Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

I guess my computer is infected

Started by guru45 , Jan 20 2020 05:34 AM

  • Please log in to reply

#1
guru45
Posted 20 January 2020 - 05:34 AM

guru45

    New Member

  • Member
  • Pip
  • 9 posts

Hi! I guess my computer is infected,because i cant do anythink in windows defender security centre and in windows update - There were some problems installing updates, but we’ll try again later. If you keep seeing this and want to search the web or contact support for information, this may help: (0x80070424)

 

So there is these scans :

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-01-2020
Ran by Samsung (administrator) on DESKTOP-KJOTLCI (SAMSUNG ELECTRONICS CO., LTD. 300E4C/300E5C/300E7C) (20-01-2020 13:19:04)
Running from C:\Users\Samsung\Desktop
Loaded Profiles: Samsung (Available Profiles: Samsung)
Platform: Windows 10 Home Version 1803 17134.1130 (X64) Language: English (United Kingdom)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG TuneUp\TuneupSvc.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG TuneUp\TuneupUI.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\wsc_proxy.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_1.16.1012.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [316336 2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645648 2019-10-05] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3983255944-2224574574-1335531537-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2018-03-18] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3983255944-2224574574-1335531537-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Samsung\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-3983255944-2224574574-1335531537-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Samsung\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-3983255944-2224574574-1335531537-1001\...\RunOnce: [Uninstall 19.192.0926.0012\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Samsung\AppData\Local\Microsoft\OneDrive\19.192.0926.0012\amd64"
HKU\S-1-5-21-3983255944-2224574574-1335531537-1001\...\RunOnce: [Uninstall 19.192.0926.0012] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Samsung\AppData\Local\Microsoft\OneDrive\19.192.0926.0012"
HKU\S-1-5-21-3983255944-2224574574-1335531537-1001\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [4098912 2019-12-14] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.117\Installer\chrmstp.exe [2020-01-10] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVG TuneUp.lnk [2020-01-14]
ShortcutTarget: AVG TuneUp.lnk -> C:\Program Files (x86)\AVG\AVG TuneUp\TuneupUI.exe (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {1294A8B8-18A7-4ECC-A501-302450F44524} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {193E2DF8-E3D1-4448-87C5-2BAC2D5CEE75} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {3BF6CA4B-FFCD-48D6-9B3E-F90800159D25} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-08] (Google Inc -> Google Inc.)
Task: {3E3BE35E-E9EB-4F5F-839E-17991162C219} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-08] (Google Inc -> Google Inc.)
Task: {6109CDB3-4036-46D3-A5B0-84138032A14B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [464456 2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {6277361C-4C29-402E-A738-E990B9557A50} - System32\Tasks\Microsoft\Windows\WDI\SrvHost => rundll32.exe winscomrssrv.dll,SrvMainHost <==== ATTENTION
Task: {6521EC1B-2AD8-4C1B-9632-4D0356329B5F} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1905072 2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {689C7168-C7B5-488B-B24D-0233CF50DF91} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [464456 2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {6C23F262-67EB-488B-AE1C-F3A74256020E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {8B2E440F-0292-4863-A430-C450D5DCDAD2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {8F7E01B6-CA06-408D-A539-89CE9D95AC69} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [464456 2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {93AD4E58-0C83-46DE-B81D-F429A961A312} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {DFFB2CCF-C94B-423E-8F65-CCED1DC13475} - System32\Tasks\Microsoft\Windows\Application Experience\StartupCheckLibrary => rundll32.exe StartupCheckLibrary.dll,DllMainRunLibrary <==== ATTENTION
Task: {E09B057B-A8CE-4D95-BE4A-7BBB30BEF5FE} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [3981232 2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {E4C5EF46-8C55-470F-B65B-D1A186EAAB83} - System32\Tasks\AVG TuneUp Update => C:\Program Files (x86)\AVG\AVG TuneUp\TUNEUpdate.exe [1706528 2020-01-14] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {FAFE7B57-11DE-491B-BA31-CF1AC072EB97} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [464456 2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {FD94B483-7D78-4727-A4A2-B7EDEE337D83} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040296 2015-08-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.8.1
Tcpip\..\Interfaces\{709160f6-0bf3-4104-9f17-9165e7b63aa6}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{82467e37-7202-42d9-96b8-1cdb114ef9b0}: [DhcpNameServer] 192.168.8.1
Tcpip\..\Interfaces\{91e6740a-53fa-4e81-9bc8-5e7124b31d06}: [DhcpNameServer] 192.168.8.1
 
Internet Explorer:
==================
HKU\S-1-5-21-3983255944-2224574574-1335531537-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:NewsFeed
SearchScopes: HKU\S-1-5-21-3983255944-2224574574-1335531537-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\ssv.dll [2020-01-10] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\jp2ssv.dll [2020-01-10] (Oracle America, Inc. -> Oracle Corporation)
 
FireFox:
========
FF ProfilePath: C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\9KKv7aeX.default [2019-10-09]
FF Extension: (Avira Password Manager) - C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\9KKv7aeX.default\Extensions\[email protected] [2019-10-09]
FF Plugin-x32: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2020-01-10] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2020-01-10] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-03] (Adobe Inc. -> Adobe Systems Inc.)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.delta-search.com/?affID=119776&tt=190313_wo2&babsrc=HP_ss&mntrId=AC28001FD056D9BA
CHR StartupUrls: Default -> "hxxp://www.delta-search.com/?affID=119776&tt=190313_wo2&babsrc=HP_ss&mntrId=AC28001FD056D9BA","hxxp://websearch.pu-results.info/?pid=726&r=2013/03/09&hid=1471995205&lg=EN&cc=LV","","hxxp://google.lv/"
CHR Notifications: Default -> hxxps://e.olweb.tv; hxxps://en.softonic.com; hxxps://rutube.ru; hxxps://sport-tv.me; hxxps://tinder.com; hxxps://web.whatsapp.com; hxxps://www.facebook.com; hxxps://www.youtube.com; hxxps://ytmp3.cc
CHR Profile: C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default [2020-01-20]
CHR DownloadDir: C:\Users\Samsung\Desktop
CHR Extension: (Prezentācijas) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-08]
CHR Extension: (BIODIGITAL HUMAN) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2018-01-08]
CHR Extension: (Dokumenti) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-08]
CHR Extension: (Google disks) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-01-08]
CHR Extension: (YouTube) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-01-08]
CHR Extension: (Izklājlapas) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-08]
CHR Extension: (Google dokumenti bezsaistē) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-08]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-12-18]
CHR Extension: (Chrome interneta veikala maksājumu sistēma) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-09]
CHR Extension: (Gmail) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-04]
CHR Extension: (Chrome Media Router) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-11]
CHR Profile: C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-05-07]
CHR Profile: C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\System Profile [2019-05-07]
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-03-29] (Apple Inc. -> Apple Inc.)
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [996928 2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [6307248 2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [110560 2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 CleanupPSvc; C:\Program Files (x86)\AVG\AVG TuneUp\TuneupSvc.exe [10301176 2019-07-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [129752 2016-11-11] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel® pGFX -> Intel Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\NisSrv.exe [3917016 2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 athr; C:\WINDOWS\System32\drivers\athw8x.sys [4233728 2018-04-12] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.)
R0 avgArDisk; C:\WINDOWS\System32\drivers\avgArDisk.sys [37880 2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [205600 2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [275232 2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [210328 2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [65376 2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [16520 2020-01-07] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [43512 2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [171640 2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [111096 2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [84560 2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [848688 2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [461216 2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [236288 2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [317304 2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R3 BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [610336 2016-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros)
R3 ETDSMBus; C:\WINDOWS\system32\DRIVERS\ETDSMBus.sys [41024 2015-09-23] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2018-02-01] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvsmwu.inf_amd64_40e2f893a8ddfad8\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation -> NVIDIA Corporation)
S3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [45056 2019-11-04] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
R3 RadioHIDMini; C:\WINDOWS\System32\drivers\RadioHIDMini.sys [32168 2015-07-16] (Samsung Electronics CO., LTD. -> Windows ® Win 7 DDK provider)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-12] (Microsoft Windows -> Realtek )
S2 SecDrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [163644 2019-11-13] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
S3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [54896 2018-07-06] (Windscribe Limited -> The OpenVPN Project)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2018-02-01] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46184 2018-10-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [328696 2018-10-23] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60408 2018-10-23] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ===================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-01-20 13:19 - 2020-01-20 13:19 - 000023752 ____C C:\Users\Samsung\Desktop\FRST.txt
2020-01-20 13:17 - 2020-01-20 13:19 - 000000000 ___DC C:\FRST
2020-01-20 13:14 - 2020-01-20 13:14 - 002572800 ____C (Farbar) C:\Users\Samsung\Desktop\FRST64.exe
2020-01-15 17:45 - 2020-01-15 17:45 - 000090478 ____C C:\Users\Samsung\Downloads\CV-Europass-20200115-Bērziņš-LV.pdf
2020-01-15 16:45 - 2020-01-15 16:56 - 000000000 ___DC C:\Users\Samsung\Downloads\Friends from College Season 1 Complete 720p WEBRip x264 [i_c]
2020-01-15 16:31 - 2020-01-15 16:31 - 000401952 ____C C:\WINDOWS\system32\FNTCACHE.DAT
2020-01-14 20:41 - 2020-01-14 20:41 - 000103978 ____C C:\Users\Samsung\Downloads\CV-Europass-20200114-Bērziņš-EN.pdf
2020-01-14 20:24 - 2020-01-14 20:24 - 000003972 ____C C:\WINDOWS\system32\Tasks\AVG TuneUp Update
2020-01-14 20:24 - 2020-01-14 20:24 - 000001188 ____C C:\Users\Public\Desktop\AVG TuneUp.lnk
2020-01-14 20:24 - 2020-01-14 20:24 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Technologies
2020-01-14 20:24 - 2020-01-14 20:24 - 000000000 ___DC C:\Program Files (x86)\AVG
2020-01-13 16:27 - 2020-01-13 16:27 - 000000000 ___DC C:\Users\Samsung\AppData\Roaming\Ubisoft
2020-01-13 16:24 - 2020-01-13 16:24 - 000000000 ___DC C:\ProgramData\Ubisoft
2020-01-13 16:13 - 2020-01-13 16:13 - 000000000 ___DC C:\Program Files (x86)\Ubisoft
2020-01-10 20:35 - 2020-01-10 20:35 - 000114232 ____C (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2020-01-10 20:35 - 2020-01-10 20:35 - 000000000 ___DC C:\Users\Samsung\AppData\Roaming\Sun
2020-01-10 20:35 - 2020-01-10 20:35 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2020-01-10 20:35 - 2020-01-10 20:35 - 000000000 ___DC C:\Program Files (x86)\Java
2020-01-10 20:28 - 2020-01-10 20:28 - 000000000 ___DC C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft
2020-01-10 20:21 - 2020-01-15 16:45 - 000000000 ___DC C:\Users\Samsung\AppData\LocalLow\uTorrent
2020-01-09 14:52 - 2020-01-09 14:52 - 000000000 ___DC C:\Users\Samsung\Downloads\New folder
2020-01-07 17:47 - 2020-01-17 20:18 - 000000000 ___DC C:\WINDOWS\system32\Tasks\AVAST Software
2020-01-07 12:41 - 2020-01-14 20:25 - 000000000 ___DC C:\Users\Samsung\AppData\Roaming\AVG
2020-01-07 12:41 - 2020-01-07 12:41 - 000002075 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG AntiVirus FREE.lnk
2020-01-07 12:41 - 2020-01-07 12:41 - 000002063 ____C C:\Users\Public\Desktop\AVG AntiVirus FREE.lnk
2020-01-07 12:41 - 2020-01-07 12:41 - 000000000 ___DC C:\Users\Samsung\AppData\Local\Avg
2020-01-07 12:40 - 2020-01-17 20:18 - 000003250 ____C C:\WINDOWS\system32\Tasks\Antivirus Emergency Update
2020-01-07 12:40 - 2020-01-07 12:40 - 000000000 ___DC C:\WINDOWS\system32\Tasks\AVG
2020-01-07 12:39 - 2020-01-07 12:40 - 000848688 ____C (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2020-01-07 12:39 - 2020-01-07 12:40 - 000461216 ____C (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2020-01-07 12:39 - 2020-01-07 12:40 - 000171640 ____C (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2020-01-07 12:39 - 2020-01-07 12:39 - 000355760 ____C (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2020-01-07 12:39 - 2020-01-07 12:39 - 000317304 ____C (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2020-01-07 12:39 - 2020-01-07 12:39 - 000275232 ____C (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdriver.sys
2020-01-07 12:39 - 2020-01-07 12:39 - 000236288 ____C (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys
2020-01-07 12:39 - 2020-01-07 12:39 - 000210328 ____C (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsh.sys
2020-01-07 12:39 - 2020-01-07 12:39 - 000205600 ____C (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys
2020-01-07 12:39 - 2020-01-07 12:39 - 000111096 ____C (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2020-01-07 12:39 - 2020-01-07 12:39 - 000084560 ____C (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2020-01-07 12:39 - 2020-01-07 12:39 - 000065376 ____C (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniv.sys
2020-01-07 12:39 - 2020-01-07 12:39 - 000043512 ____C (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgKbd.sys
2020-01-07 12:39 - 2020-01-07 12:39 - 000037880 ____C (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArDisk.sys
2020-01-07 12:39 - 2020-01-07 12:39 - 000016520 ____C (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgElam.sys
2020-01-07 12:39 - 2020-01-07 12:39 - 000000000 ___DC C:\Program Files\Common Files\AVG
2020-01-07 12:38 - 2020-01-20 12:47 - 000000000 ___DC C:\ProgramData\AVG
2020-01-07 12:38 - 2020-01-07 12:38 - 000000000 ___DC C:\Program Files\AVG
2020-01-04 19:16 - 2020-01-04 19:16 - 000000000 ___DC C:\Users\Samsung\Documents\My Games
2019-12-23 20:36 - 2019-12-23 20:36 - 000000000 ___DC C:\Users\Public\Security Sessions
2019-12-21 23:24 - 2019-12-21 23:24 - 000000000 ___DC C:\Users\Samsung\AppData\Local\Windscribe
2019-12-21 23:24 - 2018-07-06 17:22 - 000054896 ____C (The OpenVPN Project) C:\WINDOWS\system32\Drivers\tapwindscribe0901.sys
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-01-20 13:17 - 2018-04-12 01:36 - 000000000 ___DC C:\WINDOWS\INF
2020-01-20 13:01 - 2018-04-12 01:30 - 000000000 ___DC C:\WINDOWS\CbsTemp
2020-01-20 12:52 - 2018-05-31 20:41 - 000003384 ____C C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3983255944-2224574574-1335531537-1001
2020-01-20 12:52 - 2018-05-31 18:35 - 000002373 ____C C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-01-20 12:52 - 2018-01-05 18:54 - 000000000 __RDC C:\Users\Samsung\OneDrive
2020-01-20 12:46 - 2018-05-31 20:41 - 000000006 ___HC C:\WINDOWS\Tasks\SA.DAT
2020-01-20 12:46 - 2018-04-12 01:38 - 000000000 ___DC C:\ProgramData\regid.1991-06.com.microsoft
2020-01-20 12:46 - 2018-01-08 10:04 - 000000000 _SHDC C:\Users\Samsung\IntelGraphicsProfiles
2020-01-20 12:46 - 2018-01-05 19:08 - 000000000 ___DC C:\ProgramData\NVIDIA
2020-01-18 01:52 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-01-18 00:32 - 2018-05-31 20:41 - 000003542 ____C C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-01-17 21:26 - 2018-05-31 18:34 - 000000000 ___DC C:\WINDOWS\system32\SleepStudy
2020-01-17 20:18 - 2018-05-31 20:41 - 000003396 ____C C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-01-17 20:18 - 2018-05-31 20:41 - 000003172 ____C C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-01-17 20:18 - 2018-05-31 20:41 - 000002280 ____C C:\WINDOWS\system32\Tasks\RTKCPL
2020-01-16 00:22 - 2018-01-31 20:09 - 000000000 ___DC C:\Users\Samsung\AppData\Roaming\uTorrent
2020-01-14 22:20 - 2018-08-30 21:11 - 000000000 ___DC C:\Users\Samsung\AppData\Local\D3DSCache
2020-01-14 20:27 - 2018-09-15 15:12 - 000000000 ___DC C:\Program Files (x86)\Steam
2020-01-13 20:23 - 2018-04-12 01:38 - 000000000 ___DC C:\WINDOWS\system32\NDF
2020-01-13 16:13 - 2019-09-18 19:58 - 000000000 __HDC C:\Program Files (x86)\InstallShield Installation Information
2020-01-10 20:36 - 2019-08-01 17:09 - 000000000 ___DC C:\Users\Samsung\AppData\Roaming\.minecraft
2020-01-10 19:28 - 2018-10-18 12:00 - 000000000 ___DC C:\Users\Samsung\AppData\Local\ElevatedDiagnostics
2020-01-10 19:24 - 2018-01-08 10:13 - 000002301 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-10 19:24 - 2018-01-08 10:13 - 000002260 ____C C:\Users\Public\Desktop\Google Chrome.lnk
2020-01-09 16:33 - 2018-04-12 01:38 - 000000000 ___DC C:\WINDOWS\AppReadiness
2020-01-09 16:33 - 2018-01-05 20:34 - 000000000 ___DC C:\Users\Samsung\AppData\Local\Packages
2020-01-08 21:32 - 2018-05-31 18:35 - 000000000 ___DC C:\Users\Samsung
2020-01-08 14:14 - 2019-10-09 16:03 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2020-01-08 14:14 - 2019-10-09 16:03 - 000000000 ___DC C:\ProgramData\Avira
2020-01-08 14:14 - 2019-10-09 16:03 - 000000000 ___DC C:\Program Files (x86)\Avira
2020-01-07 12:39 - 2018-04-12 01:38 - 000000000 __HDC C:\WINDOWS\ELAMBKUP
2020-01-07 00:21 - 2018-04-01 23:22 - 000000000 ___DC C:\ProgramData\Package Cache
2020-01-07 00:05 - 2019-08-13 22:14 - 000007601 ____C C:\Users\Samsung\AppData\Local\Resmon.ResmonCfg
2019-12-24 16:37 - 2018-05-31 20:43 - 000838564 ____C C:\WINDOWS\system32\PerfStringBackup.INI
2019-12-23 20:36 - 2019-10-11 15:55 - 000000000 ___DC C:\Users\Samsung\AppData\Local\Avira
 
==================== Files in the root of some directories ========
 
2019-08-13 22:14 - 2020-01-07 00:05 - 000007601 ____C () C:\Users\Samsung\AppData\Local\Resmon.ResmonCfg
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================
 
 
 
 
 
 
And second :
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-01-2020
Ran by Samsung (20-01-2020 13:20:15)
Running from C:\Users\Samsung\Desktop
Windows 10 Home Version 1803 17134.1130 (X64) (2018-05-31 18:42:06)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3983255944-2224574574-1335531537-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3983255944-2224574574-1335531537-503 - Limited - Disabled)
Guest (S-1-5-21-3983255944-2224574574-1335531537-501 - Limited - Disabled)
Samsung (S-1-5-21-3983255944-2224574574-1335531537-1001 - Administrator - Enabled) => C:\Users\Samsung
WDAGUtilityAccount (S-1-5-21-3983255944-2224574574-1335531537-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {4FC75CA5-1654-5411-7CFB-1893D506BCF4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Antivirus (Enabled - Up to date) {F4A6BD41-306E-5B9F-464B-23E1AE81F649}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-3983255944-2224574574-1335531537-1001\...\uTorrent) (Version: 3.5.5.45505 - BitTorrent Inc.)
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{543F829B-4591-4B2F-AF63-6E6E6AE59EB2}) (Version: 6.4 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0ECA3BB5-4410-414B-B226-241FF1C12CD0}) (Version: 6.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{9E005AAA-81A3-478E-8944-532D350952EE}) (Version: 11.3.1.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.00 - Ubisoft)
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 19.8.3108 - AVG Technologies)
AVG TuneUp (HKLM-x32\...\{949BE04F-D7E8-4C19-9F89-8B304AB4308A}_is1) (Version: 19.1.1209 - AVG Technologies)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.6795 - CDBurnerXP)
ELAN Touchpad driver X64 15.7.9.2_WHQL (HKLM\...\Elantech) (Version: 15.7.9.2 - ELAN Microelectronic Corp.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.117 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
iCloud (HKLM\...\{5BD11939-D2C2-4F1B-AAAF-5ECE19A801F7}) (Version: 7.4.0.111 - Apple Inc.)
iTunes (HKLM\...\{3D8C6B05-FE24-4B9C-A57C-B8E1FA39E83D}) (Version: 12.7.4.80 - Apple Inc.)
Java 8 Update 231 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180231F0}) (Version: 8.0.2310.11 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Microsoft Office Proofing Tools 2013 - latviešu (HKLM-x32\...\{90150000-001F-0426-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Standard 2013 (HKLM-x32\...\Office15.STANDARD) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3983255944-2224574574-1335531537-1001\...\OneDriveSetup.exe) (Version: 19.222.1110.0006 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PowerISO (HKLM-x32\...\PowerISO) (Version: 7.2 - Power Software Ltd)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7543 - Realtek Semiconductor Corp.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
 
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_1.8.2.0_x64__tf1gferkr813w [2018-11-14] (Autodesk Inc.)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_2.3.301.0_x64__rz1tebttyb220 [2018-11-27] (Dolby Laboratories)
Dolby Atmos for Headphones -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAtmosforHeadphones_2.3.303.0_x64__rz1tebttyb220 [2018-11-27] (Dolby Laboratories)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2018-11-19] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x86__8wekyb3d8bbwe [2018-11-19] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.27.2643.0_x64__8wekyb3d8bbwe [2018-09-28] (Microsoft Corporation) [MS Ad]
Microsoft personas -> C:\Program Files\WindowsApps\Microsoft.People_10.1808.2473.0_x64__8wekyb3d8bbwe [2018-10-03] (Microsoft Corporation) [MS Ad]
Pasts un kalendārs -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11001.20106.0_x64__8wekyb3d8bbwe [2018-11-20] (Microsoft Corporation) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0 [2018-11-28] (Spotify AB) [Startup Task]
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3983255944-2224574574-1335531537-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel® pGFX -> Intel Corporation)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [BB FlashBack 2] -> {A8065B9E-193F-4797-B62D-8F6321E7FCCB} =>  -> No File
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2018-03-18] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2018-06-17] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2018-06-17] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2018-06-17] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
 
==================== Codecs (Whitelisted) ====================
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
ShortcutWithArgument: C:\Users\Samsung\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default
 
==================== Loaded Modules (Whitelisted) =============
 
2020-01-14 20:24 - 2016-09-12 15:53 - 048936448 ____C () [File not signed] C:\Program Files (x86)\AVG\AVG TuneUp\libcef.dll
2018-01-08 10:16 - 2016-10-04 16:51 - 000076800 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Users\Public\AppData:CSM [232]
AlternateDataStreams: C:\Users\Samsung\OneDrive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity [118]
 
==================== Safe Mode (Whitelisted) ==================
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer trusted/restricted ==========
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2016-07-16 13:47 - 2016-07-16 13:45 - 000000824 ____C C:\WINDOWS\system32\drivers\etc\hosts
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3983255944-2224574574-1335531537-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.8.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-3983255944-2224574574-1335531537-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3983255944-2224574574-1335531537-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-3983255944-2224574574-1335531537-1001\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-3983255944-2224574574-1335531537-1001\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-3983255944-2224574574-1335531537-1001\...\StartupApproved\Run: => "Steam"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{D35DC9AF-BC2C-4C0C-9024-616F39164375}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E9CD4242-ACE0-4C46-8CF4-C063C21B7C75}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{ED2196E8-2E0F-4E1C-9B7D-8C4F53647E78}] => (Allow) C:\Users\Samsung\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{C8610F04-7DC6-4260-BA64-F4184ED406FD}] => (Allow) C:\Users\Samsung\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{C20485D1-229E-4CE1-B503-47043E6C9D08}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{CE7813A6-A78D-4FA2-85C3-37E08E075698}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{60FB9981-7D0A-4AE1-AF14-2F8007DEFBC5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{CFA58FC7-1BA7-47B4-AFAF-4799AA78C999}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{FC1E589B-9B05-489D-A8EF-5862902923BE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{717B6DDF-701A-49C8-BC26-D5A1EB460901}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{8541CDF7-1B8C-4F9F-B267-C7AF49ED19E5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BDC153AA-6A33-43F5-B725-60339EB0B505}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DC9590B3-9220-4EB8-9503-4B083210F045}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3EB3C10F-951E-42C6-AC63-9481C1AA021E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1338ABDA-4655-476C-AC8B-46C5488436FB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{11BEE9AB-9A3F-4B61-9EF7-F60040A00811}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{81CD391B-508B-484A-8453-7070B5F39EEE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AA995C5B-2EB1-4084-B2D5-C759CFCA06B2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{510C4E6E-7F92-4AC3-89AA-2ACF7A9B8B7D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{A6C6B8C6-1717-40E9-985F-B502C88D79DD}C:\program files (x86)\age of empires iii - complete collection\age3.exe] => (Block) C:\program files (x86)\age of empires iii - complete collection\age3.exe No File
FirewallRules: [UDP Query User{FB0A938A-C98E-4552-A37D-B7E3A8388CD4}C:\program files (x86)\age of empires iii - complete collection\age3.exe] => (Block) C:\program files (x86)\age of empires iii - complete collection\age3.exe No File
FirewallRules: [{A3F4DADF-9D25-4A61-85D1-5A5FF9C4D334}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe No File
FirewallRules: [{A304E60D-9CD8-40B8-BD71-936531CC57E2}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe No File
FirewallRules: [{8495F65C-70E2-467B-925F-674320F5C2B1}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe No File
FirewallRules: [{44494EFA-341A-49C9-A957-65102DEA89A8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{A6922EA9-2363-4AC4-8C56-9BBB3BBFCB27}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe (Ubisoft) [File not signed]
FirewallRules: [{7A9115C8-DC24-4471-879F-FF505ED1077C}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe (Ubisoft) [File not signed]
FirewallRules: [{017BED67-8CA0-4CA6-9089-2550E1BA9C3F}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe (Ubisoft) [File not signed]
FirewallRules: [{7C8120A3-DA99-4F92-B1C0-245C3145444C}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe (Ubisoft) [File not signed]
FirewallRules: [{2416896A-1E31-48E9-B9AA-0F99D62690A8}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{F5A4D5BC-7C8B-4905-A7A6-0DCA813AED36}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
 
==================== Restore Points =========================
 
ATTENTION: System Restore is disabled (Total:110.46 GB) (Free:36.69 GB) (33%)
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (01/17/2020 08:23:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AUDIODG.EXE, version: 10.0.17134.1006, time stamp: 0x0927d99e
Faulting module name: RltkAPO64.dll, version: 11.0.6000.434, time stamp: 0x5588e2ea
Exception code: 0xc0000005
Fault offset: 0x000000000019f64b
Faulting process ID: 0x25f4
Faulting application start time: 0x01d5cd6335c2ede9
Faulting application path: C:\WINDOWS\system32\AUDIODG.EXE
Faulting module path: C:\WINDOWS\system32\RltkAPO64.dll
Report ID: bef88aea-e7bd-4fe9-8ed7-df1cb2e9c5de
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (01/10/2020 08:53:49 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program java.exe version 8.0.2310.11 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 2674
 
Start Time: 01d5c7e5839865c9
 
Termination Time: 4294967295
 
Application Path: C:\Program Files (x86)\Java\jre1.8.0_231\bin\java.exe
 
Report Id: 7737103d-7324-4433-b941-87af7fdef590
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (01/08/2020 02:12:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AUDIODG.EXE, version: 10.0.17134.1006, time stamp: 0x0927d99e
Faulting module name: RltkAPO64.dll, version: 11.0.6000.434, time stamp: 0x5588e2ea
Exception code: 0xc0000005
Fault offset: 0x000000000019f64b
Faulting process ID: 0xce8
Faulting application start time: 0x01d5c61cc7c83315
Faulting application path: C:\WINDOWS\system32\AUDIODG.EXE
Faulting module path: C:\WINDOWS\system32\RltkAPO64.dll
Report ID: 47ad6ccf-edd7-47b8-afc7-f02da0e2cb9a
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (01/08/2020 01:40:35 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Windows cannot load the extensible counter DLL rdyboost. The first four bytes (DWORD) of the Data section contains the Windows error code.
 
Error: (01/08/2020 01:40:33 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
 
Error: (01/07/2020 03:07:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Avira.SystemSpeedup.Maintenance.exe, version: 6.2.0.10728, time stamp: 0x5d5519ea
Faulting module name: clr.dll, version: 4.7.3468.0, time stamp: 0x5d490e65
Exception code: 0xc0000409
Fault offset: 0x0056a4e7
Faulting process ID: 0xff0
Faulting application start time: 0x01d5c55b5a44f485
Faulting application path: C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Maintenance.exe
Faulting module path: C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
Report ID: 0de51457-a405-4954-99b5-198e3d2ec1ba
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (01/06/2020 03:07:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Avira.SystemSpeedup.Maintenance.exe, version: 6.2.0.10728, time stamp: 0x5d5519ea
Faulting module name: clr.dll, version: 4.7.3468.0, time stamp: 0x5d490e65
Exception code: 0xc0000409
Fault offset: 0x0056a4e7
Faulting process ID: 0x16f8
Faulting application start time: 0x01d5c4923012241b
Faulting application path: C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Maintenance.exe
Faulting module path: C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
Report ID: bc623866-bccf-4db6-ab44-cc39dbb3e2e5
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (01/06/2020 02:06:13 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Windows cannot load the extensible counter DLL rdyboost. The first four bytes (DWORD) of the Data section contains the Windows error code.
 
 
System errors:
=============
Error: (01/20/2020 01:20:51 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{9A4948D9-13FC-4FAC-B60A-FBA6EE0FB11C}
 and APPID 
{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (01/20/2020 12:51:52 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (01/20/2020 12:48:29 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (01/20/2020 12:46:53 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-KJOTLCI)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user DESKTOP-KJOTLCI\Samsung SID (S-1-5-21-3983255944-2224574574-1335531537-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (01/20/2020 12:46:46 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-KJOTLCI)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 and APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 to the user DESKTOP-KJOTLCI\Samsung SID (S-1-5-21-3983255944-2224574574-1335531537-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.
 
Error: (01/20/2020 12:46:27 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{9A4948D9-13FC-4FAC-B60A-FBA6EE0FB11C}
 and APPID 
{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (01/20/2020 12:46:19 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (01/20/2020 12:46:19 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
 
Windows Defender:
===================================
Date: 2018-11-21 00:08:20.902
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {E0BD02EE-9004-4BB6-825F-3C591F11F810}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2018-11-19 12:20:57.000
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {AEF9D042-19AA-46FD-88FA-C9E60CEB895F}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2018-11-18 23:00:37.632
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {379DE291-3108-4225-A1E7-6E38D6C06D1A}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2018-11-18 19:45:19.065
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {9B259C62-14C5-4BC1-ADC1-6774C0689528}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2018-11-14 22:37:26.721
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {AE8891AE-89EA-4925-BFB7-D89C24E14A92}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2018-10-17 19:02:25.694
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.277.1162.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.15300.6
Error code: 0x80240022
Error description: The program can't check for definition updates. 
 
Date: 2018-10-17 19:02:25.694
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.277.1162.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.15300.6
Error code: 0x80240022
Error description: The program can't check for definition updates. 
 
Date: 2018-10-11 12:18:50.669
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.277.881.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.15300.6
Error code: 0x8024402c
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
 
CodeIntegrity:
===================================
 
Date: 2020-01-20 13:20:38.948
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-01-20 13:20:38.943
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-01-20 13:20:19.957
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-01-20 13:20:19.848
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-01-20 13:16:10.970
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-01-20 13:16:10.966
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-01-20 13:15:40.677
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-01-20 13:15:40.672
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.
 
==================== Memory info =========================== 
 
BIOS: Phoenix Technologies Ltd. P04RAP 10/15/2012
Motherboard: SAMSUNG ELECTRONICS CO., LTD. NP300E5C-S03EE
Processor: Intel® Core™ i5-3210M CPU @ 2.50GHz
Percentage of memory in use: 76%
Total physical RAM: 3797.53 MB
Available physical RAM: 883.46 MB
Total Virtual: 4757.53 MB
Available Virtual: 1498.98 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:110.46 GB) (Free:36.69 GB) NTFS
 
\\?\Volume{b82e9ba2-aa72-4903-902d-ba65f553e4c5}\ (Recovery) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{8a28eb8c-429d-4c17-b440-f671e90de548}\ () (Fixed) (Total:0.77 GB) (Free:0.32 GB) NTFS
\\?\Volume{da1c40c4-0225-4eb7-aed2-1e86bf0a1011}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 111.8 GB) (Disk ID: 30F49E2E)
 
Partition: GPT.
 
==================== End of Addition.txt =======================

 


  • 0

Advertisements

#2
RKinner
Posted 20 January 2020 - 06:53 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

Windows Defender should not work if you have another antivirus installed.  Your version of Win 10 is so old that the usual update doesn't work.  Try

going to

https://www.microsof...nload/windows10

click on Update Now.  Download and save then right click on the downloaded file and run as admin. Follow the instructions.  It will go faster if you pause your anti-virus


  • 0

#3
guru45
Posted 20 January 2020 - 07:11 AM

guru45

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts

Ok,thanks!

 

I have also this problem when starting pc - StartupCheckLibrary.dll and winscomrssrv.dll missing.


  • 0

#4
RKinner
Posted 20 January 2020 - 07:34 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

Those are caused by two tasks that should have been removed in a previous update but Microsoft forgot.  This will fix it:

 

Download the attached fixlist.txt to the same location as FRST

Attached File  fixlist.txt   878bytes   176 downloads

Run FRST and press Fix
A fix log will be generated please post that

Reboot if the fix doesn't reboot it for you

 


  • 0

#5
guru45
Posted 20 January 2020 - 09:09 AM

guru45

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
Fix result of Farbar Recovery Scan Tool (x64) Version: 18-01-2020
Ran by Samsung (20-01-2020 17:04:19) Run:1
Running from C:\Users\Samsung\Desktop
Loaded Profiles: Samsung (Available Profiles: Samsung)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
Task: {6277361C-4C29-402E-A738-E990B9557A50} - System32\Tasks\Microsoft\Windows\WDI\SrvHost => rundll32.exe winscomrssrv.dll,SrvMainHost <==== ATTENTION
Task: {DFFB2CCF-C94B-423E-8F65-CCED1DC13475} - System32\Tasks\Microsoft\Windows\Application Experience\StartupCheckLibrary => rundll32.exe StartupCheckLibrary.dll,DllMainRunLibrary <==== ATTENTION
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
Reboot:
 
 
*****************
 
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6277361C-4C29-402E-A738-E990B9557A50}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6277361C-4C29-402E-A738-E990B9557A50}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\WDI\SrvHost => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WDI\SrvHost" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DFFB2CCF-C94B-423E-8F65-CCED1DC13475}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DFFB2CCF-C94B-423E-8F65-CCED1DC13475}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Application Experience\StartupCheckLibrary => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Application Experience\StartupCheckLibrary" => removed successfully
 
========= FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" =========
 
Failed to clear log Microsoft-RMS-MSIPC/Debug.
The requested operation cannot be performed over an enabled direct channel. The channel must first be disabled.
Failed to clear log Microsoft-Windows-LiveId/Analytic.
Access is denied.
Failed to clear log Microsoft-Windows-LiveId/Operational.
Access is denied.
Failed to clear log Microsoft-Windows-USBVideo/Analytic.
The instance name passed was not recognized as valid by a WMI data provider.
 
========= End of CMD: =========
 
 
 
The system needed a reboot.
 
==== End of Fixlog 17:05:01 ====

  • 0

#6
RKinner
Posted 20 January 2020 - 09:32 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

Looks like it worked.  Go ahead and try the Win 10 upgrade. Then we'll check some other things.


  • 0

#7
guru45
Posted 20 January 2020 - 10:02 AM

guru45

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts

Its done. And now starting pc i dont see those missing errors.


  • 0

#8
RKinner
Posted 20 January 2020 - 10:05 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

Let's check that your system files are OK:

Open an elevated command prompt:

http://www.howtogeek...-in-windows-10/
http://www.eightforu...indows-8-a.html

(If you open an elevated Command Prompt properly it will say Administrator: Command Prompt in the margin at the top of the window)


Once you have an elevated command prompt:

Type:

 DISM  /Online  /Cleanup-Image  /RestoreHealth

 (I use two spaces so you can be sure to see where one space goes.)
Hit Enter.  This will take a while (10-20 minutes) to complete.  Once the prompt returns:

Reboot.  Open an elevated Command Prompt again and type (with an Enter after the line):

sfc  /scannow



This will also take a few minutes.  

When it finishes it will say one of the following:

Windows did not find any integrity violations (a good thing)
Windows Resource Protection found corrupt files and repaired them (a good thing)
Windows Resource Protection found corrupt files but was unable to fix some (or all) of them (not a good thing)

If you get the last result then type:
findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  %UserProfile%\desktop\junk.txt


Hit Enter.  Then type::


notepad %UserProfile%\desktop\junk.txt

Hit Enter.

 Copy the text from notepad and paste it into a reply.


After you finish SFC, regardless of the result:



1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.  (Each time you run VEW it overwrites the log so copy the first one to a Reply or rename it before running it a second time.)

 


  • 0

#9
guru45
Posted 20 January 2020 - 10:43 AM

guru45

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts

Afrer sfc run - Windows did not find any integrity violations.

 

And i cant run the app(VEW has not been coded for your language) How can i change it?


  • 0

#10
RKinner
Posted 20 January 2020 - 10:55 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

Just do a FRST scan again with Addition.txt checked and post both logs.


  • 0

Advertisements

#11
guru45
Posted 20 January 2020 - 11:08 AM

guru45

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-01-2020
Ran by Samsung (administrator) on DESKTOP-KJOTLCI (SAMSUNG ELECTRONICS CO., LTD. 300E4C/300E5C/300E7C) (20-01-2020 19:04:21)
Running from C:\Users\Samsung\Desktop
Loaded Profiles: Samsung (Available Profiles: Samsung)
Platform: Windows 10 Home Version 1909 18363.592 (X64) Language: English (United Kingdom)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG TuneUp\TuneupSvc.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG TuneUp\TuneupUI.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\wsc_proxy.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_2.26.14003.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18111.17311.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [316336 2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040296 2015-08-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242200 2016-11-11] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645648 2019-10-05] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3983255944-2224574574-1335531537-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2018-03-18] (Apple Inc. -> Apple Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.117\Installer\chrmstp.exe [2020-01-10] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVG TuneUp.lnk [2020-01-14]
ShortcutTarget: AVG TuneUp.lnk -> C:\Program Files (x86)\AVG\AVG TuneUp\TuneupUI.exe (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {1294A8B8-18A7-4ECC-A501-302450F44524} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {193E2DF8-E3D1-4448-87C5-2BAC2D5CEE75} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {3BF6CA4B-FFCD-48D6-9B3E-F90800159D25} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-08] (Google Inc -> Google Inc.)
Task: {3E3BE35E-E9EB-4F5F-839E-17991162C219} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-08] (Google Inc -> Google Inc.)
Task: {6521EC1B-2AD8-4C1B-9632-4D0356329B5F} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1905072 2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {8B2E440F-0292-4863-A430-C450D5DCDAD2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {93AD4E58-0C83-46DE-B81D-F429A961A312} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {E09B057B-A8CE-4D95-BE4A-7BBB30BEF5FE} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [3981232 2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {E4C5EF46-8C55-470F-B65B-D1A186EAAB83} - System32\Tasks\AVG TuneUp Update => C:\Program Files (x86)\AVG\AVG TuneUp\TUNEUpdate.exe [1706528 2020-01-14] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {FD94B483-7D78-4727-A4A2-B7EDEE337D83} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040296 2015-08-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.8.1
Tcpip\..\Interfaces\{709160f6-0bf3-4104-9f17-9165e7b63aa6}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{82467e37-7202-42d9-96b8-1cdb114ef9b0}: [DhcpNameServer] 192.168.8.1
Tcpip\..\Interfaces\{91e6740a-53fa-4e81-9bc8-5e7124b31d06}: [DhcpNameServer] 192.168.8.1
 
Internet Explorer:
==================
HKU\S-1-5-21-3983255944-2224574574-1335531537-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:NewsFeed
SearchScopes: HKU\S-1-5-21-3983255944-2224574574-1335531537-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\ssv.dll [2020-01-10] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\jp2ssv.dll [2020-01-10] (Oracle America, Inc. -> Oracle Corporation)
 
FireFox:
========
FF ProfilePath: C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\9KKv7aeX.default [2019-10-09]
FF Extension: (Avira Password Manager) - C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\9KKv7aeX.default\Extensions\[email protected] [2019-10-09]
FF Plugin-x32: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2020-01-10] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2020-01-10] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-03] (Adobe Inc. -> Adobe Systems Inc.)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.delta-search.com/?affID=119776&tt=190313_wo2&babsrc=HP_ss&mntrId=AC28001FD056D9BA
CHR StartupUrls: Default -> "hxxp://www.delta-search.com/?affID=119776&tt=190313_wo2&babsrc=HP_ss&mntrId=AC28001FD056D9BA","hxxp://websearch.pu-results.info/?pid=726&r=2013/03/09&hid=1471995205&lg=EN&cc=LV","","hxxp://google.lv/"
CHR Notifications: Default -> hxxps://e.olweb.tv; hxxps://en.softonic.com; hxxps://rutube.ru; hxxps://sport-tv.me; hxxps://tinder.com; hxxps://web.whatsapp.com; hxxps://www.facebook.com; hxxps://www.youtube.com; hxxps://ytmp3.cc
CHR Profile: C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default [2020-01-20]
CHR DownloadDir: C:\Users\Samsung\Desktop
CHR Extension: (Prezentācijas) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-08]
CHR Extension: (BIODIGITAL HUMAN) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2018-01-08]
CHR Extension: (Dokumenti) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-08]
CHR Extension: (Google disks) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-01-08]
CHR Extension: (YouTube) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-01-08]
CHR Extension: (Izklājlapas) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-08]
CHR Extension: (Google dokumenti bezsaistē) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-08]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-12-18]
CHR Extension: (Chrome interneta veikala maksājumu sistēma) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-09]
CHR Extension: (Gmail) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-04]
CHR Extension: (Chrome Media Router) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-11]
CHR Profile: C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-05-07]
CHR Profile: C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\System Profile [2019-05-07]
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [996928 2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [6307248 2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [110560 2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 CleanupPSvc; C:\Program Files (x86)\AVG\AVG TuneUp\TuneupSvc.exe [10301176 2019-07-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [129752 2016-11-11] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel® pGFX -> Intel Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 athr; C:\WINDOWS\System32\drivers\athw8x.sys [4233728 2019-03-19] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.)
R0 avgArDisk; C:\WINDOWS\System32\drivers\avgArDisk.sys [37880 2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [205600 2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [275232 2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [210328 2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [65376 2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [16520 2020-01-07] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [43512 2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [171640 2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [111096 2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [84560 2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [848688 2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [461216 2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [236288 2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [317304 2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R3 BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [610336 2016-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros)
R3 ETDSMBus; C:\WINDOWS\system32\DRIVERS\ETDSMBus.sys [41024 2015-09-23] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvsmwu.inf_amd64_40e2f893a8ddfad8\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation -> NVIDIA Corporation)
S3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [45056 2019-11-04] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
R3 RadioHIDMini; C:\WINDOWS\System32\drivers\RadioHIDMini.sys [32168 2015-07-16] (Samsung Electronics CO., LTD. -> Windows ® Win 7 DDK provider)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [662528 2019-03-19] (Microsoft Windows -> Realtek )
S3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [54896 2018-07-06] (Windscribe Limited -> The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ===================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-01-20 18:42 - 2020-01-20 16:52 - 000000000 ___DC C:\Windows.old
2020-01-20 18:38 - 2020-01-20 18:38 - 000061440 ____C ( ) C:\Users\Samsung\Desktop\VEW.exe
2020-01-20 18:32 - 2020-01-20 18:42 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2020-01-20 18:31 - 2020-01-20 18:32 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2020-01-20 18:31 - 2020-01-20 18:31 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2020-01-20 18:27 - 2020-01-20 18:27 - 025900032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 022627840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 014816256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 009928208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 009711616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 008012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 007905000 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 007754752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 007195648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 007016448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 006520480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 006435840 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 006232576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 006166016 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 006083832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 005943296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 005913600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 005501952 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 005112320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 004578816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 004307968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 004150272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AI.MachineLearning.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 004140544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 004047360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 003967920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 003791360 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 003752960 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 003742544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-01-20 18:27 - 2020-01-20 18:27 - 003487232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 003387392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 003371928 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 002988344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-01-20 18:27 - 2020-01-20 18:27 - 002956472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 002871848 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 002801152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-01-20 18:27 - 2020-01-20 18:27 - 002772272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 002762296 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 002703872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 002698768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-01-20 18:27 - 2020-01-20 18:27 - 002586816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 002576384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 002494464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 002399232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 002258848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 002147328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 002082208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001985928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001974824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2020-01-20 18:27 - 2020-01-20 18:27 - 001916984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001866272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001757304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-01-20 18:27 - 2020-01-20 18:27 - 001743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001726480 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001691648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001655880 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001647072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001539584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001512528 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001451520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 001413840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001399096 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 001394168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-01-20 18:27 - 2020-01-20 18:27 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001330952 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001283072 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001261464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001189376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 001171704 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001154656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001106944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 001069064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001059840 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 001054864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001051664 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001020032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001007616 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000986936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2020-01-20 18:27 - 2020-01-20 18:27 - 000982840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000975872 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000911824 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000892696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000874936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000844800 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000842552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000832000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000822416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000822072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000811536 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000797112 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000774456 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000768528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000768488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000747320 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000700416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000679152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000678712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000674280 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000673456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000669352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000642560 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000638264 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000604984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000593128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000586768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2020-01-20 18:27 - 2020-01-20 18:27 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000571392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000552448 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-01-20 18:27 - 2020-01-20 18:27 - 000542496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000530944 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000522176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000517432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000514576 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000513336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000511000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000492032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Narrator.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000477712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-01-20 18:27 - 2020-01-20 18:27 - 000477184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000466928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000465208 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000461320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2020-01-20 18:27 - 2020-01-20 18:27 - 000455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000453632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000452920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Magnify.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000432256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000415544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000404904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-01-20 18:27 - 2020-01-20 18:27 - 000382976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000380944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000380928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000375720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000372752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2020-01-20 18:27 - 2020-01-20 18:27 - 000363840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000354816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Magnify.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SpeechPrivacy.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2020-01-20 18:27 - 2020-01-20 18:27 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000324624 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-01-20 18:27 - 2020-01-20 18:27 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV1.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmd.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000251512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000249856 _____ (Gracenote, Inc.) C:\WINDOWS\SysWOW64\gnsdk_fp.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\accessibilitycpl.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmd.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2020-01-20 18:27 - 2020-01-20 18:27 - 000220472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagSvc.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti_ci.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000202552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2020-01-20 18:27 - 2020-01-20 18:27 - 000199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\accessibilitycpl.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000193800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2020-01-20 18:27 - 2020-01-20 18:27 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000164776 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000164368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000162696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmvdsitf.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiadss.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatialAudioLicenseSrv.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000136536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\omadmapi.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys
2020-01-20 18:27 - 2020-01-20 18:27 - 000127520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinHvPlatform.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiadss.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Utilman.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\EaseOfAccessDialog.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000113160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2020-01-20 18:27 - 2020-01-20 18:27 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000105488 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sethc.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2020-01-20 18:27 - 2020-01-20 18:27 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Utilman.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EaseOfAccessDialog.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000093496 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcXtrnal.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AtBroker.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000084488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2020-01-20 18:27 - 2020-01-20 18:27 - 000084488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2020-01-20 18:27 - 2020-01-20 18:27 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2020-01-20 18:27 - 2020-01-20 18:27 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sethc.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usp10.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usp10.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\reg.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000073024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2020-01-20 18:27 - 2020-01-20 18:27 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AtBroker.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ApiSetHost.AppExecutionAlias.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000061240 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvhostsvc.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstUI.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\reg.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nsiproxy.sys
2020-01-20 18:27 - 2020-01-20 18:27 - 000047616 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000036368 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winnsi.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\posetup.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2020-01-20 18:27 - 2020-01-20 18:27 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\nsisvc.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000028344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winnsi.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidtel.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000024792 _____ (Microsoft Corporation) C:\WINDOWS\system32\nsi.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000021304 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nsi.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\applockerfltr.sys
2020-01-20 18:27 - 2020-01-20 18:27 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiatrace.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcXtrnal.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDJPN.DLL
2020-01-20 18:27 - 2020-01-20 18:27 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwmp.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbd106.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2020-01-20 18:27 - 2020-01-20 18:27 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2020-01-20 18:27 - 2020-01-20 18:27 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 017787904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 007849424 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 007278592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 006227104 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 005890048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AI.MachineLearning.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 004615616 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-01-20 18:26 - 2020-01-20 18:26 - 004005888 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 003591208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-01-20 18:26 - 2020-01-20 18:26 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2020-01-20 18:26 - 2020-01-20 18:26 - 003105792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 003084800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-01-20 18:26 - 2020-01-20 18:26 - 002473976 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 002284544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 002126112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 002120704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 002114048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 001920512 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 001687040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 001428992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2020-01-20 18:26 - 2020-01-20 18:26 - 001413912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 001259416 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2020-01-20 18:26 - 2020-01-20 18:26 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-01-20 18:26 - 2020-01-20 18:26 - 001094656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 001027000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 001006904 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000874536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-01-20 18:26 - 2020-01-20 18:26 - 000851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-01-20 18:26 - 2020-01-20 18:26 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2020-01-20 18:26 - 2020-01-20 18:26 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2020-01-20 18:26 - 2020-01-20 18:26 - 000750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntimewindows.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntime.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000657424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2020-01-20 18:26 - 2020-01-20 18:26 - 000644096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000589592 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2020-01-20 18:26 - 2020-01-20 18:26 - 000551736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
2020-01-20 18:26 - 2020-01-20 18:26 - 000534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.UserService.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000524264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-01-20 18:26 - 2020-01-20 18:26 - 000422712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2020-01-20 18:26 - 2020-01-20 18:26 - 000416016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2020-01-20 18:26 - 2020-01-20 18:26 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-01-20 18:26 - 2020-01-20 18:26 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MbbCx.sys
2020-01-20 18:26 - 2020-01-20 18:26 - 000322504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000292664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2020-01-20 18:26 - 2020-01-20 18:26 - 000291256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2020-01-20 18:26 - 2020-01-20 18:26 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-01-20 18:26 - 2020-01-20 18:26 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-01-20 18:26 - 2020-01-20 18:26 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000204816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2020-01-20 18:26 - 2020-01-20 18:26 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AarSvc.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2020-01-20 18:26 - 2020-01-20 18:26 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2020-01-20 18:26 - 2020-01-20 18:26 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe
2020-01-20 18:26 - 2020-01-20 18:26 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationControlCSP.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2020-01-20 18:26 - 2020-01-20 18:26 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2020-01-20 18:26 - 2020-01-20 18:26 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000088568 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApiSetHost.AppExecutionAlias.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-01-20 18:26 - 2020-01-20 18:26 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-01-20 18:26 - 2020-01-20 18:26 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000067112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000047208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-01-20 18:26 - 2020-01-20 18:26 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelineprxy.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthMini.SYS
2020-01-20 18:26 - 2020-01-20 18:26 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevQueryBroker.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscisvif.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscproxystub.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsilog.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dstokenclean.exe
2020-01-20 18:26 - 2020-01-20 18:26 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscadminui.exe
2020-01-20 18:22 - 2020-01-20 18:22 - 000000000 ____D C:\WINDOWS\system32\lv
2020-01-20 18:20 - 2020-01-20 18:20 - 000000000 ____D C:\Program Files\Reference Assemblies
2020-01-20 18:20 - 2020-01-20 18:20 - 000000000 ____D C:\Program Files\MSBuild
2020-01-20 18:20 - 2020-01-20 18:20 - 000000000 ____D C:\Program Files (x86)\MSBuild
2020-01-20 18:20 - 2019-03-01 19:31 - 001166488 ____C (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2020-01-20 18:20 - 2019-03-01 19:31 - 000124568 ____C (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2020-01-20 18:20 - 2019-03-01 19:31 - 000035592 ____C (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2020-01-20 18:20 - 2019-02-05 20:41 - 000778912 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2020-01-20 18:20 - 2019-02-05 20:41 - 000103072 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2020-01-20 18:20 - 2019-02-05 20:41 - 000035592 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2020-01-20 18:19 - 2019-03-18 21:21 - 000099328 ____C (Microsoft Corporation) C:\WINDOWS\system32\XPSSHHDR.dll
2020-01-20 18:19 - 2019-03-18 21:20 - 004470272 ____C (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2020-01-20 18:19 - 2019-03-18 21:16 - 000903168 ____C (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll
2020-01-20 18:19 - 2019-03-18 20:15 - 000081408 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\XPSSHHDR.dll
2020-01-20 18:19 - 2019-03-18 20:09 - 000568320 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsFilt.dll
2020-01-20 18:19 - 2019-03-18 17:19 - 005791744 ____C (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0026.dll
2020-01-20 18:19 - 2019-03-18 17:16 - 000180736 ____C (Microsoft Corporation) C:\WINDOWS\system32\NlsData0026.dll
2020-01-20 18:19 - 2019-03-18 17:08 - 000134656 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0026.dll
2020-01-20 18:19 - 2019-03-18 17:05 - 001915392 ____C (Microsoft Corporation) C:\WINDOWS\system32\MLS2.dll
2020-01-20 18:19 - 2019-03-18 17:00 - 001875968 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\MLS2.dll
2020-01-20 18:19 - 2019-03-01 19:33 - 000076060 ____C C:\WINDOWS\system32\xpsrchvw.xml
2020-01-20 18:19 - 2018-08-09 16:53 - 000076060 ____C C:\WINDOWS\SysWOW64\xpsrchvw.xml
2020-01-20 18:16 - 2020-01-20 18:16 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-01-20 18:16 - 2020-01-20 18:16 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-01-20 17:04 - 2020-01-20 17:05 - 000002467 ____C C:\Users\Samsung\Desktop\Fixlog.txt
2020-01-20 16:54 - 2020-01-20 16:54 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2020-01-20 16:53 - 2020-01-20 18:36 - 000840852 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-01-20 16:52 - 2020-01-20 18:29 - 000000006 ___HC C:\WINDOWS\Tasks\SA.DAT
2020-01-20 16:52 - 2020-01-20 17:25 - 000004266 _____ C:\WINDOWS\system32\Tasks\Antivirus Emergency Update
2020-01-20 16:52 - 2020-01-20 16:52 - 000003542 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-01-20 16:52 - 2020-01-20 16:52 - 000003396 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-01-20 16:52 - 2020-01-20 16:52 - 000003172 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-01-20 16:52 - 2020-01-20 16:52 - 000003024 _____ C:\WINDOWS\system32\Tasks\AVG TuneUp Update
2020-01-20 16:52 - 2020-01-20 16:52 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3983255944-2224574574-1335531537-1001
2020-01-20 16:52 - 2020-01-20 16:52 - 000002280 _____ C:\WINDOWS\system32\Tasks\RTKCPL
2020-01-20 16:52 - 2020-01-20 16:52 - 000000020 ___SH C:\Users\Samsung\ntuser.ini
2020-01-20 16:52 - 2020-01-20 16:52 - 000000000 SHDCL C:\Documents and Settings
2020-01-20 16:52 - 2020-01-20 16:52 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avira
2020-01-20 16:52 - 2020-01-20 16:52 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVG
2020-01-20 16:52 - 2020-01-20 16:52 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2020-01-20 16:51 - 2020-01-20 16:52 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2020-01-20 16:51 - 2020-01-20 16:52 - 000007623 _____ C:\WINDOWS\diagerr.xml
2020-01-20 16:47 - 2020-01-20 16:52 - 000000000 ____D C:\Users\Samsung
2020-01-20 16:47 - 2019-03-19 06:46 - 000001105 _____ C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-01-20 16:45 - 2019-10-07 04:57 - 002874368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2020-01-20 16:43 - 2016-05-03 23:30 - 000081416 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2020-01-20 16:43 - 2016-05-03 23:30 - 000077832 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2020-01-20 16:42 - 2020-01-20 17:06 - 000443128 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-01-20 16:42 - 2020-01-20 16:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-01-20 15:39 - 2020-01-20 16:52 - 000000000 ___DC C:\WINDOWS\Panther
2020-01-20 15:07 - 2020-01-20 16:52 - 000000000 __HDC C:\$GetCurrent
2020-01-20 15:07 - 2020-01-20 16:52 - 000000000 ___DC C:\Windows10Upgrade
2020-01-20 15:07 - 2020-01-20 15:07 - 000000731 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10 Update Assistant.lnk
2020-01-20 13:20 - 2020-01-20 13:21 - 000035550 ____C C:\Users\Samsung\Desktop\Addition.txt
2020-01-20 13:19 - 2020-01-20 19:05 - 000019392 ____C C:\Users\Samsung\Desktop\FRST.txt
2020-01-20 13:17 - 2020-01-20 19:04 - 000000000 ___DC C:\FRST
2020-01-20 13:14 - 2020-01-20 13:14 - 002572800 ____C (Farbar) C:\Users\Samsung\Desktop\FRST64.exe
2020-01-15 17:45 - 2020-01-15 17:45 - 000090478 ____C C:\Users\Samsung\Downloads\CV-Europass-20200115-Bērziņš-LV.pdf
2020-01-14 20:41 - 2020-01-14 20:41 - 000103978 ____C C:\Users\Samsung\Downloads\CV-Europass-20200114-Bērziņš-EN.pdf
2020-01-14 20:24 - 2020-01-20 18:42 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Technologies
2020-01-14 20:24 - 2020-01-14 20:24 - 000001188 ____C C:\Users\Public\Desktop\AVG TuneUp.lnk
2020-01-14 20:24 - 2020-01-14 20:24 - 000001188 ____C C:\ProgramData\Desktop\AVG TuneUp.lnk
2020-01-14 20:24 - 2020-01-14 20:24 - 000000000 ___DC C:\Program Files (x86)\AVG
2020-01-13 16:27 - 2020-01-13 16:27 - 000000000 ___DC C:\Users\Samsung\AppData\Roaming\Ubisoft
2020-01-13 16:24 - 2020-01-13 16:24 - 000000000 ___DC C:\ProgramData\Ubisoft
2020-01-13 16:13 - 2020-01-13 16:13 - 000000000 ___DC C:\Program Files (x86)\Ubisoft
2020-01-10 20:35 - 2020-01-20 18:42 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2020-01-10 20:35 - 2020-01-10 20:35 - 000114232 ____C (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2020-01-10 20:35 - 2020-01-10 20:35 - 000000000 ___DC C:\Users\Samsung\AppData\Roaming\Sun
2020-01-10 20:35 - 2020-01-10 20:35 - 000000000 ___DC C:\Program Files (x86)\Java
2020-01-10 20:28 - 2020-01-20 16:47 - 000000000 ___DC C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft
2020-01-10 20:21 - 2020-01-15 16:45 - 000000000 ___DC C:\Users\Samsung\AppData\LocalLow\uTorrent
2020-01-09 14:52 - 2020-01-09 14:52 - 000000000 ___DC C:\Users\Samsung\Downloads\New folder
2020-01-07 12:41 - 2020-01-14 20:25 - 000000000 ___DC C:\Users\Samsung\AppData\Roaming\AVG
2020-01-07 12:41 - 2020-01-07 12:41 - 000002075 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG AntiVirus FREE.lnk
2020-01-07 12:41 - 2020-01-07 12:41 - 000002063 ____C C:\Users\Public\Desktop\AVG AntiVirus FREE.lnk
2020-01-07 12:41 - 2020-01-07 12:41 - 000002063 ____C C:\ProgramData\Desktop\AVG AntiVirus FREE.lnk
2020-01-07 12:41 - 2020-01-07 12:41 - 000000000 ___DC C:\Users\Samsung\AppData\Local\Avg
2020-01-07 12:39 - 2020-01-07 12:40 - 000848688 ____C (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2020-01-07 12:39 - 2020-01-07 12:40 - 000461216 ____C (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2020-01-07 12:39 - 2020-01-07 12:40 - 000171640 ____C (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2020-01-07 12:39 - 2020-01-07 12:39 - 000355760 ____C (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2020-01-07 12:39 - 2020-01-07 12:39 - 000317304 ____C (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2020-01-07 12:39 - 2020-01-07 12:39 - 000275232 ____C (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdriver.sys
2020-01-07 12:39 - 2020-01-07 12:39 - 000236288 ____C (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys
2020-01-07 12:39 - 2020-01-07 12:39 - 000210328 ____C (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsh.sys
2020-01-07 12:39 - 2020-01-07 12:39 - 000205600 ____C (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys
2020-01-07 12:39 - 2020-01-07 12:39 - 000111096 ____C (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2020-01-07 12:39 - 2020-01-07 12:39 - 000084560 ____C (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2020-01-07 12:39 - 2020-01-07 12:39 - 000065376 ____C (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniv.sys
2020-01-07 12:39 - 2020-01-07 12:39 - 000043512 ____C (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgKbd.sys
2020-01-07 12:39 - 2020-01-07 12:39 - 000037880 ____C (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArDisk.sys
2020-01-07 12:39 - 2020-01-07 12:39 - 000016520 ____C (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgElam.sys
2020-01-07 12:39 - 2020-01-07 12:39 - 000000000 ___DC C:\Program Files\Common Files\AVG
2020-01-07 12:38 - 2020-01-20 16:07 - 000000000 ___DC C:\ProgramData\AVG
2020-01-07 12:38 - 2020-01-07 12:38 - 000000000 ___DC C:\Program Files\AVG
2020-01-04 19:16 - 2020-01-04 19:16 - 000000000 ___DC C:\Users\Samsung\Documents\My Games
2019-12-23 20:36 - 2019-12-23 20:36 - 000000000 ___DC C:\Users\Public\Security Sessions
2019-12-21 23:24 - 2019-12-21 23:24 - 000000000 ___DC C:\Users\Samsung\AppData\Local\Windscribe
2019-12-21 23:24 - 2018-07-06 17:22 - 000054896 ____C (The OpenVPN Project) C:\WINDOWS\system32\Drivers\tapwindscribe0901.sys
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-01-20 19:04 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2020-01-20 19:03 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-01-20 18:46 - 2018-01-08 10:04 - 000000000 _SHDC C:\Users\Samsung\IntelGraphicsProfiles
2020-01-20 18:45 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\servicing
2020-01-20 18:45 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-01-20 18:42 - 2019-10-09 16:03 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2020-01-20 18:42 - 2019-06-21 20:12 - 000000000 ___DC C:\Program Files\UNP
2020-01-20 18:42 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2020-01-20 18:42 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\spool
2020-01-20 18:42 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-01-20 18:42 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\Registration
2020-01-20 18:42 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\Help
2020-01-20 18:42 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-01-20 18:42 - 2019-03-19 06:49 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2020-01-20 18:42 - 2018-09-15 15:12 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2020-01-20 18:42 - 2018-08-29 19:31 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2020-01-20 18:42 - 2018-04-30 19:12 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2020-01-20 18:42 - 2018-04-12 01:38 - 000000000 ___DC C:\WINDOWS\system32\Tasks_Migrated
2020-01-20 18:42 - 2018-04-12 01:38 - 000000000 ___DC C:\WINDOWS\system32\MsDtc
2020-01-20 18:42 - 2018-01-08 10:21 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2020-01-20 18:42 - 2018-01-08 10:20 - 000000000 ___DC C:\WINDOWS\SHELLNEW
2020-01-20 18:42 - 2018-01-08 10:17 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-01-20 18:42 - 2018-01-08 10:16 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2020-01-20 18:42 - 2018-01-05 19:07 - 000000000 ___DC C:\Program Files (x86)\NVIDIA Corporation
2020-01-20 18:41 - 2019-03-19 06:52 - 000000000 __RHD C:\Users\Public\Libraries
2020-01-20 18:41 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\InfusedApps
2020-01-20 18:33 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\Resources
2020-01-20 18:33 - 2018-01-05 19:02 - 000000000 ___DC C:\WINDOWS\system32\SRSLabs
2020-01-20 18:32 - 2018-01-05 19:02 - 000000000 ___DC C:\Program Files\Realtek
2020-01-20 18:32 - 2018-01-05 18:59 - 000000000 ___DC C:\Program Files\Intel
2020-01-20 18:30 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-01-20 18:30 - 2019-03-19 06:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-01-20 18:30 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2020-01-20 18:30 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-01-20 18:30 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2020-01-20 18:30 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\appraiser
2020-01-20 18:30 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-01-20 18:30 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ShellComponents
2020-01-20 18:30 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-01-20 18:30 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\DiagTrack
2020-01-20 18:30 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-01-20 18:29 - 2019-03-19 06:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-01-20 18:29 - 2018-01-05 19:08 - 000000000 ___DC C:\ProgramData\NVIDIA
2020-01-20 18:22 - 2019-03-19 13:37 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2020-01-20 18:22 - 2019-03-19 13:37 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2020-01-20 18:22 - 2019-03-19 13:35 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2020-01-20 18:22 - 2019-03-19 13:35 - 000000000 ____D C:\WINDOWS\system32\WCN
2020-01-20 18:22 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2020-01-20 18:22 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\system32\F12
2020-01-20 18:22 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2020-01-20 18:22 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2020-01-20 18:22 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2020-01-20 18:22 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-01-20 18:22 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-01-20 18:22 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\IME
2020-01-20 18:22 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files\Common Files\System
2020-01-20 18:22 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-01-20 18:20 - 2019-03-19 07:00 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2020-01-20 18:20 - 2019-03-19 07:00 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2020-01-20 18:20 - 2019-03-19 07:00 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2020-01-20 18:20 - 2019-03-19 07:00 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2020-01-20 18:20 - 2019-03-19 07:00 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2020-01-20 18:20 - 2019-03-19 07:00 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2020-01-20 18:20 - 2019-03-19 07:00 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2020-01-20 18:20 - 2019-03-19 07:00 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2020-01-20 18:20 - 2019-03-19 07:00 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2020-01-20 18:20 - 2019-03-19 07:00 - 000005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2020-01-20 18:20 - 2019-03-19 07:00 - 000005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2020-01-20 18:20 - 2019-03-19 06:57 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2020-01-20 18:20 - 2019-03-19 06:57 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2020-01-20 18:20 - 2019-03-19 06:57 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2020-01-20 18:20 - 2019-03-19 06:57 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2020-01-20 18:20 - 2019-03-19 06:57 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2020-01-20 18:20 - 2019-03-19 06:57 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2020-01-20 18:20 - 2019-03-19 06:57 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2020-01-20 18:19 - 2019-03-19 06:56 - 000000000 ____D C:\WINDOWS\Setup
2020-01-20 18:19 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2020-01-20 18:19 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2020-01-20 18:19 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2020-01-20 18:19 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2020-01-20 18:19 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\et-EE
2020-01-20 18:19 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\es-MX
2020-01-20 17:10 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-01-20 17:10 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ServiceState
2020-01-20 17:10 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-01-20 17:10 - 2018-08-30 22:19 - 000000000 ___DC C:\ProgramData\Packages
2020-01-20 17:10 - 2018-01-05 20:34 - 000000000 ___DC C:\Users\Samsung\AppData\Local\Packages
2020-01-20 16:54 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\USOPrivate
2020-01-20 16:52 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files\Windows Defender
2020-01-20 16:52 - 2019-03-19 06:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2020-01-20 16:52 - 2018-01-08 10:04 - 000000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2020-01-20 16:52 - 2018-01-08 10:04 - 000000000 __RDC C:\Users\Samsung\3D Objects
2020-01-20 16:52 - 2018-01-05 18:52 - 000000000 _RHDC C:\Users\Public\AccountPictures
2020-01-20 16:52 - 2018-01-05 18:52 - 000000000 ___DC C:\Users\Samsung\AppData\Local\ConnectedDevicesPlatform
2020-01-20 16:50 - 2018-01-08 10:13 - 000002301 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-20 16:50 - 2018-01-08 10:13 - 000002260 ____C C:\Users\Public\Desktop\Google Chrome.lnk
2020-01-20 16:50 - 2018-01-08 10:13 - 000002260 ____C C:\ProgramData\Desktop\Google Chrome.lnk
2020-01-20 16:47 - 2018-04-30 19:59 - 000000000 ___DC C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iCloud
2020-01-20 16:47 - 2018-01-08 10:17 - 000000000 ___DC C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-01-20 16:45 - 2019-03-19 06:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2020-01-20 16:44 - 2018-01-05 19:02 - 000000000 ___DC C:\WINDOWS\SysWOW64\RTCOM
2020-01-20 16:44 - 2018-01-05 19:00 - 000000000 ___DC C:\Program Files\Elantech
2020-01-20 16:43 - 2018-01-05 19:07 - 000000000 ___DC C:\Program Files\NVIDIA Corporation
2020-01-20 15:38 - 2018-01-05 19:32 - 000000036 ____C C:\WINDOWS\progress.ini
2020-01-20 13:47 - 2018-04-30 19:11 - 000000000 ___DC C:\Program Files\Common Files\Apple
2020-01-20 13:47 - 2018-04-30 19:10 - 000000000 ___DC C:\ProgramData\Apple
2020-01-20 12:52 - 2018-05-31 18:35 - 000002373 ____C C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive (1).lnk
2020-01-20 12:52 - 2018-01-05 18:54 - 000000000 __RDC C:\Users\Samsung\OneDrive
2020-01-16 00:22 - 2018-01-31 20:09 - 000000000 ___DC C:\Users\Samsung\AppData\Roaming\uTorrent
2020-01-14 22:20 - 2018-08-30 21:11 - 000000000 ___DC C:\Users\Samsung\AppData\Local\D3DSCache
2020-01-14 20:27 - 2018-09-15 15:12 - 000000000 ___DC C:\Program Files (x86)\Steam
2020-01-13 16:13 - 2019-09-18 19:58 - 000000000 __HDC C:\Program Files (x86)\InstallShield Installation Information
2020-01-10 20:36 - 2019-08-01 17:09 - 000000000 ___DC C:\Users\Samsung\AppData\Roaming\.minecraft
2020-01-10 19:28 - 2018-10-18 12:00 - 000000000 ___DC C:\Users\Samsung\AppData\Local\ElevatedDiagnostics
2020-01-08 14:14 - 2019-10-09 16:03 - 000000000 ___DC C:\ProgramData\Avira
2020-01-08 14:14 - 2019-10-09 16:03 - 000000000 ___DC C:\Program Files (x86)\Avira
2020-01-07 00:21 - 2018-04-01 23:22 - 000000000 ___DC C:\ProgramData\Package Cache
2020-01-07 00:05 - 2019-08-13 22:14 - 000007601 ____C C:\Users\Samsung\AppData\Local\Resmon.ResmonCfg
2019-12-23 20:36 - 2019-10-11 15:55 - 000000000 ___DC C:\Users\Samsung\AppData\Local\Avira
 
==================== Files in the root of some directories ========
 
2019-08-13 22:14 - 2020-01-07 00:05 - 000007601 ____C () C:\Users\Samsung\AppData\Local\Resmon.ResmonCfg
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-01-2020
Ran by Samsung (20-01-2020 19:05:45)
Running from C:\Users\Samsung\Desktop
Windows 10 Home Version 1909 18363.592 (X64) (2020-01-20 14:52:43)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3983255944-2224574574-1335531537-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3983255944-2224574574-1335531537-503 - Limited - Disabled)
Guest (S-1-5-21-3983255944-2224574574-1335531537-501 - Limited - Disabled)
Samsung (S-1-5-21-3983255944-2224574574-1335531537-1001 - Administrator - Enabled) => C:\Users\Samsung
WDAGUtilityAccount (S-1-5-21-3983255944-2224574574-1335531537-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {4FC75CA5-1654-5411-7CFB-1893D506BCF4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Antivirus (Enabled - Up to date) {F4A6BD41-306E-5B9F-464B-23E1AE81F649}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-3983255944-2224574574-1335531537-1001\...\uTorrent) (Version: 3.5.5.45505 - BitTorrent Inc.)
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.00 - Ubisoft)
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 19.8.3108 - AVG Technologies)
AVG TuneUp (HKLM-x32\...\{949BE04F-D7E8-4C19-9F89-8B304AB4308A}_is1) (Version: 19.1.1209 - AVG Technologies)
ELAN Touchpad driver X64 15.7.9.2_WHQL (HKLM\...\Elantech) (Version: 15.7.9.2 - ELAN Microelectronic Corp.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.117 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
iCloud (HKLM\...\{5BD11939-D2C2-4F1B-AAAF-5ECE19A801F7}) (Version: 7.4.0.111 - Apple Inc.)
Java 8 Update 231 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180231F0}) (Version: 8.0.2310.11 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Microsoft Office Proofing Tools 2013 - latviešu (HKLM-x32\...\{90150000-001F-0426-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Standard 2013 (HKLM-x32\...\Office15.STANDARD) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3983255944-2224574574-1335531537-1001\...\OneDriveSetup.exe) (Version: 19.222.1110.0006 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PowerISO (HKLM-x32\...\PowerISO) (Version: 7.2 - Power Software Ltd)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7543 - Realtek Semiconductor Corp.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22925 - Microsoft Corporation)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
 
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_1.8.2.0_x64__tf1gferkr813w [2018-11-14] (Autodesk Inc.)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_2.3.301.0_x64__rz1tebttyb220 [2018-11-27] (Dolby Laboratories)
Dolby Atmos for Headphones -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAtmosforHeadphones_2.3.303.0_x64__rz1tebttyb220 [2018-11-27] (Dolby Laboratories)
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11029.20108.0_x64__8wekyb3d8bbwe [2020-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2020-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x86__8wekyb3d8bbwe [2018-11-19] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.27.2643.0_x64__8wekyb3d8bbwe [2018-09-28] (Microsoft Corporation) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0 [2018-11-28] (Spotify AB) [Startup Task]
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3983255944-2224574574-1335531537-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel® pGFX -> Intel Corporation)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [BB FlashBack 2] -> {A8065B9E-193F-4797-B62D-8F6321E7FCCB} =>  -> No File
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2018-03-18] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2018-06-17] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2018-06-17] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2018-06-17] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
 
==================== Codecs (Whitelisted) ====================
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
ShortcutWithArgument: C:\Users\Samsung\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default
 
==================== Loaded Modules (Whitelisted) =============
 
2020-01-14 20:24 - 2016-09-12 15:53 - 048936448 ____C () [File not signed] C:\Program Files (x86)\AVG\AVG TuneUp\libcef.dll
2018-01-08 10:16 - 2016-10-04 16:51 - 000076800 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Users\Public\AppData:CSM [232]
 
==================== Safe Mode (Whitelisted) ==================
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer trusted/restricted ==========
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2016-07-16 13:47 - 2016-07-16 13:45 - 000000824 ____C C:\WINDOWS\system32\drivers\etc\hosts
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3983255944-2224574574-1335531537-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.8.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-3983255944-2224574574-1335531537-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3983255944-2224574574-1335531537-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-3983255944-2224574574-1335531537-1001\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-3983255944-2224574574-1335531537-1001\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-3983255944-2224574574-1335531537-1001\...\StartupApproved\Run: => "Steam"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{F5A4D5BC-7C8B-4905-A7A6-0DCA813AED36}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{2416896A-1E31-48E9-B9AA-0F99D62690A8}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{7C8120A3-DA99-4F92-B1C0-245C3145444C}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe (Ubisoft) [File not signed]
FirewallRules: [{017BED67-8CA0-4CA6-9089-2550E1BA9C3F}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe (Ubisoft) [File not signed]
FirewallRules: [{7A9115C8-DC24-4471-879F-FF505ED1077C}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe (Ubisoft) [File not signed]
FirewallRules: [{A6922EA9-2363-4AC4-8C56-9BBB3BBFCB27}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe (Ubisoft) [File not signed]
FirewallRules: [{44494EFA-341A-49C9-A957-65102DEA89A8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{8495F65C-70E2-467B-925F-674320F5C2B1}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe No File
FirewallRules: [{A304E60D-9CD8-40B8-BD71-936531CC57E2}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe No File
FirewallRules: [{A3F4DADF-9D25-4A61-85D1-5A5FF9C4D334}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe No File
FirewallRules: [UDP Query User{FB0A938A-C98E-4552-A37D-B7E3A8388CD4}C:\program files (x86)\age of empires iii - complete collection\age3.exe] => (Block) C:\program files (x86)\age of empires iii - complete collection\age3.exe No File
FirewallRules: [TCP Query User{A6C6B8C6-1717-40E9-985F-B502C88D79DD}C:\program files (x86)\age of empires iii - complete collection\age3.exe] => (Block) C:\program files (x86)\age of empires iii - complete collection\age3.exe No File
FirewallRules: [{510C4E6E-7F92-4AC3-89AA-2ACF7A9B8B7D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{AA995C5B-2EB1-4084-B2D5-C759CFCA06B2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{81CD391B-508B-484A-8453-7070B5F39EEE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{11BEE9AB-9A3F-4B61-9EF7-F60040A00811}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1338ABDA-4655-476C-AC8B-46C5488436FB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3EB3C10F-951E-42C6-AC63-9481C1AA021E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DC9590B3-9220-4EB8-9503-4B083210F045}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BDC153AA-6A33-43F5-B725-60339EB0B505}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8541CDF7-1B8C-4F9F-B267-C7AF49ED19E5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{717B6DDF-701A-49C8-BC26-D5A1EB460901}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{FC1E589B-9B05-489D-A8EF-5862902923BE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{CFA58FC7-1BA7-47B4-AFAF-4799AA78C999}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{60FB9981-7D0A-4AE1-AF14-2F8007DEFBC5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{CE7813A6-A78D-4FA2-85C3-37E08E075698}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{C20485D1-229E-4CE1-B503-47043E6C9D08}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{C8610F04-7DC6-4260-BA64-F4184ED406FD}] => (Allow) C:\Users\Samsung\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{ED2196E8-2E0F-4E1C-9B7D-8C4F53647E78}] => (Allow) C:\Users\Samsung\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
 
==================== Restore Points =========================
 
ATTENTION: System Restore is disabled (Total:110.46 GB) (Free:32.43 GB) (29%)
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (01/20/2020 06:36:03 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 026 language ID. The first DWORD in the Data section contains the Win32 error code.
 
Error: (01/20/2020 05:27:38 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 026 language ID. The first DWORD in the Data section contains the Win32 error code.
 
Error: (01/20/2020 05:19:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SystemSettings.exe version 10.0.18362.449 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 1c30
 
Start Time: 01d5cfa4b3121db3
 
Termination Time: 4294967295
 
Application Path: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
 
Report Id: 5f908dda-96b7-418d-a0c6-51930e9683eb
 
Faulting package full name: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy
 
Faulting package-relative application ID: microsoft.windows.immersivecontrolpanel
 
Hang type: Quiesce
 
Error: (01/20/2020 05:16:56 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SystemSettings.exe version 10.0.18362.449 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 1440
 
Start Time: 01d5cfa455f5a9c2
 
Termination Time: 4294967295
 
Application Path: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
 
Report Id: 4aaae4ba-1bd6-4ce6-8581-9f02c3f85e70
 
Faulting package full name: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy
 
Faulting package-relative application ID: microsoft.windows.immersivecontrolpanel
 
Hang type: Quiesce
 
Error: (01/20/2020 05:11:04 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 026 language ID. The first DWORD in the Data section contains the Win32 error code.
 
 
System errors:
=============
Error: (01/20/2020 06:50:39 PM) (Source: DCOM) (EventID: 10029) (User: DESKTOP-KJOTLCI)
Description: The activation of the CLSID Windows.Media.Capture.Internal.AppCaptureShell timed out waiting for the service BcastDVRUserService_4f5ea6 to stop.
 
Error: (01/20/2020 06:45:54 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-KJOTLCI)
Description: DCOM got error "1053" attempting to start the service BcastDVRUserService_2de55 with arguments "Unavailable" in order to run the server:
Windows.Media.Capture.Internal.AppCaptureShell
 
Error: (01/20/2020 06:45:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The BcastDVRUserService_2de55 service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (01/20/2020 06:45:54 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the BcastDVRUserService_2de55 service to connect.
 
Error: (01/20/2020 06:45:54 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-KJOTLCI)
Description: DCOM got error "1053" attempting to start the service BcastDVRUserService_2de55 with arguments "Unavailable" in order to run the server:
Windows.Media.Capture.Internal.AppCaptureShell
 
Error: (01/20/2020 06:45:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The BcastDVRUserService_2de55 service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (01/20/2020 06:45:54 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the BcastDVRUserService_2de55 service to connect.
 
Error: (01/20/2020 05:05:46 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-KJOTLCI)
Description: DCOM got error "1053" attempting to start the service BcastDVRUserService_252eaa with arguments "Unavailable" in order to run the server:
Windows.Media.Capture.Internal.AppCaptureShell
 
 
Windows Defender:
===================================
Date: 2020-01-20 17:05:35.765
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {7C438278-9A2F-4850-A3D0-BBEE6E395654}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
CodeIntegrity:
===================================
 
Date: 2020-01-20 19:02:48.589
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-01-20 19:02:48.584
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-01-20 19:02:48.286
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-01-20 19:02:48.281
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-01-20 19:02:33.901
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-01-20 19:02:33.896
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-01-20 19:01:13.002
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-01-20 19:01:12.996
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.
 
==================== Memory info =========================== 
 
BIOS: Phoenix Technologies Ltd. P04RAP 10/15/2012
Motherboard: SAMSUNG ELECTRONICS CO., LTD. NP300E5C-S03EE
Processor: Intel® Core™ i5-3210M CPU @ 2.50GHz
Percentage of memory in use: 81%
Total physical RAM: 3797.53 MB
Available physical RAM: 703.73 MB
Total Virtual: 4757.53 MB
Available Virtual: 1444.59 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:110.46 GB) (Free:32.43 GB) NTFS
 
\\?\Volume{b82e9ba2-aa72-4903-902d-ba65f553e4c5}\ (Recovery) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{8a28eb8c-429d-4c17-b440-f671e90de548}\ () (Fixed) (Total:0.77 GB) (Free:0.26 GB) NTFS
\\?\Volume{da1c40c4-0225-4eb7-aed2-1e86bf0a1011}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 111.8 GB) (Disk ID: 30F49E2E)
 
Partition: GPT.
 
==================== End of Addition.txt =======================

  • 0

#12
RKinner
Posted 20 January 2020 - 11:51 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

You have a strange error where it complains about

BcastDVRUserService .

 

Not sure what is causing it.  I thought the thing only ran to record games when you were playing Xbox.

https://www.howtogee...nning-on-my-pc/

 

Let's run Process Explorer and make sure nothing is using the CPU:

 

Get Process Explorer

https://live.sysinte...com/procexp.exe

Save it to your desktop then run it (Vista or Win7+ - right click and Run As Administrator).  

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures


Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  

Wait a full minute then:

File, Save As, Save.  Note the file name.   Open the file  on your desktop and copy and paste the text to a reply.

I'm going to take a nap so if you want something to do for the next hour or two run MBAR to rule out any infection I can't see:

 

Go to

https://www.malwareb...om/antirootkit/

Click on Download.  Save the file then Right click and Run As Admin.  Just follow the instructions from there.


  • 0

#13
guru45
Posted 20 January 2020 - 12:25 PM

guru45

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
So,this is from Process Explorer:
 
 
Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
System Idle Process 84.02 60 K 8 K 0
SettingSyncHost.exe 10.15 8,392 K 22,004 K 4444 Host Process for Setting Synchronization Microsoft Corporation (Verified) Microsoft Windows
procexp64.exe 2.24 35,740 K 73,880 K 11848 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
explorer.exe 0.50 90,980 K 156,360 K 8260 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
dwm.exe 0.49 42,132 K 56,864 K 10572 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.44 8,908 K 15,008 K 1112 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 0.42 4,032 K 16,204 K 4132 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
Interrupts 0.23 0 K 0 K n/a Hardware Interrupts and DPCs
System 0.23 192 K 128 K 4
nvtray.exe 0.19 5,792 K 14,992 K 10128 NVIDIA Settings NVIDIA Corporation (Verified) NVIDIA Corporation
svchost.exe 0.16 4,136 K 9,432 K 2872 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
csrss.exe 0.14 2,448 K 5,312 K 9988 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows Publisher
AVGUI.exe 0.12 35,692 K 57,592 K 5256 AVG Internet Security System  AVG Technologies CZ, s.r.o. (Verified) AVG Technologies USA, Inc.
chrome.exe 0.11 92,664 K 152,240 K 4060 Google Chrome Google LLC (Verified) Google LLC
AVGSvc.exe 0.09 134,480 K 56,900 K 3532 AVG Internet Security System  Service AVG Technologies CZ, s.r.o. (Verified) AVG Technologies USA, Inc.
RuntimeBroker.exe 0.09 9,064 K 32,324 K 2188 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
services.exe 0.08 5,452 K 9,604 K 932 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows Publisher
aswidsagent.exe 0.07 30,380 K 42,528 K 6980 AVG Software Analyzer AVG Technologies CZ, s.r.o. (Verified) AVG Technologies USA, Inc.
svchost.exe 0.03 3,080 K 10,180 K 1968 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
chrome.exe 0.03 97,836 K 115,880 K 3640 Google Chrome Google LLC (Verified) Google LLC
chrome.exe 0.03 70,024 K 101,300 K 8580 Google Chrome Google LLC (Verified) Google LLC
svchost.exe 0.02 4,648 K 15,444 K 9716 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 0.02 2,232 K 8,376 K 292 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 0.02 11,976 K 28,604 K 508 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 0.02 6,108 K 16,212 K 3400 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
chrome.exe 0.01 28,596 K 46,376 K 2564 Google Chrome Google LLC (Verified) Google LLC
taskhostw.exe 0.01 5,596 K 14,892 K 5384 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe < 0.01 16,508 K 50,392 K 844 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 3,172 K 9,480 K 3136 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe < 0.01 2,792 K 8,308 K 1164 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
SearchIndexer.exe < 0.01 32,272 K 42,988 K 3360 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 9,308 K 29,508 K 9776 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe < 0.01 17,664 K 30,508 K 7088 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe < 0.01 6,452 K 16,796 K 4220 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe < 0.01 10,040 K 20,408 K 4936 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
igfxCUIService.exe < 0.01 3,812 K 12,272 K 2644 igfxCUIService Module Intel Corporation (Verified) Intel® pGFX
svchost.exe < 0.01 2,512 K 8,668 K 5008 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
lsass.exe < 0.01 6,548 K 14,256 K 948 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe < 0.01 2,664 K 8,384 K 9040 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe < 0.01 2,704 K 10,676 K 1420 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe < 0.01 5,320 K 21,496 K 5204 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
nvxdsync.exe < 0.01 10,220 K 24,720 K 5648 NVIDIA User Experience Driver Component NVIDIA Corporation (Verified) NVIDIA Corporation
svchost.exe < 0.01 7,060 K 24,256 K 9844 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
TuneupSvc.exe < 0.01 39,668 K 53,048 K 4832 AVG TuneUp Service AVG Technologies CZ, s.r.o. (Verified) AVG Technologies USA, Inc.
svchost.exe < 0.01 2,600 K 11,980 K 3540 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
wsc_proxy.exe 2,528 K 9,684 K 2268 AVG Internet Security System  remediation exe AVG Technologies CZ, s.r.o. (Verified) AVG Technologies USA, Inc.
WmiPrvSE.exe 25,388 K 33,704 K 9292 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
winlogon.exe 2,764 K 11,848 K 2224 Windows Log-on Application Microsoft Corporation (Verified) Microsoft Windows
wininit.exe 1,516 K 6,284 K 776 Windows Start-Up Application Microsoft Corporation (Verified) Microsoft Windows Publisher
WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe 13,200 K 39,876 K 8496 WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe Microsoft Corporation (Verified) Microsoft Windows
Video.UI.exe Suspended 23,148 K 10,664 K 8632 (No signature was present in the subject)
unsecapp.exe 1,408 K 6,652 K 7808 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation (Verified) Microsoft Windows
TuneupUI.exe 48,468 K 14,764 K 3588 AVG TuneUp UI AVG Technologies CZ, s.r.o. (Verified) AVG Technologies USA, Inc.
taskhostw.exe 5,600 K 15,484 K 2448 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 14,360 K 24,648 K 4104 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,824 K 22,348 K 7600 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 5,928 K 18,644 K 4588 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 5,544 K 13,612 K 2296 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,412 K 9,080 K 11032 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 5,552 K 12,276 K 2516 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,976 K 6,372 K 3144 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,060 K 7,392 K 3504 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,876 K 7,332 K 2716 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,116 K 7,152 K 3320 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,628 K 5,816 K 1460 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 15,096 K 15,916 K 1868 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 27,944 K 32,952 K 2052 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,544 K 19,040 K 3752 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,056 K 8,692 K 2764 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,448 K 7,420 K 2180 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,852 K 8,572 K 1376 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,348 K 5,636 K 2332 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,840 K 12,312 K 5720 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,076 K 11,472 K 7800 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,300 K 7,732 K 2252 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,044 K 11,744 K 1776 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 5,828 K 25,904 K 6304 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,416 K 9,620 K 2696 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,088 K 8,432 K 2536 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,996 K 9,796 K 6744 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,272 K 11,748 K 1428 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,508 K 13,180 K 2288 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 12,172 K 19,496 K 2616 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,772 K 12,608 K 4116 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,588 K 21,240 K 1336 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,996 K 7,648 K 6440 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,800 K 9,656 K 1388 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,188 K 7,668 K 1396 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,420 K 7,500 K 3000 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 956 K 3,712 K 788 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,364 K 11,624 K 1380 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 6,844 K 15,128 K 1628 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,776 K 11,752 K 1648 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,176 K 7,784 K 1672 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,568 K 6,912 K 1892 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,636 K 6,948 K 2312 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,344 K 9,192 K 2388 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,472 K 9,936 K 2488 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,964 K 7,832 K 2704 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,804 K 17,744 K 2456 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,852 K 7,676 K 4152 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,632 K 5,912 K 5144 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,300 K 5,276 K 5164 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,692 K 6,500 K 5196 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,336 K 5,084 K 5360 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,648 K 10,916 K 5540 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,360 K 9,264 K 2172 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,800 K 14,320 K 4388 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,828 K 6,912 K 8184 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,552 K 9,756 K 9264 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 6,280 K 18,284 K 888 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,788 K 6,072 K 3188 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,932 K 7,136 K 2928 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,596 K 5,752 K 2484 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
StartMenuExperienceHost.exe 32,160 K 67,704 K 4028 (Verified) Microsoft Windows
spoolsv.exe 5,452 K 11,628 K 4004 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
smss.exe 1,164 K 1,072 K 444 Windows Session Manager Microsoft Corporation (Verified) Microsoft Windows Publisher
sihost.exe 6,504 K 26,504 K 5176 Shell Infrastructure Host Microsoft Corporation (Verified) Microsoft Windows
ShellExperienceHost.exe Suspended 21,752 K 48,408 K 10692 Windows Shell Experience Host Microsoft Corporation (Verified) Microsoft Windows
SgrmBroker.exe 3,428 K 6,148 K 8740 System Guard Runtime Monitor Broker Service Microsoft Corporation (Verified) Microsoft Windows Publisher
SecurityHealthSystray.exe 2,804 K 12,076 K 9960 Windows Security notification icon Microsoft Corporation (Verified) Microsoft Windows
SecurityHealthService.exe 5,216 K 16,496 K 8888 Windows Security Health Service Microsoft Corporation (Verified) Microsoft Windows Publisher
SearchUI.exe Suspended 134,020 K 92,476 K 6872 Search and Cortana application Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe 7,920 K 25,464 K 10288 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe 6,288 K 25,192 K 11140 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe 4,536 K 21,624 K 10208 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe 7,892 K 27,504 K 7652 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
Registry 7,356 K 43,976 K 96
RAVCpl64.exe 4,308 K 14,012 K 10672 Realtek HD Audio Manager Realtek Semiconductor (Verified) Realtek Semiconductor Corp
procexp.exe 4,560 K 11,188 K 9224 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
PresentationFontCache.exe 19,048 K 10,268 K 3964 PresentationFontCache.exe Microsoft Corporation (Verified) Microsoft Corporation
NVDisplay.Container.exe 2,992 K 10,148 K 4908 NVIDIA Container NVIDIA Corporation (Verified) NVIDIA Corporation
Memory Compression 268 K 43,392 K 2496
LockApp.exe Suspended 14,468 K 37,980 K 10328 LockApp.exe Microsoft Corporation (Verified) Microsoft Windows
igfxTray.exe 8,180 K 13,336 K 4872 igfxTray Module Intel Corporation (Verified) Intel® pGFX
igfxHK.exe 5,668 K 10,016 K 9568 igfxHK Module Intel Corporation (Verified) Intel® pGFX
igfxEM.exe 7,616 K 14,848 K 10432 igfxEM Module Intel Corporation (Verified) Intel® pGFX
GameBar.exe 13,464 K 39,240 K 4784 (No signature was present in the subject)
fontdrvhost.exe 2,388 K 5,724 K 8380 Usermode Font Driver Host Microsoft Corporation (Verified) Microsoft Windows
fontdrvhost.exe 1,532 K 2,792 K 968 Usermode Font Driver Host Microsoft Corporation (Verified) Microsoft Windows
ETDTouch.exe 2,396 K 7,296 K 2244 ETDTouch ELAN Microelectronics Corp. (Verified) ELAN Microelectronics Corporation
ETDService.exe 1,124 K 5,088 K 4200 Elan Service ELAN Microelectronics Corp. (Verified) ELAN Microelectronics Corporation
ETDCtrlHelper.exe 2,880 K 9,492 K 5668 ETD Control Center Helper ELAN Microelectronics Corp. (Verified) ELAN Microelectronics Corporation
ETDCtrl.exe 7,848 K 22,516 K 10832 ETD Control Center ELAN Microelectronics Corp. (Verified) ELAN Microelectronics Corporation
dllhost.exe 2,132 K 8,200 K 6612 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
dllhost.exe 4,804 K 12,540 K 9692 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
dasHost.exe 5,932 K 16,164 K 2548 Device Association Framework Provider Host Microsoft Corporation (Verified) Microsoft Windows
ctfmon.exe 7,024 K 17,256 K 10308 CTF Loader Microsoft Corporation (Verified) Microsoft Windows
csrss.exe 1,948 K 4,864 K 684 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows Publisher
chrome.exe 14,632 K 30,860 K 4540 Google Chrome Google LLC (Verified) Google LLC
chrome.exe 13,040 K 20,872 K 3816 Google Chrome Google LLC (Verified) Google LLC
chrome.exe 112,720 K 128,600 K 4516 Google Chrome Google LLC (Verified) Google LLC
chrome.exe 38,096 K 57,244 K 6372 Google Chrome Google LLC (Verified) Google LLC
chrome.exe 34,240 K 55,348 K 4692 Google Chrome Google LLC (Verified) Google LLC
chrome.exe 2,104 K 7,184 K 8880 Google Chrome Google LLC (Verified) Google LLC
chrome.exe 2,392 K 9,416 K 872 Google Chrome Google LLC (Verified) Google LLC
AVGUI.exe 14,348 K 33,308 K 10420 AVG Internet Security System  AVG Technologies CZ, s.r.o. (Verified) AVG Technologies USA, Inc.
ApplicationFrameHost.exe 4,968 K 24,972 K 10516 Application Frame Host Microsoft Corporation (Verified) Microsoft Windows

  • 0

#14
guru45
Posted 20 January 2020 - 12:50 PM

guru45

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts

And after running MBAR everything is ok, no additional threats were found.


  • 0

#15
RKinner
Posted 20 January 2020 - 03:13 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
SettingSyncHost.exe 10.15

 

 

This should not be so high.  The purpose of this process is to synchronize the settings on all of your Windows devices so the look and feel remains constant.  Don't know why anyone would want it running - expect MS are trying to make Windows look and act more like Apple products.

 

Easiest thing to do is just turn it off.

Open Settings > Accounts > Sync Your Settings then just move the top Sync Settings button to Off (not blue)

 

Alternatively you can run Shutup 10 which will disable Sync Settings and most of the other unneeded ad and spyware  including Cortana that comes with Windows.

This will cut down on MS using your bandwidth and CPU for their own purposes.

 

Download OOSU10.exe:

https://www.oo-softw...com/en/shutup10

Download and Save it (You will get a popup while it's downloading.  You can X out of it)
then Right click and Run As Admin.
Allow it to make a System Restore Point.
Click on Actions then on Apply Recommended Settings.

Close the program and reboot.

After each major update it's wise to rerun the program and Revert the changes.

 

How is it running now?  Any problems?


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP