Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-10-2017
Ran by magic (administrator) on PC-MAROS2 (30-10-2017 10:44:56)
Running from C:\Users\magic\Desktop
Loaded Profiles: magic (Available Profiles: magic)
Platform: Windows 10 Home Version 1709 16299.19 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(QILING Tech Co., Ltd.) C:\Program Files\QILING\Disk Master\DmAgent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgfwsa.exe
() C:\Windows\SearchIndexer.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
() C:\Windows\SearchIndexer.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.7.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(QILING Tech Co., Ltd.) C:\Program Files\QILING\Disk Master\DiskMasterUI.exe
(Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\stpass.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\spUIAManager.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11709.1001.27.0_x64__8wekyb3d8bbwe\WinStore.App.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1710.2791.0_x64__8wekyb3d8bbwe\Calculator.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\spNMHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [Disk Master] => C:\Program Files\QILING\Disk Master\DiskMasterUI.exe [3034936 2017-03-02] (QILING Tech Co., Ltd.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM\...\Policies\Explorer: [ForceActiveDesktopOn] 0 [0 2017-10-28] ()
HKLM\...\Policies\Explorer: [NoRecentDocsHistory] 0 [0 2017-10-28] ()
HKU\S-1-5-21-1669932023-430582617-490883366-1001\...\Run: [StickyPassword] => C:\Program Files (x86)\Sticky Password\stpass.exe [64000 2017-08-27] (Lamantine Software a.s.)
HKU\S-1-5-21-1669932023-430582617-490883366-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832272 2017-08-25] (Skype Technologies S.A.)
HKU\S-1-5-21-1669932023-430582617-490883366-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
BootExecute: autocheck autochk * SmartDefragBootTime.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0a75684b-e655-40b0-ac69-3b9337e7e6d4}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-1669932023-430582617-490883366-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com
HKU\S-1-5-21-1669932023-430582617-490883366-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
SearchScopes: HKU\S-1-5-21-1669932023-430582617-490883366-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1669932023-430582617-490883366-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1669932023-430582617-490883366-1001 -> {2826AD68-4546-4F34-BAFB-549A7D315C43} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-1669932023-430582617-490883366-1001 -> {729D1A4C-096B-4BC0-A23D-DA6C1352E0F8} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-1669932023-430582617-490883366-1001 -> {73B2C306-A5ED-445E-AB53-E8D4F7625718} URL = hxxp://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-1669932023-430582617-490883366-1001 -> {73E776C5-76B7-4BF0-BD80-040AFDF6F6F8} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-1669932023-430582617-490883366-1001 -> {895E200F-47AC-49A3-A728-D84A0D86AE0B} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-1669932023-430582617-490883366-1001 -> {92B00B78-7E73-44DB-ABBF-E656D29C941C} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-1669932023-430582617-490883366-1001 -> {B434D111-3F79-4403-BA12-262AA05EBDC3} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-1669932023-430582617-490883366-1001 -> {D2D1D6AF-1788-4475-8964-3764CBB3C333} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-1669932023-430582617-490883366-1001 -> {F5CA5233-C8A7-4DFE-A4A3-6AFC9A5D3EF9} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_29530
BHO-x32: IObit Ads Removal -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\Adblock\Adblock.dll [2016-06-23] (IObit)

FireFox:
========
FF DefaultProfile: s0vmwc0w.default-1509132839790
FF ProfilePath: C:\Users\magic\AppData\Roaming\Mozilla\Firefox\Profiles\s0vmwc0w.default-1509132839790 [2017-10-30]
FF Homepage: Mozilla\Firefox\Profiles\s0vmwc0w.default-1509132839790 -> about:home
FF Extension: (Český slovník pro kontrolu pravopisu) - C:\Users\magic\AppData\Roaming\Mozilla\Firefox\Profiles\s0vmwc0w.default-1509132839790\Extensions\cs@dictionaries.addons.mozilla.org [2017-10-28]
FF Extension: (Czech (CZ) Language Pack) - C:\Users\magic\AppData\Roaming\Mozilla\Firefox\Profiles\s0vmwc0w.default-1509132839790\Extensions\langpack-cs@firefox.mozilla.org.xpi [2017-10-28]
FF Extension: (Slovak (SK) Language Pack) - C:\Users\magic\AppData\Roaming\Mozilla\Firefox\Profiles\s0vmwc0w.default-1509132839790\Extensions\langpack-sk@firefox.mozilla.org.xpi [2017-10-28]
FF Extension: (Download Manager (S3)) - C:\Users\magic\AppData\Roaming\Mozilla\Firefox\Profiles\s0vmwc0w.default-1509132839790\Extensions\s3download@statusbar.xpi [2017-10-27]
FF Extension: (Slovníky slovenského pravopisu) - C:\Users\magic\AppData\Roaming\Mozilla\Firefox\Profiles\s0vmwc0w.default-1509132839790\Extensions\sk@dictionaries.addons.mozilla.org [2017-10-28]
FF Extension: (Sticky Password extension) - C:\Users\magic\AppData\Roaming\Mozilla\Firefox\Profiles\s0vmwc0w.default-1509132839790\Extensions\{ecb80162-dfbd-4d91-a8da-17b35ba4707a}.xpi [2017-10-28]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_183.dll [2017-10-25] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_183.dll [2017-10-25] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-04] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-15] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-07-31] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2017-07-31] (Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\2384875.js [2017-10-26] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\2384875.cfg [2017-10-26] <==== ATTENTION

Chrome: 
=======
CHR NewTab: Default ->  Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR Profile: C:\Users\magic\AppData\Local\Google\Chrome\User Data\Default [2017-10-29]
CHR Extension: (Prezentace) - C:\Users\magic\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
CHR Extension: (Dokumenty) - C:\Users\magic\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Disk Google) - C:\Users\magic\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-05]
CHR Extension: (Seznam pro Chrome - Email) - C:\Users\magic\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2017-10-29]
CHR Extension: (Seznam pro Chrome - Esko-) - C:\Users\magic\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2017-10-29]
CHR Extension: (YouTube) - C:\Users\magic\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-05]
CHR Extension: (Sticky Password extension) - C:\Users\magic\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnfdmghkeppfadphbnkjcicejfepnbfe [2017-08-13]
CHR Extension: (Tabulky) - C:\Users\magic\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14]
CHR Extension: (Dokumenty Google offline) - C:\Users\magic\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\magic\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-24]
CHR Extension: (Seznam pro Chrome - Esko) - C:\Users\magic\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2017-10-29]
CHR Extension: (Gmail) - C:\Users\magic\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-05]
CHR Extension: (Chrome Media Router) - C:\Users\magic\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-29]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [323152 2015-07-29] (Windows (R) Win 7 DDK provider)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [1002552 2017-04-11] (AVG Technologies CZ, s.r.o.)
R2 avgfws; C:\Program Files (x86)\AVG\Av\avgfwsa.exe [1824184 2017-04-11] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5334432 2017-04-11] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [729048 2017-04-11] (AVG Technologies CZ, s.r.o.)
R2 DmAgent; C:\Program Files\QILING\Disk Master\DmAgent.exe [67384 2017-03-02] (QILING Tech Co., Ltd.)
R2 esifsvc; C:\WINDOWS\system32\Intel\DPTF\esif_uf.exe [2210424 2017-08-20] (Intel Corporation)
S3 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [805632 2016-11-17] ()
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [373312 2015-04-14] (WildTangent)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373728 2016-11-30] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21184 2015-11-20] (Microsoft Corporation)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-08-07] (Intel Corporation)
S3 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
S3 STCServ; C:\Program Files\Intel\STCServ\STCServ.exe [8095456 2015-03-16] (Intel Corporation)
S3 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe [156928 2016-11-17] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803440 2017-08-29] (TeamViewer GmbH)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [5906704 2017-02-21] (AVG Technologies CZ, s.r.o.)
S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [805632 2016-11-17] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
R2 Windows Indexer; C:\WINDOWS\SearchIndexer.exe [64512 2017-10-26] () [File not signed]
R2 VssProvider; C:\WINDOWS\system32\dllhost.exe /Processid:{2F4433C6-F594-4791-8326-C21CC4C46403}

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\WINDOWS\System32\drivers\athw10x.sys [4318648 2017-07-02] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [101888 2017-07-02] (ASUS Corporation)
S0 Avgboota; C:\WINDOWS\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\WINDOWS\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\WINDOWS\System32\DRIVERS\avgidsdrivera.sys [313088 2017-02-20] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\WINDOWS\System32\DRIVERS\avgidsha.sys [267008 2016-10-05] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\WINDOWS\System32\DRIVERS\avgldx64.sys [298240 2016-11-30] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\WINDOWS\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\WINDOWS\System32\DRIVERS\avgmfx64.sys [253184 2017-04-11] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\WINDOWS\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 avguniva; C:\WINDOWS\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\WINDOWS\system32\DRIVERS\avgwfpa.sys [313096 2016-08-04] (AVG Technologies CZ, s.r.o.)
R3 BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [609696 2017-07-02] (Qualcomm)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R0 diskbckp; C:\WINDOWS\System32\drivers\diskbckp.sys [44856 2017-03-02] (QILING Tech Co., Ltd.)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [67968 2017-08-20] (Intel Corporation)
R3 dptf_pch; C:\WINDOWS\System32\drivers\dptf_pch.sys [66432 2017-08-20] (Intel Corporation)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-12-31] (Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-12-31] (Disc Soft Ltd)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [355200 2017-08-20] (Intel Corporation)
R3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [32840 2017-07-02] (ELAN Microelectronic Corp.)
R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [20160 2016-12-25] (Glarysoft Ltd)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [31120 2017-07-02] (ASUS)
R0 IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [88256 2015-06-26] (Intel Corporation)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2017-01-03] (Riverbed Technology, Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvlddmkm.sys [13754936 2016-12-25] (NVIDIA Corporation)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2017-02-20] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2017-02-20] ()
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1009120 2017-10-21] (Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [781792 2017-07-02] (Realsil Semiconductor Corporation)
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2016-10-18] ()
R0 SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [30744 2017-03-09] (IObit)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 STIrUsb; C:\WINDOWS\System32\drivers\irstusb.sys [33792 2008-01-19] (SigmaTel, Inc.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2016-11-25] (AVG Netherlands B.V.)
R3 vDisk; C:\WINDOWS\System32\drivers\vDisk.sys [256312 2017-03-02] (QILING Tech Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Advanced SystemCare\OpenHardwareMonitorLib.sys [14544 2017-07-05] (OpenLibSys.org)
S3 X86BDA; C:\WINDOWS\system32\DRIVERS\OEMDrv.sys [268416 2011-06-08] ( ) [File not signed]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-10-30 10:42 - 2017-10-30 10:42 - 000011491 _____ C:\Users\magic\Desktop\FRST.rar
2017-10-30 10:38 - 2017-10-30 10:45 - 000022477 _____ C:\Users\magic\Desktop\FRST.txt
2017-10-28 14:56 - 2017-10-28 14:57 - 000000000 ____D C:\Users\magic\Desktop\0
2017-10-28 06:58 - 2017-10-28 06:58 - 002403328 _____ (Farbar) C:\Users\magic\Desktop\FRST64.exe
2017-10-27 20:34 - 2017-10-27 20:34 - 000000000 ____D C:\Users\magic\Desktop\Původní data aplikace Firefox
2017-10-26 19:18 - 2017-02-20 20:35 - 003281408 _____ C:\WINDOWS\system32\pwNative.exe
2017-10-26 19:18 - 2017-02-20 20:35 - 000019152 _____ C:\WINDOWS\system32\pwdrvio.sys
2017-10-26 19:18 - 2017-02-20 20:35 - 000012504 _____ C:\WINDOWS\system32\pwdspio.sys
2017-10-26 19:16 - 2017-10-26 19:16 - 000000000 ____D C:\Users\magic\Downloads\MiniTool Power Data Recovery 6.6 Full + Serial Keys
2017-10-26 19:15 - 2017-10-26 19:15 - 006346087 _____ C:\Users\magic\Downloads\MiniTool Power Data Recovery 6.6 Full + Serial Keys.zip
2017-10-26 19:03 - 2017-10-26 19:03 - 000002912 _____ C:\Users\magic\Downloads\MiniTool_PowerData_Recovery_7_Crack.xht
2017-10-26 18:41 - 2017-10-26 18:42 - 024317408 _____ (MiniTool Solution Ltd. ) C:\Users\magic\Downloads\pdr75free.exe
2017-10-26 17:46 - 2017-10-26 17:46 - 005100522 _____ (www.z-a-recovery.com ) C:\Users\magic\Downloads\zarXsetup.exe
2017-10-26 16:29 - 2017-10-26 16:29 - 003350848 _____ (iBoysoft Data Recovery ) C:\Users\magic\Downloads\iboysoftdatarecovery.exe
2017-10-26 16:29 - 2017-10-26 16:29 - 000001406 _____ C:\Users\magic\Desktop\iBoysoft Data Recovery.lnk
2017-10-26 16:29 - 2017-10-26 16:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iBoysoft Data Recovery Free
2017-10-26 16:29 - 2017-10-26 16:29 - 000000000 ____D C:\Program Files (x86)\iBoysoft
2017-10-26 16:25 - 2017-10-26 16:26 - 003781016 _____ (M3 Data Recovery ) C:\Users\magic\Downloads\m3datarecoveryfree.exe
2017-10-26 16:09 - 2017-10-26 19:30 - 000000000 ____D C:\Program Files (x86)\M3 Software
2017-10-26 16:09 - 2017-10-26 16:09 - 000064512 _____ C:\WINDOWS\SearchIndexer.exe
2017-10-26 16:08 - 2017-10-26 16:12 - 003622088 _____ (M3 Data Recovery ) C:\Users\magic\Downloads\m3rawdriverecovery.exe
2017-10-26 16:06 - 2017-10-26 16:06 - 003490511 _____ (iData Recovery ) C:\Users\magic\Downloads\raw_partition_recovery.exe
2017-10-25 15:35 - 2017-10-25 15:46 - 000000000 ____D C:\Users\magic\AppData\Roaming\WhatsApp
2017-10-25 15:35 - 2017-10-25 15:35 - 000002263 _____ C:\Users\magic\Desktop\WhatsApp.lnk
2017-10-25 15:35 - 2017-10-25 15:35 - 000000000 ____D C:\Users\magic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2017-10-25 15:33 - 2017-10-25 15:34 - 076363776 _____ (WhatsApp) C:\Users\magic\Downloads\WhatsAppSetup.exe
2017-10-23 05:12 - 2017-10-23 05:12 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2017-10-22 18:55 - 2017-10-22 18:55 - 000480800 _____ (Intel(R) Corporation) C:\WINDOWS\system32\Drivers\IntcDAud.sys
2017-10-22 18:33 - 2017-10-22 18:33 - 003490608 _____ (iData Recovery ) C:\Users\magic\Downloads\free_raw_partition_recovery.exe
2017-10-22 15:40 - 2017-10-22 15:18 - 000000000 ____D C:\Windows.old
2017-10-22 15:37 - 2017-10-22 15:40 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-10-22 15:37 - 2017-10-22 15:37 - 000003362 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1669932023-430582617-490883366-1001
2017-10-22 15:36 - 2017-10-22 15:38 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2017-10-22 15:36 - 2017-10-22 15:36 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2017-10-22 15:34 - 2017-10-22 15:34 - 025246208 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 023664128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 021752832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 019343360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 018913792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 017080832 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 008592280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-10-22 15:34 - 2017-10-22 15:34 - 008097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 006032896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 005906264 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 004744192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 003681280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 003672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-10-22 15:34 - 2017-10-22 15:34 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 003312432 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 002905600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-10-22 15:34 - 2017-10-22 15:34 - 002869248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 002573208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-10-22 15:34 - 2017-10-22 15:34 - 002474080 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 002400664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-10-22 15:34 - 2017-10-22 15:34 - 002106880 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-10-22 15:34 - 2017-10-22 15:34 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 001664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 001641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 001633744 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 001587200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 001554216 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 001547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 001528912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 001463856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 001436432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 001323840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 001261864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 001200024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-10-22 15:34 - 2017-10-22 15:34 - 001165824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 001053592 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-10-22 15:34 - 2017-10-22 15:34 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-10-22 15:34 - 2017-10-22 15:34 - 000769024 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 000739696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-10-22 15:34 - 2017-10-22 15:34 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 000677280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-10-22 15:34 - 2017-10-22 15:34 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-10-22 15:34 - 2017-10-22 15:34 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 000597160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 000591872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 000566272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 000559000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-10-22 15:34 - 2017-10-22 15:34 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 000538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-10-22 15:34 - 2017-10-22 15:34 - 000478208 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 000464416 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 000442880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-10-22 15:34 - 2017-10-22 15:34 - 000418712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 000373656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-10-22 15:34 - 2017-10-22 15:34 - 000353688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicRuntimes.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-10-22 15:34 - 2017-10-22 15:34 - 000246168 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 000232344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-10-22 15:34 - 2017-10-22 15:34 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 000139672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-10-22 15:34 - 2017-10-22 15:34 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 000123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 000060824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\urscx01000.sys
2017-10-22 15:34 - 2017-10-22 15:34 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2017-10-22 15:34 - 2017-10-22 15:34 - 000045976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2017-10-22 15:34 - 2017-10-22 15:34 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-10-22 15:34 - 2017-10-22 15:34 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-10-22 15:34 - 2017-10-22 15:34 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2017-10-22 15:32 - 2017-10-22 15:32 - 000000000 ___HD C:\Users\magic\MicrosoftEdgeBackups
2017-10-22 15:31 - 2017-10-22 15:31 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-10-22 15:31 - 2017-10-22 15:31 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-10-22 15:31 - 2017-10-22 15:31 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-10-22 15:31 - 2017-10-22 15:31 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-10-22 15:31 - 2017-10-22 15:31 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-10-22 15:31 - 2017-10-22 15:31 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-10-22 15:31 - 2017-10-22 15:31 - 000000020 ___SH C:\Users\magic\ntuser.ini
2017-10-22 15:31 - 2017-10-22 15:31 - 000000000 ___RD C:\Users\magic\3D Objects
2017-10-22 15:31 - 2017-10-22 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-10-22 15:31 - 2017-10-22 15:31 - 000000000 ____D C:\Program Files\Reference Assemblies
2017-10-22 15:31 - 2017-10-22 15:31 - 000000000 ____D C:\Program Files\MSBuild
2017-10-22 15:31 - 2017-10-22 15:31 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-10-22 15:31 - 2017-10-22 15:31 - 000000000 ____D C:\Program Files (x86)\MSBuild
2017-10-22 15:29 - 2017-10-22 15:29 - 006347776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2017-10-22 15:29 - 2017-10-22 15:29 - 005739008 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2017-10-22 15:29 - 2017-10-22 15:29 - 005484032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll
2017-10-22 15:29 - 2017-10-22 15:29 - 002629120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0009.dll
2017-10-22 15:29 - 2017-10-22 15:29 - 002629120 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2017-10-22 15:14 - 2017-10-22 15:16 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2017-10-22 15:14 - 2017-10-22 15:16 - 000007623 _____ C:\WINDOWS\diagerr.xml
2017-10-22 15:13 - 2017-10-30 10:40 - 000004196 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{6BE83CE7-7507-4F17-8B02-C9BD60F8AFD1}
2017-10-22 15:13 - 2017-10-30 08:03 - 000003026 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (magic)
2017-10-22 15:13 - 2017-10-30 07:41 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-10-22 15:13 - 2017-10-29 20:54 - 000003668 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task
2017-10-22 15:13 - 2017-10-25 15:21 - 000004606 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-10-22 15:13 - 2017-10-25 15:21 - 000004470 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-10-22 15:13 - 2017-10-22 15:13 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-10-22 15:13 - 2017-10-22 15:13 - 000003344 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-10-22 15:13 - 2017-10-22 15:13 - 000003120 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-10-22 15:13 - 2017-10-22 15:13 - 000003028 _____ C:\WINDOWS\System32\Tasks\Update Checker
2017-10-22 15:13 - 2017-10-22 15:13 - 000002994 _____ C:\WINDOWS\System32\Tasks\Zoolz Start Backup
2017-10-22 15:13 - 2017-10-22 15:13 - 000002984 _____ C:\WINDOWS\System32\Tasks\ATK Package 36D18D69AFC3
2017-10-22 15:13 - 2017-10-22 15:13 - 000002922 _____ C:\WINDOWS\System32\Tasks\ASUS Smart Gesture Launcher
2017-10-22 15:13 - 2017-10-22 15:13 - 000002890 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2017-10-22 15:13 - 2017-10-22 15:13 - 000002880 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2017-10-22 15:13 - 2017-10-22 15:13 - 000002684 _____ C:\WINDOWS\System32\Tasks\SmartDefrag_AutoAnalyze
2017-10-22 15:13 - 2017-10-22 15:13 - 000002634 _____ C:\WINDOWS\System32\Tasks\IntelBootstrapCCDashExe
2017-10-22 15:13 - 2017-10-22 15:13 - 000002626 _____ C:\WINDOWS\System32\Tasks\GlaryInitialize 5
2017-10-22 15:13 - 2017-10-22 15:13 - 000002586 _____ C:\WINDOWS\System32\Tasks\{C072F092-DC6D-48E3-8580-4D8705426C25}
2017-10-22 15:13 - 2017-10-22 15:13 - 000002584 _____ C:\WINDOWS\System32\Tasks\USER_ESRV_SVC_QUEENCREEK
2017-10-22 15:13 - 2017-10-22 15:13 - 000002564 _____ C:\WINDOWS\System32\Tasks\Driver Booster Scheduler
2017-10-22 15:13 - 2017-10-22 15:13 - 000002460 _____ C:\WINDOWS\System32\Tasks\{EE1D8E6C-8599-45E3-84BF-12492E5F29D6}
2017-10-22 15:13 - 2017-10-22 15:13 - 000002446 _____ C:\WINDOWS\System32\Tasks\IObitSelfCheckTask
2017-10-22 15:13 - 2017-10-22 15:13 - 000002442 _____ C:\WINDOWS\System32\Tasks\SmartDefrag_Update
2017-10-22 15:13 - 2017-10-22 15:13 - 000002400 _____ C:\WINDOWS\System32\Tasks\ASUS USB Charger Plus
2017-10-22 15:13 - 2017-10-22 15:13 - 000002350 _____ C:\WINDOWS\System32\Tasks\ASC10_SkipUac_magic
2017-10-22 15:13 - 2017-10-22 15:13 - 000002346 _____ C:\WINDOWS\System32\Tasks\RtHDVBg_ListenToDevice
2017-10-22 15:13 - 2017-10-22 15:13 - 000002330 _____ C:\WINDOWS\System32\Tasks\ASUS Splendid ACMON
2017-10-22 15:13 - 2017-10-22 15:13 - 000002302 _____ C:\WINDOWS\System32\Tasks\RTKCPL
2017-10-22 15:13 - 2017-10-22 15:13 - 000002274 _____ C:\WINDOWS\System32\Tasks\ATK Package A22126881260
2017-10-22 15:13 - 2017-10-22 15:13 - 000002274 _____ C:\WINDOWS\System32\Tasks\{C786F637-C81A-4531-B282-204987735C68}
2017-10-22 15:13 - 2017-10-22 15:13 - 000002222 _____ C:\WINDOWS\System32\Tasks\GU5SkipUAC
2017-10-22 15:13 - 2017-10-22 15:13 - 000002038 _____ C:\WINDOWS\System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance
2017-10-22 15:13 - 2017-10-22 15:13 - 000000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2017-10-22 15:13 - 2017-10-22 15:13 - 000000000 ____D C:\WINDOWS\System32\Tasks\Intel
2017-10-22 15:13 - 2017-10-22 15:13 - 000000000 ____D C:\WINDOWS\System32\Tasks\ASUS
2017-10-22 15:13 - 2017-10-22 15:13 - 000000000 ____D C:\WINDOWS\System32\Tasks\Abelssoft
2017-10-22 15:09 - 2017-10-29 16:03 - 002105662 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-10-22 14:54 - 2017-10-22 14:54 - 000000000 ____D C:\ProgramData\USOShared
2017-10-22 14:52 - 2017-10-22 14:52 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-10-22 14:49 - 2017-10-22 15:32 - 000000000 ____D C:\Users\magic
2017-10-22 14:49 - 2017-10-22 14:49 - 000000000 _SHDL C:\Users\magic\Šablony
2017-10-22 14:49 - 2017-10-22 14:49 - 000000000 _SHDL C:\Users\magic\Soubory cookie
2017-10-22 14:49 - 2017-10-22 14:49 - 000000000 _SHDL C:\Users\magic\Poslední
2017-10-22 14:49 - 2017-10-22 14:49 - 000000000 _SHDL C:\Users\magic\Okolní tiskárny
2017-10-22 14:49 - 2017-10-22 14:49 - 000000000 _SHDL C:\Users\magic\Okolní síť
2017-10-22 14:49 - 2017-10-22 14:49 - 000000000 _SHDL C:\Users\magic\Nabídka Start
2017-10-22 14:49 - 2017-10-22 14:49 - 000000000 _SHDL C:\Users\magic\Dokumenty
2017-10-22 14:49 - 2017-10-22 14:49 - 000000000 _SHDL C:\Users\magic\Documents\Obrázky
2017-10-22 14:49 - 2017-10-22 14:49 - 000000000 _SHDL C:\Users\magic\Documents\Hudba
2017-10-22 14:49 - 2017-10-22 14:49 - 000000000 _SHDL C:\Users\magic\Documents\Filmy
2017-10-22 14:49 - 2017-10-22 14:49 - 000000000 _SHDL C:\Users\magic\Data aplikací
2017-10-22 14:49 - 2017-10-22 14:49 - 000000000 _SHDL C:\Users\magic\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2017-10-22 14:46 - 2017-09-29 14:41 - 002241024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-10-22 14:46 - 2016-11-30 21:59 - 000099848 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2017-10-22 14:46 - 2016-11-30 21:58 - 000103944 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2017-10-22 14:43 - 2017-10-30 10:36 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-10-22 14:43 - 2017-10-22 15:04 - 000475184 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-10-22 09:55 - 2017-10-22 09:55 - 000000217 _____ C:\Users\magic\Desktop\KEY.txt
2017-10-22 09:38 - 2017-10-22 09:40 - 000000000 ____D C:\ProgramData\Acronis
2017-10-22 09:16 - 2017-10-22 09:24 - 303552672 _____ (Acronis) C:\Users\magic\Downloads\ADD12_trial_cs-CZ.exe
2017-10-22 07:08 - 2017-10-22 15:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HDD Low Level Format Tool
2017-10-22 07:08 - 2017-10-22 07:08 - 000001127 _____ C:\Users\magic\Desktop\Hard Disk Low Level Format Tool.lnk
2017-10-22 07:08 - 2017-10-22 07:08 - 000000000 ____D C:\Program Files (x86)\HDDGURU LLF Tool
2017-10-22 07:07 - 2017-10-22 07:07 - 000777183 _____ (HDDGURU ) C:\Users\magic\Downloads\HDDLLFsetup.4.40.exe
2017-10-22 06:59 - 2017-10-22 06:59 - 000000000 ____D C:\Users\magic\Downloads\MiniTool-Partition-Wizard-Pro-v10.1-Cracked-and-Portable
2017-10-22 06:54 - 2017-10-22 06:58 - 078813934 _____ C:\Users\magic\Downloads\MiniTool-Partition-Wizard-Pro-v10.1-Cracked-and-Portable.rar
2017-10-22 06:50 - 2017-10-22 06:52 - 074681768 _____ (MiniTool Solution Ltd. ) C:\Users\magic\Downloads\pw102-free.exe
2017-10-22 06:40 - 2017-10-22 13:49 - 000000000 ____D C:\Program Files\MiniTool Partition Wizard Professional Edition 9.1 DEMO
2017-10-22 06:39 - 2017-10-22 06:39 - 038803368 _____ C:\Users\magic\Downloads\pwpe9d.exe
2017-10-22 06:32 - 2017-10-22 06:32 - 000000000 ____D C:\ProgramData\SystemAcCrux
2017-10-22 06:30 - 2017-10-22 06:30 - 000000000 ____D C:\Program Files\EaseUS
2017-10-22 06:28 - 2017-10-22 06:29 - 032691824 _____ (EaseUS ) C:\Users\magic\Downloads\drw_trial.exe
2017-10-21 13:02 - 2017-10-29 19:08 - 000000000 ___DC C:\WINDOWS\Panther
2017-10-21 12:40 - 2017-10-21 12:40 - 003525745 _____ C:\Users\magic\Downloads\netis(WF2780_EU)-V1.2.29489.zip
2017-10-21 11:00 - 2017-10-21 11:00 - 000000000 ____D C:\Users\magic\AppData\Roaming\Genie9
2017-10-21 11:00 - 2017-10-21 11:00 - 000000000 ____D C:\Program Files\Genie9
2017-10-21 10:51 - 2017-10-21 10:51 - 000000000 ____D C:\Program Files\SiSoftware
2017-10-21 10:50 - 2017-10-22 14:59 - 000000000 ____D C:\Users\magic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z
2017-10-21 10:50 - 2017-10-21 10:50 - 000000000 ____D C:\Program Files (x86)\GPU-Z
2017-10-21 09:39 - 2017-10-21 09:39 - 000000000 ____D C:\ProgramData\Ashampoo
2017-10-21 08:43 - 2017-10-21 08:43 - 001009120 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2017-10-11 11:52 - 2017-10-11 11:52 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-10-11 06:42 - 2017-10-22 15:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate
2017-10-11 06:42 - 2017-10-11 06:42 - 000001476 _____ C:\Users\Public\Desktop\SeaTools for Windows.lnk
2017-10-11 06:42 - 2017-10-11 06:42 - 000000000 ____D C:\Program Files (x86)\Seagate
2017-10-08 15:45 - 2017-10-08 15:45 - 000000037 _____ C:\Users\magic\Desktop\KOTEL.txt
2017-10-05 06:49 - 2017-10-05 06:49 - 012898729 _____ C:\Users\magic\Desktop\letak_10_2017.pdf
2017-10-03 10:50 - 2017-10-03 10:50 - 000000000 ____D C:\Users\magic\AppData\Roaming\Five-BN Games
2017-10-03 10:49 - 2017-10-03 10:49 - 000000000 ____D C:\Spidla
2017-09-30 15:33 - 2017-09-29 14:42 - 000035138 _____ C:\WINDOWS\Core.xml
2017-09-30 15:32 - 2017-10-22 15:37 - 000000000 ____D C:\WINDOWS\OCR
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\tk-TM
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\sw-KE
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\si-LK
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\prs-AF
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\mn-MN
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\ky-KG
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-BD
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\tk-TM
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\te-IN
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\ta-IN
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\sw-KE
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\si-LK
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\prs-AF
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\or-IN
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\mn-MN
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\ky-KG
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\km-KH
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\is-IS
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\id-ID
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\bn-BD
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\be-BY
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\as-IN
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\am-ET
2017-09-30 15:32 - 2017-10-22 15:34 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2017-09-30 15:32 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
2017-09-30 15:32 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\hi-IN
2017-09-30 15:32 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
2017-09-30 15:32 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2017-09-30 15:32 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
2017-09-30 15:32 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2017-09-30 15:32 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\hydrogen
2017-09-30 15:32 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\hi-IN
2017-09-30 15:32 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2017-09-30 15:32 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2017-09-30 15:32 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2017-09-30 15:32 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SKB
2017-09-30 15:32 - 2017-09-30 15:32 - 000000000 ____D C:\ProgramData\WindowsHolographicDevices
2017-09-30 15:32 - 2017-09-28 20:05 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\APHostRes.dll
2017-09-30 15:32 - 2017-09-28 20:05 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncRes.dll
2017-09-30 15:32 - 2017-09-28 20:04 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCCSEngineShared.dll
2017-09-30 15:32 - 2017-09-28 20:04 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\InternetMailCsp.dll
2017-09-30 15:32 - 2017-09-28 20:04 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncProxy.dll
2017-09-30 15:32 - 2017-09-28 20:04 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\InprocLogger.dll
2017-09-30 15:32 - 2017-09-28 20:04 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\EasPolicyManagerBrokerPS.dll
2017-09-30 15:32 - 2017-09-28 20:03 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\networkhelper.dll
2017-09-30 15:32 - 2017-09-28 20:03 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncCsp.dll
2017-09-30 15:32 - 2017-09-28 20:03 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\APHostClient.dll
2017-09-30 15:32 - 2017-09-28 20:03 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCCSPal.dll
2017-09-30 15:32 - 2017-09-28 20:02 - 000742912 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2017-09-30 15:32 - 2017-09-28 20:02 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2017-09-30 15:32 - 2017-09-28 20:01 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\DavSyncProvider.dll
2017-09-30 15:32 - 2017-09-28 20:01 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\APHostService.dll
2017-09-30 15:32 - 2017-09-28 20:00 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2017-09-30 15:32 - 2017-09-28 20:00 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\EASPolicyManagerBrokerHost.exe
2017-09-30 15:32 - 2017-09-28 19:59 - 000624128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2017-09-30 15:32 - 2017-09-28 19:59 - 000393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2017-09-30 15:32 - 2017-09-28 19:56 - 001777664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2017-09-30 15:32 - 2017-09-28 19:44 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncRes.dll
2017-09-30 15:32 - 2017-09-28 19:43 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncProxy.dll
2017-09-30 15:32 - 2017-09-28 19:42 - 000147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCCSEngineShared.dll
2017-09-30 15:32 - 2017-09-28 19:42 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\networkhelper.dll
2017-09-30 15:32 - 2017-09-28 19:42 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\APHostClient.dll
2017-09-30 15:32 - 2017-09-28 19:41 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DavSyncProvider.dll
2017-09-30 15:32 - 2017-09-28 19:40 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2017-09-30 15:32 - 2017-09-28 19:40 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\accountaccessor.dll
2017-09-30 15:32 - 2017-09-28 19:39 - 000363520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll
2017-09-30 15:32 - 2017-09-28 19:39 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\syncutil.dll
2017-09-30 15:32 - 2017-09-28 19:35 - 001546752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2017-09-30 15:31 - 2017-10-29 16:03 - 000919026 _____ C:\WINDOWS\system32\perfh005.dat
2017-09-30 15:31 - 2017-10-29 16:03 - 000200110 _____ C:\WINDOWS\system32\perfc005.dat
2017-09-30 15:31 - 2017-10-22 15:38 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2017-09-30 15:31 - 2017-10-22 15:38 - 000000000 ____D C:\WINDOWS\system32\slmgr
2017-09-30 15:31 - 2017-09-30 15:31 - 000296964 _____ C:\WINDOWS\system32\perfi005.dat
2017-09-30 15:31 - 2017-09-30 15:31 - 000038778 _____ C:\WINDOWS\system32\perfd005.dat
2017-09-30 15:31 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2017-09-30 15:31 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2017-09-30 15:31 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep
2017-09-30 15:31 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2017-09-30 15:31 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2017-09-30 15:31 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\0409
2017-09-30 15:31 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\winrm
2017-09-30 15:31 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\WCN
2017-09-30 15:31 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2017-09-30 15:31 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\cs
2017-09-30 15:31 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\0409
2017-09-30 15:31 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\DigitalLocker
2017-09-30 15:31 - 2017-09-28 22:38 - 002035096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2017-09-30 15:31 - 2017-09-28 22:23 - 000285176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpeffects.dll
2017-09-30 15:31 - 2017-09-28 22:21 - 000387408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-09-30 15:31 - 2017-09-28 21:49 - 000250208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpeffects.dll
2017-09-30 15:31 - 2017-09-28 21:49 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpps.dll
2017-09-30 15:31 - 2017-09-28 20:05 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwmp.dll
2017-09-30 15:31 - 2017-09-28 20:05 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2017-09-30 15:31 - 2017-09-28 20:05 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll
2017-09-30 15:31 - 2017-09-28 20:05 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmerror.dll
2017-09-30 15:31 - 2017-09-28 20:04 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2017-09-30 15:31 - 2017-09-28 20:03 - 008962560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL
2017-09-30 15:31 - 2017-09-28 20:03 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
2017-09-30 15:31 - 2017-09-28 20:02 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\system32\quickassist.exe
2017-09-30 15:31 - 2017-09-28 20:02 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\unregmp2.exe
2017-09-30 15:31 - 2017-09-28 20:00 - 013655040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-09-30 15:31 - 2017-09-28 19:45 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2017-09-30 15:31 - 2017-09-28 19:45 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll
2017-09-30 15:31 - 2017-09-28 19:44 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwmp.dll
2017-09-30 15:31 - 2017-09-28 19:44 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmerror.dll
2017-09-30 15:31 - 2017-09-28 19:43 - 008962560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2017-09-30 15:31 - 2017-09-28 19:43 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpdxm.dll
2017-09-30 15:31 - 2017-09-28 19:42 - 000459264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quickassist.exe
2017-09-30 15:31 - 2017-09-28 19:42 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
2017-09-30 15:31 - 2017-09-28 19:41 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unregmp2.exe
2017-09-30 15:31 - 2017-09-28 19:38 - 012687360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-09-30 15:31 - 2017-09-28 18:20 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.tlb
2017-09-30 15:31 - 2017-09-28 18:20 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\amcompat.tlb
2017-09-30 15:31 - 2017-09-28 18:03 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.tlb
2017-09-30 15:31 - 2017-09-28 18:03 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\amcompat.tlb

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-10-30 10:44 - 2017-07-06 08:38 - 000000000 ____D C:\FRST
2017-10-30 10:42 - 2016-12-25 08:06 - 000000000 ____D C:\ProgramData\MFAData
2017-10-30 10:37 - 2016-12-24 22:25 - 000000000 ____D C:\Users\magic\AppData\Roaming\Skype
2017-10-30 07:44 - 2016-12-24 23:10 - 000000000 ___SD C:\Users\magic\Documents\Sticky Passwords
2017-10-30 07:42 - 2017-07-09 07:36 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-10-30 07:42 - 2016-12-25 08:46 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2017-10-30 07:42 - 2016-12-24 22:17 - 000000000 __SHD C:\Users\magic\IntelGraphicsProfiles
2017-10-30 07:41 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Registration
2017-10-29 22:39 - 2017-09-29 09:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2017-10-29 22:39 - 2017-07-02 13:46 - 2994644992 _____ C:\WINDOWS\ramdisk.fvd
2017-10-29 19:08 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2017-10-29 19:08 - 2017-09-29 09:45 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2017-10-29 19:08 - 2016-12-25 08:46 - 000000000 ____D C:\Users\magic\AppData\Roaming\TeamViewer
2017-10-29 15:59 - 2017-09-29 09:45 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2017-10-28 15:58 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2017-10-28 15:57 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-10-28 15:56 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2017-10-28 06:25 - 2016-12-24 23:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-10-27 20:39 - 2017-04-22 08:03 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-10-26 15:52 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\rescache
2017-10-26 15:48 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\appcompat
2017-10-25 15:21 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-10-25 15:21 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-10-22 19:02 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-10-22 18:55 - 2017-07-02 08:15 - 000002353 _____ C:\Users\Public\Desktop\Driver Booster 4.lnk
2017-10-22 18:52 - 2017-07-02 08:16 - 000000000 ____D C:\ProgramData\ProductData
2017-10-22 16:47 - 2016-12-24 22:21 - 000000000 __RDL C:\Users\magic\OneDrive
2017-10-22 15:42 - 2017-09-29 14:46 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-10-22 15:40 - 2017-09-29 14:49 - 000000000 ____D C:\WINDOWS\Setup
2017-10-22 15:40 - 2017-09-29 14:46 - 000000000 __RHD C:\Users\Public\Libraries
2017-10-22 15:40 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2017-10-22 15:40 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-10-22 15:40 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\spool
2017-10-22 15:40 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-10-22 15:40 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-10-22 15:40 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Help
2017-10-22 15:40 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-10-22 15:40 - 2017-09-09 18:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sticky Password
2017-10-22 15:40 - 2017-08-25 11:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2017-10-22 15:40 - 2017-07-05 13:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag
2017-10-22 15:40 - 2017-07-05 06:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uranium Backup
2017-10-22 15:40 - 2017-07-05 06:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Video Converter
2017-10-22 15:40 - 2017-07-02 13:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Disk Master Free
2017-10-22 15:40 - 2017-07-02 08:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 4
2017-10-22 15:40 - 2017-06-07 20:12 - 000000000 ____D C:\WINDOWS\SysWOW64\FFU Loader Driver
2017-10-22 15:40 - 2017-05-30 09:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2017-10-22 15:40 - 2017-05-07 09:02 - 000000000 ___HD C:\WINDOWS\system32\CanonIJ Uninstaller Information
2017-10-22 15:40 - 2017-05-07 09:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5300 series
2017-10-22 15:40 - 2017-05-03 15:14 - 000000000 ____D C:\Program Files\Intel
2017-10-22 15:40 - 2017-03-30 15:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP3 Cutter
2017-10-22 15:40 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-10-22 15:40 - 2017-02-22 20:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-10-22 15:40 - 2017-02-06 06:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2017-10-22 15:40 - 2017-01-27 13:18 - 000000000 ____D C:\WINDOWS\system32\STRING
2017-10-22 15:40 - 2017-01-27 12:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5300 series Manual
2017-10-22 15:40 - 2016-12-29 20:54 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2017-10-22 15:40 - 2016-12-29 20:54 - 000000000 ____D C:\WINDOWS\cs
2017-10-22 15:40 - 2016-12-29 13:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2017-10-22 15:40 - 2016-12-29 11:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PRO100
2017-10-22 15:40 - 2016-12-29 11:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-10-22 15:40 - 2016-12-28 13:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastShare
2017-10-22 15:40 - 2016-12-26 09:00 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Connect Center
2017-10-22 15:40 - 2016-12-25 12:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\honestech TVR 2.5
2017-10-22 15:40 - 2016-12-25 11:08 - 000000000 ___HD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup-Disabled
2017-10-22 15:40 - 2016-12-25 11:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2017-10-22 15:40 - 2016-12-25 08:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2017-10-22 15:40 - 2016-12-25 08:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2017-10-22 15:40 - 2015-10-20 09:56 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 12
2017-10-22 15:40 - 2015-08-15 06:30 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-10-22 15:40 - 2015-08-15 06:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2017-10-22 15:40 - 2015-07-10 12:04 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-10-22 15:38 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\en-GB
2017-10-22 15:38 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-10-22 15:38 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\en-GB
2017-10-22 15:38 - 2017-07-02 08:37 - 000000000 ____D C:\WINDOWS\system32\Intel
2017-10-22 15:37 - 2017-05-03 15:14 - 000000000 ____D C:\Program Files\Realtek
2017-10-22 15:37 - 2017-02-15 10:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZyXEL
2017-10-22 15:37 - 2017-02-12 09:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue
2017-10-22 15:37 - 2017-01-27 12:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2017-10-22 15:37 - 2016-12-31 12:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
2017-10-22 15:37 - 2016-12-24 22:21 - 000002389 _____ C:\Users\magic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-10-22 15:37 - 2015-10-20 09:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICEpower
2017-10-22 15:34 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-10-22 15:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-10-22 15:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\MUI
2017-10-22 15:31 - 2015-10-20 09:24 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-10-22 15:17 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\windows nt
2017-10-22 15:14 - 2015-10-20 09:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
2017-10-22 15:13 - 2017-09-29 14:46 - 000000000 __RSD C:\WINDOWS\media
2017-10-22 15:13 - 2016-12-25 10:40 - 000024140 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-10-22 15:08 - 2017-01-05 09:30 - 000002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-10-22 15:08 - 2017-01-05 09:30 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-10-22 15:04 - 2017-05-03 15:15 - 000000000 ____D C:\ProgramData\NVIDIA
2017-10-22 14:59 - 2017-06-04 07:39 - 000000000 ____D C:\Users\magic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Webshare
2017-10-22 14:59 - 2017-02-03 08:09 - 000000000 ____D C:\Users\magic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2017-10-22 14:59 - 2017-01-05 17:54 - 000000000 ____D C:\Users\magic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2017-10-22 14:59 - 2016-12-29 11:36 - 000000000 ____D C:\Users\magic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-10-22 14:59 - 2016-12-26 09:06 - 000000000 ____D C:\Users\magic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASUS
2017-10-22 14:54 - 2017-09-29 14:46 - 000000000 ____D C:\ProgramData\USOPrivate
2017-10-22 14:53 - 2017-09-29 14:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-10-22 14:51 - 2017-02-06 06:04 - 000000000 ____D C:\Users\magic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2017-10-22 14:48 - 2017-05-03 15:15 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2017-10-22 14:47 - 2017-07-02 08:39 - 000000000 ____D C:\WINDOWS\system32\DAX3
2017-10-22 14:47 - 2017-05-03 15:14 - 000000000 ____D C:\WINDOWS\system32\DAX2
2017-10-22 14:47 - 2017-05-03 15:14 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2017-10-22 14:46 - 2017-05-03 15:14 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2017-10-22 14:46 - 2017-05-03 15:14 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-10-22 07:28 - 2015-10-20 09:26 - 000000000 ____D C:\ProgramData\Package Cache
2017-10-22 07:27 - 2017-07-02 08:15 - 000000000 ____D C:\Users\magic\AppData\Roaming\IObit
2017-10-13 19:08 - 2017-09-29 14:49 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-10-13 19:08 - 2017-09-29 14:49 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-10-11 14:46 - 2016-12-25 00:03 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-10-11 11:52 - 2016-12-25 00:03 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-09-30 15:32 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-09-30 15:32 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2017-09-30 15:32 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2017-09-30 15:32 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2017-09-30 15:32 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2017-09-30 15:32 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SystemApps
2017-09-30 15:32 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2017-09-30 15:32 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2017-09-30 15:32 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\et-EE
2017-09-30 15:32 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\es-MX
2017-09-30 15:32 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2017-09-30 15:32 - 2017-09-29 14:42 - 006472704 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0005.dll
2017-09-30 15:32 - 2017-09-29 14:42 - 003165696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SnippingTool.exe
2017-09-30 15:32 - 2017-09-29 14:42 - 002035200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-09-30 15:32 - 2017-09-29 14:42 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsCpl.dll
2017-09-30 15:32 - 2017-09-29 14:42 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsCpl.dll
2017-09-30 15:32 - 2017-09-29 14:42 - 000979384 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2017-09-30 15:32 - 2017-09-29 14:42 - 000933376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-09-30 15:32 - 2017-09-29 14:42 - 000855560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2017-09-30 15:32 - 2017-09-29 14:42 - 000799744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mblctr.exe
2017-09-30 15:32 - 2017-09-29 14:42 - 000696832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-09-30 15:32 - 2017-09-29 14:42 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msTextPrediction.dll
2017-09-30 15:32 - 2017-09-29 14:42 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2017-09-30 15:32 - 2017-09-29 14:42 - 000396288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2017-09-30 15:32 - 2017-09-29 14:42 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Feedback.Analog.dll
2017-09-30 15:32 - 2017-09-29 14:42 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2017-09-30 15:32 - 2017-09-29 14:42 - 000299616 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpendp.dll
2017-09-30 15:32 - 2017-09-29 14:42 - 000283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\umrdp.dll
2017-09-30 15:32 - 2017-09-29 14:42 - 000269120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpendp.dll
2017-09-30 15:32 - 2017-09-29 14:42 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialStore.dll
2017-09-30 15:32 - 2017-09-29 14:42 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\svf.dll
2017-09-30 15:32 - 2017-09-29 14:42 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloShellRuntime.dll
2017-09-30 15:32 - 2017-09-29 14:42 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sensrsvc.dll
2017-09-30 15:32 - 2017-09-29 14:42 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\hwrreg.exe
2017-09-30 15:32 - 2017-09-29 14:42 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2017-09-30 15:32 - 2017-09-29 14:42 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HoloShellRuntime.dll
2017-09-30 15:32 - 2017-09-29 14:42 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinput.exe
2017-09-30 15:32 - 2017-09-29 14:42 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2017-09-30 15:32 - 2017-09-29 14:42 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\datamarketsvc.dll
2017-09-30 15:32 - 2017-09-29 14:42 - 000136600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipRenew.exe
2017-09-30 15:32 - 2017-09-29 14:42 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsClassExtension.dll
2017-09-30 15:32 - 2017-09-29 14:42 - 000126144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Display.BrightnessOverride.dll
2017-09-30 15:32 - 2017-09-29 14:42 - 000099784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Display.BrightnessOverride.dll
2017-09-30 15:32 - 2017-09-29 14:42 - 000093592 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-09-30 15:32 - 2017-09-29 14:42 - 000056216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SpatialGraphFilter.sys
2017-09-30 15:32 - 2017-09-29 14:42 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DFDWiz.exe
2017-09-30 15:32 - 2017-09-29 14:42 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\RotMgr.dll
2017-09-30 15:32 - 2017-09-29 14:42 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\hwrcomp.exe
2017-09-30 15:32 - 2017-09-29 14:42 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfdts.dll
2017-09-30 15:32 - 2017-09-29 14:42 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetppui.dll
2017-09-30 15:32 - 2017-09-29 14:42 - 000030616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2017-09-30 15:32 - 2017-09-29 14:42 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorPerformanceEvents.dll
2017-09-30 15:32 - 2017-09-29 14:42 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Feedback.Analog.ProxyStub.dll
2017-09-30 15:32 - 2017-09-29 14:42 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorCustomAdbAlgorithm.dll
2017-09-30 15:32 - 2017-09-29 14:42 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnpinst.exe
2017-09-30 15:32 - 2017-09-29 14:41 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2017-09-30 15:32 - 2017-09-29 14:41 - 000037272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\terminpt.sys
2017-09-30 15:32 - 2017-09-29 14:41 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpbus.sys
2017-09-30 15:31 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2017-09-30 15:31 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2017-09-30 15:31 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\system32\dsc
2017-09-30 15:31 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2017-09-30 15:31 - 2017-09-29 14:46 - 000000000 ___RD C:\WINDOWS\PrintDialog
2017-09-30 15:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2017-09-30 15:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2017-09-30 15:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-09-30 15:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\com
2017-09-30 15:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-09-30 15:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2017-09-30 15:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\setup
2017-09-30 15:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\migwiz
2017-09-30 15:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\com
2017-09-30 15:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\IME
2017-09-30 15:31 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-09-30 15:31 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Windows Defender
2017-09-30 15:31 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Common Files\system
2017-09-30 15:31 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-09-30 15:31 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2017-09-30 15:31 - 2017-09-29 14:41 - 001347608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpmde.dll
2017-09-30 15:31 - 2017-09-29 09:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2017-09-30 15:31 - 2017-09-29 09:45 - 000000000 ____D C:\WINDOWS\servicing

==================== Files in the root of some directories =======

2016-12-29 16:11 - 2017-02-11 11:47 - 000001228 _____ () C:\Users\magic\AppData\Roaming\DESKTOP-GF7LKEI.MTBF.txt
2016-12-24 22:17 - 2017-07-02 10:45 - 000000165 _____ () C:\Users\magic\AppData\Roaming\sp_data.sys
2017-10-22 07:08 - 2017-10-22 07:08 - 000000001 _____ () C:\Users\magic\AppData\Local\llftool.4.40.agreement
2016-12-29 11:30 - 2017-02-07 15:13 - 000007597 _____ () C:\Users\magic\AppData\Local\resmon.resmoncfg
2017-08-12 07:17 - 2017-08-12 07:17 - 000000000 _____ () C:\Users\magic\AppData\Local\{761C75C9-C3F5-4806-A40A-8650658D6802}
2017-02-03 13:35 - 2017-02-03 13:35 - 000004973 _____ () C:\ProgramData\czchsjpj.srw
2017-08-20 06:42 - 2017-08-20 06:42 - 000000000 _____ () C:\ProgramData\DP45977C.lfl
2017-02-03 13:35 - 2017-02-03 13:35 - 000000016 _____ () C:\ProgramData\mntemp

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-10-22 14:43

==================== End of FRST.txt ============================