59-C505FFE5DE10} => C:\Windows\system32\pcalua.exe -a "E:\Instal E6530\Zmazat\DIAG_Network_Intel_A09_x64-YMH42_setup_ZPE.exe" -d "E:\Instal E6530\Zmazat"
Task: {BD166CFA-2DAE-4CFC-9CDE-60E7C268A17F} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {CCAD4620-6EF3-4B86-A153-F3D7B57EC5E2} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [628024 2016-02-19] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
Task: {D0BBB1E3-C830-4E38-9C5A-37864CC75D7E} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1693064 2019-08-21] (AVAST Software s.r.o. -> AVAST Software)
Task: {D19C5C44-EC7E-4622-ABF2-D7275BF26378} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D5D3EB08-B1DE-4BDA-8312-14184E1154E4} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E2B49E31-40AB-4928-9A30-F7C2738A9B1A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E3EFA5FD-3E3E-42C7-BFCD-FDAC460614DA} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E79B2998-8F63-451A-A56D-26EDC0A5098A} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47c2-B62A-B7C4CED925CB}
Task: {E87F8226-67CF-414C-857A-F1EA90887757} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1236048 2019-07-24] (Adobe Inc. -> Adobe Systems)
Task: {EC7BBBAB-B51B-4AAE-9AA6-41B77AF24F3E} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
Task: {F73AE186-AEAA-42C3-A91E-8CFAFEECE652} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {FAC719A2-5E5D-4395-B7FD-17B5D20EC73A} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FCB8E765-3F15-413D-864F-4D01B5A05504} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16835256 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 195.146.128.62
Tcpip\..\Interfaces\{20B6AA30-FE04-4E58-9240-1B9A4258DD3E}: [DhcpNameServer] 192.168.1.1 195.146.128.62
Tcpip\..\Interfaces\{3BE8DB99-FF1C-4BC0-AD98-A74F087B236F}: [DhcpNameServer] 192.168.1.1 195.146.128.62
Internet Explorer:
==================
HKU\S-1-5-21-527371810-1592208594-1481903311-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
SearchScopes: HKU\S-1-5-21-527371810-1592208594-1481903311-1000 -> {99DE3153-E283-4F43-962D-248CA99E4D9F} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13554
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKU\S-1-5-21-527371810-1592208594-1481903311-1000 -> No Name - {C500C267-63BF-451F-8797-4D720C9A2ED9} - No File
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF DefaultProfile: 4izo1xz2.default
FF ProfilePath: C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\4izo1xz2.default [2019-08-23]
FF Extension: (Slovak (SK) Language Pack) - C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\4izo1xz2.default\Extensions\langpack-sk@firefox.mozilla.org.xpi [2019-08-18]
FF Extension: (Slovenská kontrola preklepov) - C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\4izo1xz2.default\Extensions\sk@dictionaries.addons.mozilla.org.xpi [2019-04-05]
FF Extension: (Avast SafePrice | Porovnanie, ponuky, kupóny) - C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\4izo1xz2.default\Extensions\sp@avast.com.xpi [2019-08-23]
FF Extension: (Avast Online Security) - C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\4izo1xz2.default\Extensions\wrc@avast.com.xpi [2019-08-23]
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-29] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-29] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [88136 2019-07-24] (Adobe Inc. -> Adobe Systems)
R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [87296 2019-02-16] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [4869072 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [356792 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
R2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [1730840 2015-10-29] (Broadcom Corporation -> Broadcom Corporation.)
S3 cphs; C:\WINDOWS\system32\IntelCpHeciSvc.exe [290208 2015-07-30] (Intel Corporation - pGFX -> Intel Corporation)
S3 ICCS; C:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [169752 2012-04-24] (Intel Corporation -> Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [283552 2015-07-30] (Intel Corporation - pGFX -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [728360 2016-02-19] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
R2 Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [121240 2013-01-03] (Intel Corporation -> Intel Corporation)
R2 jhi_service; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [209184 2016-05-25] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3594288 2019-08-18] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3266088 2019-08-18] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [91648 2018-09-15] (Microsoft Corporation -> Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [5456896 2014-01-15] (Dell Inc.) [File not signed]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [34480 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [174256 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [225600 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [171000 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [56288 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [14976 2019-08-20] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [219912 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [40688 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [140376 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [100984 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [72792 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [783016 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [404312 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [176240 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [313840 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
R3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [164136 2019-02-16] (Broadcom Corporation -> Broadcom Corporation.)
R3 BCM42RLY; C:\WINDOWS\System32\drivers\BCM42RLY.sys [19664 2014-01-15] (Broadcom Corporation -> Broadcom Corporation)
R3 BCM43XX; C:\WINDOWS\system32\DRIVERS\bcmwl63.sys [6795992 2019-02-16] (Broadcom Corporation -> Broadcom Corporation)
S3 btwampfl; C:\WINDOWS\system32\DRIVERS\btwampfl.sys [186688 2019-02-16] (Broadcom Corporation -> Broadcom Corporation.)
S3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [31560 2019-02-16] (WDKTestCert Andy_Chen6,131219483243550933 -> OSR Open Systems Resources, Inc.)
R3 e1cexpress; C:\WINDOWS\system32\DRIVERS\e1c6532.sys [391120 2019-02-16] (Intel(R) INTELNPG1 -> Intel Corporation)
R3 ICCWDT; C:\WINDOWS\System32\drivers\ICCWDT.sys [34360 2019-02-16] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 intaud_WaveExtensible; C:\WINDOWS\system32\drivers\intelaud.sys [44096 2015-06-26] (Intel(R) Wireless Display -> Intel Corporation)
R3 iwdbus; C:\WINDOWS\System32\drivers\iwdbus.sys [35904 2015-06-26] (Intel(R) Wireless Display -> Intel Corporation)
R3 MEI; C:\WINDOWS\System32\drivers\TeeDriverW8.sys [163896 2019-02-16] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 NAL; C:\WINDOWS\system32\Drivers\iqvw32.sys [31048 2013-02-21] (Intel Corporation -> Intel Corporation )
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvdm.inf_x86_435be23e36dc297f\nvlddmkm.sys [12227512 2017-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
S0 nvpciflt; C:\WINDOWS\System32\DRIVERS\nvpciflt.sys [44592 2017-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
R0 stdcfltn; C:\WINDOWS\System32\DRIVERS\stdcfltn.sys [26768 2016-10-07] (STMICROELECTRONICS S.R.L. -> ST Microelectronics)
R3 ST_Accel; C:\WINDOWS\system32\DRIVERS\ST_Accel.sys [130216 2016-10-12] (STMICROELECTRONICS S.R.L. -> STMicroelectronics)
S3 UrsSynopsys; C:\WINDOWS\System32\drivers\urssynopsys.sys [21304 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [38904 2018-09-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [279592 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [46120 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [192512 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-08-23 09:12 - 2019-08-23 09:13 - 000024743 _____ C:\Users\DELL\Desktop\FRST.txt
2019-08-23 09:10 - 2019-08-23 09:10 - 000000000 ____D C:\Users\DELL\Desktop\FRST-OlderVersion
2019-08-22 09:33 - 2019-08-22 09:33 - 007623880 _____ (Malwarebytes) C:\Users\DELL\Downloads\adwcleaner_7.4(1).exe
2019-08-22 09:31 - 2019-08-22 09:34 - 000000000 ____D C:\AdwCleaner
2019-08-22 09:30 - 2019-08-22 09:30 - 007623880 _____ (Malwarebytes) C:\Users\DELL\Desktop\adwcleaner_7.4.exe
2019-08-20 18:28 - 2019-08-20 18:29 - 000030075 _____ C:\Users\DELL\Downloads\Addition.txt
2019-08-20 18:26 - 2019-08-23 09:12 - 000000000 ____D C:\FRST
2019-08-20 18:26 - 2019-08-20 18:29 - 000079877 _____ C:\Users\DELL\Downloads\FRST.txt
2019-08-20 18:25 - 2019-08-23 09:10 - 001448960 _____ (Farbar) C:\Users\DELL\Desktop\FRST.exe
2019-08-20 18:25 - 2019-08-20 18:25 - 001612800 _____ (Farbar) C:\Users\DELL\Downloads\FRST64.exe
2019-08-20 18:09 - 2019-08-20 18:09 - 000002160 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2019-08-20 18:09 - 2019-08-20 18:09 - 000002148 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2019-08-20 18:09 - 2019-08-20 18:09 - 000000000 ____D C:\Users\DELL\AppData\Roaming\AVAST Software
2019-08-20 18:06 - 2019-08-20 18:05 - 000783016 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-08-20 18:06 - 2019-08-20 18:05 - 000404312 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-08-20 18:06 - 2019-08-20 18:05 - 000313840 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-08-20 18:06 - 2019-08-20 18:05 - 000312200 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-08-20 18:06 - 2019-08-20 18:05 - 000225600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-08-20 18:06 - 2019-08-20 18:05 - 000219912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-08-20 18:06 - 2019-08-20 18:05 - 000176240 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-08-20 18:06 - 2019-08-20 18:05 - 000174256 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-08-20 18:06 - 2019-08-20 18:05 - 000171000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-08-20 18:06 - 2019-08-20 18:05 - 000140376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-08-20 18:06 - 2019-08-20 18:05 - 000100984 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-08-20 18:06 - 2019-08-20 18:05 - 000072792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-08-20 18:06 - 2019-08-20 18:05 - 000056288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-08-20 18:06 - 2019-08-20 18:05 - 000040688 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-08-20 18:06 - 2019-08-20 18:05 - 000034480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-08-20 18:06 - 2019-08-20 18:05 - 000014976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2019-08-20 18:03 - 2019-08-20 18:03 - 000000000 ____D C:\Program Files\AVAST Software
2019-08-20 18:00 - 2019-08-20 18:00 - 000230080 _____ (AVAST Software) C:\Users\DELL\Downloads\avast_free_antivirus_setup_online.exe
2019-08-18 19:33 - 2019-08-18 19:33 - 007921664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 005115384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 003906560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 003550384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 002460160 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 002393088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 001659192 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 001520640 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 001466880 _____ C:\WINDOWS\system32\rdpnano.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 001413632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msjet40.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 001043968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2019-08-18 19:33 - 2019-08-18 19:33 - 000991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000897536 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000687896 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
2019-08-18 19:33 - 2019-08-18 19:33 - 000673520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2019-08-18 19:33 - 2019-08-18 19:33 - 000671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000652288 _____ (Microsoft Corporation) C:\WINDOWS\system32\assignedaccessmanagersvc.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000644408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2019-08-18 19:33 - 2019-08-18 19:33 - 000607744 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000573440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfh264enc.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000501248 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000464896 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessManager.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-08-18 19:33 - 2019-08-18 19:33 - 000360960 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2PGraph.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrd3x40.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000351744 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2psvc.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2019-08-18 19:33 - 2019-08-18 19:33 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrd2x40.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000311808 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000226912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2019-08-18 19:33 - 2019-08-18 19:33 - 000221200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
2019-08-18 19:33 - 2019-08-18 19:33 - 000207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MbbCx.sys
2019-08-18 19:33 - 2019-08-18 19:33 - 000203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscobj.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CXHProvisioningServer.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2pnetsh.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2019-08-18 19:33 - 2019-08-18 19:33 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2019-08-18 19:33 - 2019-08-18 19:33 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2019-08-18 19:33 - 2019-08-18 19:33 - 000079160 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000074664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2019-08-18 19:33 - 2019-08-18 19:33 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Groupinghc.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000058882 _____ C:\WINDOWS\system32\srms.dat
2019-08-18 19:33 - 2019-08-18 19:33 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000027152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhv.sys
2019-08-18 19:32 - 2019-08-18 19:32 - 020816896 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 019011584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 012244992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 006065152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 004628992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 003738624 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 002942976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 002278792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 002017792 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-08-18 19:32 - 2019-08-18 19:32 - 002013696 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 001905664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 001763328 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 001506304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 001485312 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 001458784 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 001167360 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 001136640 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 001105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 001019568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2019-08-18 19:32 - 2019-08-18 19:32 - 001009208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000876344 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000664064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000451104 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000428032 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000362496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msexcl40.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\esentutl.exe
2019-08-18 19:32 - 2019-08-18 19:32 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2019-08-18 19:32 - 2019-08-18 19:32 - 000280576 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-08-18 19:32 - 2019-08-18 19:32 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msltus40.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpsrv.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2019-08-18 19:32 - 2019-08-18 19:32 - 000180736 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-08-18 19:32 - 2019-08-18 19:32 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\fsutil.exe
2019-08-18 19:32 - 2019-08-18 19:32 - 000148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMPushRouterCore.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSoftwareInstallationClient.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompMgmtLauncher.exe
2019-08-18 19:32 - 2019-08-18 19:32 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2019-08-18 19:31 - 2019-08-18 19:31 - 006899512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-08-18 19:31 - 2019-08-18 19:31 - 002784256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 002711864 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-08-18 19:31 - 2019-08-18 19:31 - 002711552 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 002593544 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 002173456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-08-18 19:31 - 2019-08-18 19:31 - 002137400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-08-18 19:31 - 2019-08-18 19:31 - 002039336 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 001726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 001468944 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 001358344 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-08-18 19:31 - 2019-08-18 19:31 - 001291776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 001278808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2019-08-18 19:31 - 2019-08-18 19:31 - 001220480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-08-18 19:31 - 2019-08-18 19:31 - 001206272 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 001095464 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-08-18 19:31 - 2019-08-18 19:31 - 001044480 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 001029120 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 001013760 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000994272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-08-18 19:31 - 2019-08-18 19:31 - 000982840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-08-18 19:31 - 2019-08-18 19:31 - 000841232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2019-08-18 19:31 - 2019-08-18 19:31 - 000778384 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000770096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000763904 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000668072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000660032 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-08-18 19:31 - 2019-08-18 19:31 - 000654336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-08-18 19:31 - 2019-08-18 19:31 - 000626488 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000602424 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000580024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000546632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-08-18 19:31 - 2019-08-18 19:31 - 000540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000467256 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000444728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-08-18 19:31 - 2019-08-18 19:31 - 000442168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2019-08-18 19:31 - 2019-08-18 19:31 - 000415752 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000398928 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000389432 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000387832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000386576 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000382776 _____ (Microsoft Corporation) C:\WINDOWS\system32\halmacpi.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000382776 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000374584 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000364344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2019-08-18 19:31 - 2019-08-18 19:31 - 000362496 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000331792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-08-18 19:31 - 2019-08-18 19:31 - 000305976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2019-08-18 19:31 - 2019-08-18 19:31 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000278840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-08-18 19:31 - 2019-08-18 19:31 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000265528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000228880 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2019-08-18 19:31 - 2019-08-18 19:31 - 000207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000199696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-08-18 19:31 - 2019-08-18 19:31 - 000197832 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPHLPAPI.DLL
2019-08-18 19:31 - 2019-08-18 19:31 - 000195384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2019-08-18 19:31 - 2019-08-18 19:31 - 000193040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-08-18 19:31 - 2019-08-18 19:31 - 000189712 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000173216 _____ (Microsoft Corporation) C:\WINDOWS\system32\xmllite.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000160784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-08-18 19:31 - 2019-08-18 19:31 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000138768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-08-18 19:31 - 2019-08-18 19:31 - 000137056 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000118480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000106296 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000061240 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000031248 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-08-18 19:31 - 2019-08-18 19:31 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 020658416 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 006544552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 006308016 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 004882904 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-08-18 19:30 - 2019-08-18 19:30 - 004344832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 004007424 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 003283968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 002928640 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 002706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-08-18 19:30 - 2019-08-18 19:30 - 002472448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 002443264 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 002402304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 002054968 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 001618944 ____R (The ICU Project) C:\WINDOWS\system32\icuin.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 001477432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 001377280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 001344368 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 001222160 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 001159168 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 001096704 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2019-08-18 19:30 - 2019-08-18 19:30 - 001004032 _____ (Microsoft Corporation) C:\WINDOWS\system32\APMon.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000993792 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000964608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000828728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2019-08-18 19:30 - 2019-08-18 19:30 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000788480 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000763392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000713728 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000701888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2019-08-18 19:30 - 2019-08-18 19:30 - 000700928 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000652528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000617784 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000603280 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000551096 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-08-18 19:30 - 2019-08-18 19:30 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000441856 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-08-18 19:30 - 2019-08-18 19:30 - 000427688 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000413696 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2019-08-18 19:30 - 2019-08-18 19:30 - 000372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000348672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-08-18 19:30 - 2019-08-18 19:30 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingDiagSpp.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000331808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-08-18 19:30 - 2019-08-18 19:30 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\SDDS.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000289688 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingASDS.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000264704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmd.exe
2019-08-18 19:30 - 2019-08-18 19:30 - 000219448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000213520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\DesktopSwitcherDataModel.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpnServiceDS.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2019-08-18 19:30 - 2019-08-18 19:30 - 000141448 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
2019-08-18 19:30 - 2019-08-18 19:30 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000125016 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000096744 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2019-08-18 19:30 - 2019-08-18 19:30 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2019-08-18 19:30 - 2019-08-18 19:30 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvsetup.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000078136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-08-18 19:30 - 2019-08-18 19:30 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiskSnapshot.exe
2019-08-18 19:30 - 2019-08-18 19:30 - 000072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingFilterDS.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2019-08-18 19:30 - 2019-08-18 19:30 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2019-08-18 19:30 - 2019-08-18 19:30 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsUpdateElevatedInstaller.exe
2019-08-18 19:30 - 2019-08-18 19:30 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
2019-08-18 19:30 - 2019-08-18 19:30 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\shunimpl.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 015221248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 006441472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 005764608 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 005210904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 004764896 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 004016128 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 003818632 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-08-18 19:29 - 2019-08-18 19:29 - 003427328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 002846720 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 002765312 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 002645504 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 002566456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-08-18 19:29 - 2019-08-18 19:29 - 002346496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 002186752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 002023936 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2019-08-18 19:29 - 2019-08-18 19:29 - 002022096 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 001899160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 001853952 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-08-18 19:29 - 2019-08-18 19:29 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 001570816 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 001444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 001321984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 001294488 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 001239552 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 001223168 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 001098136 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 001085968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 001075712 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000990720 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-08-18 19:29 - 2019-08-18 19:29 - 000808960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000808960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000800736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2019-08-18 19:29 - 2019-08-18 19:29 - 000794936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2019-08-18 19:29 - 2019-08-18 19:29 - 000791040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000755064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000730112 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000721672 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2019-08-18 19:29 - 2019-08-18 19:29 - 000688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000671544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-08-18 19:29 - 2019-08-18 19:29 - 000604160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000553664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000540720 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000520200 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-08-18 19:29 - 2019-08-18 19:29 - 000516112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2019-08-18 19:29 - 2019-08-18 19:29 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2019-08-18 19:29 - 2019-08-18 19:29 - 000414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000362496 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-08-18 19:29 - 2019-08-18 19:29 - 000347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000341816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-08-18 19:29 - 2019-08-18 19:29 - 000338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000333128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000297984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000284984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000279920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShellCommonCommonProxyStub.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.internal.shellcommon.shareexperience.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2019-08-18 19:29 - 2019-08-18 19:29 - 000187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiCloudStore.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000152576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComposableShellProxyStub.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000149520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\appsruprov.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000134760 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000122680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000114128 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2019-08-18 19:29 - 2019-08-18 19:29 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2019-08-18 19:29 - 2019-08-18 19:29 - 000087864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShellExtFramework.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2019-08-18 19:29 - 2019-08-18 19:29 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2019-08-18 19:29 - 2019-08-18 19:29 - 000054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.PlatformDiagnosticsAndUsageDataSettings.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessRuntime.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2019-08-18 19:28 - 2019-08-18 19:28 - 001713976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.AppAgent.dll
2019-08-18 19:28 - 2019-08-18 19:28 - 001522488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems32.dll
2019-08-18 19:28 - 2019-08-18 19:28 - 001258512 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2019-08-18 19:28 - 2019-08-18 19:28 - 000937472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-08-18 19:28 - 2019-08-18 19:28 - 000927264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2019-08-18 19:28 - 2019-08-18 19:28 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2019-08-18 19:28 - 2019-08-18 19:28 - 000631824 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2019-08-18 19:28 - 2019-08-18 19:28 - 000539448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-08-18 19:28 - 2019-08-18 19:28 - 000526864 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2019-08-18 19:28 - 2019-08-18 19:28 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2013CustomActions.dll
2019-08-18 19:28 - 2019-08-18 19:28 - 000499000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-08-18 19:28 - 2019-08-18 19:28 - 000477712 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2019-08-18 19:28 - 2019-08-18 19:28 - 000414760 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-08-18 19:28 - 2019-08-18 19:28 - 000365880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2019-08-18 19:28 - 2019-08-18 19:28 - 000283664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2019-08-18 19:28 - 2019-08-18 19:28 - 000241168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2019-08-18 19:28 - 2019-08-18 19:28 - 000236856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2019-08-18 19:28 - 2019-08-18 19:28 - 000190264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2019-08-18 19:28 - 2019-08-18 19:28 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-08-18 19:28 - 2019-08-18 19:28 - 000158008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-08-18 19:28 - 2019-08-18 19:28 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSrv.exe
2019-08-18 19:28 - 2019-08-18 19:28 - 000091424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2019-08-18 19:28 - 2019-08-18 19:28 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
2019-08-18 19:28 - 2019-08-18 19:28 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2019-08-18 19:28 - 2019-08-18 19:28 - 000026424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uefi.sys
2019-08-18 19:21 - 2019-08-20 17:54 - 000000000 ____D C:\Program Files\Mozilla Firefox
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-08-23 09:08 - 2019-04-05 08:08 - 000000000 ____D C:\Users\DELL\AppData\LocalLow\Mozilla
2019-08-22 16:02 - 2018-09-15 07:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-08-22 09:41 - 2019-02-16 15:03 - 000912284 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-08-22 09:41 - 2018-09-15 07:09 - 000000000 ____D C:\WINDOWS\INF
2019-08-22 09:36 - 2019-02-16 15:09 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-08-22 09:36 - 2019-02-15 21:41 - 000000000 __SHD C:\Users\DELL\IntelGraphicsProfiles
2019-08-22 09:36 - 2019-02-15 21:36 - 000000000 ____D C:\ProgramData\NVIDIA
2019-08-22 09:35 - 2019-02-16 09:11 - 000000000 ____D C:\Program Files\WinRAR
2019-08-22 09:35 - 2018-09-15 06:08 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-08-22 09:28 - 2019-02-16 14:56 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-08-21 18:34 - 2018-09-15 07:10 - 000000000 ___HD C:\Program Files\WindowsApps
2019-08-21 18:34 - 2018-09-15 07:10 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-08-20 18:19 - 2019-02-16 09:11 - 000000000 ____D C:\Users\DELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-08-20 18:19 - 2019-02-16 09:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-08-20 18:19 - 2019-02-16 08:24 - 000001034 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-08-20 18:18 - 2019-04-04 11:13 - 000000000 ____D C:\Program Files\Google
2019-08-20 18:06 - 2018-09-15 07:10 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-08-20 18:02 - 2019-02-16 08:31 - 000000000 ____D C:\ProgramData\AVAST Software
2019-08-20 17:56 - 2019-02-16 15:10 - 000000000 ____D C:\Users\DELL\AppData\Local\Packages
2019-08-20 17:55 - 2019-02-15 21:37 - 000606264 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2019-08-20 17:55 - 2019-02-15 21:32 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2019-08-20 17:54 - 2019-02-15 21:33 - 000000000 ____D C:\Program Files\Common Files\AV
2019-08-20 17:48 - 2019-04-05 08:08 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2019-08-20 17:45 - 2018-09-15 06:08 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-08-20 16:52 - 2019-04-05 08:08 - 000001186 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-08-20 16:51 - 2019-02-16 15:11 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-08-20 16:51 - 2019-02-16 15:11 - 000000000 ___RD C:\Users\DELL\3D Objects
2019-08-20 16:49 - 2019-02-16 14:56 - 000436424 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-08-20 16:45 - 2018-09-15 07:10 - 000000000 ___SD C:\WINDOWS\system32\UNP
2019-08-20 16:45 - 2018-09-15 07:10 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-08-20 16:45 - 2018-09-15 07:10 - 000000000 ____D C:\WINDOWS\system32\migwiz
2019-08-20 16:45 - 2018-09-15 07:10 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-08-20 16:45 - 2018-09-15 06:08 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-08-20 16:44 - 2018-09-15 15:19 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-08-20 16:44 - 2018-09-15 07:10 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-08-20 16:44 - 2018-09-15 07:10 - 000000000 ___RD C:\Program Files\Windows Defender
2019-08-20 16:44 - 2018-09-15 07:10 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-08-20 16:44 - 2018-09-15 07:10 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-08-20 16:44 - 2018-09-15 07:10 - 000000000 ____D C:\WINDOWS\Provisioning
2019-08-20 16:44 - 2018-09-15 07:10 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-08-20 16:44 - 2018-09-15 07:10 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-08-18 19:42 - 2018-09-15 07:02 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-08-18 19:31 - 2019-02-16 05:32 - 000408644 __RSH C:\bootmgr
2019-08-18 19:13 - 2019-02-16 06:20 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-08-18 19:11 - 2019-02-15 23:20 - 131096328 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 22-08-2019
Ran by DELL (23-08-2019 09:14:10)
Running from C:\Users\DELL\Desktop
Microsoft Windows 10 Pro Version 1809 17763.678 (X86) (2019-02-16 13:10:32)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-527371810-1592208594-1481903311-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-527371810-1592208594-1481903311-503 - Limited - Disabled)
DELL (S-1-5-21-527371810-1592208594-1481903311-1000 - Administrator - Enabled) => C:\Users\DELL
Guest (S-1-5-21-527371810-1592208594-1481903311-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-527371810-1592208594-1481903311-1002 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-527371810-1592208594-1481903311-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Reader XI (11.0.23) - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Aktualizácia Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-041B-0000-0000000FF1CE}_ENTERPRISE_{9A8C39B0-D27F-4F81-BE74-2FECF164707E}) (Version: - Microsoft)
Aktualizácia Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-041B-0000-0000000FF1CE}_ENTERPRISE_{CE23B3DC-18CC-46FC-A309-81D6670F8D3D}) (Version: - Microsoft)
Aktualizácia Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-041B-0000-0000000FF1CE}_ENTERPRISE_{D6DBF512-87C0-4F6A-8FB9-AC3A389D9DE5}) (Version: - Microsoft)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 19.7.2388 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.60 - Piriform)
Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 10.2207.101.120 - ALPS ELECTRIC CO., LTD.)
DisplayLink Core Software (HKLM\...\{1727AE80-36D8-46E9-9837-06A72F771B5A}) (Version: 7.2.47873.0 - DisplayLink Corp.)
DisplayLink Graphics (HKLM\...\{E987ACF0-5BBB-4EF8-836C-80468AFA4AD8}) (Version: 7.2.47873.0 - DisplayLink Corp.)
DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 6.30.223.215 - Dell Inc.)
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6491.0 - IDT)
Intel(R) Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.6.1194 - Intel Corporation)
Intel(R) Network Connections 18.1.59.00 (HKLM\...\PROSetDX) (Version: 18.1.59.00 - Intel)
Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.5059 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.9.254 - Intel Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 68.0.2 (x86 en-US) (HKLM\...\Mozilla Firefox 68.0.2 (x86 en-US)) (Version: 68.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 68.0.2.7164 - Mozilla)
NVIDIA Grafický ovládač 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.54 - NVIDIA Corporation)
NVIDIA nView 148.03 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 148.03 - NVIDIA Corporation)
NVIDIA Ovládač 3D Vision 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.54 - NVIDIA Corporation)
NVIDIA Ovládač zvuku HD 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
Ovládací panel NVIDIA 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 376.54 - NVIDIA Corporation) Hidden
PowerISO (HKLM\...\PowerISO) (Version: 7.3 - Power Software Ltd)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.27.0 - Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.27.0 - Renesas Electronics Corporation)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 9.21a - Ghisler Software GmbH)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VC_CRT_x86 (HKLM\...\{8054D734-39C7-463D-B764-9C883982B8F9}) (Version: 1.02.0000 - Intel Corporation) Hidden
WinRAR 5.71 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Packages:
=========
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_2.4.521.0_x86__rz1tebttyb220 [2019-03-27] (Dolby Laboratories)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x86__6mqt6hf9g46tw [2019-02-16] (Fitbit)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-16] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.12124.0_x86__8wekyb3d8bbwe [2019-08-18] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x86__8wekyb3d8bbwe [2019-06-17] (Microsoft Studios) [MS Ad]
MSN Počasie -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905.0_x86__8wekyb3d8bbwe [2019-08-20] (Microsoft Corporation) [MS Ad]
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_2.2.9.0_x86__nfy108tqq3p12 [2019-02-16] (Thumbmunkeys Ltd) [MS Ad]
Pošta a kalendár -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x86__8wekyb3d8bbwe [2019-08-18] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-527371810-1592208594-1481903311-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-527371810-1592208594-1481903311-1000_Classes\CLSID\{E7629152-0A34-4487-B787-5D1144304455}\localserver32 -> no filepath
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2018-11-22] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2018-11-22] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers5: [00nView] -> {1E9B04FB-F9E5-4718-997B-B8DA88302A48} => C:\Program Files\NVIDIA Corporation\nview\nvshell.dll [2017-03-14] (NVIDIA Corporation -> )
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2015-07-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2018-11-22] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2019-02-16 15:04 - 2019-02-16 15:04 - 000068608 _____ (Broadcom Corporation) [File not signed] C:\WINDOWS\assembly\GAC_32\bcmwlrmt\6.30.223.0__6d6a20262490fcdc\bcmwlrmt.dll
2019-02-15 21:14 - 2014-01-15 03:03 - 000052224 _____ (Broadcom Corporation) [File not signed] C:\WINDOWS\SYSTEM32\wltrynt.dll
2019-02-15 21:14 - 2014-01-15 03:03 - 003061248 _____ (Dell Inc.) [File not signed] C:\Program Files\Dell\DW WLAN Card\bcmpeerapi.dll
2019-02-16 10:51 - 2013-07-18 10:42 - 000073728 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
2019-04-14 16:51 - 2019-04-14 16:51 - 000097280 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.DLL
2019-02-16 15:30 - 2016-12-29 14:29 - 000315400 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\_nvstapisvr.dll
2019-02-15 21:14 - 2014-01-15 03:03 - 000273920 _____ (TODO: <Company name>) [File not signed] C:\Program Files\Dell\DW WLAN Card\bcmfshapi.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:04 - 2019-02-15 21:45 - 000000950 ____R C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 app.drivereasy.com
149.202.196.40 dow0.drivereasy.com
149.202.196.40 dow1.drivereasy.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Dell\DW WLAN Card;;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\UCRT\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-527371810-1592208594-1481903311-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg
DNS Servers: 192.168.1.1 - 195.146.128.62
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
MSCONFIG\startupreg: SysTrayApp => C:\Program Files\IDT\WDM\sttray.exe
HKLM\...\StartupApproved\Run: => "PWRISOVM.EXE"
HKU\S-1-5-21-527371810-1592208594-1481903311-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-527371810-1592208594-1481903311-1000\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{4852BA22-E303-4FD8-9C46-C72D4BC69C90}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{AB24780B-E2D8-4524-BA7B-96D9DEC620C8}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{422F204D-14E3-46E2-95A0-07168A48D2DB}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DEF2151B-DDDE-42B1-A1E5-B190DF2A9551}] => (Allow) LPort=1688
FirewallRules: [{E32B9BF3-0C1C-4C36-8F22-129FFF3381DA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4AC64AC2-4387-42C6-87A3-398378968798}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
==================== Restore Points =========================
24-07-2019 10:53:48 Windows Update
18-08-2019 19:10:26 Windows Update
==================== Faulty Device Manager Devices =============
Name: Airplane Mode Switch
Description: Airplane Mode Switch
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Dell Inc
Service: DellRbtn
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/22/2019 09:41:20 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (08/22/2019 09:41:20 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (08/20/2019 06:02:27 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (08/20/2019 06:02:26 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (08/20/2019 05:56:09 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (08/20/2019 05:56:09 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (08/20/2019 05:53:39 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.
Error: (08/20/2019 05:40:58 PM) (Source: MsiInstaller) (EventID: 1023) (User: NT AUTHORITY)
Description: Produkt: Kaspersky Free – Aktualizáciu KIS 2019 MP0 family (Patch g) sa nepodarilo nainštalovať. Kód chyby je 1603. Ďalšie informácie sú uvedené v súbore denníka C:\WINDOWS\TEMP\MSIf0932.LOG.
System errors:
=============
Error: (08/22/2019 09:36:25 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (08/22/2019 09:36:25 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (08/22/2019 09:35:01 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Modul WLAN Extensibility Module sa neočakávane zastavil.
Cesta k modulu: C:\WINDOWS\System32\bcmihvsrv.dll
Error: (08/22/2019 09:35:01 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Modul WLAN Extensibility Module sa neočakávane zastavil.
Cesta k modulu: C:\WINDOWS\System32\bcmihvsrv.dll
Error: (08/22/2019 09:34:55 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1115" attempting to start the service SecurityHealthService with arguments "Unavailable" in order to run the server:
{2D15188C-D298-4E10-83B2-64666CCBEBBD}
Error: (08/22/2019 09:34:54 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Modul WLAN Extensibility Module sa neočakávane zastavil.
Cesta k modulu: C:\WINDOWS\System32\bcmihvsrv.dll
Error: (08/22/2019 09:34:44 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Message Queuing sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 120000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.
Error: (08/22/2019 09:34:42 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 0 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.
Windows Defender:
===================================
Date: 2019-02-16 14:24:27.004
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Trojan:Win32/Occamy.C
ID: 2147726780
Severity: Závažná
Category: Trójsky kôň
Path: file:_I:\Zmazat\Driver Easy Professional\Driver Easy Professional\Crack\Patch.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Signature Version: AV: 1.273.933.0, AS: 1.273.933.0, NIS: 1.273.933.0
Engine Version: AM: 1.1.15100.1, NIS: 1.1.15100.1
Date: 2019-02-16 14:23:54.415
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Trojan:Win32/Occamy.C
ID: 2147726780
Severity: Závažná
Category: Trójsky kôň
Path: file:_I:\Zmazat\Driver Easy Professional\Driver Easy Professional\Crack\Patch.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Signature Version: AV: 1.273.933.0, AS: 1.273.933.0, NIS: 1.273.933.0
Engine Version: AM: 1.1.15100.1, NIS: 1.1.15100.1
Date: 2019-02-16 14:23:27.990
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Trojan:Win32/Occamy.C
ID: 2147726780
Severity: Závažná
Category: Trójsky kôň
Path: file:_I:\Zmazat\Driver Easy Professional\Driver Easy Professional\Crack\Patch.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Signature Version: AV: 1.273.933.0, AS: 1.273.933.0, NIS: 1.273.933.0
Engine Version: AM: 1.1.15100.1, NIS: 1.1.15100.1
CodeIntegrity:
===================================
Date: 2019-08-20 18:56:12.839
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.stdformat.dll that did not meet the Microsoft signing level requirements.
Date: 2019-08-20 18:56:12.754
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\adodb.dll that did not meet the Microsoft signing level requirements.
Date: 2019-08-20 18:56:12.697
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\msdatasrc.dll that did not meet the Microsoft signing level requirements.
Date: 2019-08-20 18:56:12.540
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.stdformat.dll that did not meet the Microsoft signing level requirements.
Date: 2019-08-20 18:56:12.476
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\adodb.dll that did not meet the Microsoft signing level requirements.
Date: 2019-08-20 18:56:12.402
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\msdatasrc.dll that did not meet the Microsoft signing level requirements.
Date: 2019-08-20 18:56:11.025
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
Date: 2019-08-20 18:56:10.632
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Dell Inc. A22 11/30/2018
Motherboard: Dell Inc. 07Y85M
Processor: Intel(R) Core(TM) i7-3630QM CPU @ 2.40GHz
Percentage of memory in use: 66%
Total physical RAM: 3259 MB
Available physical RAM: 1078.96 MB
Total Virtual: 6587 MB
Available Virtual: 3531.17 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:102.21 GB) (Free:71.82 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:0.1 GB) (Free:0.08 GB) NTFS
Drive e: () (Fixed) (Total:195.31 GB) (Free:173.65 GB) NTFS
\\?\Volume{32723148-3150-11e9-b6e5-806e6f6e6963}\ () (Fixed) (Total:0.47 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: 65D7E6F6)
Partition 1: (Not Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=102.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=481 MB) - (Type=27)
Partition 4: (Not Active) - (Size=195.3 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 22-08-2019
Ran by DELL (administrator) on DELL-PC (Dell Inc. Latitude E6530) (23-08-2019 09:12:27)
Running from C:\Users\DELL\Desktop
Loaded Profiles: DELL (Available Profiles: DELL)
Platform: Microsoft Windows 10 Pro Version 1809 17763.678 (X86) Language: Slovenčina (Slovensko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Dell Inc.) [File not signed] C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE
(Dell Inc.) [File not signed] C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
(Dell Inc.) [File not signed] C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19051.16210.0_x86__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11906.1001.24.0_x86__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19071.901.0_x86__8wekyb3d8bbwe\YourPhone.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\x86_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17763.649_none_220d598194935132\TiWorker.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Renesas Electronics Corporation -> Renesas Electronics Corporation) C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [8103424 2014-01-15] (Dell Inc.) [File not signed]
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [618160 2019-02-16] (ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.)
HKLM\...\Run: [NUSB3MON] => C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation -> Renesas Electronics Corporation)
HKLM\...\Run: [USB3MON] => C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-07-18] (Intel Corporation -> Intel Corporation)
HKLM\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [414176 2018-11-22] (Power Software Limited -> Power Software Ltd)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [232328 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-527371810-1592208594-1481903311-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [16835256 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-527371810-1592208594-1481903311-1000\...\MountPoints2: {94abd227-c359-11e9-aeaa-2cd05a86ddf4} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-527371810-1592208594-1481903311-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [28672 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
Startup: C:\Users\DELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Orezávač obrazovky a spúšťač programu OneNote 2007.lnk [2019-04-12]
ShortcutTarget: Orezávač obrazovky a spúšťač programu OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {166E2075-D5D5-4990-9DA4-89C38ADA21CD} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {1D312CFA-8190-451A-8B41-FA8B86DB7543} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {24FA84A0-E087-48EC-BC51-2B9C4C815D78} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40b4-8963-D3C761B18371}
Task: {367F930A-A3DB-4112-B1F1-50E92A171C88} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {39586BBD-A52A-42ED-A8DC-2C6643812FCA} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {42E2BF71-4293-4431-B797-106DA732E6DF} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {44FAFC2C-5817-4E3D-A2CB-DBABA7BCB28A} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {59DBE66E-3189-4EAD-8086-1A9B5B60922D} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {5DF17F05-47DF-459F-9B0E-41DFCAB22B31} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {60DA142B-3CF4-474B-99CC-4BFE751BC6B2} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {6EC61E76-B727-464C-B2FF-A64718849B07} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {72E1F0F7-4B9E-47A2-A819-3065853C1577} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61}
Task: {75EF7594-5906-485A-AE2D-681F1380B1DD} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {8547642E-C842-4F2E-AA92-C66C72C87DD0} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3230600 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
Task: {8657634B-8EDD-49D5-BB12-41418245E4F5} - System32\Tasks\nWizard_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2052144 2017-03-14] (NVIDIA Corporation -> )
Task: {870DEAA8-C53E-4C60-A970-E8C7207F280F} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9CD84E7B-DD9D-4D2A-B307-726936890E1A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9D3937B9-6E62-4D16-9189-8A19181E7E30} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A500735E-7976-49FE-8303-5BBDC0A4696F} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A9AC791B-EC07-458D-99CF-F29DB6DB5AEA} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B4FBCC9E-5A17-41DD-B186-630F696E4203} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B7BE75DF-26E2-4649-9FAD-EF675D70F366} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {B8CB0B35-B006-45C0-B963-031B3761E984} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1}
Task: {B8F5A058-8200-4DAC-915D-F1C0BE565408} - System32\Tasks\{A2DD10D9-6C94-4A47-8A59-C505FFE5DE10} => C:\Windows\system32\pcalua.exe -a "E:\Instal E6530\Zmazat\DIAG_Network_Intel_A09_x64-YMH42_setup_ZPE.exe" -d "E:\Instal E6530\Zmazat"
Task: {BD166CFA-2DAE-4CFC-9CDE-60E7C268A17F} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {CCAD4620-6EF3-4B86-A153-F3D7B57EC5E2} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [628024 2016-02-19] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
Task: {D0BBB1E3-C830-4E38-9C5A-37864CC75D7E} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1693064 2019-08-21] (AVAST Software s.r.o. -> AVAST Software)
Task: {D19C5C44-EC7E-4622-ABF2-D7275BF26378} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D5D3EB08-B1DE-4BDA-8312-14184E1154E4} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E2B49E31-40AB-4928-9A30-F7C2738A9B1A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E3EFA5FD-3E3E-42C7-BFCD-FDAC460614DA} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E79B2998-8F63-451A-A56D-26EDC0A5098A} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47c2-B62A-B7C4CED925CB}
Task: {E87F8226-67CF-414C-857A-F1EA90887757} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1236048 2019-07-24] (Adobe Inc. -> Adobe Systems)
Task: {EC7BBBAB-B51B-4AAE-9AA6-41B77AF24F3E} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
Task: {F73AE186-AEAA-42C3-A91E-8CFAFEECE652} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {FAC719A2-5E5D-4395-B7FD-17B5D20EC73A} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FCB8E765-3F15-413D-864F-4D01B5A05504} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16835256 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 195.146.128.62
Tcpip\..\Interfaces\{20B6AA30-FE04-4E58-9240-1B9A4258DD3E}: [DhcpNameServer] 192.168.1.1 195.146.128.62
Tcpip\..\Interfaces\{3BE8DB99-FF1C-4BC0-AD98-A74F087B236F}: [DhcpNameServer] 192.168.1.1 195.146.128.62
Internet Explorer:
==================
HKU\S-1-5-21-527371810-1592208594-1481903311-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
SearchScopes: HKU\S-1-5-21-527371810-1592208594-1481903311-1000 -> {99DE3153-E283-4F43-962D-248CA99E4D9F} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13554
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKU\S-1-5-21-527371810-1592208594-1481903311-1000 -> No Name - {C500C267-63BF-451F-8797-4D720C9A2ED9} - No File
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF DefaultProfile: 4izo1xz2.default
FF ProfilePath: C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\4izo1xz2.default [2019-08-23]
FF Extension: (Slovak (SK) Language Pack) - C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\4izo1xz2.default\Extensions\langpack-sk@firefox.mozilla.org.xpi [2019-08-18]
FF Extension: (Slovenská kontrola preklepov) - C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\4izo1xz2.default\Extensions\sk@dictionaries.addons.mozilla.org.xpi [2019-04-05]
FF Extension: (Avast SafePrice | Porovnanie, ponuky, kupóny) - C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\4izo1xz2.default\Extensions\sp@avast.com.xpi [2019-08-23]
FF Extension: (Avast Online Security) - C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\4izo1xz2.default\Extensions\wrc@avast.com.xpi [2019-08-23]
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-29] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-29] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [88136 2019-07-24] (Adobe Inc. -> Adobe Systems)
R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [87296 2019-02-16] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [4869072 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [356792 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
R2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [1730840 2015-10-29] (Broadcom Corporation -> Broadcom Corporation.)
S3 cphs; C:\WINDOWS\system32\IntelCpHeciSvc.exe [290208 2015-07-30] (Intel Corporation - pGFX -> Intel Corporation)
S3 ICCS; C:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [169752 2012-04-24] (Intel Corporation -> Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [283552 2015-07-30] (Intel Corporation - pGFX -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [728360 2016-02-19] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
R2 Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [121240 2013-01-03] (Intel Corporation -> Intel Corporation)
R2 jhi_service; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [209184 2016-05-25] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3594288 2019-08-18] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3266088 2019-08-18] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [91648 2018-09-15] (Microsoft Corporation -> Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [5456896 2014-01-15] (Dell Inc.) [File not signed]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [34480 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [174256 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [225600 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [171000 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [56288 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [14976 2019-08-20] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [219912 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [40688 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [140376 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [100984 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [72792 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [783016 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [404312 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [176240 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [313840 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
R3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [164136 2019-02-16] (Broadcom Corporation -> Broadcom Corporation.)
R3 BCM42RLY; C:\WINDOWS\System32\drivers\BCM42RLY.sys [19664 2014-01-15] (Broadcom Corporation -> Broadcom Corporation)
R3 BCM43XX; C:\WINDOWS\system32\DRIVERS\bcmwl63.sys [6795992 2019-02-16] (Broadcom Corporation -> Broadcom Corporation)
S3 btwampfl; C:\WINDOWS\system32\DRIVERS\btwampfl.sys [186688 2019-02-16] (Broadcom Corporation -> Broadcom Corporation.)
S3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [31560 2019-02-16] (WDKTestCert Andy_Chen6,131219483243550933 -> OSR Open Systems Resources, Inc.)
R3 e1cexpress; C:\WINDOWS\system32\DRIVERS\e1c6532.sys [391120 2019-02-16] (Intel(R) INTELNPG1 -> Intel Corporation)
R3 ICCWDT; C:\WINDOWS\System32\drivers\ICCWDT.sys [34360 2019-02-16] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 intaud_WaveExtensible; C:\WINDOWS\system32\drivers\intelaud.sys [44096 2015-06-26] (Intel(R) Wireless Display -> Intel Corporation)
R3 iwdbus; C:\WINDOWS\System32\drivers\iwdbus.sys [35904 2015-06-26] (Intel(R) Wireless Display -> Intel Corporation)
R3 MEI; C:\WINDOWS\System32\drivers\TeeDriverW8.sys [163896 2019-02-16] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 NAL; C:\WINDOWS\system32\Drivers\iqvw32.sys [31048 2013-02-21] (Intel Corporation -> Intel Corporation )
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvdm.inf_x86_435be23e36dc297f\nvlddmkm.sys [12227512 2017-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
S0 nvpciflt; C:\WINDOWS\System32\DRIVERS\nvpciflt.sys [44592 2017-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
R0 stdcfltn; C:\WINDOWS\System32\DRIVERS\stdcfltn.sys [26768 2016-10-07] (STMICROELECTRONICS S.R.L. -> ST Microelectronics)
R3 ST_Accel; C:\WINDOWS\system32\DRIVERS\ST_Accel.sys [130216 2016-10-12] (STMICROELECTRONICS S.R.L. -> STMicroelectronics)
S3 UrsSynopsys; C:\WINDOWS\System32\drivers\urssynopsys.sys [21304 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [38904 2018-09-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [279592 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [46120 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [192512 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-08-23 09:12 - 2019-08-23 09:13 - 000024743 _____ C:\Users\DELL\Desktop\FRST.txt
2019-08-23 09:10 - 2019-08-23 09:10 - 000000000 ____D C:\Users\DELL\Desktop\FRST-OlderVersion
2019-08-22 09:33 - 2019-08-22 09:33 - 007623880 _____ (Malwarebytes) C:\Users\DELL\Downloads\adwcleaner_7.4(1).exe
2019-08-22 09:31 - 2019-08-22 09:34 - 000000000 ____D C:\AdwCleaner
2019-08-22 09:30 - 2019-08-22 09:30 - 007623880 _____ (Malwarebytes) C:\Users\DELL\Desktop\adwcleaner_7.4.exe
2019-08-20 18:28 - 2019-08-20 18:29 - 000030075 _____ C:\Users\DELL\Downloads\Addition.txt
2019-08-20 18:26 - 2019-08-23 09:12 - 000000000 ____D C:\FRST
2019-08-20 18:26 - 2019-08-20 18:29 - 000079877 _____ C:\Users\DELL\Downloads\FRST.txt
2019-08-20 18:25 - 2019-08-23 09:10 - 001448960 _____ (Farbar) C:\Users\DELL\Desktop\FRST.exe
2019-08-20 18:25 - 2019-08-20 18:25 - 001612800 _____ (Farbar) C:\Users\DELL\Downloads\FRST64.exe
2019-08-20 18:09 - 2019-08-20 18:09 - 000002160 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2019-08-20 18:09 - 2019-08-20 18:09 - 000002148 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2019-08-20 18:09 - 2019-08-20 18:09 - 000000000 ____D C:\Users\DELL\AppData\Roaming\AVAST Software
2019-08-20 18:06 - 2019-08-20 18:05 - 000783016 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-08-20 18:06 - 2019-08-20 18:05 - 000404312 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-08-20 18:06 - 2019-08-20 18:05 - 000313840 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-08-20 18:06 - 2019-08-20 18:05 - 000312200 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-08-20 18:06 - 2019-08-20 18:05 - 000225600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-08-20 18:06 - 2019-08-20 18:05 - 000219912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-08-20 18:06 - 2019-08-20 18:05 - 000176240 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-08-20 18:06 - 2019-08-20 18:05 - 000174256 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-08-20 18:06 - 2019-08-20 18:05 - 000171000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-08-20 18:06 - 2019-08-20 18:05 - 000140376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-08-20 18:06 - 2019-08-20 18:05 - 000100984 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-08-20 18:06 - 2019-08-20 18:05 - 000072792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-08-20 18:06 - 2019-08-20 18:05 - 000056288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-08-20 18:06 - 2019-08-20 18:05 - 000040688 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-08-20 18:06 - 2019-08-20 18:05 - 000034480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-08-20 18:06 - 2019-08-20 18:05 - 000014976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2019-08-20 18:03 - 2019-08-20 18:03 - 000000000 ____D C:\Program Files\AVAST Software
2019-08-20 18:00 - 2019-08-20 18:00 - 000230080 _____ (AVAST Software) C:\Users\DELL\Downloads\avast_free_antivirus_setup_online.exe
2019-08-18 19:33 - 2019-08-18 19:33 - 007921664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 005115384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 003906560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 003550384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 002460160 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 002393088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 001659192 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 001520640 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 001466880 _____ C:\WINDOWS\system32\rdpnano.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 001413632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msjet40.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 001043968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2019-08-18 19:33 - 2019-08-18 19:33 - 000991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000897536 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000687896 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
2019-08-18 19:33 - 2019-08-18 19:33 - 000673520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2019-08-18 19:33 - 2019-08-18 19:33 - 000671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000652288 _____ (Microsoft Corporation) C:\WINDOWS\system32\assignedaccessmanagersvc.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000644408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2019-08-18 19:33 - 2019-08-18 19:33 - 000607744 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000573440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfh264enc.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000501248 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000464896 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessManager.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-08-18 19:33 - 2019-08-18 19:33 - 000360960 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2PGraph.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrd3x40.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000351744 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2psvc.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2019-08-18 19:33 - 2019-08-18 19:33 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrd2x40.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000311808 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000226912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2019-08-18 19:33 - 2019-08-18 19:33 - 000221200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
2019-08-18 19:33 - 2019-08-18 19:33 - 000207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MbbCx.sys
2019-08-18 19:33 - 2019-08-18 19:33 - 000203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscobj.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CXHProvisioningServer.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2pnetsh.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2019-08-18 19:33 - 2019-08-18 19:33 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2019-08-18 19:33 - 2019-08-18 19:33 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2019-08-18 19:33 - 2019-08-18 19:33 - 000079160 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000074664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2019-08-18 19:33 - 2019-08-18 19:33 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Groupinghc.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000058882 _____ C:\WINDOWS\system32\srms.dat
2019-08-18 19:33 - 2019-08-18 19:33 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2019-08-18 19:33 - 2019-08-18 19:33 - 000027152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhv.sys
2019-08-18 19:32 - 2019-08-18 19:32 - 020816896 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 019011584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 012244992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 006065152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 004628992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 003738624 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 002942976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 002278792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 002017792 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-08-18 19:32 - 2019-08-18 19:32 - 002013696 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 001905664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 001763328 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 001506304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 001485312 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 001458784 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 001167360 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 001136640 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 001105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 001019568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2019-08-18 19:32 - 2019-08-18 19:32 - 001009208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000876344 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000664064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000451104 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000428032 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000362496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msexcl40.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\esentutl.exe
2019-08-18 19:32 - 2019-08-18 19:32 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2019-08-18 19:32 - 2019-08-18 19:32 - 000280576 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-08-18 19:32 - 2019-08-18 19:32 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msltus40.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpsrv.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2019-08-18 19:32 - 2019-08-18 19:32 - 000180736 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-08-18 19:32 - 2019-08-18 19:32 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\fsutil.exe
2019-08-18 19:32 - 2019-08-18 19:32 - 000148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMPushRouterCore.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSoftwareInstallationClient.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompMgmtLauncher.exe
2019-08-18 19:32 - 2019-08-18 19:32 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2019-08-18 19:32 - 2019-08-18 19:32 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2019-08-18 19:31 - 2019-08-18 19:31 - 006899512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-08-18 19:31 - 2019-08-18 19:31 - 002784256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 002711864 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-08-18 19:31 - 2019-08-18 19:31 - 002711552 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 002593544 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 002173456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-08-18 19:31 - 2019-08-18 19:31 - 002137400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-08-18 19:31 - 2019-08-18 19:31 - 002039336 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 001726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 001468944 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 001358344 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-08-18 19:31 - 2019-08-18 19:31 - 001291776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 001278808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2019-08-18 19:31 - 2019-08-18 19:31 - 001220480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-08-18 19:31 - 2019-08-18 19:31 - 001206272 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 001095464 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-08-18 19:31 - 2019-08-18 19:31 - 001044480 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 001029120 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 001013760 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000994272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-08-18 19:31 - 2019-08-18 19:31 - 000982840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-08-18 19:31 - 2019-08-18 19:31 - 000841232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2019-08-18 19:31 - 2019-08-18 19:31 - 000778384 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000770096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000763904 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000668072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000660032 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-08-18 19:31 - 2019-08-18 19:31 - 000654336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-08-18 19:31 - 2019-08-18 19:31 - 000626488 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000602424 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000580024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000546632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-08-18 19:31 - 2019-08-18 19:31 - 000540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000467256 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000444728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-08-18 19:31 - 2019-08-18 19:31 - 000442168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2019-08-18 19:31 - 2019-08-18 19:31 - 000415752 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000398928 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000389432 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000387832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000386576 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000382776 _____ (Microsoft Corporation) C:\WINDOWS\system32\halmacpi.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000382776 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000374584 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000364344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2019-08-18 19:31 - 2019-08-18 19:31 - 000362496 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000331792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-08-18 19:31 - 2019-08-18 19:31 - 000305976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2019-08-18 19:31 - 2019-08-18 19:31 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000278840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-08-18 19:31 - 2019-08-18 19:31 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000265528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000228880 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2019-08-18 19:31 - 2019-08-18 19:31 - 000207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000199696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-08-18 19:31 - 2019-08-18 19:31 - 000197832 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPHLPAPI.DLL
2019-08-18 19:31 - 2019-08-18 19:31 - 000195384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2019-08-18 19:31 - 2019-08-18 19:31 - 000193040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-08-18 19:31 - 2019-08-18 19:31 - 000189712 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000173216 _____ (Microsoft Corporation) C:\WINDOWS\system32\xmllite.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000160784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-08-18 19:31 - 2019-08-18 19:31 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000138768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-08-18 19:31 - 2019-08-18 19:31 - 000137056 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000118480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000106296 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000061240 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-08-18 19:31 - 2019-08-18 19:31 - 000031248 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-08-18 19:31 - 2019-08-18 19:31 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 020658416 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 006544552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 006308016 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 004882904 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-08-18 19:30 - 2019-08-18 19:30 - 004344832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 004007424 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 003283968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 002928640 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 002706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-08-18 19:30 - 2019-08-18 19:30 - 002472448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 002443264 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 002402304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 002054968 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 001618944 ____R (The ICU Project) C:\WINDOWS\system32\icuin.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 001477432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 001377280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 001344368 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 001222160 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 001159168 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 001096704 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2019-08-18 19:30 - 2019-08-18 19:30 - 001004032 _____ (Microsoft Corporation) C:\WINDOWS\system32\APMon.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000993792 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000964608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000828728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2019-08-18 19:30 - 2019-08-18 19:30 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000788480 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000763392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000713728 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000701888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2019-08-18 19:30 - 2019-08-18 19:30 - 000700928 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000652528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000617784 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000603280 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000551096 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-08-18 19:30 - 2019-08-18 19:30 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000441856 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-08-18 19:30 - 2019-08-18 19:30 - 000427688 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000413696 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2019-08-18 19:30 - 2019-08-18 19:30 - 000372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000348672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-08-18 19:30 - 2019-08-18 19:30 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingDiagSpp.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000331808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-08-18 19:30 - 2019-08-18 19:30 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\SDDS.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000289688 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingASDS.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000264704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmd.exe
2019-08-18 19:30 - 2019-08-18 19:30 - 000219448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000213520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\DesktopSwitcherDataModel.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpnServiceDS.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2019-08-18 19:30 - 2019-08-18 19:30 - 000141448 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
2019-08-18 19:30 - 2019-08-18 19:30 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000125016 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000096744 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2019-08-18 19:30 - 2019-08-18 19:30 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2019-08-18 19:30 - 2019-08-18 19:30 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvsetup.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000078136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-08-18 19:30 - 2019-08-18 19:30 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiskSnapshot.exe
2019-08-18 19:30 - 2019-08-18 19:30 - 000072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingFilterDS.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2019-08-18 19:30 - 2019-08-18 19:30 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2019-08-18 19:30 - 2019-08-18 19:30 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsUpdateElevatedInstaller.exe
2019-08-18 19:30 - 2019-08-18 19:30 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
2019-08-18 19:30 - 2019-08-18 19:30 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\shunimpl.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2019-08-18 19:30 - 2019-08-18 19:30 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 015221248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 006441472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 005764608 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 005210904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 004764896 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 004016128 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 003818632 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-08-18 19:29 - 2019-08-18 19:29 - 003427328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 002846720 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 002765312 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 002645504 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 002566456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-08-18 19:29 - 2019-08-18 19:29 - 002346496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 002186752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 002023936 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2019-08-18 19:29 - 2019-08-18 19:29 - 002022096 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 001899160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 001853952 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-08-18 19:29 - 2019-08-18 19:29 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 001570816 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 001444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 001321984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 001294488 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 001239552 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 001223168 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 001098136 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 001085968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 001075712 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000990720 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-08-18 19:29 - 2019-08-18 19:29 - 000808960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000808960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000800736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2019-08-18 19:29 - 2019-08-18 19:29 - 000794936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2019-08-18 19:29 - 2019-08-18 19:29 - 000791040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000755064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000730112 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000721672 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2019-08-18 19:29 - 2019-08-18 19:29 - 000688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000671544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-08-18 19:29 - 2019-08-18 19:29 - 000604160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000553664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000540720 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000520200 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-08-18 19:29 - 2019-08-18 19:29 - 000516112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2019-08-18 19:29 - 2019-08-18 19:29 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2019-08-18 19:29 - 2019-08-18 19:29 - 000414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000362496 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-08-18 19:29 - 2019-08-18 19:29 - 000347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000341816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-08-18 19:29 - 2019-08-18 19:29 - 000338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000333128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000297984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000284984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000279920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShellCommonCommonProxyStub.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.internal.shellcommon.shareexperience.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2019-08-18 19:29 - 2019-08-18 19:29 - 000187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiCloudStore.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000152576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComposableShellProxyStub.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000149520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\appsruprov.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000134760 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000122680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000114128 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2019-08-18 19:29 - 2019-08-18 19:29 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2019-08-18 19:29 - 2019-08-18 19:29 - 000087864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShellExtFramework.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2019-08-18 19:29 - 2019-08-18 19:29 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2019-08-18 19:29 - 2019-08-18 19:29 - 000054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.PlatformDiagnosticsAndUsageDataSettings.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessRuntime.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2019-08-18 19:29 - 2019-08-18 19:29 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2019-08-18 19:28 - 2019-08-18 19:28 - 001713976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.AppAgent.dll
2019-08-18 19:28 - 2019-08-18 19:28 - 001522488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems32.dll
2019-08-18 19:28 - 2019-08-18 19:28 - 001258512 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2019-08-18 19:28 - 2019-08-18 19:28 - 000937472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-08-18 19:28 - 2019-08-18 19:28 - 000927264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2019-08-18 19:28 - 2019-08-18 19:28 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2019-08-18 19:28 - 2019-08-18 19:28 - 000631824 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2019-08-18 19:28 - 2019-08-18 19:28 - 000539448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-08-18 19:28 - 2019-08-18 19:28 - 000526864 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2019-08-18 19:28 - 2019-08-18 19:28 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2013CustomActions.dll
2019-08-18 19:28 - 2019-08-18 19:28 - 000499000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-08-18 19:28 - 2019-08-18 19:28 - 000477712 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2019-08-18 19:28 - 2019-08-18 19:28 - 000414760 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-08-18 19:28 - 2019-08-18 19:28 - 000365880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2019-08-18 19:28 - 2019-08-18 19:28 - 000283664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2019-08-18 19:28 - 2019-08-18 19:28 - 000241168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2019-08-18 19:28 - 2019-08-18 19:28 - 000236856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2019-08-18 19:28 - 2019-08-18 19:28 - 000190264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2019-08-18 19:28 - 2019-08-18 19:28 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-08-18 19:28 - 2019-08-18 19:28 - 000158008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-08-18 19:28 - 2019-08-18 19:28 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSrv.exe
2019-08-18 19:28 - 2019-08-18 19:28 - 000091424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2019-08-18 19:28 - 2019-08-18 19:28 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
2019-08-18 19:28 - 2019-08-18 19:28 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2019-08-18 19:28 - 2019-08-18 19:28 - 000026424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uefi.sys
2019-08-18 19:21 - 2019-08-20 17:54 - 000000000 ____D C:\Program Files\Mozilla Firefox
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-08-23 09:08 - 2019-04-05 08:08 - 000000000 ____D C:\Users\DELL\AppData\LocalLow\Mozilla
2019-08-22 16:02 - 2018-09-15 07:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-08-22 09:41 - 2019-02-16 15:03 - 000912284 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-08-22 09:41 - 2018-09-15 07:09 - 000000000 ____D C:\WINDOWS\INF
2019-08-22 09:36 - 2019-02-16 15:09 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-08-22 09:36 - 2019-02-15 21:41 - 000000000 __SHD C:\Users\DELL\IntelGraphicsProfiles
2019-08-22 09:36 - 2019-02-15 21:36 - 000000000 ____D C:\ProgramData\NVIDIA
2019-08-22 09:35 - 2019-02-16 09:11 - 000000000 ____D C:\Program Files\WinRAR
2019-08-22 09:35 - 2018-09-15 06:08 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-08-22 09:28 - 2019-02-16 14:56 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-08-21 18:34 - 2018-09-15 07:10 - 000000000 ___HD C:\Program Files\WindowsApps
2019-08-21 18:34 - 2018-09-15 07:10 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-08-20 18:19 - 2019-02-16 09:11 - 000000000 ____D C:\Users\DELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-08-20 18:19 - 2019-02-16 09:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-08-20 18:19 - 2019-02-16 08:24 - 000001034 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-08-20 18:18 - 2019-04-04 11:13 - 000000000 ____D C:\Program Files\Google
2019-08-20 18:06 - 2018-09-15 07:10 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-08-20 18:02 - 2019-02-16 08:31 - 000000000 ____D C:\ProgramData\AVAST Software
2019-08-20 17:56 - 2019-02-16 15:10 - 000000000 ____D C:\Users\DELL\AppData\Local\Packages
2019-08-20 17:55 - 2019-02-15 21:37 - 000606264 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2019-08-20 17:55 - 2019-02-15 21:32 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2019-08-20 17:54 - 2019-02-15 21:33 - 000000000 ____D C:\Program Files\Common Files\AV
2019-08-20 17:48 - 2019-04-05 08:08 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2019-08-20 17:45 - 2018-09-15 06:08 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-08-20 16:52 - 2019-04-05 08:08 - 000001186 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-08-20 16:51 - 2019-02-16 15:11 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-08-20 16:51 - 2019-02-16 15:11 - 000000000 ___RD C:\Users\DELL\3D Objects
2019-08-20 16:49 - 2019-02-16 14:56 - 000436424 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-08-20 16:45 - 2018-09-15 07:10 - 000000000 ___SD C:\WINDOWS\system32\UNP
2019-08-20 16:45 - 2018-09-15 07:10 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-08-20 16:45 - 2018-09-15 07:10 - 000000000 ____D C:\WINDOWS\system32\migwiz
2019-08-20 16:45 - 2018-09-15 07:10 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-08-20 16:45 - 2018-09-15 06:08 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-08-20 16:44 - 2018-09-15 15:19 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-08-20 16:44 - 2018-09-15 07:10 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-08-20 16:44 - 2018-09-15 07:10 - 000000000 ___RD C:\Program Files\Windows Defender
2019-08-20 16:44 - 2018-09-15 07:10 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-08-20 16:44 - 2018-09-15 07:10 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-08-20 16:44 - 2018-09-15 07:10 - 000000000 ____D C:\WINDOWS\Provisioning
2019-08-20 16:44 - 2018-09-15 07:10 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-08-20 16:44 - 2018-09-15 07:10 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-08-18 19:42 - 2018-09-15 07:02 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-08-18 19:31 - 2019-02-16 05:32 - 000408644 __RSH C:\bootmgr
2019-08-18 19:13 - 2019-02-16 06:20 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-08-18 19:11 - 2019-02-15 23:20 - 131096328 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 22-08-2019
Ran by DELL (23-08-2019 09:14:10)
Running from C:\Users\DELL\Desktop
Microsoft Windows 10 Pro Version 1809 17763.678 (X86) (2019-02-16 13:10:32)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-527371810-1592208594-1481903311-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-527371810-1592208594-1481903311-503 - Limited - Disabled)
DELL (S-1-5-21-527371810-1592208594-1481903311-1000 - Administrator - Enabled) => C:\Users\DELL
Guest (S-1-5-21-527371810-1592208594-1481903311-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-527371810-1592208594-1481903311-1002 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-527371810-1592208594-1481903311-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Reader XI (11.0.23) - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Aktualizácia Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-041B-0000-0000000FF1CE}_ENTERPRISE_{9A8C39B0-D27F-4F81-BE74-2FECF164707E}) (Version: - Microsoft)
Aktualizácia Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-041B-0000-0000000FF1CE}_ENTERPRISE_{CE23B3DC-18CC-46FC-A309-81D6670F8D3D}) (Version: - Microsoft)
Aktualizácia Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-041B-0000-0000000FF1CE}_ENTERPRISE_{D6DBF512-87C0-4F6A-8FB9-AC3A389D9DE5}) (Version: - Microsoft)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 19.7.2388 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.60 - Piriform)
Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 10.2207.101.120 - ALPS ELECTRIC CO., LTD.)
DisplayLink Core Software (HKLM\...\{1727AE80-36D8-46E9-9837-06A72F771B5A}) (Version: 7.2.47873.0 - DisplayLink Corp.)
DisplayLink Graphics (HKLM\...\{E987ACF0-5BBB-4EF8-836C-80468AFA4AD8}) (Version: 7.2.47873.0 - DisplayLink Corp.)
DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 6.30.223.215 - Dell Inc.)
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6491.0 - IDT)
Intel(R) Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.6.1194 - Intel Corporation)
Intel(R) Network Connections 18.1.59.00 (HKLM\...\PROSetDX) (Version: 18.1.59.00 - Intel)
Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.5059 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.9.254 - Intel Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 68.0.2 (x86 en-US) (HKLM\...\Mozilla Firefox 68.0.2 (x86 en-US)) (Version: 68.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 68.0.2.7164 - Mozilla)
NVIDIA Grafický ovládač 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.54 - NVIDIA Corporation)
NVIDIA nView 148.03 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 148.03 - NVIDIA Corporation)
NVIDIA Ovládač 3D Vision 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.54 - NVIDIA Corporation)
NVIDIA Ovládač zvuku HD 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
Ovládací panel NVIDIA 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 376.54 - NVIDIA Corporation) Hidden
PowerISO (HKLM\...\PowerISO) (Version: 7.3 - Power Software Ltd)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.27.0 - Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.27.0 - Renesas Electronics Corporation)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 9.21a - Ghisler Software GmbH)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VC_CRT_x86 (HKLM\...\{8054D734-39C7-463D-B764-9C883982B8F9}) (Version: 1.02.0000 - Intel Corporation) Hidden
WinRAR 5.71 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Packages:
=========
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_2.4.521.0_x86__rz1tebttyb220 [2019-03-27] (Dolby Laboratories)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x86__6mqt6hf9g46tw [2019-02-16] (Fitbit)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-16] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.12124.0_x86__8wekyb3d8bbwe [2019-08-18] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x86__8wekyb3d8bbwe [2019-06-17] (Microsoft Studios) [MS Ad]
MSN Počasie -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905.0_x86__8wekyb3d8bbwe [2019-08-20] (Microsoft Corporation) [MS Ad]
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_2.2.9.0_x86__nfy108tqq3p12 [2019-02-16] (Thumbmunkeys Ltd) [MS Ad]
Pošta a kalendár -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x86__8wekyb3d8bbwe [2019-08-18] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-527371810-1592208594-1481903311-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-527371810-1592208594-1481903311-1000_Classes\CLSID\{E7629152-0A34-4487-B787-5D1144304455}\localserver32 -> no filepath
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2018-11-22] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2018-11-22] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers5: [00nView] -> {1E9B04FB-F9E5-4718-997B-B8DA88302A48} => C:\Program Files\NVIDIA Corporation\nview\nvshell.dll [2017-03-14] (NVIDIA Corporation -> )
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2015-07-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2018-11-22] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2019-02-16 15:04 - 2019-02-16 15:04 - 000068608 _____ (Broadcom Corporation) [File not signed] C:\WINDOWS\assembly\GAC_32\bcmwlrmt\6.30.223.0__6d6a20262490fcdc\bcmwlrmt.dll
2019-02-15 21:14 - 2014-01-15 03:03 - 000052224 _____ (Broadcom Corporation) [File not signed] C:\WINDOWS\SYSTEM32\wltrynt.dll
2019-02-15 21:14 - 2014-01-15 03:03 - 003061248 _____ (Dell Inc.) [File not signed] C:\Program Files\Dell\DW WLAN Card\bcmpeerapi.dll
2019-02-16 10:51 - 2013-07-18 10:42 - 000073728 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
2019-04-14 16:51 - 2019-04-14 16:51 - 000097280 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.DLL
2019-02-16 15:30 - 2016-12-29 14:29 - 000315400 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\_nvstapisvr.dll
2019-02-15 21:14 - 2014-01-15 03:03 - 000273920 _____ (TODO: <Company name>) [File not signed] C:\Program Files\Dell\DW WLAN Card\bcmfshapi.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:04 - 2019-02-15 21:45 - 000000950 ____R C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 app.drivereasy.com
149.202.196.40 dow0.drivereasy.com
149.202.196.40 dow1.drivereasy.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Dell\DW WLAN Card;;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\UCRT\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-527371810-1592208594-1481903311-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg
DNS Servers: 192.168.1.1 - 195.146.128.62
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
MSCONFIG\startupreg: SysTrayApp => C:\Program Files\IDT\WDM\sttray.exe
HKLM\...\StartupApproved\Run: => "PWRISOVM.EXE"
HKU\S-1-5-21-527371810-1592208594-1481903311-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-527371810-1592208594-1481903311-1000\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{4852BA22-E303-4FD8-9C46-C72D4BC69C90}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{AB24780B-E2D8-4524-BA7B-96D9DEC620C8}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{422F204D-14E3-46E2-95A0-07168A48D2DB}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DEF2151B-DDDE-42B1-A1E5-B190DF2A9551}] => (Allow) LPort=1688
FirewallRules: [{E32B9BF3-0C1C-4C36-8F22-129FFF3381DA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4AC64AC2-4387-42C6-87A3-398378968798}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
==================== Restore Points =========================
24-07-2019 10:53:48 Windows Update
18-08-2019 19:10:26 Windows Update
==================== Faulty Device Manager Devices =============
Name: Airplane Mode Switch
Description: Airplane Mode Switch
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Dell Inc
Service: DellRbtn
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/22/2019 09:41:20 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (08/22/2019 09:41:20 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (08/20/2019 06:02:27 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (08/20/2019 06:02:26 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (08/20/2019 05:56:09 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (08/20/2019 05:56:09 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (08/20/2019 05:53:39 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.
Error: (08/20/2019 05:40:58 PM) (Source: MsiInstaller) (EventID: 1023) (User: NT AUTHORITY)
Description: Produkt: Kaspersky Free – Aktualizáciu KIS 2019 MP0 family (Patch g) sa nepodarilo nainštalovať. Kód chyby je 1603. Ďalšie informácie sú uvedené v súbore denníka C:\WINDOWS\TEMP\MSIf0932.LOG.
System errors:
=============
Error: (08/22/2019 09:36:25 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (08/22/2019 09:36:25 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (08/22/2019 09:35:01 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Modul WLAN Extensibility Module sa neočakávane zastavil.
Cesta k modulu: C:\WINDOWS\System32\bcmihvsrv.dll
Error: (08/22/2019 09:35:01 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Modul WLAN Extensibility Module sa neočakávane zastavil.
Cesta k modulu: C:\WINDOWS\System32\bcmihvsrv.dll
Error: (08/22/2019 09:34:55 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1115" attempting to start the service SecurityHealthService with arguments "Unavailable" in order to run the server:
{2D15188C-D298-4E10-83B2-64666CCBEBBD}
Error: (08/22/2019 09:34:54 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Modul WLAN Extensibility Module sa neočakávane zastavil.
Cesta k modulu: C:\WINDOWS\System32\bcmihvsrv.dll
Error: (08/22/2019 09:34:44 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Message Queuing sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 120000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.
Error: (08/22/2019 09:34:42 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 0 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.
Windows Defender:
===================================
Date: 2019-02-16 14:24:27.004
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Trojan:Win32/Occamy.C
ID: 2147726780
Severity: Závažná
Category: Trójsky kôň
Path: file:_I:\Zmazat\Driver Easy Professional\Driver Easy Professional\Crack\Patch.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Signature Version: AV: 1.273.933.0, AS: 1.273.933.0, NIS: 1.273.933.0
Engine Version: AM: 1.1.15100.1, NIS: 1.1.15100.1
Date: 2019-02-16 14:23:54.415
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Trojan:Win32/Occamy.C
ID: 2147726780
Severity: Závažná
Category: Trójsky kôň
Path: file:_I:\Zmazat\Driver Easy Professional\Driver Easy Professional\Crack\Patch.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Signature Version: AV: 1.273.933.0, AS: 1.273.933.0, NIS: 1.273.933.0
Engine Version: AM: 1.1.15100.1, NIS: 1.1.15100.1
Date: 2019-02-16 14:23:27.990
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Trojan:Win32/Occamy.C
ID: 2147726780
Severity: Závažná
Category: Trójsky kôň
Path: file:_I:\Zmazat\Driver Easy Professional\Driver Easy Professional\Crack\Patch.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Signature Version: AV: 1.273.933.0, AS: 1.273.933.0, NIS: 1.273.933.0
Engine Version: AM: 1.1.15100.1, NIS: 1.1.15100.1
CodeIntegrity:
===================================
Date: 2019-08-20 18:56:12.839
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.stdformat.dll that did not meet the Microsoft signing level requirements.
Date: 2019-08-20 18:56:12.754
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\adodb.dll that did not meet the Microsoft signing level requirements.
Date: 2019-08-20 18:56:12.697
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\msdatasrc.dll that did not meet the Microsoft signing level requirements.
Date: 2019-08-20 18:56:12.540
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.stdformat.dll that did not meet the Microsoft signing level requirements.
Date: 2019-08-20 18:56:12.476
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\adodb.dll that did not meet the Microsoft signing level requirements.
Date: 2019-08-20 18:56:12.402
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\msdatasrc.dll that did not meet the Microsoft signing level requirements.
Date: 2019-08-20 18:56:11.025
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
Date: 2019-08-20 18:56:10.632
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Dell Inc. A22 11/30/2018
Motherboard: Dell Inc. 07Y85M
Processor: Intel(R) Core(TM) i7-3630QM CPU @ 2.40GHz
Percentage of memory in use: 66%
Total physical RAM: 3259 MB
Available physical RAM: 1078.96 MB
Total Virtual: 6587 MB
Available Virtual: 3531.17 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:102.21 GB) (Free:71.82 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:0.1 GB) (Free:0.08 GB) NTFS
Drive e: () (Fixed) (Total:195.31 GB) (Free:173.65 GB) NTFS
\\?\Volume{32723148-3150-11e9-b6e5-806e6f6e6963}\ () (Fixed) (Total:0.47 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: 65D7E6F6)
Partition 1: (Not Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=102.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=481 MB) - (Type=27)
Partition 4: (Not Active) - (Size=195.3 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Re: poprosim o preventivku
Otvor poznamkovy blok (Win+R -> notepad -> enter)
- Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:
Kód: Vybrat vše
Start CloseProcesses: CreateRestorePoint: PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum HKU\S-1-5-21-527371810-1592208594-1481903311-1000\...\MountPoints2: {94abd227-c359-11e9-aeaa-2cd05a86ddf4} - "G:\HiSuiteDownLoader.exe" Toolbar: HKU\S-1-5-21-527371810-1592208594-1481903311-1000 -> No Name - {C500C267-63BF-451F-8797-4D720C9A2ED9} - No File U3 idsvc; no ImagePath CustomCLSID: HKU\S-1-5-21-527371810-1592208594-1481903311-1000_Classes\CLSID\{E7629152-0A34-4487-B787-5D1144304455}\localserver32 -> no filepath ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File Hosts: EmptyTemp: End - Uloz na plochu s nazvom fixlist.txt
- Spusti znovu FRST a klikni na Fix
- Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
- Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: poprosim o preventivku
Ahoj
Fix result of Farbar Recovery Scan Tool (x86) Version: 22-08-2019
Ran by DELL (24-08-2019 10:02:03) Run:1
Running from C:\Users\DELL\Desktop
Loaded Profiles: DELL (Available Profiles: DELL)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
HKU\S-1-5-21-527371810-1592208594-1481903311-1000\...\MountPoints2: {94abd227-c359-11e9-aeaa-2cd05a86ddf4} - "G:\HiSuiteDownLoader.exe"
Toolbar: HKU\S-1-5-21-527371810-1592208594-1481903311-1000 -> No Name - {C500C267-63BF-451F-8797-4D720C9A2ED9} - No File
U3 idsvc; no ImagePath
CustomCLSID: HKU\S-1-5-21-527371810-1592208594-1481903311-1000_Classes\CLSID\{E7629152-0A34-4487-B787-5D1144304455}\localserver32 -> no filepath
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========
Count : 7
Average :
Sum : 10542172
Maximum :
Minimum :
Property : Length
========= End of Powershell: =========
HKU\S-1-5-21-527371810-1592208594-1481903311-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{94abd227-c359-11e9-aeaa-2cd05a86ddf4} => removed successfully.
HKLM\Software\Classes\CLSID\{94abd227-c359-11e9-aeaa-2cd05a86ddf4} => not found
"HKU\S-1-5-21-527371810-1592208594-1481903311-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{C500C267-63BF-451F-8797-4D720C9A2ED9}" => removed successfully.
HKLM\Software\Classes\CLSID\{C500C267-63BF-451F-8797-4D720C9A2ED9} => not found
HKLM\System\CurrentControlSet\Services\idsvc => removed successfully.
idsvc => service removed successfully.
HKU\S-1-5-21-527371810-1592208594-1481903311-1000_Classes\CLSID\{E7629152-0A34-4487-B787-5D1144304455} => removed successfully.
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets => removed successfully.
HKLM\Software\Classes\CLSID\{6B9228DA-9C15-419e-856C-19E768A13BDC} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully.
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 9199616 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 126044429 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 29078056 B
Edge => 557016 B
Chrome => 0 B
Firefox => 1081091185 B
Opera => 1074332 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
LocalService => 31332 B
NetworkService => 3980 B
DELL => 51868091 B
RecycleBin => 2419800 B
EmptyTemp: => 1.2 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 10:06:00 ====
Fix result of Farbar Recovery Scan Tool (x86) Version: 22-08-2019
Ran by DELL (24-08-2019 10:02:03) Run:1
Running from C:\Users\DELL\Desktop
Loaded Profiles: DELL (Available Profiles: DELL)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
HKU\S-1-5-21-527371810-1592208594-1481903311-1000\...\MountPoints2: {94abd227-c359-11e9-aeaa-2cd05a86ddf4} - "G:\HiSuiteDownLoader.exe"
Toolbar: HKU\S-1-5-21-527371810-1592208594-1481903311-1000 -> No Name - {C500C267-63BF-451F-8797-4D720C9A2ED9} - No File
U3 idsvc; no ImagePath
CustomCLSID: HKU\S-1-5-21-527371810-1592208594-1481903311-1000_Classes\CLSID\{E7629152-0A34-4487-B787-5D1144304455}\localserver32 -> no filepath
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========
Count : 7
Average :
Sum : 10542172
Maximum :
Minimum :
Property : Length
========= End of Powershell: =========
HKU\S-1-5-21-527371810-1592208594-1481903311-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{94abd227-c359-11e9-aeaa-2cd05a86ddf4} => removed successfully.
HKLM\Software\Classes\CLSID\{94abd227-c359-11e9-aeaa-2cd05a86ddf4} => not found
"HKU\S-1-5-21-527371810-1592208594-1481903311-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{C500C267-63BF-451F-8797-4D720C9A2ED9}" => removed successfully.
HKLM\Software\Classes\CLSID\{C500C267-63BF-451F-8797-4D720C9A2ED9} => not found
HKLM\System\CurrentControlSet\Services\idsvc => removed successfully.
idsvc => service removed successfully.
HKU\S-1-5-21-527371810-1592208594-1481903311-1000_Classes\CLSID\{E7629152-0A34-4487-B787-5D1144304455} => removed successfully.
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets => removed successfully.
HKLM\Software\Classes\CLSID\{6B9228DA-9C15-419e-856C-19E768A13BDC} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully.
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 9199616 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 126044429 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 29078056 B
Edge => 557016 B
Chrome => 0 B
Firefox => 1081091185 B
Opera => 1074332 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
LocalService => 31332 B
NetworkService => 3980 B
DELL => 51868091 B
RecycleBin => 2419800 B
EmptyTemp: => 1.2 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 10:06:00 ====
Re: poprosim o preventivku
Ako to vyzera s PC? Su nejake problemy.Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: poprosim o preventivku
Ahoj zatiaľ skoro hodnotiť, ale predpokladám ,ze keď sa pytaš malo by to byt ok. Takže ďakujem veľmi pekne za pomoc 
Re: poprosim o preventivku
Ano, logy vyzeraju OK. Tak este upraceme po pouzitych nastrojoch:
- Stiahni DelFix: https://toolslib.net/downloads/finish/2-delfix/
- Uloz na plochu a spusti
- Nechaj oznacenu moznost "Remove disinfection tools"
- Klikni na "Run"
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Přispějete na provoz fóra?