VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

extreme pomale pc

https://forum.viry.cz:443/viewtopic.php?t=156867

Stránka 1 z 1

extreme pomale pc

Napsal: 18 úno 2020 23:58
od boutek
Dobry vecer. PC bylo delsi dobu nepouzivano a ted je velmi pomale/neustale zamrza. Predem dekuji!

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-02-2020
Ran by Administrator (administrator) on MICK (TOSHIBA Satellite A500) (18-02-2020 22:47:31)
Running from C:\Users\Administrator\Downloads
Loaded Profiles: Administrator & Guest (Available Profiles: Administrator & Guest)
Platform: Windows 10 Home Version 1903 18362.657 (X64) Language: English (United States)
Default browser not detected!
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\Alwil Software\Avast5\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\Alwil Software\Avast5\wsc_proxy.exe
(DameWare Development, LLC. -> SolarWinds) C:\Windows\dwrcs\DWRCS.EXE
(DameWare Development, LLC. -> SolarWinds) C:\Windows\dwrcs\DWRCST.EXE
(DameWare Development, LLC. -> SolarWinds) C:\Windows\System32\DNTUS26.EXE
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.442\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.442\GoogleCrashHandler64.exe
(IVT Corporation) [File not signed] C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
(IVT Corporation) [File not signed] C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2020.19081.28230.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.20011.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\assistant\browser_assistant.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\assistant\browser_assistant.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation.) C:\Program Files\TOSHIBA\HDMICtrlMan\HCMSoundChanger.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation.) C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ThpSrv] => C:\Windows\system32\thpsrv /logon
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2009-11-05] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [HDMICtrlMan] => C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe [1032536 2009-10-23] (TOSHIBA CORPORATION -> TOSHIBA Corporation.)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [705368 2010-02-05] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [Toshiba Registration] => C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [134032 2009-08-25] (Toshiba Europe GmbH -> Toshiba Europe GmbH)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvLaunch.exe [268680 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8095776 2009-08-31] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944648 2015-06-12] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [DameWare MRC Agent] => C:\Windows\dwrcs\DWRCST.exe [298944 2011-12-12] (DameWare Development, LLC. -> SolarWinds)
HKLM-x32\...\Run: [Opera Browser Assistant] => c:\program files (x86)\opera\assistant\browser_assistant.exe [2785304 2020-02-13] (Opera Software AS -> Opera Software)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-4246815794-1745546178-596238576-500\...\Run: [GoogleChromeAutoLaunch_361C1DD22E1256C6B68316A32E8B1949] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
HKU\S-1-5-21-4246815794-1745546178-596238576-500\...\Run: [Chromium] => "c:\users\administrator\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
HKU\S-1-5-21-4246815794-1745546178-596238576-500\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-15] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-4246815794-1745546178-596238576-500\Software\Policies\...\system: [disablecmd] 0
HKU\S-1-5-21-4246815794-1745546178-596238576-501\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.116\Installer\chrmstp.exe [2020-02-18] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\Software\...\Authentication\Credential Providers: [{B65F237C-AAFF-4df7-8872-91B65663E41F}] -> C:\Program Files\Toshiba\SmartFaceV\SmartFaceVCP.dll [2009-10-19] (TOSHIBA Corporation) [File not signed]
Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk [2016-05-04]
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2009-12-07]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA CORPORATION -> TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2009-12-07]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA CORPORATION -> TOSHIBA Europe)
Startup: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2009-12-07]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA CORPORATION -> TOSHIBA Europe)
Startup: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2009-12-07]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA CORPORATION -> TOSHIBA Europe)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {08981218-72F4-49C9-97AA-3F5E37CAEB9B} - System32\Tasks\{09B27912-9A43-4FF7-BD30-57630748A883} => C:\Users\Administrator\Desktop\Killer_Instinct_Gold.exe
Task: {0BF7B5EA-2A57-478E-ADBD-F7F2335C49DF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.)
Task: {13C0A863-D9C4-4946-890B-FBFAF800D3B1} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {186D32FA-F97C-47FB-97F6-736F8F776B36} - System32\Tasks\{D1BBCD9B-168D-4276-A916-0F5F8245D950} => C:\Windows\system32\pcalua.exe -a C:\ProgramData\DivX\Setup\DivXSetup.exe -c /uninstall /bundleGroupId divx.com
Task: {2644A367-9079-46C3-9738-8222C3872D40} - System32\Tasks\Opera scheduled Autoupdate 1423088991 => c:\program files (x86)\opera\launcher.exe [1532952 2020-02-05] (Opera Software AS -> Opera Software)
Task: {269E075B-8CFF-41A5-A9F0-AEF0465944DC} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [979024 2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {2BAA2B32-8A08-434C-98FD-16DE1B6B13BF} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {31A0B560-2F6A-4A78-90F7-8F9EC6C51153} - System32\Tasks\{5F88DBBA-CDE8-4AE1-85F9-20A0392DFCA9} => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832264 2017-10-06] (Skype Software Sarl -> Skype Technologies S.A.)
Task: {39E14FF8-2571-476E-8F35-EACD93E134FF} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {3A980C6B-EA6A-4300-A9F1-FB6DFB1FD276} - System32\Tasks\{794D2B9A-6983-4A27-B006-03C4BF798CCF} => C:\Windows\system32\pcalua.exe -a J:\setup.exe -d J:\
Task: {3C08AAAA-9F35-4538-A91E-2C8D467A97B9} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {3D7B0ACF-A7CA-4DBC-AF76-23CCD96420CD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4246815794-1745546178-596238576-1000Core => C:\Users\pcw\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2010-06-26] (Google Inc -> Google Inc.)
Task: {3E723A07-ADAE-49AD-ACE4-ECCE877BFD74} - System32\Tasks\{33D6D88F-312B-4AF6-B7C2-11F80ACE0423} => C:\Users\pcw\AppData\Local\Google\Chrome\Application\chrome.exe
Task: {441ECD93-A07D-461C-8B33-1D6A90A39A44} - System32\Tasks\Opera scheduled assistant Autoupdate 1547238604 => c:\program files (x86)\opera\launcher.exe [1532952 2020-02-05] (Opera Software AS -> Opera Software)
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4B3F8A78-73D8-41DA-9C9A-CA3F1BD70233} - System32\Tasks\{ED6CA3B1-DD85-4B52-8D35-7A4E561D8EE4} => C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840 2009-11-21] (TOSHIBA CORPORATION -> TOSHIBA CORPORATION.)
Task: {4B695E67-D0FD-420F-ACC4-45DD4D3DBA53} - System32\Tasks\{5527599E-4D2B-4E27-BC45-DD9ECF58BB16} => C:\Users\Administrator\Desktop\Killer_Instinct_Gold.exe
Task: {4C3294AF-E1B0-4DB5-AECD-86FFD9C02BD9} - System32\Tasks\{658EBFDD-0FA9-428F-AB19-0C8C1A749E40} => C:\Windows\system32\pcalua.exe -a C:\Users\Administrator\Desktop\verypdf-free-txt2pdf.exe -d C:\Users\Administrator\Desktop
Task: {4C4E2760-7F69-424E-B358-1555749C68A2} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_122_pepper.exe [1454592 2018-10-28] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {57C20DD6-8BB6-46DF-87CE-1095EEB1DC7B} - System32\Tasks\{6FAE5151-0CA3-4E2E-A01B-A5D9FCCAA8A6} => C:\Users\pcw\AppData\Local\Google\Chrome\Application\chrome.exe
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5BC61AB0-F6FA-4ACF-B271-961217543B71} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [1156496 2019-12-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {5CA4C754-7EC0-4126-97AE-4BDED30FF830} - System32\Tasks\{5BACAC0C-665F-48C9-8C6D-BC6C6F14CBEE} => C:\Windows\system32\pcalua.exe -a "M:\Adobe Photoshop CS4 Extended Edition\Photoshop CS4 Install\payloads\AdobeAIR1.0\AdobeAIRInstaller.exe" -d "C:\Program Files (x86)\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8" -c -silent
Task: {65e88037-46b5-450e-a4d9-58b52c9391ff} - no filepath
Task: {7648CD77-5E65-4D93-85AA-8ED7CDF43B69} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {79290419-8274-4E74-A432-50C67B6A1377} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2018-10-28] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {7C2C3EC5-C44D-4D7D-BAD7-F1F110691DA2} - System32\Tasks\{93E542A6-D284-4FC7-8F38-4BD1224DB099} => C:\Users\pcw\AppData\Local\Google\Chrome\Application\chrome.exe
Task: {81178925-F872-45BA-B7DB-5FCAD8F01FC7} - System32\Tasks\Avast Emergency Update => C:\Program Files\Alwil Software\Avast5\AvEmUpdate.exe [3933576 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
Task: {883A4C4B-246A-4802-A430-C2F758594DE3} - System32\Tasks\{E76114B5-F5E0-4110-A9D4-4E4D1B9AC0E6} => C:\Users\pcw\AppData\Local\Google\Chrome\Application\chrome.exe
Task: {8D80DB69-11D5-411D-9A62-7B88C5F4BFBC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-15] (Piriform Software Ltd -> Piriform Ltd)
Task: {8D832B1D-7B4C-4AD2-B6B3-9D64F1117A9F} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {8E769F28-6811-46DC-8860-7F357DE0E54B} - System32\Tasks\{165E0EEE-053E-430B-BE7E-3A4C136D1416} => C:\Windows\system32\pcalua.exe -a "H:\Adobe Photoshop CS4 Extended Edition\Photoshop CS4 Install\payloads\AdobeAIR1.0\AdobeAIRInstaller.exe" -d "C:\Program Files (x86)\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8" -c -silent
Task: {8EFBE834-4F5B-4479-BE61-51DDDA91DCC2} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1873288 2019-09-19] (AVAST Software s.r.o. -> AVAST Software)
Task: {90110391-5111-4908-8357-59AB34EAC899} - System32\Tasks\{A7FE5530-718F-4B1D-91C1-3A81F217DBAB} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{F9B37992-968C-4264-8449-489032FC28DE}\setup.exe" -c -runfromtemp -l0x0409
Task: {93BF64C1-401B-43B9-8B4A-83AD13FEEBD3} - System32\Tasks\{4E6158EF-F90B-4F5C-9F7C-10BC4CC4F602} => C:\Windows\system32\pcalua.exe -a C:\Users\pcw\Downloads\DAEMONToolsPro4360309-0160.exe -d C:\Users\pcw\Downloads
Task: {94ADA3A1-EB95-4C94-958F-C27707F4CACB} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [979024 2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {9A22860E-6C40-4886-8A4A-960ECD8FAEEA} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {A0E8684E-1879-4B47-8795-9AD16D3C0DAA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [998104 2015-07-07] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {A2B3CBF6-0940-4969-9317-498007E43DA2} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {A68EC263-3CBA-4055-BAA9-32F0105DC451} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {ACD93D0B-9F74-4ECB-AA1D-465B68C2B374} - System32\Tasks\{C51C5F60-15B8-44A6-80FE-F94C1A28E364} => "C:\Program Files (x86)\Internet Explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/5.1.0.104.280/en/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;notincluded,google-chrome&#058;notoffered;disabled
Task: {B047789F-947C-4886-9580-1A14DD55DA1E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-15] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {B0911F13-D386-4D8E-B46D-0E0E4FD1309B} - System32\Tasks\{DA8CF6A7-882A-4087-B739-D8ADAF57AD4C} => C:\Windows\system32\pcalua.exe -a E:\QuickInstall.exe -d E:\
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B4C93BE6-062B-42EE-873F-2F36B8B7CA53} - System32\Tasks\{3B443DDB-226F-406A-8161-AAE960162048} => "c:\users\administrator\appdata\local\google\chrome\application\chrome.exe" hxxp://www.skype.com/go/downloading?source=lig ... tError=404
Task: {B8BF88B3-398C-4304-AA50-6C6D8ECFD01B} - System32\Tasks\{6FE33958-2979-4FC5-ABBC-7DCE16700255} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" -c /uninstall HOMESTUDENTR /dll OSETUP.DLL
Task: {BBC78C39-A315-448C-B166-44C453FFC47D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4246815794-1745546178-596238576-1000UA => C:\Users\pcw\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2010-06-26] (Google Inc -> Google Inc.)
Task: {C0457296-52EC-4EE4-8AD5-DB20CAF0F0FF} - System32\Tasks\{27B2263C-7E6F-441A-9C1B-2954741052B7} => C:\Windows\system32\pcalua.exe -a "C:\Users\Administrator\Documents\Vuze Downloads\STALKER Call Of Pripyat-Razor1911\rzr-stcp\Redist\NetFX\dotnetfx35.exe" -d "C:\Users\Administrator\Documents\Vuze Downloads\STALKER Call Of Pripyat-Razor1911\rzr-stcp\Redist\NetFX"
Task: {C49CD8F6-6BF6-49A2-97C0-CE1815D2CD1A} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-12-30] (Dropbox, Inc -> Dropbox, Inc.)
Task: {D62329D7-4821-4EA9-882E-0D72058F7A1F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {E187BAFE-D550-4A80-A09D-F9313BEC3DDD} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-12-30] (Dropbox, Inc -> Dropbox, Inc.)
Task: {EC632829-4F17-4438-996D-DB96D27DF7D2} - System32\Tasks\{777698A2-10AB-4C3D-9052-E5A7866A67DD} => C:\Windows\system32\pcalua.exe -a E:\QuickInstall.exe -d E:\
Task: {F34232F7-00D2-49E0-8A9A-236C34FC184E} - System32\Tasks\{B719C303-4747-455A-B3FE-1D627710A978} => C:\Windows\system32\pcalua.exe -a C:\Users\pcw\Desktop\milionar_lt.exe -d C:\Users\pcw\Desktop
Task: {F797E113-7D13-4DD0-9E5F-38D803ECEE8E} - \Games\UpdateCheck_S-1-5-21-4246815794-1745546178-596238576-1000 -> No File <==== ATTENTION
Task: {F7C00807-871D-4C30-ADBA-81FA9AAC2923} - System32\Tasks\{CB50C5BC-2E0C-4BF8-A0BE-9B1908A49EBC} => "c:\users\administrator\appdata\local\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/5.3.0.120.280/en/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;notincluded,google-chrome&#058;notoffered;ienotdefaultbrowser2
Task: {FF09C42A-84A7-46B6-9FE3-2E16B2699364} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 194.168.4.100 194.168.8.100
Tcpip\..\Interfaces\{1e13f6b7-24ec-49f1-935e-50c1fab14810}: [DhcpNameServer] 149.254.230.7 149.254.199.126
Tcpip\..\Interfaces\{70b8dae5-6e0b-44b4-a454-4c5f6bb1f8f2}: [DhcpNameServer] 149.254.230.7 149.254.199.126
Tcpip\..\Interfaces\{86cca158-1b13-41c4-89df-b3fdb04a5c0f}: [DhcpNameServer] 194.168.4.100 194.168.8.100

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-4246815794-1745546178-596238576-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://uk.search.yahoo.com/?type=994519&fr=spigot-yhp-ie
HKU\S-1-5-21-4246815794-1745546178-596238576-501\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=TSEH&bmod=TSEH
HKU\S-1-5-21-4246815794-1745546178-596238576-501\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSEH&bmod=TSEH
SearchScopes: HKU\S-1-5-21-4246815794-1745546178-596238576-500 -> DefaultScope {3564C724-A0FD-4463-93F0-DE4199A0BC67} URL = hxxps://uk.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=994519&p={searchTerms}
SearchScopes: HKU\S-1-5-21-4246815794-1745546178-596238576-500 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4246815794-1745546178-596238576-500 -> {3564C724-A0FD-4463-93F0-DE4199A0BC67} URL = hxxps://uk.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=994519&p={searchTerms}
SearchScopes: HKU\S-1-5-21-4246815794-1745546178-596238576-500 -> {9C074B02-71C0-4C0D-9BF5-71C08652C882} URL = hxxp://rover.ebay.com/rover/1/710-44557-9400-9/4?satitle={searchTerms}
SearchScopes: HKU\S-1-5-21-4246815794-1745546178-596238576-500 -> {C645BB76-AFFA-4F84-8214-AFA910CC0D6F} URL = hxxp://www.amazon.co.uk/gp/search?ie=UTF8&keyw ... nkCode=ur2
SearchScopes: HKU\S-1-5-21-4246815794-1745546178-596238576-501 -> {472B7FD0-3BFB-4251-B282-5BA57A6BE2FB} URL = hxxp://rover.ebay.com/rover/1/710-44557-9400-9/4?satitle={searchTerms}
SearchScopes: HKU\S-1-5-21-4246815794-1745546178-596238576-501 -> {B5633EF7-5715-4B53-9F67-88CB000439E2} URL = hxxp://www.amazon.co.uk/gp/search?ie=UTF8&keyw ... nkCode=ur2
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2019-11-19] (Microsoft Corporation -> Microsoft Corporation)
BHO: Browser Extensions -> {34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} -> C:\Users\Administrator\AppData\Roaming\BrowserExtensions\Coupons64.dll [2017-01-05] (Cloud Software -> ) [File not signed]
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2019-11-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2019-11-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Browser Extensions -> {34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} -> C:\Users\Administrator\AppData\Roaming\BrowserExtensions\Coupons.dll [2017-01-05] (Cloud Software -> ) [File not signed]
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2020-01-27] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2019-11-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2020-01-27] (Oracle America, Inc. -> Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-11-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-07-18] (Skype Software Sarl -> Skype Technologies)

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2020-01-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2020-01-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-08-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4246815794-1745546178-596238576-500: torrents-time.com/TTPlugin -> C:\Program Files (x86)\TorrentsTime Media Player\bin\npTTPlugin.dll [No File]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default [2020-02-18]
CHR Notifications: Default -> hxxps://0.geostream.pro; hxxps://1.streampoint.live; hxxps://1.streamview.club; hxxps://crypto-news-channel.com; hxxps://geostream.online; hxxps://mail.protonmail.com; hxxps://news.vice.com; hxxps://shotly.io; hxxps://www.youtube.com; hxxps://www1.debrahinton.pro; hxxps://www1.ramirocampos.pro
CHR HomePage: Default -> hxxp://google.co.uk/
CHR StartupUrls: Default -> "search.mpc.am","hxxps://uk.search.yahoo.com/?type=994519&fr=yo-yhp-ch"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Alarm Clock) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blagpbigenehgpkodglijaaegbfgfjmi [2017-02-05]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-11-08]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-12-23]
CHR Extension: (Avast Online Security) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-01-18]
CHR Extension: (Alarm Clock Radio) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\kipdhcpepbpjaoggihaloebfjfafagmi [2017-02-05]
CHR Extension: (Magic Enhancer For YouTube™) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak [2020-02-04]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-12]
CHR Extension: (Online Music Alarm Clock) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pblohfmipkhnjcgpoamnmjelcajhpcjg [2019-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-02-08]
CHR Profile: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-02-08]
CHR Profile: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\System Profile [2020-02-08]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]

Opera:
=======
OPR Extension: (AdBlock) - C:\Users\Administrator\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2016-07-02]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\Alwil Software\Avast5\aswidsagent.exe [6259592 2019-12-19] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [996880 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Alwil Software\Avast5\wsc_proxy.exe [57504 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R2 BlueSoleilCS; C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe [1466476 2009-09-02] (IVT Corporation) [File not signed]
R3 BsHelpCS; C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe [192000 2009-09-02] (IVT Corporation) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058256 2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-12-30] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-12-30] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44552 2020-02-04] (Dropbox, Inc -> Dropbox, Inc.)
R2 DNTUS26; C:\Windows\SYSTEM32\DNTUS26.EXE [120768 2011-12-12] (DameWare Development, LLC. -> SolarWinds)
R2 dwmrcs; C:\Windows\dwrcs\DWRCS.EXE [701376 2011-12-12] (DameWare Development, LLC. -> SolarWinds)
S4 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144 2009-09-30] (Intel Corporation) [File not signed]
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-06-12] (Synaptics Incorporated -> Synaptics Incorporated)
S4 UNS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240 2009-09-30] (Intel Corporation) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37616 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [204824 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [274456 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [209552 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [65120 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16304 2019-10-02] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [276952 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42736 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [161544 2019-11-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110320 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83792 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [848432 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460448 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [236024 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [316528 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 DwMirror; C:\WINDOWS\System32\drivers\DamewareMini.sys [5632 2008-03-14] (Microsoft Windows Hardware Compatibility Publisher -> DameWare Development, LLC)
R1 dwvkbd; C:\WINDOWS\system32\DRIVERS\dwvkbd64.sys [30720 2008-03-13] (Microsoft Windows Hardware Compatibility Publisher -> DameWare)
R3 RTL8167; C:\WINDOWS\system32\DRIVERS\Rt64win7.sys [291328 2009-11-05] (Microsoft Windows Hardware Compatibility Publisher -> Realtek )
R3 rtl8192se; C:\WINDOWS\System32\drivers\rtl8192se.sys [1222656 2019-03-19] (Microsoft Windows -> Realtek Semiconductor Corporation )
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-12] (Synaptics Incorporated -> Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [45728 2015-09-25] (TOSHIBA CORPORATION -> Toshiba Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
U3 aspnet_state; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-02-18 22:47 - 2020-02-18 22:51 - 000039701 _____ C:\Users\Administrator\Downloads\FRST.txt
2020-02-18 22:45 - 2020-02-18 22:45 - 002279424 _____ (Farbar) C:\Users\Administrator\Downloads\FRST64.exe
2020-02-18 20:46 - 2020-02-03 20:56 - 000835688 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-02-18 20:46 - 2020-02-03 20:56 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-02-18 20:37 - 2020-02-18 20:37 - 000000000 ____D C:\ProgramData\ssh
2020-02-14 23:33 - 2020-02-14 23:40 - 000020920 _____ C:\Users\Administrator\Desktop\burian
2020-02-14 20:47 - 2020-02-14 20:47 - 005502464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2020-02-14 20:47 - 2020-02-14 20:47 - 004308480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2020-02-14 20:47 - 2020-02-14 20:47 - 001541632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2020-02-14 20:46 - 2020-02-14 20:46 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-02-14 20:46 - 2020-02-14 20:46 - 019813376 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-02-14 20:46 - 2020-02-14 20:46 - 004470272 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2020-02-14 20:46 - 2020-02-14 20:46 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-02-14 20:46 - 2020-02-14 20:46 - 003525592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2020-02-14 20:46 - 2020-02-14 20:46 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2020-02-14 20:46 - 2020-02-14 20:46 - 002493720 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-02-14 20:46 - 2020-02-14 20:46 - 002314952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2020-02-14 20:46 - 2020-02-14 20:46 - 002230232 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2020-02-14 20:46 - 2020-02-14 20:46 - 001835128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2020-02-14 20:46 - 2020-02-14 20:46 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-02-14 20:46 - 2020-02-14 20:46 - 001489064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2020-02-14 20:46 - 2020-02-14 20:46 - 001417760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2020-02-14 20:46 - 2020-02-14 20:46 - 001272360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2020-02-14 20:46 - 2020-02-14 20:46 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-02-14 20:46 - 2020-02-14 20:46 - 001105776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2020-02-14 20:46 - 2020-02-14 20:46 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-02-14 20:46 - 2020-02-14 20:46 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2020-02-14 20:46 - 2020-02-14 20:46 - 000890368 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2020-02-14 20:46 - 2020-02-14 20:46 - 000537608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2020-02-14 20:46 - 2020-02-14 20:46 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 019850240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 018026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 007017472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 006284800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 005912064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 003820032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 003484672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 003243080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-02-14 20:45 - 2020-02-14 20:45 - 001080832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 000805376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 000476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2020-02-14 20:45 - 2020-02-14 20:45 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapisrv.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\srrstr.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2020-02-14 20:45 - 2020-02-14 20:45 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWSD.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dfrgui.exe
2020-02-14 20:45 - 2020-02-14 20:45 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdSSDP.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SrTasks.exe
2020-02-14 20:45 - 2020-02-14 20:45 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedssync.exe
2020-02-14 20:44 - 2020-02-14 20:44 - 025900032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 022635008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 008013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 007754752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 007259648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 004856832 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 004575232 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 004348616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-02-14 20:44 - 2020-02-14 20:44 - 002225160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 002032128 _____ C:\WINDOWS\system32\rdpnano.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 001284096 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 001273856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 001218120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2020-02-14 20:44 - 2020-02-14 20:44 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 001083392 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 001000960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000996352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000788992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000510768 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2020-02-14 20:44 - 2020-02-14 20:44 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2020-02-14 20:44 - 2020-02-14 20:44 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000494080 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000486400 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2020-02-14 20:44 - 2020-02-14 20:44 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\DispBroker.Desktop.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000399360 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000366416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapisrv.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2020-02-14 20:44 - 2020-02-14 20:44 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFMCP.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2020-02-14 20:44 - 2020-02-14 20:44 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2020-02-14 20:44 - 2020-02-14 20:44 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdsdwmdr.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\recdisc.exe
2020-02-14 20:44 - 2020-02-14 20:44 - 000186880 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe
2020-02-14 20:44 - 2020-02-14 20:44 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWSD.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfrgui.exe
2020-02-14 20:44 - 2020-02-14 20:44 - 000099712 _____ (Microsoft Corporation) C:\WINDOWS\system32\FsIso.exe
2020-02-14 20:44 - 2020-02-14 20:44 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000059221 _____ C:\WINDOWS\system32\srms.dat
2020-02-14 20:44 - 2020-02-14 20:44 - 000042512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2020-02-14 20:44 - 2020-02-14 20:44 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2020-02-14 20:44 - 2020-02-14 20:44 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000019768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2020-02-14 20:44 - 2020-02-14 20:44 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe
2020-02-14 20:43 - 2020-02-14 20:43 - 006519752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 006083832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 002800128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-02-14 20:43 - 2020-02-14 20:43 - 002584008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 002260176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 001693184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 001664696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 001562424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 001398584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-02-14 20:43 - 2020-02-14 20:43 - 001283592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2020-02-14 20:43 - 2020-02-14 20:43 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 001216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2020-02-14 20:43 - 2020-02-14 20:43 - 001213752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 001195008 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 001077264 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-02-14 20:43 - 2020-02-14 20:43 - 000904504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000892488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000784384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-02-14 20:43 - 2020-02-14 20:43 - 000774664 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-02-14 20:43 - 2020-02-14 20:43 - 000679368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-02-14 20:43 - 2020-02-14 20:43 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000597816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000568120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000542288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000453432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2020-02-14 20:43 - 2020-02-14 20:43 - 000441072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000422008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000405632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-02-14 20:43 - 2020-02-14 20:43 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-02-14 20:43 - 2020-02-14 20:43 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000300392 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000274464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BCP47Langs.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpviewerax.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-02-14 20:43 - 2020-02-14 20:43 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-02-14 20:43 - 2020-02-14 20:43 - 000193800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000190256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Winlangdb.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000150536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2020-02-14 20:43 - 2020-02-14 20:43 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000133464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BCP47mrm.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdSSDP.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\compstui.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\globinputhost.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000093496 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000089328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000084496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2020-02-14 20:43 - 2020-02-14 20:43 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\keyiso.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.exe
2020-02-14 20:43 - 2020-02-14 20:43 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtutils.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguageProfileCallback.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Websocket.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000021520 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-02-14 20:43 - 2020-02-14 20:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-02-14 20:43 - 2020-02-14 20:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-02-14 20:43 - 2020-02-14 20:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-02-14 20:43 - 2020-02-14 20:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-02-14 20:43 - 2020-02-14 20:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-02-14 20:43 - 2020-02-14 20:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-02-14 20:43 - 2020-02-14 20:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-02-14 20:43 - 2020-02-14 20:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-02-14 20:43 - 2020-02-14 20:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-02-14 20:43 - 2020-02-14 20:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-02-14 20:43 - 2020-02-14 20:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-02-14 20:42 - 2020-02-14 20:43 - 005112320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 009929016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-02-14 20:42 - 2020-02-14 20:42 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 006435840 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 005041664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 004562896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-02-14 20:42 - 2020-02-14 20:42 - 003967888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-02-14 20:42 - 2020-02-14 20:42 - 003792384 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 003372440 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 002988552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-02-14 20:42 - 2020-02-14 20:42 - 002861568 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 002773776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 002766088 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 002703872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 002084576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 001999960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 001916744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 001858560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 001743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 001687040 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 001664680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 001482040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-02-14 20:42 - 2020-02-14 20:42 - 001412096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 001394168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 001300280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2020-02-14 20:42 - 2020-02-14 20:42 - 001170960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 001154448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 001097216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 001051448 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000928120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-02-14 20:42 - 2020-02-14 20:42 - 000913408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000891736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000875448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000857088 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2020-02-14 20:42 - 2020-02-14 20:42 - 000824848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000768488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000704512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000673080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000661816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-02-14 20:42 - 2020-02-14 20:42 - 000637440 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000629760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000617784 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000587064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2020-02-14 20:42 - 2020-02-14 20:42 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000518456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2020-02-14 20:42 - 2020-02-14 20:42 - 000512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-02-14 20:42 - 2020-02-14 20:42 - 000467952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000416056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2020-02-14 20:42 - 2020-02-14 20:42 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-02-14 20:42 - 2020-02-14 20:42 - 000375504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000335448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpviewerax.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000311096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\msutb.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000259984 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000220984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-02-14 20:42 - 2020-02-14 20:42 - 000217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msutb.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\regapi.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000190464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regapi.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000179720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-02-14 20:42 - 2020-02-14 20:42 - 000165832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2020-02-14 20:42 - 2020-02-14 20:42 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatialAudioLicenseSrv.exe
2020-02-14 20:42 - 2020-02-14 20:42 - 000143160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000132624 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetDriverInstall.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000107832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000106808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2020-02-14 20:42 - 2020-02-14 20:42 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\keyiso.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetDriverInstall.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000072816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\findnetprinters.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.exe
2020-02-14 20:42 - 2020-02-14 20:42 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtutils.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000063288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-02-14 20:42 - 2020-02-14 20:42 - 000058880 _____ C:\WINDOWS\system32\runexehelper.exe
2020-02-14 20:42 - 2020-02-14 20:42 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Websocket.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcicda.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mciwave.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mciseq.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000020944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsunattend.exe
2020-02-14 20:42 - 2020-02-14 20:42 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 007905208 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 006167552 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 004470784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 004005888 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 003728896 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-02-14 20:41 - 2020-02-14 20:41 - 003550208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 002870272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 002071552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 001841152 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 001830200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 001757096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-02-14 20:41 - 2020-02-14 20:41 - 001726480 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 001655880 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 001602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 001512320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-02-14 20:41 - 2020-02-14 20:41 - 001505592 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 001481216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 001480192 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-02-14 20:41 - 2020-02-14 20:41 - 001372160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-02-14 20:41 - 2020-02-14 20:41 - 001182232 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2020-02-14 20:41 - 2020-02-14 20:41 - 001083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 001009664 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000974336 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthSSO.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-02-14 20:41 - 2020-02-14 20:41 - 000758800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000747320 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000678928 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000642008 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-02-14 20:41 - 2020-02-14 20:41 - 000558592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-02-14 20:41 - 2020-02-14 20:41 - 000545432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000516648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2020-02-14 20:41 - 2020-02-14 20:41 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2020-02-14 20:41 - 2020-02-14 20:41 - 000465208 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000459896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-02-14 20:41 - 2020-02-14 20:41 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-02-14 20:41 - 2020-02-14 20:41 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000369504 _____ (Microsoft Corporation) C:\WINDOWS\system32\BCP47Langs.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SpeechPrivacy.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000324616 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-02-14 20:41 - 2020-02-14 20:41 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Winlangdb.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000186672 _____ (Microsoft Corporation) C:\WINDOWS\system32\BCP47mrm.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\globinputhost.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000127280 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000117264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2020-02-14 20:41 - 2020-02-14 20:41 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairingExperienceMEM.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-02-14 20:41 - 2020-02-14 20:41 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthSystray.exe
2020-02-14 20:41 - 2020-02-14 20:41 - 000071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2020-02-14 20:41 - 2020-02-14 20:41 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguageProfileCallback.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000037392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2020-02-14 20:41 - 2020-02-14 20:41 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\bindflt.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 017787904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 006231200 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 004615376 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-02-14 20:40 - 2020-02-14 20:40 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 003590968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-02-14 20:40 - 2020-02-14 20:40 - 003110400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 002714624 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-02-14 20:40 - 2020-02-14 20:40 - 002284544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 002125904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 001942016 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 001413912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 001149928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-02-14 20:40 - 2020-02-14 20:40 - 001084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 001026792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-02-14 20:40 - 2020-02-14 20:40 - 000804872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2020-02-14 20:40 - 2020-02-14 20:40 - 000803840 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 000782848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 000750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 000737280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 000732200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 000727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntime.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 000716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntimewindows.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 000637968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2020-02-14 20:40 - 2020-02-14 20:40 - 000589592 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2020-02-14 20:40 - 2020-02-14 20:40 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-02-14 20:40 - 2020-02-14 20:40 - 000437776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2020-02-14 20:40 - 2020-02-14 20:40 - 000415808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 000296760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2020-02-14 20:40 - 2020-02-14 20:40 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-02-14 20:40 - 2020-02-14 20:40 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 000194064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2020-02-14 20:40 - 2020-02-14 20:40 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AarSvc.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2020-02-14 20:40 - 2020-02-14 20:40 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AppExecutionAlias.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_BackgroundApps.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 000128528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2020-02-14 20:40 - 2020-02-14 20:40 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationControlCSP.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 000089912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2020-02-14 20:40 - 2020-02-14 20:40 - 000088352 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-02-14 20:40 - 2020-02-14 20:40 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcicda.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 000047208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-02-14 20:40 - 2020-02-14 20:40 - 000034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mciwave.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mciseq.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dstokenclean.exe
2020-02-14 01:10 - 2020-01-16 05:07 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-02-14 01:10 - 2020-01-16 04:23 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-02-06 01:06 - 2020-02-06 01:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2020-02-04 19:49 - 2020-02-04 19:49 - 000000000 ____D C:\Users\Administrator\AppData\Local\cache
2020-02-04 13:20 - 2020-02-04 13:20 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2020-02-04 13:20 - 2020-02-04 13:20 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2020-02-04 13:20 - 2020-02-04 13:20 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2020-02-04 13:20 - 2020-02-04 13:20 - 000044552 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2020-01-24 22:52 - 2020-02-13 20:18 - 000004172 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1547238604
2020-01-19 22:04 - 2020-01-19 22:04 - 000001243 _____ C:\Users\Administrator\Desktop\iSunshare Windows Password Genius Standard Trial.lnk
2020-01-19 22:04 - 2020-01-19 22:04 - 000000000 ____D C:\Users\Administrator\Desktop\iSunshare Windows Password Genius Standard Trial
2020-01-19 22:04 - 2020-01-19 22:04 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iSunshare Windows Password Genius Standard Trial
2020-01-19 22:02 - 2011-06-09 20:17 - 004386176 _____ (Microsoft Corporation) C:\Users\Administrator\Desktop\WinXP_EN_HOM_BF.EXE

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-02-18 22:49 - 2016-04-22 19:50 - 000000000 ____D C:\FRST
2020-02-18 22:44 - 2019-03-19 04:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-02-18 22:38 - 2014-09-20 20:15 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-02-18 22:34 - 2019-08-11 20:18 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-02-18 20:58 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-02-18 20:52 - 2015-09-30 18:26 - 000000000 ___RD C:\Users\Administrator\3D Objects
2020-02-18 20:52 - 2015-09-10 05:42 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-02-18 20:51 - 2019-08-12 03:24 - 000751234 _____ C:\WINDOWS\system32\perfh005.dat
2020-02-18 20:51 - 2019-08-12 03:24 - 000164518 _____ C:\WINDOWS\system32\perfc005.dat
2020-02-18 20:51 - 2019-08-11 20:29 - 001781194 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-02-18 20:51 - 2019-03-19 04:50 - 000000000 ____D C:\WINDOWS\INF
2020-02-18 20:44 - 2019-08-11 20:18 - 005123992 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-02-18 20:44 - 2014-09-13 17:52 - 000005063 _____ C:\WINDOWS\SysWOW64\LOCALSERVICE.INI
2020-02-18 20:43 - 2009-09-07 14:42 - 000000943 _____ C:\WINDOWS\SysWOW64\bscs.ini
2020-02-18 20:42 - 2019-08-11 21:00 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-02-18 20:41 - 2019-03-19 04:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-02-18 20:38 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2020-02-18 20:38 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-02-18 20:38 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-02-18 20:38 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2020-02-18 20:38 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2020-02-18 20:38 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2020-02-18 20:38 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-02-18 20:38 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-02-18 20:37 - 2019-03-19 04:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2020-02-18 20:37 - 2019-03-19 04:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-02-18 20:37 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-02-18 20:37 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-02-18 20:37 - 2019-03-19 04:37 - 000000000 ____D C:\WINDOWS\servicing
2020-02-18 19:59 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-02-18 16:24 - 2019-03-19 04:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-02-18 15:49 - 2019-08-11 21:00 - 000004158 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{4346DC72-8560-4679-852D-4DFC6F90FB49}
2020-02-16 23:28 - 2019-08-11 21:00 - 000004266 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-02-16 00:42 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-02-15 21:04 - 2019-10-25 17:58 - 000002429 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-02-15 21:04 - 2015-09-25 22:06 - 000000000 ___RD C:\Users\Administrator\OneDrive
2020-02-15 17:13 - 2014-06-21 13:36 - 000000000 ___RD C:\Users\Administrator\Dropbox
2020-02-14 23:39 - 2010-07-28 11:43 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2020-02-14 21:36 - 2015-08-25 22:20 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-02-14 21:29 - 2010-07-05 11:15 - 120407888 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-02-14 20:57 - 2019-03-19 04:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-02-13 05:57 - 2018-07-18 20:17 - 000000000 ____D C:\Users\Administrator\AppData\Local\CrashDumps
2020-02-08 18:07 - 2011-02-09 22:17 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Azureus
2020-02-08 17:16 - 2014-08-16 16:22 - 000000000 ____D C:\Program Files (x86)\Opera
2020-02-07 19:08 - 2019-08-11 21:00 - 000003948 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1423088991
2020-02-07 19:08 - 2018-03-09 19:57 - 000001156 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk
2020-02-06 03:06 - 2019-08-11 20:32 - 000000000 ____D C:\Users\Administrator
2020-02-06 01:07 - 2018-12-30 19:21 - 000000000 ____D C:\Program Files (x86)\Dropbox
2020-02-04 21:54 - 2011-04-10 20:03 - 000000000 ____D C:\Users\Administrator\Documents\Vuze Downloads
2020-02-04 21:53 - 2019-08-11 21:00 - 000003624 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-02-04 21:53 - 2019-08-11 21:00 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-02-04 21:53 - 2019-08-11 21:00 - 000003278 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
2020-02-04 21:53 - 2019-08-11 21:00 - 000003124 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-02-04 21:53 - 2019-08-11 21:00 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-02-04 21:53 - 2019-08-11 21:00 - 000002978 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-02-04 21:53 - 2019-08-11 21:00 - 000002474 _____ C:\WINDOWS\system32\Tasks\{CB50C5BC-2E0C-4BF8-A0BE-9B1908A49EBC}
2020-02-04 21:53 - 2019-08-11 21:00 - 000002420 _____ C:\WINDOWS\system32\Tasks\{6FE33958-2979-4FC5-ABBC-7DCE16700255}
2020-02-04 21:53 - 2019-08-11 21:00 - 000002410 _____ C:\WINDOWS\system32\Tasks\{C51C5F60-15B8-44A6-80FE-F94C1A28E364}
2020-02-04 21:53 - 2019-08-11 21:00 - 000002342 _____ C:\WINDOWS\system32\Tasks\{3B443DDB-226F-406A-8161-AAE960162048}
2020-02-04 21:53 - 2019-08-11 21:00 - 000002216 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-02-04 21:53 - 2019-08-11 21:00 - 000002024 _____ C:\WINDOWS\system32\Tasks\{5F88DBBA-CDE8-4AE1-85F9-20A0392DFCA9}
2020-02-04 21:53 - 2019-08-11 21:00 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2020-02-04 21:53 - 2013-09-08 17:53 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\vlc
2020-02-04 19:49 - 2019-11-09 03:14 - 000001248 _____ C:\Users\Administrator\Desktop\Dropbox.lnk
2020-02-02 16:36 - 2012-06-25 17:28 - 000000000 ____D C:\Users\Niki
2020-02-01 18:29 - 2012-12-14 00:49 - 000000000 ____D C:\Users\Administrator\Desktop\nikol Photo
2020-01-31 23:05 - 2018-12-30 19:21 - 000000932 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2020-01-31 23:05 - 2018-12-30 19:21 - 000000928 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2020-01-31 23:04 - 2019-08-11 20:32 - 000000000 ____D C:\Users\Guest
2020-01-28 21:20 - 2019-08-11 21:00 - 000003994 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2020-01-28 21:20 - 2019-08-11 21:00 - 000003762 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2020-01-28 12:02 - 2010-07-17 08:53 - 000000000 ____D C:\Program Files (x86)\WinRAR
2020-01-27 23:58 - 2014-11-20 20:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2020-01-27 23:57 - 2014-11-20 20:08 - 000099192 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2020-01-27 23:57 - 2009-12-07 09:38 - 000000000 ____D C:\Program Files (x86)\Java
2020-01-27 22:41 - 2014-07-14 18:46 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-01-27 22:41 - 2010-07-17 08:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-01-27 19:53 - 2017-08-30 19:41 - 000001146 _____ C:\Users\Public\Desktop\VLC media player.lnk
2020-01-27 19:53 - 2017-08-30 19:41 - 000001146 _____ C:\ProgramData\Desktop\VLC media player.lnk
2020-01-27 19:51 - 2015-01-27 20:24 - 000000000 ____D C:\Users\Administrator\Desktop\misc
2020-01-24 22:51 - 2014-08-16 21:43 - 000000000 ____D C:\Program Files\Microsoft Office 15

==================== Files in the root of some directories ========

2015-02-06 16:04 - 2015-02-06 16:04 - 000000132 _____ () C:\Users\Administrator\AppData\Roaming\Adobe BMP Format CS6 Prefs
2016-02-28 23:17 - 2016-02-29 01:13 - 000127488 _____ () C:\Users\Administrator\AppData\Roaming\Installer.dat
2017-06-15 20:51 - 2017-06-15 20:51 - 000000000 _____ () C:\Users\Administrator\AppData\Roaming\wklnhst.dat

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-02-2020
Ran by Administrator (18-02-2020 22:52:31)
Running from C:\Users\Administrator\Downloads
Windows 10 Home Version 1903 18362.657 (X64) (2019-08-11 21:01:14)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4246815794-1745546178-596238576-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-4246815794-1745546178-596238576-503 - Limited - Disabled)
Guest (S-1-5-21-4246815794-1745546178-596238576-501 - Limited - Disabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-4246815794-1745546178-596238576-1002 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-4246815794-1745546178-596238576-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 29.0.0.112 - Adobe Systems Incorporated)
Adobe Flash Player 31 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 31.0.0.122 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
Bluesoleil 5.4.277.0 (HKLM\...\{FBBAB883-0BEE-4744-8062-281B213ADC1E}) (Version: 5.4.277.0 - IVT Corporation)
Browser Extensions (HKU\S-1-5-21-4246815794-1745546178-596238576-500\...\{3A787631-66A2-4634-B928-A37E73B58FB6}) (Version: 2.9.5.3 - Spigot, Inc.) <==== ATTENTION
CCleaner (HKLM\...\CCleaner) (Version: 5.61 - Piriform)
CCS64 V3.9.1 (HKLM-x32\...\{B7B5A370-3DFF-4F0E-AE11-FD267C4938AA}) (Version: 1.0.0 - Computerbrains C.C.S.)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Coolmuster Android SMS + Contacts Recovery (HKU\S-1-5-21-4246815794-1745546178-596238576-500\...\Coolmuster Android SMS + Contacts Recovery) (Version: 3.0.35 - Coolmuster)
DameWare Development Mirror Driver 64 Uninstall (HKLM\...\DamewareMirror) (Version: - )
Dropbox (HKLM-x32\...\Dropbox) (Version: 90.4.307 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.295.1 - Dropbox, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.116 - Google LLC)
Google Earth Pro (HKLM\...\{70A0F34E-564B-4F93-ADD6-3BAEC6E44075}) (Version: 7.3.2.5776 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden
HDMI Control Manager (HKLM\...\{63DA1F6A-2E65-4367-99B9-9E39FADEC446}) (Version: 2.0 - TOSHIBA CORPORATION) Hidden
HDMI Control Manager (HKLM-x32\...\{63DA1F6A-2E65-4367-99B9-9E39FADEC446}) (Version: 2.0 - TOSHIBA CORPORATION) Hidden
HDMI Control Manager (HKLM-x32\...\InstallShield_{63DA1F6A-2E65-4367-99B9-9E39FADEC446}) (Version: 2.0 - TOSHIBA CORPORATION)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.0.1006 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
iSunshare Windows Password Genius Standard Trial 6.1.3 (HKLM-x32\...\iSunshare Windows Password Genius Standard Trial) (Version: 6.1.3 - iSunshare)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Java 8 Update 201 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.34.2 - JMicron Technology Corp.)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 365 Small Business Premium - en-us (HKLM\...\O365SmallBusPremRetail - en-us) (Version: 15.0.5207.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4246815794-1745546178-596238576-500\...\OneDriveSetup.exe) (Version: 19.232.1124.0008 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
NVIDIA PhysX (HKLM-x32\...\{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}) (Version: 9.09.0814 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5207.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5207.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.5207.1000 - Microsoft Corporation) Hidden
Opera Stable 66.0.3515.72 (HKLM-x32\...\Opera 66.0.3515.72) (Version: 66.0.3515.72 - Opera Software)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Readon TV Movie Radio Player 7.6.0.0 (HKLM-x32\...\{80074966-5231-428D-9AE7-B7D5D2DC3246}) (Version: 7.6.0 - Readon Technology)
Realtek Ethernet Controller Driver For Windows Vista and Later (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5928 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{0FB630AB-7BD8-40AE-B223-60397D57C3C9}) (Version: 2.00.0006 - Realtek)
Samsung Kies3 (HKLM-x32\...\{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16044.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16044.2 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.10.0 - Synaptics Incorporated)
System Requirements Lab Detection (HKLM-x32\...\{A407FC22-36BF-4C82-A516-59D94BC505A9}) (Version: 1.0.5.0 - Husdawg, LLC)
TOSHIBA ConfigFree (HKLM-x32\...\{F3529665-D75E-4D6D-98F0-745C78C68E9B}) (Version: 8.0.25 - TOSHIBA Corporation)
TOSHIBA DVD PLAYER (HKLM-x32\...\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}) (Version: 3.01.1.07-A - TOSHIBA Corporation)
TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.3.64 - TOSHIBA Corporation)
TOSHIBA Flash Cards Support Utility (HKLM-x32\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.63.0.4C - TOSHIBA CORPORATION)
TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}) (Version: 1.63.0.16C - TOSHIBA CORPORATION)
TOSHIBA HDD Protection (HKLM\...\{94A90C69-71C1-470A-88F5-AA47ECC96B40}) (Version: 2.2.0.3 - TOSHIBA Corporation)
TOSHIBA HDD/SSD Alert (HKLM-x32\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.4 - TOSHIBA Corporation)
Toshiba Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.00 - TOSHIBA)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.5.6.64 - TOSHIBA Corporation)
TOSHIBA Recovery Media Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.0.4 x64 - TOSHIBA Corporation)
TOSHIBA Recovery Media Creator Reminder (HKLM-x32\...\InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}) (Version: 1.00.0019 - TOSHIBA)
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.2.9 - TOSHIBA)
TOSHIBA USB Sleep and Charge Utility (HKLM-x32\...\{E487EE7D-EAAA-4E2A-9116-E3B477D8A74F}) (Version: 1.3.2.0 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (HKLM-x32\...\{5E6F6CF3-BACC-4144-868C-E14622C658F3}) (Version: 1.1.1.9 - TOSHIBA Corporation)
TRORMCLauncher (HKLM\...\{E65C7D8E-186D-484B-BEA8-DEF0331CE600}) (Version: 1.0.0.9 - TOSHIBA) Hidden
TRORMCLauncher (HKLM-x32\...\InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
Utility Common Driver (HKLM-x32\...\{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}) (Version: 1.0.50.27C - TOSHIBA) Hidden
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM-x32\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Vuze (HKLM-x32\...\8461-7759-5462-8226) (Version: 5.7.4.0 - Azureus Software, Inc.)
Windows 7 Upgrade Advisor (HKLM-x32\...\{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}) (Version: 2.0.5000.0 - Microsoft Corporation)
Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
WinRAR 5.71 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Wolfenstein (HKLM-x32\...\{F9B37992-968C-4264-8449-489032FC28DE}) (Version: 1.0 - Activision) Hidden

Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-12] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.35.20273.0_x64__8wekyb3d8bbwe [2020-02-04] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-11] (Microsoft Studios) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad]
My Toshiba -> C:\Program Files\WindowsApps\EnnovaResearch.ToshibaPlaces_3.2.49.0_x64__3s2an63h56yee [2016-07-05] (Ennova Research)
WindowsDVDPlayer -> C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe [2016-07-05] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4246815794-1745546178-596238576-500_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Administrator\Dropbox [2014-06-21 13:36]
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DMRC Shell Extension V2] -> {358B5852-38EB-4549-9D8A-B90C9DCAD0DB} => C:\Windows\dwrcs\DWRCSh.DLL [2011-12-12] (DameWare Development, LLC. -> SolarWinds)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [DMRC Shell Extension V2] -> {358B5852-38EB-4549-9D8A-B90C9DCAD0DB} => C:\Windows\dwrcs\DWRCSh.DLL [2011-12-12] (DameWare Development, LLC. -> SolarWinds)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --remote-debugging-port=9223

==================== Loaded Modules (Whitelisted) =============

2009-09-02 08:43 - 2009-09-02 08:43 - 000114808 _____ () [File not signed] C:\Program Files (x86)\IVT Corporation\BlueSoleil\setup.dll
2009-09-02 08:46 - 2009-09-02 08:46 - 000009728 _____ () [File not signed] C:\Windows\System32\BsHelpCSps.dll
2008-03-07 12:54 - 2008-03-07 12:54 - 017892352 _____ () [File not signed] C:\Windows\system32\BsLangInDepRes.dll
2009-09-02 08:46 - 2009-09-02 08:46 - 000022016 _____ () [File not signed] C:\WINDOWS\System32\BsTrace.dll
2009-09-02 08:46 - 2009-09-02 08:46 - 000084480 _____ (IVT Corporation) [File not signed] C:\WINDOWS\System32\Bs2Res.dll
2009-09-02 08:48 - 2009-09-02 08:48 - 000174080 _____ (IVT Corporation) [File not signed] C:\WINDOWS\System32\BsCommon.dll
2009-09-02 08:47 - 2009-09-02 08:47 - 000403456 _____ (IVT Corporation) [File not signed] C:\WINDOWS\System32\BsMobileSDK.dll
2009-09-02 08:49 - 2009-09-02 08:49 - 000024576 _____ (IVT Corporation) [File not signed] C:\WINDOWS\System32\BsMonSvr.DLL
2009-09-02 08:47 - 2009-09-02 08:47 - 000327680 _____ (IVT Corporation) [File not signed] C:\WINDOWS\System32\BsSDK.dll
2009-09-02 08:49 - 2009-09-02 08:49 - 000754688 _____ (IVT Corporation) [File not signed] C:\Windows\system32\BsShell.dll
2009-07-13 14:36 - 2009-07-13 14:36 - 000260608 _____ (TOSHIBA Corporation.) [File not signed] C:\Program Files\Common Files\Toshiba Shared\HDMICEC.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Administrator\Desktop\Dark-S01E01(0000294547).srt:com.dropbox.attributes [168]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-05-04 16:53 - 2019-01-04 11:14 - 000001033 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com

2011-12-18 20:03 - 2011-12-18 20:03 - 000000374 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\system32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\QuickTime\QTSystem;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Skype\Phone\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-4246815794-1745546178-596238576-500\Control Panel\Desktop\\Wallpaper -> c:\users\administrator\appdata\local\packages\microsoft.windows.photos_8wekyb3d8bbwe\localstate\photosappbackground\{40599548-464c-4945-aa92-678953676e4c}.jpg
HKU\S-1-5-21-4246815794-1745546178-596238576-501\Control Panel\Desktop\\Wallpaper -> C:\Windows\System32\oobe\info\wallpapers\grey\standard wallpaper_red chevrons3.jpg
DNS Servers: 194.168.4.100 - 194.168.8.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: BecHelperService => 2
MSCONFIG\Services: cfWiMAXService => 2
MSCONFIG\Services: ConfigFree Service => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: TemproMonitoringService => 2
MSCONFIG\Services: Thpsrv => 2
MSCONFIG\Services: TMachInfo => 3
MSCONFIG\Services: TODDSrv => 2
MSCONFIG\Services: TosCoSrv => 2
MSCONFIG\Services: TOSHIBA eco Utility Service => 2
MSCONFIG\Services: TOSHIBA HDD SSD Alert Service => 3
MSCONFIG\Services: TPCHSrv => 3
MSCONFIG\Services: UNS => 2
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
HKLM\...\StartupApproved\Run: => "Toshiba Registration"
HKLM\...\StartupApproved\Run32: => "BtTray"
HKU\S-1-5-21-4246815794-1745546178-596238576-500\...\StartupApproved\Run: => "Remote Mouse"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{AC1418F5-32B8-4181-9D66-68153F490AFF}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{41BFFFD7-5BFA-492D-BABD-BE6ECD7A493C}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{5DD138EB-F1E6-47BF-B975-495E60A9D43D}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [{F00D0175-F701-40E4-B472-2EBD3DE94338}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [{C87D982E-2DCF-4176-BD52-7685F80AD7E1}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A297315D-B247-46E2-B2C2-6F3963BCF3C6}] => (Allow) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe (IVT Corporation) [File not signed]
FirewallRules: [{1BF48D9F-DF5E-4387-A2CD-CB80874D0527}] => (Allow) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe (IVT Corporation) [File not signed]
FirewallRules: [{979106D8-5B94-4C84-B362-3239DAC28BEF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{156A9C93-1C7C-4546-9700-A73955BE54BE}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [{891F6A02-CC56-4F89-AED6-B96FB41271BB}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [{AF793068-D948-4F96-92F2-78D3C9DA20FB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{23011A93-2744-4DAC-82CB-D921D9607590}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AA990127-17ED-4E15-94A8-D5DC6A5F72A1}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D119C592-22A6-44C6-87C6-A917845F477E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5C48F6A2-1FAA-475F-A5D9-4D99B5D1543A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D8ABC1D4-2BEC-49E2-8A32-370107136DEC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4BBF11B4-9A39-4577-8E20-3AB6B5A0E665}] => (Allow) C:\Users\Administrator\AppData\Local\Chromium\Application\chrome.exe (The Chromium Authors) [File not signed]
FirewallRules: [{6571338B-DAA3-4C10-B6EE-69661B3EF215}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2F9BE7B5-CAC3-40B3-9D4B-5E95325C129D}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{29041523-B740-44A7-A378-839ACC9FBB72}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{692FAE7E-C22F-4D8E-A8E8-41D3C7AD9D0E}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F4C48C1F-E91F-4160-B162-DBF3E81E6109}] => (Allow) C:\Windows\dwrcs\DWRCS.EXE (DameWare Development, LLC. -> SolarWinds)
FirewallRules: [{A625C9E7-9698-4A33-A9C1-E34C479CBADA}] => (Allow) c:\program files (x86)\opera\66.0.3515.44\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{BDC9679F-B430-4492-B2B1-AA525629F926}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{95308B96-6D29-4F4C-B58E-DA4B62EA2DEF}] => (Allow) c:\program files (x86)\opera\66.0.3515.72\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{54078EC1-76F9-4544-BB0B-2FC67EBAA57C}] => (Allow) C:\Windows\dwrcs\DWRCS.EXE (DameWare Development, LLC. -> SolarWinds)
FirewallRules: [{40EF7105-FCF1-44D7-A305-E33247F626E7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

03-02-2020 04:54:45 Scheduled Checkpoint
13-02-2020 01:18:01 Scheduled Checkpoint
16-02-2020 19:09:41 Windows Update

==================== Faulty Device Manager Devices ============

Name: Microsoft Kernel Debug Network Adapter #2
Description: Microsoft Kernel Debug Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: kdnic
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (02/18/2020 10:43:33 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5652,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (02/18/2020 10:36:55 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Windows cannot load the extensible counter DLL "C:\WINDOWS\system32\inetsrv\w3ctrs.dll" (Win32 error code 126).

Error: (02/18/2020 10:20:02 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1288,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (02/18/2020 10:12:14 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2676,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (02/18/2020 09:48:51 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4980,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (02/18/2020 09:16:05 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9736,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (02/18/2020 09:06:26 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6176,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (02/18/2020 08:51:49 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: User hive is loaded by another process (Registry Lock) Process name: C:\Program Files\Alwil Software\Avast5\AvastSvc.exe, PID: 3052, ProfSvc PID: 1588.


System errors:
=============
Error: (02/18/2020 10:35:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Adobe Flash Player Update Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (02/18/2020 10:35:30 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Adobe Flash Player Update Service service to connect.

Error: (02/18/2020 10:19:20 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1053" attempting to start the service gupdate with arguments "/comsvc" in order to run the server:
{4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error: (02/18/2020 10:19:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (02/18/2020 10:19:17 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect.

Error: (02/18/2020 09:39:58 PM) (Source: iaStor) (EventID: 9) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.

Error: (02/18/2020 08:40:22 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Connected User Experiences and Telemetry service did not shut down properly after receiving a preshutdown control.

Error: (02/18/2020 08:40:04 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1115" attempting to start the service SecurityHealthService with arguments "Unavailable" in order to run the server:
{8C9C0DB7-2CBA-40F1-AFE0-C55740DD91A0}


CodeIntegrity:
===================================

Date: 2020-02-18 22:45:50.741
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Alwil Software\Avast5\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-02-18 22:45:50.733
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Alwil Software\Avast5\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-02-18 22:45:47.243
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Alwil Software\Avast5\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-02-18 22:45:46.967
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Alwil Software\Avast5\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-02-18 22:45:46.965
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Alwil Software\Avast5\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-02-18 22:45:46.958
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Alwil Software\Avast5\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-02-18 22:45:46.939
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Alwil Software\Avast5\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-02-18 22:45:46.919
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Alwil Software\Avast5\snxhk.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: TOSHIBA 1.60 03/02/10
Motherboard: TOSHIBA NSKAA
Processor: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz
Percentage of memory in use: 81%
Total physical RAM: 3957.59 MB
Available physical RAM: 730.69 MB
Total Virtual: 7925.59 MB
Available Virtual: 4369.15 MB

==================== Drives ================================

Drive c: (WINDOWS) (Fixed) (Total:232.88 GB) (Free:78.2 GB) NTFS
Drive d: (Data) (Fixed) (Total:232.49 GB) (Free:163.72 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{6962e0d4-3655-11df-8dd5-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:0.39 GB) (Free:0.18 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 22F49805)
Partition 1: (Not Active) - (Size=400 MB) - (Type=27)
Partition 2: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=232.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Re: extreme pomale pc

Napsal: 19 úno 2020 07:07
od JaRon
ahoj,
je tam zopar drobnosti, zacneme zlahka :)
1. vycisti PC s CCleanerom, vcetne registrov
2. vycisti PC s ADWCleanerom - log sem
3. pozri aka je velkost adresara plocha :???: nemala by presahovat 1GB

Re: extreme pomale pc

Napsal: 19 úno 2020 17:32
od boutek
# -------------------------------
# Malwarebytes AdwCleaner 8.0.2.0
# -------------------------------
# Build: 01-27-2020
# Database: 2020-02-17.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-19-2020
# Duration: 00:00:04
# OS: Windows 10 Home
# Cleaned: 28
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\Administrator\AppData\Roaming\BrowserExtensions
Deleted C:\Users\Administrator\AppData\Roaming\MCorp

***** [ Files ] *****

Deleted C:\Users\Administrator\AppData\Roaming\Installer.dat

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\AppDataLow\Software\Browser Extensions
Deleted HKCU\Software\Microsoft\Internet Explorer\Main|Start Page
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3564C724-A0FD-4463-93F0-DE4199A0BC67}
Deleted HKCU\Software\Microsoft\Internet Explorer\TabbedBrowsing|bProtectShowTabsWelcome
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{3A787631-66A2-4634-B928-A37E73B58FB6}
Deleted HKLM\SOFTWARE\Classes\Record\{181480C8-90AC-3430-B39A-CD121E034A1A}
Deleted HKLM\SOFTWARE\Classes\Record\{8F54FA54-1DF8-3B20-890C-CDD95364BC95}
Deleted HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION|BackgroundHost.exe
Deleted HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD|BackgroundHost.exe
Deleted HKLM\SOFTWARE\Microsoft\{1f7ee1a8-4436-4ffc-b97b-b5b01e87d3d2}
Deleted HKLM\Software\DtsEncodeTools
Deleted HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1672163f-8651-4c0d-9c05-4ba941123972}
Deleted HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61db39d5-034c-45c0-8bb2-daf857edcf3b}
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{31111111-1111-1111-1111-110111271147}
Deleted HKLM\Software\Wow6432Node\Microsoft\{94ebd7b5-82ae-449t-b679-3d04078ed154}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1672163f-8651-4c0d-9c05-4ba941123972}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61db39d5-034c-45c0-8bb2-daf857edcf3b}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{90E4CD0C-426F-4207-805B-7885AB32D43F}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CAE9BEC8-4723-4347-AFC6-25EE3326BA5B}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD|BackgroundHost.exe
Deleted HKLM\Software\Wow6432Node\{DAF8B7E5-449D-4180-8281-10E536E597F2}
Deleted HKU\.DEFAULT\SOFTWARE\5948c88b16fec13
Deleted HKU\S-1-5-18\SOFTWARE\5948c88b16fec13

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted search.mpc.am
Deleted search.mpc.am

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [8164 octets] - [19/02/2020 16:22:10]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Re: extreme pomale pc

Napsal: 19 úno 2020 18:49
od JaRon
Plocha je OK?
Ako sa sprava PC ? ak je stale pomale vloz aktualne logy FRST

Re: extreme pomale pc

Napsal: 19 úno 2020 19:28
od boutek
Co myslite tim, zda "je plocha v poradku"? Jinak stale dost pomale. Chrom se mi ted otviral aspon 30 vterin a spolu s nim se vzdy dvakrat oevre settings okno, ktere musim dvakrat zavrit.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-02-2020
Ran by Administrator (administrator) on MICK (TOSHIBA Satellite A500) (19-02-2020 18:15:09)
Running from C:\Users\Administrator\Downloads
Loaded Profiles: Administrator (Available Profiles: Administrator & Guest)
Platform: Windows 10 Home Version 1903 18362.657 (X64) Language: English (United States)
Default browser not detected!
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\Alwil Software\Avast5\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\Alwil Software\Avast5\wsc_proxy.exe
(DameWare Development, LLC. -> SolarWinds) C:\Windows\dwrcs\DWRCS.EXE
(DameWare Development, LLC. -> SolarWinds) C:\Windows\dwrcs\DWRCST.EXE
(DameWare Development, LLC. -> SolarWinds) C:\Windows\System32\DNTUS26.EXE
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.442\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.442\GoogleCrashHandler64.exe
(IVT Corporation) [File not signed] C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
(IVT Corporation) [File not signed] C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\assistant\browser_assistant.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\assistant\browser_assistant.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation.) C:\Program Files\TOSHIBA\HDMICtrlMan\HCMSoundChanger.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation.) C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ThpSrv] => C:\Windows\system32\thpsrv /logon
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2009-11-05] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [HDMICtrlMan] => C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe [1032536 2009-10-23] (TOSHIBA CORPORATION -> TOSHIBA Corporation.)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [705368 2010-02-05] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [Toshiba Registration] => C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [134032 2009-08-25] (Toshiba Europe GmbH -> Toshiba Europe GmbH)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvLaunch.exe [268680 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8095776 2009-08-31] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944648 2015-06-12] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [DameWare MRC Agent] => C:\Windows\dwrcs\DWRCST.exe [298944 2011-12-12] (DameWare Development, LLC. -> SolarWinds)
HKLM-x32\...\Run: [Opera Browser Assistant] => c:\program files (x86)\opera\assistant\browser_assistant.exe [2785304 2020-02-19] (Opera Software AS -> Opera Software)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-4246815794-1745546178-596238576-500\...\Run: [GoogleChromeAutoLaunch_361C1DD22E1256C6B68316A32E8B1949] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
HKU\S-1-5-21-4246815794-1745546178-596238576-500\...\Run: [Chromium] => "c:\users\administrator\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
HKU\S-1-5-21-4246815794-1745546178-596238576-500\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-15] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-4246815794-1745546178-596238576-500\Software\Policies\...\system: [disablecmd] 0
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.116\Installer\chrmstp.exe [2020-02-18] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\Software\...\Authentication\Credential Providers: [{B65F237C-AAFF-4df7-8872-91B65663E41F}] -> C:\Program Files\Toshiba\SmartFaceV\SmartFaceVCP.dll [2009-10-19] (TOSHIBA Corporation) [File not signed]
Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk [2016-05-04]
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2009-12-07]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA CORPORATION -> TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2009-12-07]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA CORPORATION -> TOSHIBA Europe)
Startup: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2009-12-07]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA CORPORATION -> TOSHIBA Europe)
Startup: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2009-12-07]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA CORPORATION -> TOSHIBA Europe)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {08981218-72F4-49C9-97AA-3F5E37CAEB9B} - System32\Tasks\{09B27912-9A43-4FF7-BD30-57630748A883} => C:\Users\Administrator\Desktop\Killer_Instinct_Gold.exe
Task: {0BF7B5EA-2A57-478E-ADBD-F7F2335C49DF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.)
Task: {13C0A863-D9C4-4946-890B-FBFAF800D3B1} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {186D32FA-F97C-47FB-97F6-736F8F776B36} - System32\Tasks\{D1BBCD9B-168D-4276-A916-0F5F8245D950} => C:\Windows\system32\pcalua.exe -a C:\ProgramData\DivX\Setup\DivXSetup.exe -c /uninstall /bundleGroupId divx.com
Task: {2644A367-9079-46C3-9738-8222C3872D40} - System32\Tasks\Opera scheduled Autoupdate 1423088991 => c:\program files (x86)\opera\launcher.exe [1532952 2020-02-05] (Opera Software AS -> Opera Software)
Task: {269E075B-8CFF-41A5-A9F0-AEF0465944DC} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [979024 2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {2BAA2B32-8A08-434C-98FD-16DE1B6B13BF} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {31A0B560-2F6A-4A78-90F7-8F9EC6C51153} - System32\Tasks\{5F88DBBA-CDE8-4AE1-85F9-20A0392DFCA9} => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832264 2017-10-06] (Skype Software Sarl -> Skype Technologies S.A.)
Task: {39E14FF8-2571-476E-8F35-EACD93E134FF} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {3A980C6B-EA6A-4300-A9F1-FB6DFB1FD276} - System32\Tasks\{794D2B9A-6983-4A27-B006-03C4BF798CCF} => C:\Windows\system32\pcalua.exe -a J:\setup.exe -d J:\
Task: {3C08AAAA-9F35-4538-A91E-2C8D467A97B9} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {3D7B0ACF-A7CA-4DBC-AF76-23CCD96420CD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4246815794-1745546178-596238576-1000Core => C:\Users\pcw\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2010-06-26] (Google Inc -> Google Inc.)
Task: {3E723A07-ADAE-49AD-ACE4-ECCE877BFD74} - System32\Tasks\{33D6D88F-312B-4AF6-B7C2-11F80ACE0423} => C:\Users\pcw\AppData\Local\Google\Chrome\Application\chrome.exe
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4B3F8A78-73D8-41DA-9C9A-CA3F1BD70233} - System32\Tasks\{ED6CA3B1-DD85-4B52-8D35-7A4E561D8EE4} => C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840 2009-11-21] (TOSHIBA CORPORATION -> TOSHIBA CORPORATION.)
Task: {4B695E67-D0FD-420F-ACC4-45DD4D3DBA53} - System32\Tasks\{5527599E-4D2B-4E27-BC45-DD9ECF58BB16} => C:\Users\Administrator\Desktop\Killer_Instinct_Gold.exe
Task: {4C3294AF-E1B0-4DB5-AECD-86FFD9C02BD9} - System32\Tasks\{658EBFDD-0FA9-428F-AB19-0C8C1A749E40} => C:\Windows\system32\pcalua.exe -a C:\Users\Administrator\Desktop\verypdf-free-txt2pdf.exe -d C:\Users\Administrator\Desktop
Task: {4C4E2760-7F69-424E-B358-1555749C68A2} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_122_pepper.exe [1454592 2018-10-28] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {50C4B90B-1D37-4BA5-BE08-A4940913BC43} - System32\Tasks\Opera scheduled assistant Autoupdate 1547238604 => c:\program files (x86)\opera\launcher.exe [1532952 2020-02-05] (Opera Software AS -> Opera Software)
Task: {57C20DD6-8BB6-46DF-87CE-1095EEB1DC7B} - System32\Tasks\{6FAE5151-0CA3-4E2E-A01B-A5D9FCCAA8A6} => C:\Users\pcw\AppData\Local\Google\Chrome\Application\chrome.exe
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5BC61AB0-F6FA-4ACF-B271-961217543B71} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [1156496 2019-12-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {5CA4C754-7EC0-4126-97AE-4BDED30FF830} - System32\Tasks\{5BACAC0C-665F-48C9-8C6D-BC6C6F14CBEE} => C:\Windows\system32\pcalua.exe -a "M:\Adobe Photoshop CS4 Extended Edition\Photoshop CS4 Install\payloads\AdobeAIR1.0\AdobeAIRInstaller.exe" -d "C:\Program Files (x86)\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8" -c -silent
Task: {65e88037-46b5-450e-a4d9-58b52c9391ff} - no filepath
Task: {7648CD77-5E65-4D93-85AA-8ED7CDF43B69} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {79290419-8274-4E74-A432-50C67B6A1377} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2018-10-28] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {7C2C3EC5-C44D-4D7D-BAD7-F1F110691DA2} - System32\Tasks\{93E542A6-D284-4FC7-8F38-4BD1224DB099} => C:\Users\pcw\AppData\Local\Google\Chrome\Application\chrome.exe
Task: {81178925-F872-45BA-B7DB-5FCAD8F01FC7} - System32\Tasks\Avast Emergency Update => C:\Program Files\Alwil Software\Avast5\AvEmUpdate.exe [3933576 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
Task: {883A4C4B-246A-4802-A430-C2F758594DE3} - System32\Tasks\{E76114B5-F5E0-4110-A9D4-4E4D1B9AC0E6} => C:\Users\pcw\AppData\Local\Google\Chrome\Application\chrome.exe
Task: {8D80DB69-11D5-411D-9A62-7B88C5F4BFBC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-15] (Piriform Software Ltd -> Piriform Ltd)
Task: {8D832B1D-7B4C-4AD2-B6B3-9D64F1117A9F} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {8E769F28-6811-46DC-8860-7F357DE0E54B} - System32\Tasks\{165E0EEE-053E-430B-BE7E-3A4C136D1416} => C:\Windows\system32\pcalua.exe -a "H:\Adobe Photoshop CS4 Extended Edition\Photoshop CS4 Install\payloads\AdobeAIR1.0\AdobeAIRInstaller.exe" -d "C:\Program Files (x86)\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8" -c -silent
Task: {8EFBE834-4F5B-4479-BE61-51DDDA91DCC2} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1835112 2020-02-19] (Avast Software s.r.o. -> AVAST Software)
Task: {90110391-5111-4908-8357-59AB34EAC899} - System32\Tasks\{A7FE5530-718F-4B1D-91C1-3A81F217DBAB} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{F9B37992-968C-4264-8449-489032FC28DE}\setup.exe" -c -runfromtemp -l0x0409
Task: {93BF64C1-401B-43B9-8B4A-83AD13FEEBD3} - System32\Tasks\{4E6158EF-F90B-4F5C-9F7C-10BC4CC4F602} => C:\Windows\system32\pcalua.exe -a C:\Users\pcw\Downloads\DAEMONToolsPro4360309-0160.exe -d C:\Users\pcw\Downloads
Task: {94ADA3A1-EB95-4C94-958F-C27707F4CACB} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [979024 2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {9A22860E-6C40-4886-8A4A-960ECD8FAEEA} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {A0E8684E-1879-4B47-8795-9AD16D3C0DAA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [998104 2015-07-07] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {A2B3CBF6-0940-4969-9317-498007E43DA2} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {A68EC263-3CBA-4055-BAA9-32F0105DC451} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {ACD93D0B-9F74-4ECB-AA1D-465B68C2B374} - System32\Tasks\{C51C5F60-15B8-44A6-80FE-F94C1A28E364} => "C:\Program Files (x86)\Internet Explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/5.1.0.104.280/en/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;notincluded,google-chrome&#058;notoffered;disabled
Task: {B047789F-947C-4886-9580-1A14DD55DA1E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-15] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {B0911F13-D386-4D8E-B46D-0E0E4FD1309B} - System32\Tasks\{DA8CF6A7-882A-4087-B739-D8ADAF57AD4C} => C:\Windows\system32\pcalua.exe -a E:\QuickInstall.exe -d E:\
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B4C93BE6-062B-42EE-873F-2F36B8B7CA53} - System32\Tasks\{3B443DDB-226F-406A-8161-AAE960162048} => "c:\users\administrator\appdata\local\google\chrome\application\chrome.exe" hxxp://www.skype.com/go/downloading?source=lig ... tError=404
Task: {B8BF88B3-398C-4304-AA50-6C6D8ECFD01B} - System32\Tasks\{6FE33958-2979-4FC5-ABBC-7DCE16700255} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" -c /uninstall HOMESTUDENTR /dll OSETUP.DLL
Task: {BBC78C39-A315-448C-B166-44C453FFC47D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4246815794-1745546178-596238576-1000UA => C:\Users\pcw\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2010-06-26] (Google Inc -> Google Inc.)
Task: {C0457296-52EC-4EE4-8AD5-DB20CAF0F0FF} - System32\Tasks\{27B2263C-7E6F-441A-9C1B-2954741052B7} => C:\Windows\system32\pcalua.exe -a "C:\Users\Administrator\Documents\Vuze Downloads\STALKER Call Of Pripyat-Razor1911\rzr-stcp\Redist\NetFX\dotnetfx35.exe" -d "C:\Users\Administrator\Documents\Vuze Downloads\STALKER Call Of Pripyat-Razor1911\rzr-stcp\Redist\NetFX"
Task: {C49CD8F6-6BF6-49A2-97C0-CE1815D2CD1A} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-12-30] (Dropbox, Inc -> Dropbox, Inc.)
Task: {D62329D7-4821-4EA9-882E-0D72058F7A1F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {E187BAFE-D550-4A80-A09D-F9313BEC3DDD} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-12-30] (Dropbox, Inc -> Dropbox, Inc.)
Task: {EC632829-4F17-4438-996D-DB96D27DF7D2} - System32\Tasks\{777698A2-10AB-4C3D-9052-E5A7866A67DD} => C:\Windows\system32\pcalua.exe -a E:\QuickInstall.exe -d E:\
Task: {F34232F7-00D2-49E0-8A9A-236C34FC184E} - System32\Tasks\{B719C303-4747-455A-B3FE-1D627710A978} => C:\Windows\system32\pcalua.exe -a C:\Users\pcw\Desktop\milionar_lt.exe -d C:\Users\pcw\Desktop
Task: {F797E113-7D13-4DD0-9E5F-38D803ECEE8E} - \Games\UpdateCheck_S-1-5-21-4246815794-1745546178-596238576-1000 -> No File <==== ATTENTION
Task: {F7C00807-871D-4C30-ADBA-81FA9AAC2923} - System32\Tasks\{CB50C5BC-2E0C-4BF8-A0BE-9B1908A49EBC} => "c:\users\administrator\appdata\local\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/5.3.0.120.280/en/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;notincluded,google-chrome&#058;notoffered;ienotdefaultbrowser2
Task: {FF09C42A-84A7-46B6-9FE3-2E16B2699364} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 194.168.4.100 194.168.8.100
Tcpip\..\Interfaces\{1e13f6b7-24ec-49f1-935e-50c1fab14810}: [DhcpNameServer] 149.254.230.7 149.254.199.126
Tcpip\..\Interfaces\{70b8dae5-6e0b-44b4-a454-4c5f6bb1f8f2}: [DhcpNameServer] 149.254.230.7 149.254.199.126
Tcpip\..\Interfaces\{86cca158-1b13-41c4-89df-b3fdb04a5c0f}: [DhcpNameServer] 194.168.4.100 194.168.8.100

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
SearchScopes: HKU\S-1-5-21-4246815794-1745546178-596238576-500 -> DefaultScope {3564C724-A0FD-4463-93F0-DE4199A0BC67} URL =
SearchScopes: HKU\S-1-5-21-4246815794-1745546178-596238576-500 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4246815794-1745546178-596238576-500 -> {9C074B02-71C0-4C0D-9BF5-71C08652C882} URL = hxxp://rover.ebay.com/rover/1/710-44557-9400-9/4?satitle={searchTerms}
SearchScopes: HKU\S-1-5-21-4246815794-1745546178-596238576-500 -> {C645BB76-AFFA-4F84-8214-AFA910CC0D6F} URL = hxxp://www.amazon.co.uk/gp/search?ie=UTF8&keyw ... nkCode=ur2
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2019-11-19] (Microsoft Corporation -> Microsoft Corporation)
BHO: Browser Extensions -> {34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} -> C:\Users\Administrator\AppData\Roaming\BrowserExtensions\Coupons64.dll => No File
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2019-11-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2019-11-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Browser Extensions -> {34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} -> C:\Users\Administrator\AppData\Roaming\BrowserExtensions\Coupons.dll => No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2020-01-27] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2019-11-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2020-01-27] (Oracle America, Inc. -> Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-11-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-07-18] (Skype Software Sarl -> Skype Technologies)

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2020-01-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2020-01-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-08-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4246815794-1745546178-596238576-500: torrents-time.com/TTPlugin -> C:\Program Files (x86)\TorrentsTime Media Player\bin\npTTPlugin.dll [No File]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default [2020-02-19]
CHR Notifications: Default -> hxxps://0.geostream.pro; hxxps://1.streampoint.live; hxxps://1.streamview.club; hxxps://crypto-news-channel.com; hxxps://geostream.online; hxxps://mail.protonmail.com; hxxps://news.vice.com; hxxps://shotly.io; hxxps://www.youtube.com; hxxps://www1.debrahinton.pro; hxxps://www1.ramirocampos.pro
CHR HomePage: Default -> hxxp://google.co.uk/
CHR StartupUrls: Default -> "search.mpc.am","hxxps://uk.search.yahoo.com/?type=994519&fr=yo-yhp-ch","hxxps://www.google.com/"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Alarm Clock) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blagpbigenehgpkodglijaaegbfgfjmi [2017-02-05]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-02-19]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-12-23]
CHR Extension: (Avast Online Security) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-01-18]
CHR Extension: (Alarm Clock Radio) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\kipdhcpepbpjaoggihaloebfjfafagmi [2017-02-05]
CHR Extension: (Magic Enhancer For YouTube™) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak [2020-02-04]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-12]
CHR Extension: (Online Music Alarm Clock) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pblohfmipkhnjcgpoamnmjelcajhpcjg [2019-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-02-08]
CHR Profile: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-02-19]
CHR Profile: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\System Profile [2020-02-19]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]

Opera:
=======
OPR Extension: (AdBlock) - C:\Users\Administrator\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2016-07-02]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\Alwil Software\Avast5\aswidsagent.exe [6259592 2019-12-19] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [996880 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Alwil Software\Avast5\wsc_proxy.exe [57504 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R2 BlueSoleilCS; C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe [1466476 2009-09-02] (IVT Corporation) [File not signed]
R3 BsHelpCS; C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe [192000 2009-09-02] (IVT Corporation) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058256 2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-12-30] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-12-30] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44552 2020-02-04] (Dropbox, Inc -> Dropbox, Inc.)
R2 DNTUS26; C:\Windows\SYSTEM32\DNTUS26.EXE [120768 2011-12-12] (DameWare Development, LLC. -> SolarWinds)
R2 dwmrcs; C:\Windows\dwrcs\DWRCS.EXE [701376 2011-12-12] (DameWare Development, LLC. -> SolarWinds)
S4 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144 2009-09-30] (Intel Corporation) [File not signed]
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-06-12] (Synaptics Incorporated -> Synaptics Incorporated)
S4 UNS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240 2009-09-30] (Intel Corporation) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37616 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [204824 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [274456 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [209552 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [65120 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16304 2019-10-02] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [276952 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42736 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [161544 2019-11-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110320 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83792 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [848432 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460448 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [236024 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [316528 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 DwMirror; C:\WINDOWS\System32\drivers\DamewareMini.sys [5632 2008-03-14] (Microsoft Windows Hardware Compatibility Publisher -> DameWare Development, LLC)
R1 dwvkbd; C:\WINDOWS\system32\DRIVERS\dwvkbd64.sys [30720 2008-03-13] (Microsoft Windows Hardware Compatibility Publisher -> DameWare)
R3 RTL8167; C:\WINDOWS\system32\DRIVERS\Rt64win7.sys [291328 2009-11-05] (Microsoft Windows Hardware Compatibility Publisher -> Realtek )
R3 rtl8192se; C:\WINDOWS\System32\drivers\rtl8192se.sys [1222656 2019-03-19] (Microsoft Windows -> Realtek Semiconductor Corporation )
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-12] (Synaptics Incorporated -> Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [45728 2015-09-25] (TOSHIBA CORPORATION -> Toshiba Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
U3 aspnet_state; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-02-18 23:12 - 2020-02-18 23:12 - 008356016 _____ (Malwarebytes) C:\Users\Administrator\Downloads\adwcleaner_8.0.2.exe
2020-02-18 22:52 - 2020-02-18 23:03 - 000043230 _____ C:\Users\Administrator\Downloads\Addition.txt
2020-02-18 22:47 - 2020-02-19 18:17 - 000036319 _____ C:\Users\Administrator\Downloads\FRST.txt
2020-02-18 22:45 - 2020-02-18 22:45 - 002279424 _____ (Farbar) C:\Users\Administrator\Downloads\FRST64.exe
2020-02-18 20:46 - 2020-02-03 20:56 - 000835688 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-02-18 20:46 - 2020-02-03 20:56 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-02-18 20:37 - 2020-02-18 20:37 - 000000000 ____D C:\ProgramData\ssh
2020-02-14 23:33 - 2020-02-14 23:40 - 000020920 _____ C:\Users\Administrator\Desktop\burian
2020-02-14 20:47 - 2020-02-14 20:47 - 005502464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2020-02-14 20:47 - 2020-02-14 20:47 - 004308480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2020-02-14 20:47 - 2020-02-14 20:47 - 001541632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2020-02-14 20:46 - 2020-02-14 20:46 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-02-14 20:46 - 2020-02-14 20:46 - 019813376 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-02-14 20:46 - 2020-02-14 20:46 - 004470272 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2020-02-14 20:46 - 2020-02-14 20:46 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-02-14 20:46 - 2020-02-14 20:46 - 003525592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2020-02-14 20:46 - 2020-02-14 20:46 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2020-02-14 20:46 - 2020-02-14 20:46 - 002493720 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-02-14 20:46 - 2020-02-14 20:46 - 002314952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2020-02-14 20:46 - 2020-02-14 20:46 - 002230232 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2020-02-14 20:46 - 2020-02-14 20:46 - 001835128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2020-02-14 20:46 - 2020-02-14 20:46 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-02-14 20:46 - 2020-02-14 20:46 - 001489064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2020-02-14 20:46 - 2020-02-14 20:46 - 001417760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2020-02-14 20:46 - 2020-02-14 20:46 - 001272360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2020-02-14 20:46 - 2020-02-14 20:46 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-02-14 20:46 - 2020-02-14 20:46 - 001105776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2020-02-14 20:46 - 2020-02-14 20:46 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-02-14 20:46 - 2020-02-14 20:46 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2020-02-14 20:46 - 2020-02-14 20:46 - 000890368 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2020-02-14 20:46 - 2020-02-14 20:46 - 000537608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2020-02-14 20:46 - 2020-02-14 20:46 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 019850240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 018026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 007017472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 006284800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 005912064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 003820032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 003484672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 003243080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-02-14 20:45 - 2020-02-14 20:45 - 001080832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 000805376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 000476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2020-02-14 20:45 - 2020-02-14 20:45 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapisrv.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\srrstr.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2020-02-14 20:45 - 2020-02-14 20:45 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWSD.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dfrgui.exe
2020-02-14 20:45 - 2020-02-14 20:45 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdSSDP.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SrTasks.exe
2020-02-14 20:45 - 2020-02-14 20:45 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-02-14 20:45 - 2020-02-14 20:45 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedssync.exe
2020-02-14 20:44 - 2020-02-14 20:44 - 025900032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 022635008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 008013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 007754752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 007259648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 004856832 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 004575232 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 004348616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-02-14 20:44 - 2020-02-14 20:44 - 002225160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 002032128 _____ C:\WINDOWS\system32\rdpnano.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 001284096 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 001273856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 001218120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2020-02-14 20:44 - 2020-02-14 20:44 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 001083392 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 001000960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000996352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000788992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000510768 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2020-02-14 20:44 - 2020-02-14 20:44 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2020-02-14 20:44 - 2020-02-14 20:44 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000494080 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000486400 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2020-02-14 20:44 - 2020-02-14 20:44 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\DispBroker.Desktop.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000399360 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000366416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapisrv.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2020-02-14 20:44 - 2020-02-14 20:44 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFMCP.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2020-02-14 20:44 - 2020-02-14 20:44 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2020-02-14 20:44 - 2020-02-14 20:44 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdsdwmdr.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\recdisc.exe
2020-02-14 20:44 - 2020-02-14 20:44 - 000186880 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe
2020-02-14 20:44 - 2020-02-14 20:44 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWSD.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfrgui.exe
2020-02-14 20:44 - 2020-02-14 20:44 - 000099712 _____ (Microsoft Corporation) C:\WINDOWS\system32\FsIso.exe
2020-02-14 20:44 - 2020-02-14 20:44 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000059221 _____ C:\WINDOWS\system32\srms.dat
2020-02-14 20:44 - 2020-02-14 20:44 - 000042512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2020-02-14 20:44 - 2020-02-14 20:44 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2020-02-14 20:44 - 2020-02-14 20:44 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-02-14 20:44 - 2020-02-14 20:44 - 000019768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2020-02-14 20:44 - 2020-02-14 20:44 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe
2020-02-14 20:43 - 2020-02-14 20:43 - 006519752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 006083832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 002800128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-02-14 20:43 - 2020-02-14 20:43 - 002584008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 002260176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 001693184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 001664696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 001562424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 001398584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-02-14 20:43 - 2020-02-14 20:43 - 001283592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2020-02-14 20:43 - 2020-02-14 20:43 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 001216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2020-02-14 20:43 - 2020-02-14 20:43 - 001213752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 001195008 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 001077264 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-02-14 20:43 - 2020-02-14 20:43 - 000904504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000892488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000784384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-02-14 20:43 - 2020-02-14 20:43 - 000774664 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-02-14 20:43 - 2020-02-14 20:43 - 000679368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-02-14 20:43 - 2020-02-14 20:43 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000597816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000568120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000542288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000453432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2020-02-14 20:43 - 2020-02-14 20:43 - 000441072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000422008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000405632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-02-14 20:43 - 2020-02-14 20:43 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-02-14 20:43 - 2020-02-14 20:43 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000300392 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000274464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BCP47Langs.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpviewerax.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-02-14 20:43 - 2020-02-14 20:43 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-02-14 20:43 - 2020-02-14 20:43 - 000193800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000190256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Winlangdb.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000150536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2020-02-14 20:43 - 2020-02-14 20:43 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000133464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BCP47mrm.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdSSDP.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\compstui.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\globinputhost.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000093496 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000089328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000084496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2020-02-14 20:43 - 2020-02-14 20:43 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\keyiso.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.exe
2020-02-14 20:43 - 2020-02-14 20:43 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtutils.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguageProfileCallback.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Websocket.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000021520 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2020-02-14 20:43 - 2020-02-14 20:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-02-14 20:43 - 2020-02-14 20:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-02-14 20:43 - 2020-02-14 20:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-02-14 20:43 - 2020-02-14 20:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-02-14 20:43 - 2020-02-14 20:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-02-14 20:43 - 2020-02-14 20:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-02-14 20:43 - 2020-02-14 20:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-02-14 20:43 - 2020-02-14 20:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-02-14 20:43 - 2020-02-14 20:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-02-14 20:43 - 2020-02-14 20:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-02-14 20:43 - 2020-02-14 20:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-02-14 20:43 - 2020-02-14 20:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-02-14 20:42 - 2020-02-14 20:43 - 005112320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 009929016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-02-14 20:42 - 2020-02-14 20:42 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 006435840 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 005041664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 004562896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-02-14 20:42 - 2020-02-14 20:42 - 003967888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-02-14 20:42 - 2020-02-14 20:42 - 003792384 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 003372440 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 002988552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-02-14 20:42 - 2020-02-14 20:42 - 002861568 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 002773776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 002766088 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 002703872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 002084576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 001999960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 001916744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 001858560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 001743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 001687040 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 001664680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 001482040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-02-14 20:42 - 2020-02-14 20:42 - 001412096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 001394168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 001300280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2020-02-14 20:42 - 2020-02-14 20:42 - 001170960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 001154448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 001097216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 001051448 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000928120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-02-14 20:42 - 2020-02-14 20:42 - 000913408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000891736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000875448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000857088 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2020-02-14 20:42 - 2020-02-14 20:42 - 000824848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000768488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000704512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000673080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000661816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-02-14 20:42 - 2020-02-14 20:42 - 000637440 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000629760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000617784 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000587064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2020-02-14 20:42 - 2020-02-14 20:42 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000518456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2020-02-14 20:42 - 2020-02-14 20:42 - 000512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-02-14 20:42 - 2020-02-14 20:42 - 000467952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000416056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2020-02-14 20:42 - 2020-02-14 20:42 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-02-14 20:42 - 2020-02-14 20:42 - 000375504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000335448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpviewerax.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000311096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\msutb.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000259984 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000220984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-02-14 20:42 - 2020-02-14 20:42 - 000217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msutb.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\regapi.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000190464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regapi.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000179720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-02-14 20:42 - 2020-02-14 20:42 - 000165832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2020-02-14 20:42 - 2020-02-14 20:42 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatialAudioLicenseSrv.exe
2020-02-14 20:42 - 2020-02-14 20:42 - 000143160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000132624 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetDriverInstall.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000107832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000106808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2020-02-14 20:42 - 2020-02-14 20:42 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\keyiso.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetDriverInstall.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000072816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\findnetprinters.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.exe
2020-02-14 20:42 - 2020-02-14 20:42 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtutils.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000063288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-02-14 20:42 - 2020-02-14 20:42 - 000058880 _____ C:\WINDOWS\system32\runexehelper.exe
2020-02-14 20:42 - 2020-02-14 20:42 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Websocket.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcicda.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mciwave.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mciseq.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000020944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2020-02-14 20:42 - 2020-02-14 20:42 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsunattend.exe
2020-02-14 20:42 - 2020-02-14 20:42 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 007905208 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 006167552 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 004470784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 004005888 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 003728896 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-02-14 20:41 - 2020-02-14 20:41 - 003550208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 002870272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 002071552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 001841152 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 001830200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 001757096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-02-14 20:41 - 2020-02-14 20:41 - 001726480 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 001655880 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 001602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 001512320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-02-14 20:41 - 2020-02-14 20:41 - 001505592 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 001481216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 001480192 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-02-14 20:41 - 2020-02-14 20:41 - 001372160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-02-14 20:41 - 2020-02-14 20:41 - 001182232 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2020-02-14 20:41 - 2020-02-14 20:41 - 001083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 001009664 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000974336 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthSSO.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-02-14 20:41 - 2020-02-14 20:41 - 000758800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000747320 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000678928 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000642008 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-02-14 20:41 - 2020-02-14 20:41 - 000558592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-02-14 20:41 - 2020-02-14 20:41 - 000545432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000516648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2020-02-14 20:41 - 2020-02-14 20:41 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2020-02-14 20:41 - 2020-02-14 20:41 - 000465208 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000459896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-02-14 20:41 - 2020-02-14 20:41 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-02-14 20:41 - 2020-02-14 20:41 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000369504 _____ (Microsoft Corporation) C:\WINDOWS\system32\BCP47Langs.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SpeechPrivacy.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000324616 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-02-14 20:41 - 2020-02-14 20:41 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Winlangdb.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000186672 _____ (Microsoft Corporation) C:\WINDOWS\system32\BCP47mrm.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\globinputhost.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000127280 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000117264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2020-02-14 20:41 - 2020-02-14 20:41 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairingExperienceMEM.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-02-14 20:41 - 2020-02-14 20:41 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthSystray.exe
2020-02-14 20:41 - 2020-02-14 20:41 - 000071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2020-02-14 20:41 - 2020-02-14 20:41 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguageProfileCallback.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000037392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2020-02-14 20:41 - 2020-02-14 20:41 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2020-02-14 20:41 - 2020-02-14 20:41 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\bindflt.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 017787904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 006231200 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 004615376 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-02-14 20:40 - 2020-02-14 20:40 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 003590968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-02-14 20:40 - 2020-02-14 20:40 - 003110400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 002714624 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-02-14 20:40 - 2020-02-14 20:40 - 002284544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 002125904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 001942016 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 001413912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 001149928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-02-14 20:40 - 2020-02-14 20:40 - 001084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 001026792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-02-14 20:40 - 2020-02-14 20:40 - 000804872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2020-02-14 20:40 - 2020-02-14 20:40 - 000803840 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 000782848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 000750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 000737280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 000732200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 000727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntime.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 000716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntimewindows.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 000637968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2020-02-14 20:40 - 2020-02-14 20:40 - 000589592 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2020-02-14 20:40 - 2020-02-14 20:40 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-02-14 20:40 - 2020-02-14 20:40 - 000437776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2020-02-14 20:40 - 2020-02-14 20:40 - 000415808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 000296760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2020-02-14 20:40 - 2020-02-14 20:40 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-02-14 20:40 - 2020-02-14 20:40 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 000194064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2020-02-14 20:40 - 2020-02-14 20:40 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AarSvc.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2020-02-14 20:40 - 2020-02-14 20:40 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AppExecutionAlias.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_BackgroundApps.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 000128528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2020-02-14 20:40 - 2020-02-14 20:40 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationControlCSP.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 000089912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2020-02-14 20:40 - 2020-02-14 20:40 - 000088352 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-02-14 20:40 - 2020-02-14 20:40 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcicda.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 000047208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-02-14 20:40 - 2020-02-14 20:40 - 000034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mciwave.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mciseq.dll
2020-02-14 20:40 - 2020-02-14 20:40 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dstokenclean.exe
2020-02-14 01:10 - 2020-01-16 05:07 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-02-14 01:10 - 2020-01-16 04:23 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-02-06 01:06 - 2020-02-06 01:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2020-02-04 19:49 - 2020-02-04 19:49 - 000000000 ____D C:\Users\Administrator\AppData\Local\cache
2020-02-04 13:20 - 2020-02-04 13:20 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2020-02-04 13:20 - 2020-02-04 13:20 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2020-02-04 13:20 - 2020-02-04 13:20 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2020-02-04 13:20 - 2020-02-04 13:20 - 000044552 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2020-01-24 22:52 - 2020-02-19 16:33 - 000004172 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1547238604

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-02-19 18:16 - 2016-04-22 19:50 - 000000000 ____D C:\FRST
2020-02-19 18:13 - 2019-08-11 21:00 - 000004158 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{4346DC72-8560-4679-852D-4DFC6F90FB49}
2020-02-19 18:13 - 2019-08-11 20:18 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-02-19 18:07 - 2019-03-19 04:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-02-19 17:06 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-02-19 16:32 - 2019-08-12 03:24 - 000751234 _____ C:\WINDOWS\system32\perfh005.dat
2020-02-19 16:32 - 2019-08-12 03:24 - 000164518 _____ C:\WINDOWS\system32\perfc005.dat
2020-02-19 16:32 - 2019-08-11 20:29 - 001781194 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-02-19 16:32 - 2019-03-19 04:50 - 000000000 ____D C:\WINDOWS\INF
2020-02-19 16:26 - 2014-09-13 17:52 - 000005063 _____ C:\WINDOWS\SysWOW64\LOCALSERVICE.INI
2020-02-19 16:25 - 2009-09-07 14:42 - 000000943 _____ C:\WINDOWS\SysWOW64\bscs.ini
2020-02-19 16:24 - 2019-08-11 21:00 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-02-19 16:23 - 2019-03-19 04:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-02-19 16:22 - 2013-12-16 22:33 - 000000000 ____D C:\AdwCleaner
2020-02-19 16:18 - 2018-07-18 20:17 - 000000000 ____D C:\Users\Administrator\AppData\Local\CrashDumps
2020-02-19 01:23 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-02-18 22:38 - 2014-09-20 20:15 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-02-18 20:52 - 2015-09-30 18:26 - 000000000 ___RD C:\Users\Administrator\3D Objects
2020-02-18 20:52 - 2015-09-10 05:42 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-02-18 20:44 - 2019-08-11 20:18 - 005123992 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-02-18 20:38 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2020-02-18 20:38 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-02-18 20:38 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-02-18 20:38 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2020-02-18 20:38 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2020-02-18 20:38 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2020-02-18 20:38 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-02-18 20:38 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-02-18 20:37 - 2019-03-19 04:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2020-02-18 20:37 - 2019-03-19 04:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-02-18 20:37 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-02-18 20:37 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-02-18 20:37 - 2019-03-19 04:37 - 000000000 ____D C:\WINDOWS\servicing
2020-02-18 16:24 - 2019-03-19 04:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-02-16 23:28 - 2019-08-11 21:00 - 000004266 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-02-16 00:42 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-02-15 21:04 - 2019-10-25 17:58 - 000002429 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-02-15 21:04 - 2015-09-25 22:06 - 000000000 ___RD C:\Users\Administrator\OneDrive
2020-02-15 17:13 - 2014-06-21 13:36 - 000000000 ___RD C:\Users\Administrator\Dropbox
2020-02-14 23:39 - 2010-07-28 11:43 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2020-02-14 21:36 - 2015-08-25 22:20 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-02-14 21:29 - 2010-07-05 11:15 - 120407888 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-02-14 20:57 - 2019-03-19 04:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-02-08 18:07 - 2011-02-09 22:17 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Azureus
2020-02-08 17:16 - 2014-08-16 16:22 - 000000000 ____D C:\Program Files (x86)\Opera
2020-02-07 19:08 - 2019-08-11 21:00 - 000003948 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1423088991
2020-02-07 19:08 - 2018-03-09 19:57 - 000001156 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk
2020-02-06 03:06 - 2019-08-11 20:32 - 000000000 ____D C:\Users\Administrator
2020-02-06 01:07 - 2018-12-30 19:21 - 000000000 ____D C:\Program Files (x86)\Dropbox
2020-02-04 21:54 - 2011-04-10 20:03 - 000000000 ____D C:\Users\Administrator\Documents\Vuze Downloads
2020-02-04 21:53 - 2019-08-11 21:00 - 000003624 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-02-04 21:53 - 2019-08-11 21:00 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-02-04 21:53 - 2019-08-11 21:00 - 000003278 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
2020-02-04 21:53 - 2019-08-11 21:00 - 000003124 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-02-04 21:53 - 2019-08-11 21:00 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-02-04 21:53 - 2019-08-11 21:00 - 000002978 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-02-04 21:53 - 2019-08-11 21:00 - 000002474 _____ C:\WINDOWS\system32\Tasks\{CB50C5BC-2E0C-4BF8-A0BE-9B1908A49EBC}
2020-02-04 21:53 - 2019-08-11 21:00 - 000002420 _____ C:\WINDOWS\system32\Tasks\{6FE33958-2979-4FC5-ABBC-7DCE16700255}
2020-02-04 21:53 - 2019-08-11 21:00 - 000002410 _____ C:\WINDOWS\system32\Tasks\{C51C5F60-15B8-44A6-80FE-F94C1A28E364}
2020-02-04 21:53 - 2019-08-11 21:00 - 000002342 _____ C:\WINDOWS\system32\Tasks\{3B443DDB-226F-406A-8161-AAE960162048}
2020-02-04 21:53 - 2019-08-11 21:00 - 000002216 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-02-04 21:53 - 2019-08-11 21:00 - 000002024 _____ C:\WINDOWS\system32\Tasks\{5F88DBBA-CDE8-4AE1-85F9-20A0392DFCA9}
2020-02-04 21:53 - 2019-08-11 21:00 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2020-02-04 21:53 - 2013-09-08 17:53 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\vlc
2020-02-04 19:49 - 2019-11-09 03:14 - 000001248 _____ C:\Users\Administrator\Desktop\Dropbox.lnk
2020-02-02 16:36 - 2012-06-25 17:28 - 000000000 ____D C:\Users\Niki
2020-02-01 18:29 - 2012-12-14 00:49 - 000000000 ____D C:\Users\Administrator\Desktop\nikol Photo
2020-01-31 23:05 - 2018-12-30 19:21 - 000000932 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2020-01-31 23:05 - 2018-12-30 19:21 - 000000928 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2020-01-31 23:04 - 2019-08-11 20:32 - 000000000 ____D C:\Users\Guest
2020-01-28 21:20 - 2019-08-11 21:00 - 000003994 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2020-01-28 21:20 - 2019-08-11 21:00 - 000003762 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2020-01-28 12:02 - 2010-07-17 08:53 - 000000000 ____D C:\Program Files (x86)\WinRAR
2020-01-27 23:58 - 2014-11-20 20:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2020-01-27 23:57 - 2014-11-20 20:08 - 000099192 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2020-01-27 23:57 - 2009-12-07 09:38 - 000000000 ____D C:\Program Files (x86)\Java
2020-01-27 22:41 - 2014-07-14 18:46 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-01-27 22:41 - 2010-07-17 08:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-01-27 19:53 - 2017-08-30 19:41 - 000001146 _____ C:\Users\Public\Desktop\VLC media player.lnk
2020-01-27 19:53 - 2017-08-30 19:41 - 000001146 _____ C:\ProgramData\Desktop\VLC media player.lnk
2020-01-27 19:51 - 2015-01-27 20:24 - 000000000 ____D C:\Users\Administrator\Desktop\misc
2020-01-24 22:51 - 2014-08-16 21:43 - 000000000 ____D C:\Program Files\Microsoft Office 15

==================== Files in the root of some directories ========

2015-02-06 16:04 - 2015-02-06 16:04 - 000000132 _____ () C:\Users\Administrator\AppData\Roaming\Adobe BMP Format CS6 Prefs
2017-06-15 20:51 - 2017-06-15 20:51 - 000000000 _____ () C:\Users\Administrator\AppData\Roaming\wklnhst.dat

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-02-2020
Ran by Administrator (19-02-2020 18:19:28)
Running from C:\Users\Administrator\Downloads
Windows 10 Home Version 1903 18362.657 (X64) (2019-08-11 21:01:14)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4246815794-1745546178-596238576-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-4246815794-1745546178-596238576-503 - Limited - Disabled)
Guest (S-1-5-21-4246815794-1745546178-596238576-501 - Limited - Disabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-4246815794-1745546178-596238576-1002 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-4246815794-1745546178-596238576-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 29.0.0.112 - Adobe Systems Incorporated)
Adobe Flash Player 31 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 31.0.0.122 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
Bluesoleil 5.4.277.0 (HKLM\...\{FBBAB883-0BEE-4744-8062-281B213ADC1E}) (Version: 5.4.277.0 - IVT Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.61 - Piriform)
CCS64 V3.9.1 (HKLM-x32\...\{B7B5A370-3DFF-4F0E-AE11-FD267C4938AA}) (Version: 1.0.0 - Computerbrains C.C.S.)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Coolmuster Android SMS + Contacts Recovery (HKU\S-1-5-21-4246815794-1745546178-596238576-500\...\Coolmuster Android SMS + Contacts Recovery) (Version: 3.0.35 - Coolmuster)
DameWare Development Mirror Driver 64 Uninstall (HKLM\...\DamewareMirror) (Version: - )
Dropbox (HKLM-x32\...\Dropbox) (Version: 90.4.307 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.295.1 - Dropbox, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.116 - Google LLC)
Google Earth Pro (HKLM\...\{70A0F34E-564B-4F93-ADD6-3BAEC6E44075}) (Version: 7.3.2.5776 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden
HDMI Control Manager (HKLM\...\{63DA1F6A-2E65-4367-99B9-9E39FADEC446}) (Version: 2.0 - TOSHIBA CORPORATION) Hidden
HDMI Control Manager (HKLM-x32\...\{63DA1F6A-2E65-4367-99B9-9E39FADEC446}) (Version: 2.0 - TOSHIBA CORPORATION) Hidden
HDMI Control Manager (HKLM-x32\...\InstallShield_{63DA1F6A-2E65-4367-99B9-9E39FADEC446}) (Version: 2.0 - TOSHIBA CORPORATION)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.0.1006 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
iSunshare Windows Password Genius Standard Trial 6.1.3 (HKLM-x32\...\iSunshare Windows Password Genius Standard Trial) (Version: 6.1.3 - iSunshare)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Java 8 Update 201 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.34.2 - JMicron Technology Corp.)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 365 Small Business Premium - en-us (HKLM\...\O365SmallBusPremRetail - en-us) (Version: 15.0.5207.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4246815794-1745546178-596238576-500\...\OneDriveSetup.exe) (Version: 19.232.1124.0008 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
NVIDIA PhysX (HKLM-x32\...\{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}) (Version: 9.09.0814 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5207.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5207.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.5207.1000 - Microsoft Corporation) Hidden
Opera Stable 66.0.3515.72 (HKLM-x32\...\Opera 66.0.3515.72) (Version: 66.0.3515.72 - Opera Software)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Readon TV Movie Radio Player 7.6.0.0 (HKLM-x32\...\{80074966-5231-428D-9AE7-B7D5D2DC3246}) (Version: 7.6.0 - Readon Technology)
Realtek Ethernet Controller Driver For Windows Vista and Later (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5928 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{0FB630AB-7BD8-40AE-B223-60397D57C3C9}) (Version: 2.00.0006 - Realtek)
Samsung Kies3 (HKLM-x32\...\{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16044.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16044.2 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.10.0 - Synaptics Incorporated)
System Requirements Lab Detection (HKLM-x32\...\{A407FC22-36BF-4C82-A516-59D94BC505A9}) (Version: 1.0.5.0 - Husdawg, LLC)
TOSHIBA ConfigFree (HKLM-x32\...\{F3529665-D75E-4D6D-98F0-745C78C68E9B}) (Version: 8.0.25 - TOSHIBA Corporation)
TOSHIBA DVD PLAYER (HKLM-x32\...\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}) (Version: 3.01.1.07-A - TOSHIBA Corporation)
TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.3.64 - TOSHIBA Corporation)
TOSHIBA Flash Cards Support Utility (HKLM-x32\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.63.0.4C - TOSHIBA CORPORATION)
TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}) (Version: 1.63.0.16C - TOSHIBA CORPORATION)
TOSHIBA HDD Protection (HKLM\...\{94A90C69-71C1-470A-88F5-AA47ECC96B40}) (Version: 2.2.0.3 - TOSHIBA Corporation)
TOSHIBA HDD/SSD Alert (HKLM-x32\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.4 - TOSHIBA Corporation)
Toshiba Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.00 - TOSHIBA)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.5.6.64 - TOSHIBA Corporation)
TOSHIBA Recovery Media Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.0.4 x64 - TOSHIBA Corporation)
TOSHIBA Recovery Media Creator Reminder (HKLM-x32\...\InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}) (Version: 1.00.0019 - TOSHIBA)
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.2.9 - TOSHIBA)
TOSHIBA USB Sleep and Charge Utility (HKLM-x32\...\{E487EE7D-EAAA-4E2A-9116-E3B477D8A74F}) (Version: 1.3.2.0 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (HKLM-x32\...\{5E6F6CF3-BACC-4144-868C-E14622C658F3}) (Version: 1.1.1.9 - TOSHIBA Corporation)
TRORMCLauncher (HKLM\...\{E65C7D8E-186D-484B-BEA8-DEF0331CE600}) (Version: 1.0.0.9 - TOSHIBA) Hidden
TRORMCLauncher (HKLM-x32\...\InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
Utility Common Driver (HKLM-x32\...\{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}) (Version: 1.0.50.27C - TOSHIBA) Hidden
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM-x32\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Vuze (HKLM-x32\...\8461-7759-5462-8226) (Version: 5.7.4.0 - Azureus Software, Inc.)
Windows 7 Upgrade Advisor (HKLM-x32\...\{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}) (Version: 2.0.5000.0 - Microsoft Corporation)
Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
WinRAR 5.71 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Wolfenstein (HKLM-x32\...\{F9B37992-968C-4264-8449-489032FC28DE}) (Version: 1.0 - Activision) Hidden

Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-12] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.35.20273.0_x64__8wekyb3d8bbwe [2020-02-04] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-11] (Microsoft Studios) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad]
My Toshiba -> C:\Program Files\WindowsApps\EnnovaResearch.ToshibaPlaces_3.2.49.0_x64__3s2an63h56yee [2016-07-05] (Ennova Research)
WindowsDVDPlayer -> C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe [2016-07-05] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4246815794-1745546178-596238576-500_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Administrator\Dropbox [2014-06-21 13:36]
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DMRC Shell Extension V2] -> {358B5852-38EB-4549-9D8A-B90C9DCAD0DB} => C:\Windows\dwrcs\DWRCSh.DLL [2011-12-12] (DameWare Development, LLC. -> SolarWinds)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [DMRC Shell Extension V2] -> {358B5852-38EB-4549-9D8A-B90C9DCAD0DB} => C:\Windows\dwrcs\DWRCSh.DLL [2011-12-12] (DameWare Development, LLC. -> SolarWinds)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --remote-debugging-port=9223

==================== Loaded Modules (Whitelisted) =============

2009-09-02 08:43 - 2009-09-02 08:43 - 000114808 _____ () [File not signed] C:\Program Files (x86)\IVT Corporation\BlueSoleil\setup.dll
2009-09-02 08:46 - 2009-09-02 08:46 - 000009728 _____ () [File not signed] C:\Windows\System32\BsHelpCSps.dll
2008-03-07 12:54 - 2008-03-07 12:54 - 017892352 _____ () [File not signed] C:\Windows\system32\BsLangInDepRes.dll
2009-09-02 08:46 - 2009-09-02 08:46 - 000022016 _____ () [File not signed] C:\WINDOWS\System32\BsTrace.dll
2009-09-02 08:46 - 2009-09-02 08:46 - 000084480 _____ (IVT Corporation) [File not signed] C:\WINDOWS\System32\Bs2Res.dll
2009-09-02 08:48 - 2009-09-02 08:48 - 000174080 _____ (IVT Corporation) [File not signed] C:\WINDOWS\System32\BsCommon.dll
2009-09-02 08:47 - 2009-09-02 08:47 - 000403456 _____ (IVT Corporation) [File not signed] C:\WINDOWS\System32\BsMobileSDK.dll
2009-09-02 08:49 - 2009-09-02 08:49 - 000024576 _____ (IVT Corporation) [File not signed] C:\WINDOWS\System32\BsMonSvr.DLL
2009-09-02 08:47 - 2009-09-02 08:47 - 000327680 _____ (IVT Corporation) [File not signed] C:\WINDOWS\System32\BsSDK.dll
2009-09-02 08:49 - 2009-09-02 08:49 - 000754688 _____ (IVT Corporation) [File not signed] C:\Windows\system32\BsShell.dll
2009-07-13 14:36 - 2009-07-13 14:36 - 000260608 _____ (TOSHIBA Corporation.) [File not signed] C:\Program Files\Common Files\Toshiba Shared\HDMICEC.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Administrator\Desktop\Dark-S01E01(0000294547).srt:com.dropbox.attributes [168]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-05-04 16:53 - 2019-01-04 11:14 - 000001033 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com

2011-12-18 20:03 - 2011-12-18 20:03 - 000000374 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\system32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\QuickTime\QTSystem;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Skype\Phone\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-4246815794-1745546178-596238576-500\Control Panel\Desktop\\Wallpaper -> c:\users\administrator\appdata\local\packages\microsoft.windows.photos_8wekyb3d8bbwe\localstate\photosappbackground\{40599548-464c-4945-aa92-678953676e4c}.jpg
DNS Servers: 194.168.4.100 - 194.168.8.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: BecHelperService => 2
MSCONFIG\Services: cfWiMAXService => 2
MSCONFIG\Services: ConfigFree Service => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: TemproMonitoringService => 2
MSCONFIG\Services: Thpsrv => 2
MSCONFIG\Services: TMachInfo => 3
MSCONFIG\Services: TODDSrv => 2
MSCONFIG\Services: TosCoSrv => 2
MSCONFIG\Services: TOSHIBA eco Utility Service => 2
MSCONFIG\Services: TOSHIBA HDD SSD Alert Service => 3
MSCONFIG\Services: TPCHSrv => 3
MSCONFIG\Services: UNS => 2
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
HKLM\...\StartupApproved\Run: => "Toshiba Registration"
HKLM\...\StartupApproved\Run32: => "BtTray"
HKU\S-1-5-21-4246815794-1745546178-596238576-500\...\StartupApproved\Run: => "Remote Mouse"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{AC1418F5-32B8-4181-9D66-68153F490AFF}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{41BFFFD7-5BFA-492D-BABD-BE6ECD7A493C}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{5DD138EB-F1E6-47BF-B975-495E60A9D43D}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [{F00D0175-F701-40E4-B472-2EBD3DE94338}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [{C87D982E-2DCF-4176-BD52-7685F80AD7E1}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A297315D-B247-46E2-B2C2-6F3963BCF3C6}] => (Allow) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe (IVT Corporation) [File not signed]
FirewallRules: [{1BF48D9F-DF5E-4387-A2CD-CB80874D0527}] => (Allow) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe (IVT Corporation) [File not signed]
FirewallRules: [{979106D8-5B94-4C84-B362-3239DAC28BEF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{156A9C93-1C7C-4546-9700-A73955BE54BE}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [{891F6A02-CC56-4F89-AED6-B96FB41271BB}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [{AF793068-D948-4F96-92F2-78D3C9DA20FB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{23011A93-2744-4DAC-82CB-D921D9607590}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AA990127-17ED-4E15-94A8-D5DC6A5F72A1}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D119C592-22A6-44C6-87C6-A917845F477E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5C48F6A2-1FAA-475F-A5D9-4D99B5D1543A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D8ABC1D4-2BEC-49E2-8A32-370107136DEC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4BBF11B4-9A39-4577-8E20-3AB6B5A0E665}] => (Allow) C:\Users\Administrator\AppData\Local\Chromium\Application\chrome.exe (The Chromium Authors) [File not signed]
FirewallRules: [{6571338B-DAA3-4C10-B6EE-69661B3EF215}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2F9BE7B5-CAC3-40B3-9D4B-5E95325C129D}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{29041523-B740-44A7-A378-839ACC9FBB72}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{692FAE7E-C22F-4D8E-A8E8-41D3C7AD9D0E}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F4C48C1F-E91F-4160-B162-DBF3E81E6109}] => (Allow) C:\Windows\dwrcs\DWRCS.EXE (DameWare Development, LLC. -> SolarWinds)
FirewallRules: [{A625C9E7-9698-4A33-A9C1-E34C479CBADA}] => (Allow) c:\program files (x86)\opera\66.0.3515.44\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{BDC9679F-B430-4492-B2B1-AA525629F926}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{95308B96-6D29-4F4C-B58E-DA4B62EA2DEF}] => (Allow) c:\program files (x86)\opera\66.0.3515.72\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{40EF7105-FCF1-44D7-A305-E33247F626E7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{0AB236D4-D6FE-4651-8107-CD747D215F0C}] => (Allow) C:\Windows\dwrcs\DWRCS.EXE (DameWare Development, LLC. -> SolarWinds)

==================== Restore Points =========================

03-02-2020 04:54:45 Scheduled Checkpoint
13-02-2020 01:18:01 Scheduled Checkpoint
16-02-2020 19:09:41 Windows Update

==================== Faulty Device Manager Devices ============

Name: Microsoft Kernel Debug Network Adapter #2
Description: Microsoft Kernel Debug Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: kdnic
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (02/19/2020 05:16:41 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10204,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (02/19/2020 05:00:04 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (500,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (02/19/2020 04:53:23 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9172,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (02/19/2020 04:44:52 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1268,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (02/19/2020 04:32:33 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SystemSettings.exe version 10.0.18362.628 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 1d54

Start Time: 01d5e7420001429e

Termination Time: 4294967295

Application Path: C:\Windows\ImmersiveControlPanel\SystemSettings.exe

Report Id: a9cfc820-9f7d-46fd-a0c2-c478ca3e136b

Faulting package full name: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy

Faulting package-relative application ID: microsoft.windows.immersivecontrolpanel

Hang type: Cross-thread

Error: (02/19/2020 04:16:47 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (02/18/2020 11:53:21 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (224,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (02/18/2020 10:55:10 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7260,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.


System errors:
=============
Error: (02/19/2020 06:07:12 PM) (Source: DCOM) (EventID: 10010) (User: MICK)
Description: The server Microsoft.Windows.Photos_2020.19081.28230.0_x64__8wekyb3d8bbwe!App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca did not register with DCOM within the required timeout.

Error: (02/19/2020 05:49:38 PM) (Source: DCOM) (EventID: 10010) (User: MICK)
Description: The server Microsoft.Windows.Photos_2020.19081.28230.0_x64__8wekyb3d8bbwe!App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca did not register with DCOM within the required timeout.

Error: (02/19/2020 05:36:24 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.

Error: (02/19/2020 05:35:25 PM) (Source: DCOM) (EventID: 10010) (User: MICK)
Description: The server Microsoft.Windows.Photos_2020.19081.28230.0_x64__8wekyb3d8bbwe!App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca did not register with DCOM within the required timeout.

Error: (02/19/2020 05:30:18 PM) (Source: DCOM) (EventID: 10010) (User: MICK)
Description: The server Microsoft.Windows.Photos_2020.19081.28230.0_x64__8wekyb3d8bbwe!App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca did not register with DCOM within the required timeout.

Error: (02/19/2020 05:02:04 PM) (Source: DCOM) (EventID: 10010) (User: MICK)
Description: The server microsoft.windowscommunicationsapps_16005.12430.20136.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca did not register with DCOM within the required timeout.

Error: (02/19/2020 04:32:49 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Downloaded Maps Manager service hung on starting.

Error: (02/19/2020 04:22:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The DameWare Mini Remote Control service terminated unexpectedly. It has done this 1 time(s).


CodeIntegrity:
===================================

Date: 2020-02-19 18:14:02.205
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Alwil Software\Avast5\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-02-19 18:14:02.200
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Alwil Software\Avast5\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-02-19 18:13:51.538
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Alwil Software\Avast5\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-02-19 18:13:51.525
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Alwil Software\Avast5\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-02-19 17:37:08.407
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Alwil Software\Avast5\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2020-02-19 17:37:08.387
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Alwil Software\Avast5\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2020-02-19 17:36:59.274
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Alwil Software\Avast5\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2020-02-19 17:18:08.144
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Alwil Software\Avast5\aswhook.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: TOSHIBA 1.60 03/02/10
Motherboard: TOSHIBA NSKAA
Processor: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz
Percentage of memory in use: 62%
Total physical RAM: 3957.59 MB
Available physical RAM: 1498.63 MB
Total Virtual: 7925.59 MB
Available Virtual: 5246.6 MB

==================== Drives ================================

Drive c: (WINDOWS) (Fixed) (Total:232.88 GB) (Free:78.29 GB) NTFS
Drive d: (Data) (Fixed) (Total:232.49 GB) (Free:163.72 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{6962e0d4-3655-11df-8dd5-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:0.39 GB) (Free:0.18 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 22F49805)
Partition 1: (Not Active) - (Size=400 MB) - (Type=27)
Partition 2: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=232.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Re: extreme pomale pc

Napsal: 19 úno 2020 19:49
od JaRon
Otazka znela, ci velkost adresara plocha nepresahuje 1GB :???:
Logy pozriem zajtra

Re: extreme pomale pc

Napsal: 19 úno 2020 20:45
od boutek
Uz chapu. Adresar desktop ma 24gb. :o

Re: extreme pomale pc

Napsal: 19 úno 2020 20:52
od JaRon
Tak to poupratuj, restart PC a napis, ci je to lepsie :James008:

Re: extreme pomale pc

Napsal: 19 úno 2020 23:21
od boutek
Rozdil je ted velky. Netusil sem, ze mit velke soubory na plose, je tak nezadouci. Par nesmyslu porad startuje, bud spolecne s OS, nebo pri spusteni browseru, ale to predpokladam, se da napravit v nastaveni. Jeste jednou velke diky za Vas cas a pomoc. Urcite financne podporim, jen musim prijit na to jak, kdyz mam jen Barclays a COOP ucet. Skoda, ze to nejde pres pay pal.

Re: extreme pomale pc

Napsal: 20 úno 2020 07:13
od JaRon
este slubeny fixlist - citat:
Tvorba fixlistu pro FRST
•Spustte poznamkovy blok (Start-spustit-notepad)
•Zkopirujte skript >>

Kód: Vybrat vše

Start
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> 
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {2BAA2B32-8A08-434C-98FD-16DE1B6B13BF} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {65e88037-46b5-450e-a4d9-58b52c9391ff} - no filepath
Task: {A68EC263-3CBA-4055-BAA9-32F0105DC451} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {F797E113-7D13-4DD0-9E5F-38D803ECEE8E} - \Games\UpdateCheck_S-1-5-21-4246815794-1745546178-596238576-1000 -> No File <==== ATTENTION
ContextMenuHandlers1: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
AlternateDataStreams: C:\Users\Administrator\Desktop\Dark-S01E01(0000294547).srt:com.dropbox.attributes [168]



EmptyTemp:
Hosts:
Reboot:
End
•Ulozte vytvoreny TXT jako fixlist.txt
•Presunte vytvoreny fixlist vedle FRST

:arrow: Spustte znovu FRST.exe
•Kliknete na Fix
•Probehne oprava a vytvori log Fixlog.txt

:arrow: Restart PC a dejte mi sem fixlog.txt

Re: extreme pomale pc

Napsal: 23 úno 2020 15:56
od boutek
Ajajaj. Ja se strasne omlouvam. Ja sem Vas neignoroval, jen jsem nevedel, ze tu mam od Vas dalsi radu. Opravdu se omlouvam a diky moc!

Fix result of Farbar Recovery Scan Tool (x64) Version: 23-02-2020
Ran by Administrator (23-02-2020 14:42:29) Run:1
Running from C:\Users\Administrator\Desktop\frst
Loaded Profiles: Administrator & Guest (Available Profiles: Administrator & Guest)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {2BAA2B32-8A08-434C-98FD-16DE1B6B13BF} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {65e88037-46b5-450e-a4d9-58b52c9391ff} - no filepath
Task: {A68EC263-3CBA-4055-BAA9-32F0105DC451} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {F797E113-7D13-4DD0-9E5F-38D803ECEE8E} - \Games\UpdateCheck_S-1-5-21-4246815794-1745546178-596238576-1000 -> No File <==== ATTENTION
ContextMenuHandlers1: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
AlternateDataStreams: C:\Users\Administrator\Desktop\Dark-S01E01(0000294547).srt:com.dropbox.attributes [168]



EmptyTemp:
Hosts:
Reboot:
End
*****************

HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{503739d0-4c5e-4cfd-b3ba-d881334f0df2}" => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2BAA2B32-8A08-434C-98FD-16DE1B6B13BF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2BAA2B32-8A08-434C-98FD-16DE1B6B13BF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{65e88037-46b5-450e-a4d9-58b52c9391ff}" => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A68EC263-3CBA-4055-BAA9-32F0105DC451} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A68EC263-3CBA-4055-BAA9-32F0105DC451} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F797E113-7D13-4DD0-9E5F-38D803ECEE8E} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F797E113-7D13-4DD0-9E5F-38D803ECEE8E} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Games\UpdateCheck_S-1-5-21-4246815794-1745546178-596238576-1000 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\###MegaContextMenuExt => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\###MegaContextMenuExt => removed successfully
"C:\Users\Administrator\Desktop\Dark-S01E01(0000294547).srt" => ":com.dropbox.attributes" ADS not found.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 30664439 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 7047005 B
Edge => 24589 B
Chrome => 194582748 B
Firefox => 0 B
Opera => 19792922 B

Temp, IE cache, history, cookies, recent:
Default => 39216 B
Users => 39216 B
ProgramData => 39216 B
Public => 39216 B
systemprofile => 39216 B
systemprofile32 => 39216 B
LocalService => 49310 B
NetworkService => 49310 B
Administrator => 39827578 B
Guest => 39912774 B

RecycleBin => 0 B
EmptyTemp: => 326.6 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 14:43:46 ====

Re: extreme pomale pc

Napsal: 23 úno 2020 17:54
od JaRon
V pohode, hlavny problem bol vo velkosti plochy,
ale ked si uz tu tak sme aj vycistili☺
Hotovo - pekny den
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz