Vírus destyy.com a zákerné otváranie okien
Napsal: 10 srp 2019 18:41
Čaute chalani,
Už asi 4 hodiny som strávil tak, že sa chcem zbaviť vírusu, ktorý po zapnutí počítača spustí prehliadač a otvorí dve reklamné okná (stránka destyy.com). Začne to tak, že po zapnutí pc na 2 sek sa spustí CMD, tam naskočí "update check.." nič len čierne prázdne okno a potom sa vypne a potom už naskakuje Chrome ktorý to otvára.
Čo som všetko spravil a stále som to neodstránil
- pozrel som zoznam nainštalovaných programov
- preskenoval som to eset, spybot, malwarebytes,junkware removal tool,,eset online skener,
- pozeral som procesy na pozadí nič som také nenašiel
- task scheduler som pozeral a nemám tam event
- host txt som čekol
- ikona prehliadača a vlastnosti či tam niečo nemá
- resetol som v chrome na pôvodné nastavenia
Už neviem čo by som spravil, googlil som to samozrejme a tie vyššie úlohy som odtiaľ nabral, ale stále sa neviem toho zbaviť. Má niekto nejaký nápad?
Určite je to v tom, že ten cmd sa zapne tam dá nejaký update check a potom na to sa spúšťa prehliadač, len neviem ako nájsť ten súbor, alebo proces.
Posielam aj logy:
Už asi 4 hodiny som strávil tak, že sa chcem zbaviť vírusu, ktorý po zapnutí počítača spustí prehliadač a otvorí dve reklamné okná (stránka destyy.com). Začne to tak, že po zapnutí pc na 2 sek sa spustí CMD, tam naskočí "update check.." nič len čierne prázdne okno a potom sa vypne a potom už naskakuje Chrome ktorý to otvára.
Čo som všetko spravil a stále som to neodstránil
- pozrel som zoznam nainštalovaných programov
- preskenoval som to eset, spybot, malwarebytes,junkware removal tool,,eset online skener,
- pozeral som procesy na pozadí nič som také nenašiel
- task scheduler som pozeral a nemám tam event
- host txt som čekol
- ikona prehliadača a vlastnosti či tam niečo nemá
- resetol som v chrome na pôvodné nastavenia
Už neviem čo by som spravil, googlil som to samozrejme a tie vyššie úlohy som odtiaľ nabral, ale stále sa neviem toho zbaviť. Má niekto nejaký nápad?
Určite je to v tom, že ten cmd sa zapne tam dá nejaký update check a potom na to sa spúšťa prehliadač, len neviem ako nájsť ten súbor, alebo proces.
Posielam aj logy:
Kód: Vybrat vše
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10-08-2019
Ran by T450 (administrator) on TOMAS (LENOVO 20BUS0X10N) (10-08-2019 19:24:01)
Running from C:\Users\T450\Desktop
Loaded Profiles: T450 (Available Profiles: T450)
Platform: Windows 10 Pro Version 1803 17134.885 (X64) Language: Angličtina (USA)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Disig a.s. -> Disig a.s.) C:\Program Files (x86)\Disig\Disig Web Signer 1.0.7\Updater\WebSignerTray.exe
(F.lux Software LLC -> f.lux Software LLC) C:\Users\T450\AppData\Local\FluxSoftware\Flux\flux.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_a6dc7343c725f003\driver\shtctky.exe
(Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_a6dc7343c725f003\driver\tphkload.exe
(Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_a6dc7343c725f003\driver\tpnumlkd.exe
(Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_a6dc7343c725f003\driver\tposd.exe
(Lenovo -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Lenovo -> Lenovo.) C:\Windows\System32\LPlatSvc.exe
(Lenovo -> Lenovo.) C:\Windows\System32\LPlatSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\HelpPane.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\hvsimgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\hvsirdpclient.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\hvsirpcd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LsaIso.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vmcompute.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1907.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1907.4-0\NisSrv.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\vmwp.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Solid Documents, LLC) [File not signed] C:\Program Files (x86)\SolidDocuments\Solid Converter PDF\SCPDFV6\SolidConverterPDFServicex64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics Incorporated -> Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(troubadix) [File not signed] C:\Program Files\TPFanControl\TPFanControl.exe
(VideoLAN -> VideoLAN) C:\Program Files\VideoLAN\VLC\vlc.exe
Failed to access process -> vmmem
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [TPFanControl] => C:\Program Files\TPFanControl\TPFanControl.exe [156672 2013-02-02] (troubadix) [File not signed]
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508240 2015-08-05] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-03-24] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [456160 2019-04-18] (Power Software Limited -> Power Software Ltd)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\Run: [f.lux] => C:\Users\T450\AppData\Local\FluxSoftware\Flux\flux.exe [1378824 2019-05-07] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2019-01-15] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2019-01-15] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2019-01-15] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2019-01-15] (Apple Inc. -> Apple Inc.)
HKLM\...\Drivers32: [VIDC.X264] => C:\WINDOWS\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\system32\lagarith.dll [148992 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\WINDOWS\system32\xvidvfw.dll [311296 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [284672 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.100\Installer\chrmstp.exe [2019-08-10] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\update.bat [2019-05-05] () [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Web Signer.lnk [2018-10-06]
ShortcutTarget: Web Signer.lnk -> C:\Program Files (x86)\Disig\Disig Web Signer 1.0.7\Updater\WebSignerTray.exe (Disig a.s. -> Disig a.s.)
BootExecute: autocheck autochk * bootdelete
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {081AD513-5918-4D9B-8FD5-283B6882A50A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1236048 2019-07-24] (Adobe Inc. -> Adobe Systems)
Task: {22265DBF-9DFB-4CF4-90E3-1764DC69A632} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
Task: {25C5D5BD-BF3D-4FA9-AD2A-DD1E6E25C7C5} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1493984 2017-09-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {46B3094D-8B02-4139-AD49-B1D80B8C787A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5E25BCEE-D4C2-4E61-8C48-ADBD7BA86A29} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-03-10] (Google Inc -> Google Inc.)
Task: {6CE5E028-AA52-4146-A3B5-D97D270370F6} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_pepper.exe [1453112 2019-07-09] (Adobe Inc. -> Adobe)
Task: {7DACB74C-F8A1-454D-9E40-E0E26C0EB02F} - System32\Tasks\Lenovo Power Management Driver PnP Task => C:\WINDOWS\System32\ibmpmsvc.exe [855968 2018-05-23] (Lenovo -> Lenovo.)
Task: {8391F2FE-C99B-4410-BC71-39350BC53003} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-07-09] (Adobe Inc. -> Adobe)
Task: {92296A20-0D36-4F43-A0F4-6BC7BED0E19A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AC061F61-8814-44EC-AA6B-1F28ED3FC67B} - System32\Tasks\AdobeGCInvoker-1.0-TOMAS-T450 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {ACB553D5-E46E-49DC-8B50-33CA4F026671} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {C3569B8E-EAF8-43D6-8D26-3017880ED25B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-03-10] (Google Inc -> Google Inc.)
Task: {C3AC5672-755E-4549-8A37-4D2B4A624F8C} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-4265333793-1255850415-3889696489-1001 => C:\Users\T450\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe
Task: {CCD47C80-EEC9-461F-9E98-BAF1A5F6EFC5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D049F954-0DC7-4C0B-95E6-1CE1B31C51B7} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgrInst.exe
Task: {E5FC72C6-53AE-4680-8D96-108E23CFEC56} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1493984 2017-09-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {E9982440-C006-48E5-9477-2EC8211DACF3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0017f890-ab82-4120-81c3-beb49c53563d}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2d25847a-b084-4369-b68c-f81d00c7069c}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2eb10214-7d35-4f37-addf-88e59d1b6b99}: [DhcpNameServer] 172.20.10.1
Internet Explorer:
==================
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
BHO: Spyware Terminator 2015 Internet Guard -> {82A76710-4F98-4957-92BE-99648A4E2475} -> C:\PROGRA~2\SPYWAR~1\STINTE~2.DLL => No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
FireFox:
========
FF DefaultProfile: qtkw9hyo.default
FF ProfilePath: C:\Users\T450\AppData\Roaming\Mozilla\Firefox\Profiles\qtkw9hyo.default [2019-08-10]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-08-06] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-16] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-16] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-08-06] (Adobe Systems Incorporated -> Adobe Systems)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.google.sk/
CHR StartupUrls: Default -> "hxxps://mail.google.com/mail/u/0/#inbox","hxxps://app.livechatoo.com/tomaskolen/operator/sk/chat"
CHR Profile: C:\Users\T450\AppData\Local\Google\Chrome\User Data\Default [2019-08-10]
CHR DownloadDir: C:\Users\T450\Desktop
CHR Extension: (Dokumenty) - C:\Users\T450\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-10]
CHR Extension: (Disk Google) - C:\Users\T450\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\T450\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-03-10]
CHR Extension: (Chrome IG Story) - C:\Users\T450\AppData\Local\Google\Chrome\User Data\Default\Extensions\bojgejgifofondahckoaahkilneffhmf [2019-02-16]
CHR Extension: (Adobe Acrobat) - C:\Users\T450\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-06-11]
CHR Extension: (Full Page Screen Capture) - C:\Users\T450\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoalclacl [2019-08-10]
CHR Extension: (Tabuľky) - C:\Users\T450\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-03-10]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\T450\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-17]
CHR Extension: (AdBlock) - C:\Users\T450\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-08-10]
CHR Extension: (Go Fucking Work) - C:\Users\T450\AppData\Local\Google\Chrome\User Data\Default\Extensions\hibmkkpfegfiinilnlabbfnjcopdiiig [2018-08-17]
CHR Extension: (Linkclump) - C:\Users\T450\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfpjkncokllnfokkgpkobnkbkmelfefj [2019-04-19]
CHR Extension: (Boomerang for Gmail) - C:\Users\T450\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdanidgdpmkimeiiojknlnekblgmpdll [2019-06-29]
CHR Extension: (Kontrola pošty Google) - C:\Users\T450\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2018-03-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\T450\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-03-19]
CHR Extension: (Disig Web Signer 1.0.7) - C:\Users\T450\AppData\Local\Google\Chrome\User Data\Default\Extensions\odbdbcaekkgabdfaabepfjgiooilmaoe [2018-11-14]
CHR Extension: (LinkMiner) - C:\Users\T450\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogdhdnpiclkaeicicamopfohidjokoom [2018-03-10]
CHR Extension: (Gmail) - C:\Users\T450\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\T450\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-08-10]
CHR Profile: C:\Users\T450\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-06-13]
CHR Profile: C:\Users\T450\AppData\Local\Google\Chrome\User Data\System Profile [2019-06-26]
CHR HKLM\...\Chrome\Extension: [fcbhdhpamoencpdogjnmnbjddipfkpad] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fcbhdhpamoencpdogjnmnbjddipfkpad] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [odbdbcaekkgabdfaabepfjgiooilmaoe] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3117648 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2888272 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-03-08] (Apple Inc. -> Apple Inc.)
S3 gcs; C:\WINDOWS\system32\vmcomputeagent.exe [1292704 2018-09-23] (Microsoft Windows -> Microsoft Corporation)
R3 hns; C:\WINDOWS\System32\HostNetSvc.dll [1741312 2019-02-16] (Microsoft Windows -> Microsoft Corporation)
R2 hvsics; C:\WINDOWS\System32\hvsicontainerservice.dll [1073168 2019-07-04] (Microsoft Windows -> Microsoft Corporation)
R2 hvsics; C:\WINDOWS\SysWOW64\hvsicontainerservice.dll [22936 2018-05-20] (Microsoft Windows -> Microsoft Corporation)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [532968 2018-05-19] (Intel Corporation -> Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373656 2018-05-24] (Intel(R) pGFX -> Intel Corporation)
R2 LPlatSvc; C:\WINDOWS\System32\LPlatSvc.exe [774040 2018-05-23] (Lenovo -> Lenovo.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
S4 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265824 2018-06-25] (Intel Corporation -> )
R3 nvagent; C:\WINDOWS\System32\NvAgent.dll [31232 2018-09-23] (Microsoft Windows -> Microsoft Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324576 2017-09-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 SCPDFReadSpool; C:\Program Files (x86)\SolidDocuments\Solid Converter PDF\SCPDFV6\SolidConverterPDFServicex64.exe [320512 2009-10-23] (Solid Documents, LLC) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5073792 2019-07-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [277144 2018-11-19] (Synaptics Incorporated -> Synaptics Incorporated)
R2 TPHKLOAD; C:\WINDOWS\System32\DriverStore\FileRepository\fn.inf_amd64_a6dc7343c725f003\driver\TPHKLOAD.exe [422544 2018-07-18] (Lenovo -> Lenovo Group Limited)
R3 vmcompute; C:\WINDOWS\system32\vmcompute.exe [3014144 2019-07-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\NisSrv.exe [2552416 2019-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MsMpEng.exe [108832 2019-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3848800 2018-06-25] (Intel Corporation -> Intel® Corporation)
S2 Lenovo Instant On; "C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\EasyResume.exe" [X]
S3 SUService; "C:\Program Files (x86)\Lenovo\System Update\SUService.exe" [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2017-11-16] (AnchorFree Inc -> The OpenVPN Project)
R1 hvsifltr; C:\WINDOWS\System32\drivers\hvsifltr.sys [52728 2018-11-09] (Microsoft Windows -> Microsoft Corporation)
R3 hvsocketcontrol; C:\WINDOWS\system32\drivers\hvsocketcontrol.sys [26624 2018-09-23] (Microsoft Windows -> Microsoft Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [136728 2018-05-16] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R0 IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [88256 2015-06-09] (Intel(R) Software -> Intel Corporation)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2014-08-15] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [8709656 2018-06-30] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R0 PMDRVS; C:\WINDOWS\System32\drivers\pmdrvs.sys [44232 2018-05-23] (Lenovo -> Lenovo.)
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [786688 2016-08-24] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [54928 2018-11-19] (Synaptics Incorporated -> Synaptics Incorporated)
R3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv64.sys [757824 2016-12-26] (SUNPLUS INNOVATION TECHNOLOGY INC. -> Sunplus Innovation Technology Inc.)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
R1 VfpExt; C:\WINDOWS\System32\drivers\vfpext.sys [1248256 2018-11-07] (Microsoft Windows -> Microsoft Corporation)
R0 VMSNPXY; C:\WINDOWS\System32\drivers\VmsProxyHNic.sys [36768 2018-09-12] (Microsoft Windows -> Microsoft Corporation)
R3 VMSNPXYMP; C:\WINDOWS\System32\drivers\VmsProxyHNic.sys [36768 2018-09-12] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [47496 2019-08-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [344288 2019-08-10] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54496 2019-08-10] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
NETSVC: nvagent -> C:\Windows\System32\NvAgent.dll (Microsoft Corporation)
NETSVC: hns -> C:\Windows\System32\HostNetSvc.dll (Microsoft Corporation)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-08-10 19:24 - 2019-08-10 19:25 - 000031871 ____C C:\Users\T450\Desktop\FRST.txt
2019-08-10 19:23 - 2019-08-10 19:24 - 000000000 ____D C:\FRST
2019-08-10 19:23 - 2019-08-10 19:23 - 002097664 ____C (Farbar) C:\Users\T450\Desktop\FRST64.exe
2019-08-10 19:18 - 2019-08-10 19:18 - 000114842 ____C C:\Users\T450\.recently-used.xbel
2019-08-10 16:17 - 2019-08-10 16:17 - 000000762 ____C C:\Users\T450\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2019-08-10 16:14 - 2019-08-10 16:25 - 000003700 _____ C:\WINDOWS\System32\Tasks\Lenovo Power Management Driver PnP Task
2019-08-10 16:07 - 2019-08-10 16:09 - 000302680 _____ C:\TDSSKiller.3.1.0.28_10.08.2019_16.07.56_log.txt
2019-08-10 15:04 - 2019-07-04 11:45 - 001786680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2019-08-10 15:04 - 2019-07-04 11:43 - 000094008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-08-10 15:04 - 2019-07-04 11:41 - 001073168 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvsicontainerservice.dll
2019-08-10 15:04 - 2019-07-04 11:41 - 000336936 _____ (Microsoft Corporation) C:\WINDOWS\system32\HvsiSettingsProvider.dll
2019-08-10 15:04 - 2019-07-04 11:41 - 000304144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
2019-08-10 15:04 - 2019-07-04 11:41 - 000164152 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvsirpcd.exe
2019-08-10 15:04 - 2019-07-04 11:40 - 021390504 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-08-10 15:04 - 2019-07-04 11:40 - 001631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-08-10 15:04 - 2019-07-04 11:40 - 001616840 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-08-10 15:04 - 2019-07-04 11:40 - 000790416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-08-10 15:04 - 2019-07-04 11:22 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2019-08-10 15:04 - 2019-07-04 11:22 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-08-10 15:04 - 2019-07-04 11:21 - 008627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-08-10 15:04 - 2019-07-04 11:20 - 001609216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-08-10 15:04 - 2019-07-04 11:19 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2019-08-10 15:04 - 2019-07-04 11:18 - 003614208 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-08-10 15:04 - 2019-07-04 11:18 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-08-10 15:04 - 2019-07-04 10:56 - 001453416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-08-10 15:04 - 2019-07-04 10:54 - 000662352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-08-10 15:04 - 2019-07-04 10:51 - 020384128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-08-10 15:04 - 2019-07-04 10:41 - 007990784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-08-10 15:04 - 2019-07-04 10:37 - 002882048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-08-10 15:04 - 2019-07-04 10:36 - 001471488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-08-10 15:04 - 2019-07-04 07:00 - 001035040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-08-10 15:04 - 2019-07-04 06:58 - 001328440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2019-08-10 15:04 - 2019-07-04 06:58 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-08-10 15:04 - 2019-07-04 06:58 - 000416312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2019-08-10 15:04 - 2019-07-04 06:58 - 000192824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-08-10 15:04 - 2019-07-04 06:57 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-08-10 15:04 - 2019-07-04 06:57 - 001027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-08-10 15:04 - 2019-07-04 06:57 - 000986128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2019-08-10 15:04 - 2019-07-04 06:57 - 000776784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-08-10 15:04 - 2019-07-04 06:57 - 000723728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-08-10 15:04 - 2019-07-04 06:57 - 000708696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-08-10 15:04 - 2019-07-04 06:57 - 000568104 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-08-10 15:04 - 2019-07-04 06:57 - 000362264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2019-08-10 15:04 - 2019-07-04 06:57 - 000209424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-08-10 15:04 - 2019-07-04 06:57 - 000194360 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-08-10 15:04 - 2019-07-04 06:57 - 000137656 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2019-08-10 15:04 - 2019-07-04 06:57 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-08-10 15:04 - 2019-07-04 06:57 - 000091776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2019-08-10 15:04 - 2019-07-04 06:56 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-08-10 15:04 - 2019-07-04 06:56 - 007519896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-08-10 15:04 - 2019-07-04 06:56 - 007436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-08-10 15:04 - 2019-07-04 06:56 - 002810680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-08-10 15:04 - 2019-07-04 06:56 - 002571640 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-08-10 15:04 - 2019-07-04 06:56 - 001566520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2019-08-10 15:04 - 2019-07-04 06:56 - 001459120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-08-10 15:04 - 2019-07-04 06:56 - 001260776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-08-10 15:04 - 2019-07-04 06:56 - 001141496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-08-10 15:04 - 2019-07-04 06:56 - 000983936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-08-10 15:04 - 2019-07-04 06:56 - 000767536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-08-10 15:04 - 2019-07-04 06:56 - 000734952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-08-10 15:04 - 2019-07-04 06:56 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-08-10 15:04 - 2019-07-04 06:56 - 000604984 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-08-10 15:04 - 2019-07-04 06:56 - 000493752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-08-10 15:04 - 2019-07-04 06:56 - 000115512 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-08-10 15:04 - 2019-07-04 06:43 - 000832016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2019-08-10 15:04 - 2019-07-04 06:43 - 000665440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-08-10 15:04 - 2019-07-04 06:43 - 000328696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2019-08-10 15:04 - 2019-07-04 06:43 - 000287376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2019-08-10 15:04 - 2019-07-04 06:43 - 000191800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-08-10 15:04 - 2019-07-04 06:42 - 006570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-08-10 15:04 - 2019-07-04 06:42 - 006044008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-08-10 15:04 - 2019-07-04 06:42 - 002479176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-08-10 15:04 - 2019-07-04 06:42 - 001980984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-08-10 15:04 - 2019-07-04 06:42 - 001427768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2019-08-10 15:04 - 2019-07-04 06:42 - 000573808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2019-08-10 15:04 - 2019-07-04 06:42 - 000356312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2019-08-10 15:04 - 2019-07-04 06:42 - 000097272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2019-08-10 15:04 - 2019-07-04 06:41 - 000559328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-08-10 15:04 - 2019-07-04 06:37 - 025857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-08-10 15:04 - 2019-07-04 06:33 - 022017536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-08-10 15:04 - 2019-07-04 06:29 - 022717440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-08-10 15:04 - 2019-07-04 06:27 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpcivsp.sys
2019-08-10 15:04 - 2019-07-04 06:26 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-08-10 15:04 - 2019-07-04 06:26 - 003014144 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmcompute.exe
2019-08-10 15:04 - 2019-07-04 06:26 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-08-10 15:04 - 2019-07-04 06:26 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-08-10 15:04 - 2019-07-04 06:25 - 019372544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-08-10 15:04 - 2019-07-04 06:25 - 007589888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-08-10 15:04 - 2019-07-04 06:25 - 004861440 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-08-10 15:04 - 2019-07-04 06:25 - 003401216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-08-10 15:04 - 2019-07-04 06:25 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2019-08-10 15:04 - 2019-07-04 06:25 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2019-08-10 15:04 - 2019-07-04 06:24 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2019-08-10 15:04 - 2019-07-04 06:24 - 000567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-08-10 15:04 - 2019-07-04 06:24 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-08-10 15:04 - 2019-07-04 06:24 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-08-10 15:04 - 2019-07-04 06:23 - 001765888 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-08-10 15:04 - 2019-07-04 06:23 - 001217536 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-08-10 15:04 - 2019-07-04 06:23 - 000786432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2019-08-10 15:04 - 2019-07-04 06:22 - 003707904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-08-10 15:04 - 2019-07-04 06:22 - 002587648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2019-08-10 15:04 - 2019-07-04 06:22 - 002176000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-08-10 15:04 - 2019-07-04 06:22 - 001561088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-08-10 15:04 - 2019-07-04 06:22 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-08-10 15:04 - 2019-07-04 06:22 - 001175552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2019-08-10 15:04 - 2019-07-04 06:22 - 000578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmcompute.dll
2019-08-10 15:04 - 2019-07-04 06:22 - 000300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2019-08-10 15:04 - 2019-07-04 06:22 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2019-08-10 15:04 - 2019-07-04 06:22 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2019-08-10 15:04 - 2019-07-04 06:21 - 005784064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-08-10 15:04 - 2019-07-04 06:21 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-08-10 15:04 - 2019-07-04 06:21 - 003202560 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-08-10 15:04 - 2019-07-04 06:21 - 002166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-08-10 15:04 - 2019-07-04 06:21 - 001920000 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-08-10 15:04 - 2019-07-04 06:21 - 001220608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2019-08-10 15:04 - 2019-07-04 06:21 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-08-10 15:04 - 2019-07-04 06:21 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2019-08-10 15:04 - 2019-07-04 06:21 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2019-08-10 15:04 - 2019-07-04 06:20 - 001156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-08-10 15:04 - 2019-07-04 06:20 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-08-10 15:04 - 2019-07-04 06:20 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-08-10 15:04 - 2019-07-04 06:20 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2019-08-10 15:04 - 2019-07-04 06:19 - 000886272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-08-10 15:04 - 2019-07-04 06:19 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-08-10 15:04 - 2019-07-04 06:18 - 002602496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-08-10 15:04 - 2019-07-04 06:18 - 001076224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-08-10 15:04 - 2019-07-04 06:18 - 000965632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2019-08-10 15:04 - 2019-07-04 06:18 - 000953344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2019-08-10 15:04 - 2019-07-04 06:18 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2019-08-10 15:04 - 2019-07-04 06:17 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-08-10 15:04 - 2019-07-04 05:01 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2019-08-10 15:04 - 2019-06-21 10:50 - 000280584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2019-08-10 15:04 - 2019-06-13 14:15 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-08-10 15:04 - 2019-06-13 14:12 - 002871848 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-08-10 15:04 - 2019-06-13 14:05 - 000810296 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-08-10 15:04 - 2019-06-13 14:04 - 001721144 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-08-10 15:04 - 2019-06-13 14:00 - 000464696 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-08-10 15:04 - 2019-06-13 13:59 - 000740664 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-08-10 15:04 - 2019-06-13 13:58 - 000637752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-08-10 15:04 - 2019-06-13 13:58 - 000071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-08-10 15:04 - 2019-06-13 13:56 - 000164152 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-08-10 15:04 - 2019-06-13 13:43 - 001427984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2019-08-10 15:04 - 2019-06-13 13:43 - 001048480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2019-08-10 15:04 - 2019-06-13 13:42 - 004038688 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-08-10 15:04 - 2019-06-13 13:42 - 002266936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2019-08-10 15:04 - 2019-06-13 13:42 - 000652088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2019-08-10 15:04 - 2019-06-13 13:42 - 000566536 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2019-08-10 15:04 - 2019-06-13 13:41 - 001626936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2019-08-10 15:04 - 2019-06-13 13:41 - 000830264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2019-08-10 15:04 - 2019-06-13 13:41 - 000825144 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2019-08-10 15:04 - 2019-06-13 13:41 - 000670008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2019-08-10 15:04 - 2019-06-13 13:40 - 000749880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2019-08-10 15:04 - 2019-06-13 13:40 - 000540984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-08-10 15:04 - 2019-06-13 13:40 - 000495416 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2019-08-10 15:04 - 2019-06-13 13:38 - 000766264 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2019-08-10 15:04 - 2019-06-13 13:37 - 000101192 _____ (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe
2019-08-10 15:04 - 2019-06-13 13:36 - 000251000 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2019-08-10 15:04 - 2019-06-13 13:36 - 000236520 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2019-08-10 15:04 - 2019-06-13 13:35 - 001376688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-08-10 15:04 - 2019-06-13 13:34 - 000146888 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
2019-08-10 15:04 - 2019-06-13 13:18 - 006586880 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-08-10 15:04 - 2019-06-13 13:18 - 004847104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-08-10 15:04 - 2019-06-13 13:17 - 012756992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-08-10 15:04 - 2019-06-13 13:17 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll
2019-08-10 15:04 - 2019-06-13 13:17 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2019-08-10 15:04 - 2019-06-13 13:17 - 000109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2019-08-10 15:04 - 2019-06-13 13:17 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2019-08-10 15:04 - 2019-06-13 13:16 - 000767488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2019-08-10 15:04 - 2019-06-13 13:15 - 004718080 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-08-10 15:04 - 2019-06-13 13:15 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
2019-08-10 15:04 - 2019-06-13 13:14 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2019-08-10 15:04 - 2019-06-13 13:14 - 000900096 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2019-08-10 15:04 - 2019-06-13 13:14 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-08-10 15:04 - 2019-06-13 13:14 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DesktopSwitcherDataModel.dll
2019-08-10 15:04 - 2019-06-13 13:13 - 002920448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2019-08-10 15:04 - 2019-06-13 13:13 - 001339392 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2019-08-10 15:04 - 2019-06-13 13:13 - 000951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-08-10 15:04 - 2019-06-13 13:13 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2019-08-10 15:04 - 2019-06-13 13:13 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2019-08-10 15:04 - 2019-06-13 13:12 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2019-08-10 15:04 - 2019-06-13 13:10 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2019-08-10 15:04 - 2019-06-13 12:11 - 001539896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2019-08-10 15:04 - 2019-06-13 12:07 - 001027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-08-10 15:04 - 2019-06-13 12:07 - 000660496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2019-08-10 15:04 - 2019-06-13 12:07 - 000221232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2019-08-10 15:04 - 2019-06-13 12:05 - 003700160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-08-10 15:04 - 2019-06-13 11:55 - 005657088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-08-10 15:04 - 2019-06-13 11:54 - 011942912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-08-10 15:04 - 2019-06-13 11:54 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmvdsitf.dll
2019-08-10 15:04 - 2019-06-13 11:53 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2019-08-10 15:04 - 2019-06-13 11:51 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2019-08-10 15:04 - 2019-06-13 11:50 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2019-08-10 15:04 - 2019-06-13 11:49 - 002406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-08-10 15:04 - 2019-06-13 11:49 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2019-08-10 15:04 - 2019-06-13 09:48 - 000677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2019-08-10 15:04 - 2019-06-13 09:46 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2019-08-10 15:04 - 2019-06-13 09:01 - 000513336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-08-10 15:04 - 2019-06-13 09:01 - 000511288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-08-10 15:04 - 2019-06-13 09:01 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-08-10 15:04 - 2019-06-13 08:59 - 000785264 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-08-10 15:04 - 2019-06-13 08:58 - 002300528 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmwp.exe
2019-08-10 15:04 - 2019-06-13 08:47 - 005625160 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-08-10 15:04 - 2019-06-13 08:47 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-08-10 15:04 - 2019-06-13 08:46 - 001076536 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2019-08-10 15:04 - 2019-06-13 08:46 - 000510296 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-08-10 15:04 - 2019-06-13 08:46 - 000093984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-08-10 15:04 - 2019-06-13 08:45 - 002421560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-08-10 15:04 - 2019-06-13 08:44 - 002769688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-08-10 15:04 - 2019-06-13 08:44 - 002546704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2019-08-10 15:04 - 2019-06-13 08:44 - 001098272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-08-10 15:04 - 2019-06-13 08:44 - 001033696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2019-08-10 15:04 - 2019-06-13 08:44 - 000607112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2019-08-10 15:04 - 2019-06-13 08:44 - 000545808 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-08-10 15:04 - 2019-06-13 08:44 - 000130624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-08-10 15:04 - 2019-06-13 08:17 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-08-10 15:04 - 2019-06-13 08:16 - 001626112 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-08-10 15:04 - 2019-06-13 08:16 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2019-08-10 15:04 - 2019-06-13 08:15 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-08-10 15:04 - 2019-06-13 08:15 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-08-10 15:04 - 2019-06-13 08:15 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2019-08-10 15:04 - 2019-06-13 08:15 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2019-08-10 15:04 - 2019-06-13 08:15 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\KdsCli.dll
2019-08-10 15:04 - 2019-06-13 08:14 - 003318784 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-08-10 15:04 - 2019-06-13 08:14 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2019-08-10 15:04 - 2019-06-13 08:14 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-08-10 15:04 - 2019-06-13 08:14 - 000302080 _____ (Microsoft Corporation) C:\WINDOWS\system32\CXHProvisioningServer.dll
2019-08-10 15:04 - 2019-06-13 08:13 - 004771840 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2019-08-10 15:04 - 2019-06-13 08:13 - 002370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-08-10 15:04 - 2019-06-13 08:13 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2019-08-10 15:04 - 2019-06-13 08:13 - 000322560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-08-10 15:04 - 2019-06-13 08:13 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2019-08-10 15:04 - 2019-06-13 08:12 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-08-10 15:04 - 2019-06-13 08:12 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-08-10 15:04 - 2019-06-13 08:12 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-08-10 15:04 - 2019-06-13 08:12 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-08-10 15:04 - 2019-06-13 08:12 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2019-08-10 15:04 - 2019-06-13 08:12 - 000501248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2019-08-10 15:04 - 2019-06-13 08:11 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-08-10 15:04 - 2019-06-13 08:11 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2019-08-10 15:04 - 2019-06-13 08:11 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2019-08-10 15:04 - 2019-06-13 08:10 - 002912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-08-10 15:04 - 2019-06-13 08:10 - 001400832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-08-10 15:04 - 2019-06-13 08:10 - 001215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-08-10 15:04 - 2019-06-13 08:10 - 000871424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2019-08-10 15:04 - 2019-06-13 08:10 - 000869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-08-10 15:04 - 2019-06-13 08:10 - 000849408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2019-08-10 15:04 - 2019-06-13 08:10 - 000523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-08-10 15:04 - 2019-06-13 08:09 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-08-10 15:04 - 2019-06-13 08:09 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-08-10 15:04 - 2019-06-13 08:09 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2019-08-10 15:04 - 2019-06-13 08:08 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-08-10 15:04 - 2019-06-13 07:14 - 000415544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-08-10 15:04 - 2019-06-13 07:08 - 000443632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-08-10 15:04 - 2019-06-13 07:07 - 000101192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2019-08-10 15:04 - 2019-06-13 07:07 - 000080744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-08-10 15:04 - 2019-06-13 07:06 - 002256768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-08-10 15:04 - 2019-06-13 07:06 - 001130776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-08-10 15:04 - 2019-06-13 07:06 - 000581600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-08-10 15:04 - 2019-06-13 06:49 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2019-08-10 15:04 - 2019-06-13 06:47 - 003554304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2019-08-10 15:04 - 2019-06-13 06:47 - 002899456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2019-08-10 15:04 - 2019-06-13 06:47 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2019-08-10 15:04 - 2019-06-13 06:46 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-08-10 15:04 - 2019-06-13 06:46 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-08-10 15:04 - 2019-06-13 06:46 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2019-08-10 15:04 - 2019-06-13 06:45 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2019-08-10 15:04 - 2019-06-13 06:45 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-08-10 15:04 - 2019-06-13 06:44 - 001003008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-08-10 15:04 - 2019-06-13 06:44 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2019-08-10 15:04 - 2019-06-13 06:44 - 000630784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2019-08-10 15:04 - 2019-06-13 06:44 - 000582144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2019-08-10 15:04 - 2019-06-13 06:44 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-08-10 15:04 - 2019-06-13 06:43 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-08-10 15:04 - 2019-06-13 06:43 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-08-10 15:04 - 2019-06-13 06:43 - 000445952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2019-07-24 19:35 - 2019-07-24 19:35 - 000055284 ____C C:\Users\T450\Desktop\digi 2.pdf
2019-07-23 11:58 - 2019-07-23 11:58 - 000000000 ____D C:\Users\T450\Desktop\585
2019-07-23 00:30 - 2019-07-23 00:30 - 000000000 ____D C:\Users\T450\Desktop\nahodit nove sady kufrov
2019-07-18 00:12 - 2019-07-18 11:56 - 000000513 ____C C:\Users\T450\Desktop\pridat okuliare.txt
2019-07-16 15:18 - 2019-07-16 15:18 - 000001190 ____C C:\Users\T450\Desktop\GIMP 2.lnk
2019-07-14 01:03 - 2019-07-15 21:24 - 000000191 ____C C:\Users\T450\Desktop\soferske pridat.txt
2019-07-13 05:24 - 2019-07-13 05:27 - 000000000 ____D C:\AdwCleaner
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-08-10 19:25 - 2018-07-28 12:19 - 000000000 ___DC C:\Users\T450\AppData\Roaming\vlc
2019-08-10 19:23 - 2018-03-10 12:18 - 000000000 ___DC C:\Users\T450\.gimp-2.6
2019-08-10 19:18 - 2018-05-19 15:03 - 000000000 ___DC C:\Users\T450
2019-08-10 19:18 - 2018-03-10 21:09 - 000000000 ___DC C:\Users\T450\AppData\Roaming\gtk-2.0
2019-08-10 19:16 - 2018-03-10 11:39 - 000000000 ___DC C:\Users\T450\AppData\Local\ClassicShell
2019-08-10 19:09 - 2018-05-19 15:01 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-08-10 18:25 - 2018-03-10 14:08 - 000000000 ____D C:\WINDOWS\AutoKMS
2019-08-10 16:30 - 2018-05-19 15:08 - 000838564 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-08-10 16:30 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-08-10 16:26 - 2018-03-10 12:57 - 000000000 ___DC C:\Users\T450\AppData\Local\Packages
2019-08-10 16:25 - 2018-12-30 13:35 - 000000000 __RDC C:\Users\T450\iCloudDrive
2019-08-10 16:25 - 2018-09-23 14:10 - 000000828 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2019-08-10 16:25 - 2018-09-23 14:08 - 000001134 _____ C:\WINDOWS\system32\config\VSMIDK
2019-08-10 16:25 - 2018-05-19 15:08 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-08-10 16:25 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-08-10 16:25 - 2018-03-07 13:14 - 000000000 _SHDC C:\Users\T450\IntelGraphicsProfiles
2019-08-10 16:25 - 2018-03-07 13:13 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-08-10 16:24 - 2018-12-06 13:49 - 000000000 ____D C:\WINDOWS\SysWOW64\Lenovo
2019-08-10 16:24 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-08-10 16:24 - 2018-03-07 13:57 - 000000000 ____D C:\Program Files\Lenovo
2019-08-10 16:24 - 2018-03-07 13:09 - 000000000 ____D C:\Program Files (x86)\Lenovo
2019-08-10 16:17 - 2019-06-25 09:13 - 000000000 ____D C:\Users\T450\AppData\Local\ESET
2019-08-10 15:13 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-08-10 15:12 - 2018-05-19 15:01 - 005107120 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-08-10 15:11 - 2018-04-12 11:20 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-08-10 15:11 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-08-10 15:11 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-08-10 15:11 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-08-10 15:11 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-08-10 15:11 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-08-10 15:11 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-08-10 15:11 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\Provisioning
2019-08-10 15:11 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-08-10 15:11 - 2018-04-11 23:04 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-08-10 15:11 - 2018-03-07 13:46 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-08-10 15:09 - 2018-03-07 13:46 - 136618864 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-08-10 15:07 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-08-10 13:52 - 2018-09-13 18:56 - 000000000 ___DC C:\Users\T450\AppData\Local\D3DSCache
2019-08-10 13:10 - 2018-05-19 15:08 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2019-08-10 12:49 - 2018-03-10 10:42 - 000002313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-08-10 12:49 - 2018-03-10 10:42 - 000002272 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-08-10 12:48 - 2018-03-10 10:46 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-07-24 23:56 - 2019-04-28 00:48 - 000000208 ____C C:\Users\T450\Desktop\pridane produkty.txt
2019-07-24 10:39 - 2019-06-03 09:34 - 000000000 ____D C:\Users\T450\Desktop\faktúry na úhradu
2019-07-18 12:28 - 2018-12-22 22:54 - 000000000 ____D C:\Users\T450\Documents\Bigasoft Total Video Converter
2019-07-18 11:20 - 2018-12-11 00:26 - 000000000 ____D C:\Users\T450\Desktop\Sablony
2019-07-15 21:26 - 2018-10-22 10:27 - 000001057 _____ C:\Users\T450\Desktop\Hlasky.txt
2019-07-14 08:36 - 2018-03-07 13:47 - 000741432 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2019-07-13 07:18 - 2018-12-30 13:35 - 000000000 ____D C:\Users\T450\Documents\Súbory Outlooku
2019-07-13 07:18 - 2018-04-01 19:02 - 000000000 ___DC C:\Users\T450\AppData\Roaming\Apple Computer
2019-07-11 09:06 - 2018-03-10 17:28 - 000000876 _____ C:\Users\T450\Desktop\bankove ucty.txt
==================== Files in the root of some directories ================
2018-09-23 14:42 - 2018-09-23 15:02 - 000001480 ____C () C:\Users\T450\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2018-09-28 10:36 - 2018-09-28 10:36 - 000000000 ____C () C:\Users\T450\AppData\Local\oobelibMkey.log
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================
Otvor poznamkovy blok (Win+R -> notepad -> enter)
