Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10-08-2019
Ran by Petr (administrator) on PETR-PC (14-08-2019 09:00:23)
Running from D:\Desktop
Loaded Profiles: Petr (Available Profiles: Petr & DefaultAppPool)
Platform: Windows 10 Pro Version 1803 17134.950 (X64) Language: Angličtina (Spojené státy)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0340998.inf_amd64_4e7ad8ec950b7e37\B340755\atiesrxx.exe
(AMD) [File not signed] C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe
(AMD) [File not signed] C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510d series\Bin\HPNetworkCommunicator.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510d series\Bin\HPNetworkCommunicatorCom.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510d series\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Plays.tv, LLC -> Copyright (c) 2017 Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Security\Engine\22.17.3.50\NortonSecurity.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Security\Engine\22.17.3.50\NortonSecurity.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Security\Engine\22.17.3.50\nsWscSvc.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(VMware, Inc.) [File not signed] C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\drfone\Library\DriverInstaller\DriverInstall.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8899592 2016-08-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [BCSSync] => D:\programy\office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [104088 2012-11-01] (VMware, Inc. -> VMware, Inc.)
HKLM-x32\...\Run: [Bonus.SSR.FR12] => D:\programy\abbyy\Bonus.ScreenshotReader.exe [1517088 2014-12-15] (ABBYY Production LLC -> ABBYY Production LLC.) [File not signed]
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [51416 2017-04-21] (Plays.tv, LLC -> Copyright (c) 2017 Plays.tv, LLC)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58584 2017-02-01] (Raptr, Inc -> Raptr, Inc)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle America, Inc. -> Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\...\Policies\Explorer\Run: [] => 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-19\...\RunOnce: [] => [X]
HKU\S-1-5-19\Sortware\Policies\...\system: [DisableCMD] 0
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [] => [X]
HKU\S-1-5-20\Sortware\Policies\...\system: [DisableCMD] 0
HKU\S-1-5-21-1378127302-1103651912-2866801594-1000\...\Run: [OscarX7Mouse5Mode] => C:\Program Files (x86)\OscarX7Editor5Mode\OscarX7Editor5Mode\OscarEditor.exe [3571712 2013-02-01] () [File not signed]
HKU\S-1-5-21-1378127302-1103651912-2866801594-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-05-23] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1378127302-1103651912-2866801594-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2018-05-23] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1378127302-1103651912-2866801594-1000\...\Run: [HP Photosmart 5510d series (NET)] => C:\Program Files\HP\HP Photosmart 5510d series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKU\S-1-5-21-1378127302-1103651912-2866801594-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [731240 2018-10-19] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-1378127302-1103651912-2866801594-1000\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [35808144 2019-08-02] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-1378127302-1103651912-2866801594-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [23153344 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1378127302-1103651912-2866801594-1000\...\Policies\system: [EnableLUA] 1
HKU\S-1-5-21-1378127302-1103651912-2866801594-1000\...\Winlogon: [Shell] %comspec% <==== ATTENTION
HKU\S-1-5-18\...\RunOnce: [] => [X]
HKU\S-1-5-18\...\Policies\system: [EnableLUA] 1
HKLM\...\Drivers32: [VIDC.VMnc] => C:\Windows\SysWOW64\vmnc.dll [353280 2012-11-01] (VMware, Inc.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.100\Installer\chrmstp.exe [2019-08-08] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> 
Startup: C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - HP Photosmart 5510d series (Síť).lnk [2019-08-14]
ShortcutAndArgument: Sledovat výstrahy inkoustu - HP Photosmart 5510d series (Síť).lnk -> C:\WINDOWS\system32\RunDll32.exe => "C:\Program Files\HP\HP Photosmart 5510d series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN19M115DT05RW;CONNECTION=NW;MONITOR=1;
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0295A5A9-6464-477D-B255-19DFD4570863} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0CA97837-4253-4B2B-AF8F-CA86D7C3779C} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {0CB859E9-BB9E-44FD-A75D-364D84C823AF} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {111D49D0-A4A6-41E0-B703-8E9E1E17536A} - System32\Tasks\G2MUpdateTask-S-1-5-21-1378127302-1103651912-2866801594-1000 => C:\Users\Petr\AppData\Local\GoToMeeting\13761\g2mupdate.exe [32256 2019-07-26] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {13C221D3-51F6-495C-AA1E-B21B80CBBAD3} - System32\Tasks\ACC => C:\Program Files\DriverSetupUtility\FUB\FUB_Send.bat
Task: {143B69FA-71F0-4A5A-AF33-F8EBCFC03416} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [58760 2019-03-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {1588F60D-3791-4150-80BB-AE94B3D01273} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-10-03] (Google Inc -> Google Inc.)
Task: {17FC820E-DC91-44A1-ABDE-E9165782A89F} - System32\Tasks\{4BA5E1F2-6FD5-4F69-8F1C-3063F0100F10} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/7.5.0.102/cs/go/help.faq.installer?LastError=1638
Task: {1AD8ED7B-EBBF-477F-B235-EA9F134AC0B7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {2167A783-BFCB-4DB1-83CF-4C5D71D1F4E9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {21F27EFA-FD50-42CB-8F7A-43BB99DE756D} - System32\Tasks\{19F4D2DC-16A0-475B-B4CE-0A44AF9D8DAF} => C:\Windows\system32\pcalua.exe -a G:\SETUP.EXE -d G:\
Task: {21F9CE45-463F-4C23-B331-F33FA7EF01DE} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {230BCE8D-83CC-4EA4-9E6C-32B32D5838B1} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [468992 2019-03-27] (Advanced Micro Devices, Inc.) [File not signed]
Task: {24FCD695-7D37-41C7-B7CA-1E38CC658A2D} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {298C9336-C9FD-4A3C-BD09-E526A2FF56D4} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2BB2B73F-62ED-4CEA-9069-11269B05F7DA} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2BC3F9AF-080A-402B-BC02-462BA607E13B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {2C2C93BA-63F8-4C44-A6C7-4DE4E105C63F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {31B28B03-872B-41AB-8507-6116DE8B7798} - System32\Tasks\{308FCB4A-8EEF-433C-9BE0-791804EB206E} => D:\games\Grim\GRIM.EXE
Task: {39AA7E89-0E24-4861-AE26-18D7B95000AC} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {40031DB8-4430-4AE0-82F2-C64D5F4DAFDC} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {46AB3289-897F-49CF-A30E-A26EB3511FB3} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4941B8C8-A927-42CA-BBD5-6ADF5C963642} - System32\Tasks\{478FC5E3-522E-474C-837A-B60E2C1E8F52} => D:\games\Grim\GRIM.EXE
Task: {51F82041-5FA6-4CF6-8DD0-A2BA81261E70} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5203B421-37C5-4AB5-943D-B15C0F238744} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {56F58191-2BF1-4BC1-9D0D-D32D22ECBC02} - System32\Tasks\Norton Security with Backup\Norton Security Error Processor => C:\Program Files\Norton Security\Engine\22.17.3.50\SymErr.exe [101392 2019-06-20] (Symantec Corporation -> Symantec Corporation)
Task: {57044629-73AF-4959-B886-5AB6B5961D48} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {57D31AFB-FA44-4CE2-A47D-DA37D4ECF72B} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5D6DAB2C-E92F-42E9-B7AC-575A79BF7D9C} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_Plugin.exe [1457208 2019-07-14] (Adobe Inc. -> Adobe)
Task: {5F5B86F5-36D5-4103-A747-F8B35CFF910B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {680820B0-9E9F-4909-A806-48B9F465C679} - System32\Tasks\{613A8A18-C1EA-412B-84C2-09A6DC161ADC} => D:\games\Grim\GRIM.EXE
Task: {68AAD58B-AF08-445A-BDD7-CEABD2435A7E} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [468992 2019-03-27] (Advanced Micro Devices, Inc.) [File not signed]
Task: {6B67507F-4FDB-4509-A407-57681E704B7C} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6D2FB62F-9BD2-4CC3-833F-27B4E5997141} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {70E5FCD5-A6F4-4C20-8F71-3749F7E1B4AE} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {71BE6B49-7158-474C-9BF5-EB6DEF36E9B1} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {74CCC9BF-E150-4550-9714-68D6BE6B222D} - System32\Tasks\{4645528F-7B66-40D6-9D2B-94996F62643E} => D:\games\Grim\GRIM.EXE
Task: {76709185-C5FF-4B67-8160-258DED838905} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {768C4F51-B4E3-46A7-AFE9-0C225329928C} - System32\Tasks\{0193564E-1379-4862-9E27-41B46CF68124} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/6.21.0.104/cs/go/help.faq.installer?LastError=1638
Task: {86745E34-BA5D-4FAC-9A14-A22C27672AF7} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {890935F8-94A8-41AF-9E66-E32C9C68FFD1} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {8A2646DD-38E2-42B1-A2CD-6536758F7634} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {8D5FF030-3920-4008-AA83-234835FC0E6C} - System32\Tasks\Norton Security with Backup\Norton Security Error Analyzer => C:\Program Files\Norton Security\Engine\22.17.3.50\SymErr.exe [101392 2019-06-20] (Symantec Corporation -> Symantec Corporation)
Task: {8F67EB6F-7598-4E1A-9F1E-C47518F41681} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {9130FB0F-E7C8-444E-B6C5-ACF64161687E} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {9196910A-BFD1-4A33-AEBA-F71F097BB3F1} - System32\Tasks\Norton Security Scan for Petr => C:\Program Files (x86)\Norton Security Scan\Engine\4.6.1.150\Nss.exe [835664 2018-01-10] (Symantec Corporation -> Symantec Corporation)
Task: {92D087F6-261B-4748-B0CC-40B68993BFB9} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {97B91572-A67C-4C88-8A24-204ED4553812} - System32\Tasks\Opera scheduled Autoupdate 1379407042 => c:\program files (x86)\opera\launcher.exe [1519640 2019-08-07] (Opera Software AS -> Opera Software)
Task: {9C9A5C23-7626-4100-92BD-A165A587DCC4} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe
Task: {9DC9C7A0-18FC-4291-8045-24CCC58510C9} - System32\Tasks\avastBCLRestartS-1-5-21-1378127302-1103651912-2866801594-1000 => C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
Task: {9DF9122A-2F7D-4044-B8C6-FD446FA2E3A7} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9F675D7B-ECB9-44B4-A744-4C23B8FFE3D4} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A11590DD-8E4E-44BE-8537-90002D63E45F} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {A306DD23-7524-4E70-890A-25500EC1F0B7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1236048 2019-07-24] (Adobe Inc. -> Adobe Systems)
Task: {A8D66A48-8BE7-49E6-9061-4C93CC3549A9} - System32\Tasks\WindowsMediaSharing => C:\windows\wndsvr.exe
Task: {AB0729AF-F525-4F58-A4EA-D3C672B8685F} - System32\Tasks\StartCNBM => C:\Program Files\AMD\CNext\CNext\cncmd.exe [58760 2019-03-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {AB9E63F5-85D0-4768-9FBA-FA57BAC078B0} - System32\Tasks\G2MUploadTask-S-1-5-21-1378127302-1103651912-2866801594-1000 => C:\Users\Petr\AppData\Local\GoToMeeting\13761\g2mupload.exe [32256 2019-07-26] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {ABAD013D-A998-42C7-A303-96CA77BBAD3F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-10-03] (Google Inc -> Google Inc.)
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B0FDF9EF-726C-4DFF-BC62-03F2EB2B5056} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16835256 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {B3178A0D-7434-4956-A0FD-673527F40514} - System32\Tasks\{00DCBFC6-A044-4C8C-B2D6-269045638A90} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/7.0.0.102/cs/go/help.faq.installer?LastError=1638
Task: {B4967007-6C65-4C51-9D2B-2E4003D2F2A6} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {B883B658-BBA4-40C4-8CCC-29990FCB5EC9} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {BFF2EAE0-7098-49A4-A25E-0A772DE7EC66} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.17.3.50\WSCStub.exe [2225296 2019-06-20] (Symantec Corporation -> Symantec Corporation)
Task: {D5150836-D653-4561-9E28-75B6F1BC908F} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {DC8C068A-F292-4E9D-B1D4-0F388D632BFE} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {DEA0F036-8480-40B0-99B0-71702FA08FCC} - System32\Tasks\Norton Security with Backup\Norton Security Autofix => C:\Program Files\Norton Security\Engine\22.17.3.50\SymErr.exe [101392 2019-06-20] (Symantec Corporation -> Symantec Corporation)
Task: {DF3FA8A1-423B-4686-982D-C4C56F8B642D} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {DF5D388D-B70D-41B6-9268-21AD5DE3197A} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {DFAECFC4-BBBB-4C10-BEFB-17813FB17C0A} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E27C8B54-BEBE-4720-9730-1EAABDA93113} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {F61D529E-B657-4193-BBAB-1DEAE4946E0A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {F6B04B03-1C9A-470F-8C16-9208AD65CFDA} - System32\Tasks\{4711F629-8DB1-4929-90CB-95C6C3F75B3B} => D:\games\Grim\GrimFandango.EXE
Task: {F805A10D-9B38-4344-9A54-C80DFC37B56B} - System32\Tasks\{B79E0D5B-CBA4-444D-8970-C22F386C6F25} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/7.0.0.102/cs/go/help.faq.installer?LastError=1638
Task: {F887500D-0BB7-454A-A53F-862773346E50} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FC1B74E5-74C5-4CB3-8B86-F8391306F072} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2225296 2019-06-20] (Symantec Corporation -> Symantec Corporation)
Task: {FF98DC59-DABD-4ABE-8580-FD9430C754E8} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {FFEF83F1-C2B5-4A61-94AB-231834DEC0AE} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-1378127302-1103651912-2866801594-1000.job => C:\Users\Petr\AppData\Local\GoToMeeting\13761\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-1378127302-1103651912-2866801594-1000.job => C:\Users\Petr\AppData\Local\GoToMeeting\13761\g2mupload.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{0ea37814-97d5-4e68-a013-779acbfbfab5}: [NameServer] 208.67.222.222,208.67.220.220
Tcpip\..\Interfaces\{0ea37814-97d5-4e68-a013-779acbfbfab5}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://securityresponse.symantec.com/avcenter/fix_homepage/
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1378127302-1103651912-2866801594-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1378127302-1103651912-2866801594-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-1378127302-1103651912-2866801594-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1378127302-1103651912-2866801594-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine\22.17.3.50\coIEPlg.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2018-01-16] (Oracle America, Inc. -> Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2018-01-16] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine32\22.17.3.50\coIEPlg.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> D:\programy\office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine\22.17.3.50\coIEPlg.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine32\22.17.3.50\coIEPlg.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -  No File

FireFox:
========
FF DefaultProfile: q2hswuqs.default
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\q2hswuqs.default [2019-08-14]
FF Session Restore: Mozilla\Firefox\Profiles\q2hswuqs.default -> is enabled.
FF Extension: (Autofill) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\q2hswuqs.default\Extensions\firefox-autofill@googlegroups.com.xpi [2016-06-02] [Legacy]
FF SearchPlugin: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\q2hswuqs.default\searchplugins\365dnicz---filmy.xml [2015-09-12]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_223.dll [2019-07-14] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2018-01-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2018-01-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_223.dll [2019-07-14] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> D:\programy\office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> D:\programy\office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> D:\programy\VLC\npvlc.dll [2017-11-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> D:\programy\VLC\npvlc.dll [2017-11-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> D:\programy\VLC\npvlc.dll [2017-11-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> D:\programy\VLC\npvlc.dll [2017-11-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: NetDvr_Plugins -> D:\programy\Plugins\npDvr.dll [2012-02-14] (STARIVER CIRCUITS (HK) CO., LIMTED -> DVR) [File not signed]

Chrome: 
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchURL: Default -> hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11908
CHR DefaultSearchKeyword: Default -> NortonSafe
CHR DefaultSuggestURL: Default -> hxxps://ss-sym.search.ask.com/ss?q={searchTerms}&li=ff
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default [2019-08-14]
CHR Extension: (Prezentace) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-03-13]
CHR Extension: (Dokumenty) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-13]
CHR Extension: (Disk Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-01]
CHR Extension: (Seznam doplněk - Esko-) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2019-08-03]
CHR Extension: (YouTube) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-10]
CHR Extension: (Norton Security Toolbar) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2019-04-17]
CHR Extension: (Vyhledávání Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-01]
CHR Extension: (Tabulky) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-03-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-21]
CHR Extension: (Norton Safe) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbmobhkkblcgdifigjglcjneplefbkmh [2018-07-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-05]
CHR Extension: (Gmail) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-01]
CHR Extension: (Chrome Media Router) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-08-12]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security\Engine\22.17.3.50\Exts\Chrome.crx <not found>
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security\Engine\22.17.3.50\Exts\Chrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

Opera: 
=======
OPR Extension: (AS Magic Player) - C:\Users\Petr\AppData\Roaming\Opera Software\Opera Stable\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim [2015-01-20]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\c0340998.inf_amd64_4e7ad8ec950b7e37\B340755\atiesrxx.exe [508208 2019-04-03] (Advanced Micro Devices, Inc. -> AMD)
R2 AUEPLauncher; C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe [43008 2019-03-26] (AMD) [File not signed]
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3729512 2018-10-19] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation -> Intel Corporation)
S3 Microsoft SharePoint Workspace Audit Service; D:\programy\office\Office14\GROOVE.EXE [30814400 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.17.3.50\NortonSecurity.exe [225608 2019-06-20] (Symantec Corporation -> Symantec Corporation)
R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.17.3.50\nsWscSvc.exe [933200 2019-06-20] (Symantec Corporation -> Symantec Corporation)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [55000 2017-04-21] (Plays.tv, LLC -> Copyright (c) 2017 Plays.tv, LLC)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-01-14] (Even Balance, Inc. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5074128 2019-08-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SystemExplorerHelpService; D:\programy\System Explorer\service\SystemExplorerService64.exe [821720 2012-11-25] (Miroslav Topolar -> Mister Group)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11791704 2019-03-18] (TeamViewer GmbH -> TeamViewer GmbH)
R2 VMAuthdService; C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe [79872 2012-11-01] (VMware, Inc.) [File not signed]
S2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [13234176 2012-11-01] () [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4413440 2019-03-14] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107160 2019-02-16] (Microsoft Corporation -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe [495720 2018-07-04] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 WsDrvInst; C:\Program Files (x86)\Wondershare\drfone\Library\DriverInstaller\DriverInstall.exe [120016 2018-07-04] (Wondershare Technology Co.,Ltd -> Wondershare)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0340998.inf_amd64_4e7ad8ec950b7e37\B340755\atikmdag.sys [52888368 2019-04-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0340998.inf_amd64_4e7ad8ec950b7e37\B340755\atikmpag.sys [590128 2019-04-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [107400 2018-10-03] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.12.0.104\Definitions\BASHDefs\20190812.001\BHDrvx64.sys [1935880 2019-06-25] (Symantec Corporation -> Symantec Corporation)
R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\ccSetx64.sys [192704 2019-06-20] (Symantec Corporation -> Symantec Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-10-21] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-10-21] (Disc Soft Ltd -> Disc Soft Ltd)
R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [283200 2018-10-21] (DT Soft Ltd -> DT Soft Ltd)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [515592 2019-06-10] (Symantec Corporation -> Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153096 2019-06-13] (Symantec Corporation -> Symantec Corporation)
R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.12.0.104\Definitions\IPSDefs\20190813.061\IDSvia64.sys [1451016 2019-08-06] (Symantec Corporation -> Symantec Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2000-01-01] (Realtek Semiconductor Corp -> Realtek )
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [33960 2000-01-01] (Synaptics Incorporated -> Synaptics Incorporated)
R0 speedfan; C:\Windows\SysWow64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R1 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\SRTSP64.SYS [864776 2019-06-20] (Symantec Corporation -> Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\SRTSPX64.SYS [49672 2019-06-20] (Symantec Corporation -> Symantec Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\SYMEFASI64.SYS [1998552 2019-06-20] (Symantec Corporation -> Symantec Corporation)
S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\SymELAM.sys [25744 2019-06-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [100064 2019-03-21] (Symantec Corporation -> Symantec Corporation)
S4 SymEvnt; C:\Program Files\Norton Security\NortonData\22.12.0.104\SymPlatform\SymEvnt.sys [717832 2019-07-16] (Symantec Corporation -> Symantec Corporation)
R1 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\Ironx64.SYS [315912 2019-06-20] (Symantec Corporation -> Symantec Corporation)
R1 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\symnets.sys [573448 2019-06-20] (Symantec Corporation -> Symantec Corporation)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Apple, Inc.) [File not signed]
R0 vsock; C:\WINDOWS\System32\drivers\vsock.sys [70296 2012-10-24] (VMware, Inc. -> VMware, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\wpCtrlDrv.sys [1012120 2019-06-20] (Symantec Corporation -> Symantec Corporation)
S3 ALSysIO; \??\C:\Users\Petr\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION
S3 cpuz140; \??\C:\Users\Petr\AppData\Local\Temp\cpuz140\cpuz140_x64.sys [X] <==== ATTENTION
U3 idsvc; no ImagePath
U4 sr; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-14 08:47 - 2019-08-14 08:47 - 000000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2019-08-13 21:04 - 2019-08-07 15:18 - 001786680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2019-08-13 21:04 - 2019-08-07 15:18 - 001427768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2019-08-13 21:04 - 2019-08-07 15:14 - 000303928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
2019-08-13 21:04 - 2019-08-07 15:13 - 021389776 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-08-13 21:04 - 2019-08-07 15:13 - 001632112 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-08-13 21:04 - 2019-08-07 15:13 - 001515904 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-08-13 21:04 - 2019-08-07 15:13 - 000790208 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-08-13 21:04 - 2019-08-07 14:58 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-08-13 21:04 - 2019-08-07 14:58 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-08-13 21:04 - 2019-08-07 14:55 - 008626688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-08-13 21:04 - 2019-08-07 14:55 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2PGraph.dll
2019-08-13 21:04 - 2019-08-07 14:55 - 000210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll
2019-08-13 21:04 - 2019-08-07 14:54 - 004783104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2019-08-13 21:04 - 2019-08-07 14:53 - 003614208 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-08-13 21:04 - 2019-08-07 14:53 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2019-08-13 21:04 - 2019-08-07 14:53 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2pnetsh.dll
2019-08-13 21:04 - 2019-08-07 14:52 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-08-13 21:04 - 2019-08-07 14:51 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2psvc.dll
2019-08-13 21:04 - 2019-08-07 14:43 - 001453416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-08-13 21:04 - 2019-08-07 14:41 - 001322688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-08-13 21:04 - 2019-08-07 14:41 - 000662112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-08-13 21:04 - 2019-08-07 14:40 - 020384344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-08-13 21:04 - 2019-08-07 14:30 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-08-13 21:04 - 2019-08-07 14:30 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-08-13 21:04 - 2019-08-07 14:27 - 007990272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-08-13 21:04 - 2019-08-07 14:26 - 000366592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2PGraph.dll
2019-08-13 21:04 - 2019-08-07 14:26 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2P.dll
2019-08-13 21:04 - 2019-08-07 14:25 - 004175360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2019-08-13 21:04 - 2019-08-07 14:24 - 002882048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-08-13 21:04 - 2019-08-07 14:24 - 001472000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-08-13 21:04 - 2019-08-07 14:24 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\p2pnetsh.dll
2019-08-13 21:04 - 2019-08-07 11:40 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-08-13 21:04 - 2019-08-07 10:09 - 001328440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2019-08-13 21:04 - 2019-08-07 10:09 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-08-13 21:04 - 2019-08-07 10:09 - 001098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-08-13 21:04 - 2019-08-07 10:09 - 001027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-08-13 21:04 - 2019-08-07 10:09 - 000568104 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-08-13 21:04 - 2019-08-07 10:09 - 000194352 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-08-13 21:04 - 2019-08-07 10:09 - 000192824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-08-13 21:04 - 2019-08-07 10:09 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-08-13 21:04 - 2019-08-07 10:09 - 000095008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-08-13 21:04 - 2019-08-07 10:08 - 007435720 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-08-13 21:04 - 2019-08-07 10:08 - 002810680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-08-13 21:04 - 2019-08-07 10:08 - 002470648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-08-13 21:04 - 2019-08-07 10:08 - 001566736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2019-08-13 21:04 - 2019-08-07 10:08 - 001141712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-08-13 21:04 - 2019-08-07 10:08 - 000723216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-08-13 21:04 - 2019-08-07 10:08 - 000710232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-08-13 21:04 - 2019-08-07 10:08 - 000494992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-08-13 21:04 - 2019-08-07 10:08 - 000227744 _____ (Microsoft Corporation) C:\WINDOWS\system32\xmllite.dll
2019-08-13 21:04 - 2019-08-07 10:08 - 000170296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-08-13 21:04 - 2019-08-07 10:08 - 000130840 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-08-13 21:04 - 2019-08-07 10:08 - 000091568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2019-08-13 21:04 - 2019-08-07 10:07 - 009084432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-08-13 21:04 - 2019-08-07 10:07 - 007520112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-08-13 21:04 - 2019-08-07 10:07 - 002719240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-08-13 21:04 - 2019-08-07 10:07 - 001459328 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-08-13 21:04 - 2019-08-07 10:07 - 001260992 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-08-13 21:04 - 2019-08-07 10:07 - 001031696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2019-08-13 21:04 - 2019-08-07 10:07 - 000984152 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-08-13 21:04 - 2019-08-07 10:07 - 000786288 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-08-13 21:04 - 2019-08-07 10:07 - 000115728 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-08-13 21:04 - 2019-08-07 09:57 - 000081256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-08-13 21:04 - 2019-08-07 09:56 - 006570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-08-13 21:04 - 2019-08-07 09:56 - 006044008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-08-13 21:04 - 2019-08-07 09:56 - 001993344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-08-13 21:04 - 2019-08-07 09:56 - 001427768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2019-08-13 21:04 - 2019-08-07 09:56 - 000357336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2019-08-13 21:04 - 2019-08-07 09:56 - 000192608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xmllite.dll
2019-08-13 21:04 - 2019-08-07 09:56 - 000101400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2019-08-13 21:04 - 2019-08-07 09:55 - 000603792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-08-13 21:04 - 2019-08-07 09:49 - 025857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-08-13 21:04 - 2019-08-07 09:47 - 022017536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-08-13 21:04 - 2019-08-07 09:44 - 008189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-08-13 21:04 - 2019-08-07 09:42 - 022717952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-08-13 21:04 - 2019-08-07 09:39 - 019372544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-08-13 21:04 - 2019-08-07 09:38 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-08-13 21:04 - 2019-08-07 09:38 - 004385792 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-08-13 21:04 - 2019-08-07 09:38 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-08-13 21:04 - 2019-08-07 09:38 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShellExtFramework.dll
2019-08-13 21:04 - 2019-08-07 09:37 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll
2019-08-13 21:04 - 2019-08-07 09:37 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\appsruprov.dll
2019-08-13 21:04 - 2019-08-07 09:37 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2019-08-13 21:04 - 2019-08-07 09:36 - 007572480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-08-13 21:04 - 2019-08-07 09:36 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-08-13 21:04 - 2019-08-07 09:36 - 000354816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-08-13 21:04 - 2019-08-07 09:36 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2019-08-13 21:04 - 2019-08-07 09:36 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Diagnostics.dll
2019-08-13 21:04 - 2019-08-07 09:36 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2019-08-13 21:04 - 2019-08-07 09:36 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-08-13 21:04 - 2019-08-07 09:35 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-08-13 21:04 - 2019-08-07 09:35 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2019-08-13 21:04 - 2019-08-07 09:35 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-08-13 21:04 - 2019-08-07 09:35 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2019-08-13 21:04 - 2019-08-07 09:35 - 000567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-08-13 21:04 - 2019-08-07 09:35 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2019-08-13 21:04 - 2019-08-07 09:35 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2019-08-13 21:04 - 2019-08-07 09:34 - 005769728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-08-13 21:04 - 2019-08-07 09:34 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-08-13 21:04 - 2019-08-07 09:34 - 001680384 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
2019-08-13 21:04 - 2019-08-07 09:34 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-08-13 21:04 - 2019-08-07 09:34 - 000786432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2019-08-13 21:04 - 2019-08-07 09:34 - 000521216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2019-08-13 21:04 - 2019-08-07 09:34 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-08-13 21:04 - 2019-08-07 09:34 - 000278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComposableShellProxyStub.dll
2019-08-13 21:04 - 2019-08-07 09:34 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2019-08-13 21:04 - 2019-08-07 09:33 - 001220608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2019-08-13 21:04 - 2019-08-07 09:33 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpsrv.dll
2019-08-13 21:04 - 2019-08-07 09:33 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2019-08-13 21:04 - 2019-08-07 09:32 - 004938240 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-08-13 21:04 - 2019-08-07 09:32 - 004516864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-08-13 21:04 - 2019-08-07 09:32 - 002165760 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-08-13 21:04 - 2019-08-07 09:32 - 001235968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2019-08-13 21:04 - 2019-08-07 09:32 - 001154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-08-13 21:04 - 2019-08-07 09:32 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-08-13 21:04 - 2019-08-07 09:32 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2019-08-13 21:04 - 2019-08-07 09:32 - 000318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-08-13 21:04 - 2019-08-07 09:32 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2019-08-13 21:04 - 2019-08-07 09:32 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ComposableShellProxyStub.dll
2019-08-13 21:04 - 2019-08-07 09:31 - 001421312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2019-08-13 21:04 - 2019-08-07 09:31 - 000965632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2019-08-13 21:04 - 2019-08-07 09:31 - 000947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-08-13 21:04 - 2019-08-07 09:31 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-08-13 21:04 - 2019-08-07 09:31 - 000793088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-08-13 21:04 - 2019-08-07 09:31 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-08-13 21:04 - 2019-08-07 09:31 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-08-13 21:04 - 2019-08-07 09:31 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-08-13 21:04 - 2019-08-07 09:31 - 000367616 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2019-08-13 21:04 - 2019-08-07 08:15 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-08-13 21:04 - 2019-07-11 08:48 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-08-13 21:04 - 2019-07-11 03:30 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-08-13 21:04 - 2019-07-11 03:30 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-08-13 21:04 - 2019-07-11 03:30 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-08-13 21:04 - 2019-07-09 10:07 - 001627664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2019-08-13 21:04 - 2019-07-09 10:07 - 001038352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2019-08-13 21:04 - 2019-07-09 10:07 - 000954384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2019-08-13 21:04 - 2019-07-09 10:07 - 000830480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2019-08-13 21:04 - 2019-07-09 10:07 - 000827920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2019-08-13 21:04 - 2019-07-09 10:07 - 000825360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2019-08-13 21:04 - 2019-07-09 10:07 - 000750096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2019-08-13 21:04 - 2019-07-09 10:07 - 000670224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2019-08-13 21:04 - 2019-07-09 10:07 - 000652304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2019-08-13 21:04 - 2019-07-09 10:07 - 000506088 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2019-08-13 21:04 - 2019-07-09 10:07 - 000495632 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2019-08-13 21:04 - 2019-07-09 10:07 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2019-08-13 21:04 - 2019-07-09 10:04 - 000348664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-08-13 21:04 - 2019-07-09 10:01 - 004527792 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-08-13 21:04 - 2019-07-09 10:00 - 001616824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-08-13 21:04 - 2019-07-09 09:44 - 012757504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-08-13 21:04 - 2019-07-09 09:44 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsUpdateElevatedInstaller.exe
2019-08-13 21:04 - 2019-07-09 09:43 - 004718080 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-08-13 21:04 - 2019-07-09 09:43 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2019-08-13 21:04 - 2019-07-09 09:43 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2019-08-13 21:04 - 2019-07-09 09:41 - 002019840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2019-08-13 21:04 - 2019-07-09 09:40 - 000677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2019-08-13 21:04 - 2019-07-09 09:39 - 001210880 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2019-08-13 21:04 - 2019-07-09 09:39 - 001193472 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2019-08-13 21:04 - 2019-07-09 09:39 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2019-08-13 21:04 - 2019-07-09 09:38 - 000740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2019-08-13 21:04 - 2019-07-09 09:37 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2019-08-13 21:04 - 2019-07-09 09:37 - 000517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2019-08-13 21:04 - 2019-07-09 09:37 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2019-08-13 21:04 - 2019-07-09 09:37 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2019-08-13 21:04 - 2019-07-09 08:59 - 000022840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hvsicontainerservice.dll
2019-08-13 21:04 - 2019-07-09 08:42 - 011943424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-08-13 21:04 - 2019-07-09 08:38 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2019-08-13 21:04 - 2019-07-09 08:37 - 000485888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2019-08-13 21:04 - 2019-07-09 05:29 - 000375312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-08-13 21:04 - 2019-07-09 05:29 - 000230200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2019-08-13 21:04 - 2019-07-09 05:29 - 000031032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uefi.sys
2019-08-13 21:04 - 2019-07-09 05:23 - 001213264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2019-08-13 21:04 - 2019-07-09 05:23 - 001035040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-08-13 21:04 - 2019-07-09 05:21 - 005625160 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-08-13 21:04 - 2019-07-09 05:21 - 000133136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2019-08-13 21:04 - 2019-07-09 05:20 - 000500536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2019-08-13 21:04 - 2019-07-09 05:20 - 000275512 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2019-08-13 21:04 - 2019-07-09 05:20 - 000227640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-08-13 21:04 - 2019-07-09 05:19 - 002769472 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-08-13 21:04 - 2019-07-09 05:19 - 002371504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-08-13 21:04 - 2019-07-09 05:19 - 001674216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2019-08-13 21:04 - 2019-07-09 05:19 - 000799248 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2019-08-13 21:04 - 2019-07-09 05:19 - 000767232 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-08-13 21:04 - 2019-07-09 05:19 - 000713488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-08-13 21:04 - 2019-07-09 05:19 - 000152104 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2019-08-13 21:04 - 2019-07-09 05:19 - 000142352 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2019-08-13 21:04 - 2019-07-09 05:19 - 000046608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\werkernel.sys
2019-08-13 21:04 - 2019-07-09 05:12 - 002331480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-08-13 21:04 - 2019-07-09 05:12 - 001286528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2019-08-13 21:04 - 2019-07-09 05:12 - 000573808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2019-08-13 21:04 - 2019-07-09 05:12 - 000125504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2019-08-13 21:04 - 2019-07-09 05:11 - 002257336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-08-13 21:04 - 2019-07-09 05:11 - 000576528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2019-08-13 21:04 - 2019-07-09 05:11 - 000108560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2019-08-13 21:04 - 2019-07-09 04:56 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2019-08-13 21:04 - 2019-07-09 04:56 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2019-08-13 21:04 - 2019-07-09 04:55 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-08-13 21:04 - 2019-07-09 04:55 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetDriverInstall.dll
2019-08-13 21:04 - 2019-07-09 04:55 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-08-13 21:04 - 2019-07-09 04:53 - 003708416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-08-13 21:04 - 2019-07-09 04:53 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-08-13 21:04 - 2019-07-09 04:52 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-08-13 21:04 - 2019-07-09 04:52 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2019-08-13 21:04 - 2019-07-09 04:51 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-08-13 21:04 - 2019-07-09 04:51 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-08-13 21:04 - 2019-07-09 04:51 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2019-08-13 21:04 - 2019-07-09 04:51 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2019-08-13 21:04 - 2019-07-09 04:51 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2019-08-13 21:04 - 2019-07-09 04:51 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DuCsps.dll
2019-08-13 21:04 - 2019-07-09 04:51 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-08-13 21:04 - 2019-07-09 04:51 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2019-08-13 21:04 - 2019-07-09 04:51 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2019-08-13 21:04 - 2019-07-09 04:50 - 004861440 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-08-13 21:04 - 2019-07-09 04:50 - 001003008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-08-13 21:04 - 2019-07-09 04:50 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2019-08-13 21:04 - 2019-07-09 04:50 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-08-13 21:04 - 2019-07-09 04:50 - 000659456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2019-08-13 21:04 - 2019-07-09 04:50 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-08-13 21:04 - 2019-07-09 04:50 - 000141312 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2019-08-13 21:04 - 2019-07-09 04:50 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2019-08-13 21:04 - 2019-07-09 04:50 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdcpw.dll
2019-08-13 21:04 - 2019-07-09 04:50 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-08-13 21:04 - 2019-07-09 04:49 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-08-13 21:04 - 2019-07-09 04:49 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2019-08-13 21:04 - 2019-07-09 04:49 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-08-13 21:04 - 2019-07-09 04:49 - 000372736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2019-08-13 21:04 - 2019-07-09 04:49 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-08-13 21:04 - 2019-07-09 04:49 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-08-13 21:04 - 2019-07-09 04:49 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2019-08-13 21:04 - 2019-07-09 04:49 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetDriverInstall.dll
2019-08-13 21:04 - 2019-07-09 04:48 - 003402240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-08-13 21:04 - 2019-07-09 04:48 - 000697344 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2019-08-13 21:04 - 2019-07-09 04:48 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-08-13 21:04 - 2019-07-09 04:48 - 000335360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2019-08-13 21:04 - 2019-07-09 04:48 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-08-13 21:04 - 2019-07-09 04:48 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-08-13 21:04 - 2019-07-09 04:48 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2019-08-13 21:04 - 2019-07-09 04:47 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-08-13 21:04 - 2019-07-09 04:47 - 002738688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-08-13 21:04 - 2019-07-09 04:47 - 002176000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-08-13 21:04 - 2019-07-09 04:47 - 000928768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-08-13 21:04 - 2019-07-09 04:47 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-08-13 21:04 - 2019-07-09 04:47 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-08-13 21:04 - 2019-07-09 04:47 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-08-13 21:04 - 2019-07-09 04:46 - 002912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-08-13 21:04 - 2019-07-09 04:46 - 001561088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-08-13 21:04 - 2019-07-09 04:46 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2019-08-13 21:04 - 2019-07-09 04:46 - 000300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2019-08-13 21:04 - 2019-07-09 04:45 - 001400832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-08-13 21:04 - 2019-07-09 04:45 - 001218560 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-08-13 21:04 - 2019-07-09 04:45 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2019-08-13 21:04 - 2019-07-09 04:45 - 000510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-08-13 21:04 - 2019-07-09 04:45 - 000504832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2019-08-13 21:04 - 2019-07-09 04:44 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-08-13 21:04 - 2019-07-09 04:44 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-08-13 21:04 - 2019-07-09 04:44 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2019-08-13 21:04 - 2019-07-09 04:44 - 000629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-08-13 21:04 - 2019-07-09 04:44 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-08-13 21:04 - 2019-07-09 04:44 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-08-13 21:04 - 2019-07-09 04:44 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-08-13 21:04 - 2019-07-09 04:43 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-08-13 21:04 - 2019-07-09 04:43 - 001398272 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-08-13 21:04 - 2019-07-09 04:43 - 000917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2019-08-13 21:04 - 2019-07-09 04:43 - 000582144 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2019-08-13 21:04 - 2019-06-20 04:21 - 000058882 _____ C:\WINDOWS\system32\srms.dat
2019-08-13 11:47 - 2019-08-13 20:34 - 000000000 ____D C:\KVRT_Data
2019-08-13 11:33 - 2019-08-13 11:33 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-08-13 11:33 - 2019-08-13 11:33 - 000002870 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-08-13 11:33 - 2019-08-13 11:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-08-13 11:18 - 2019-08-13 11:33 - 000000000 ____D C:\Program Files\CCleaner
2019-08-13 08:44 - 2019-08-14 09:00 - 000000000 ____D C:\FRST

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-14 09:00 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-08-14 08:36 - 2016-11-21 17:25 - 000000000 ___DC C:\Users\Petr\AppData\LocalLow\Mozilla
2019-08-14 08:34 - 2019-03-02 09:19 - 000003094 _____ C:\WINDOWS\System32\Tasks\AMDLinkUpdate
2019-08-13 21:44 - 2019-07-06 13:38 - 000000000 ____D C:\WINDOWS\System32\Tasks\Norton Security with Backup
2019-08-13 21:43 - 2018-05-15 19:47 - 000777340 _____ C:\WINDOWS\system32\perfh005.dat
2019-08-13 21:43 - 2018-05-15 19:47 - 000170148 _____ C:\WINDOWS\system32\perfc005.dat
2019-08-13 21:43 - 2018-05-15 09:55 - 001912256 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-08-13 21:43 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-08-13 21:40 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-08-13 21:40 - 2017-12-11 10:57 - 000000000 ___RD C:\Users\Petr\3D Objects
2019-08-13 21:40 - 2016-07-18 00:19 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-08-13 21:39 - 2013-02-26 22:38 - 000000000 ____D C:\ProgramData\VMware
2019-08-13 21:39 - 2013-01-23 23:28 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-08-13 21:38 - 2018-05-15 10:05 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-08-13 21:38 - 2018-05-15 09:54 - 000439400 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-08-13 21:38 - 2018-04-12 11:20 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-08-13 21:38 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\UNP
2019-08-13 21:38 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-08-13 21:38 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-08-13 21:38 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-08-13 21:38 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\Provisioning
2019-08-13 21:38 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-08-13 21:38 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-08-13 21:38 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-08-13 21:38 - 2017-10-11 09:43 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2019-08-13 21:37 - 2018-04-11 23:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-08-13 21:35 - 2014-10-13 10:18 - 000000000 ____D C:\AdwCleaner
2019-08-13 21:07 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-08-13 21:05 - 2018-04-12 01:34 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2019-08-13 21:04 - 2013-09-26 10:16 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-08-13 21:01 - 2013-01-20 15:35 - 134272480 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-08-13 20:56 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-08-13 20:35 - 2019-02-01 00:06 - 000000000 __HDC C:\Users\Petr\AppData\Roaming\steampch
2019-08-13 20:35 - 2017-12-11 10:51 - 000000000 ___DC C:\Users\Petr\AppData\Local\Packages
2019-08-13 20:14 - 2013-04-05 13:19 - 000000000 ____D C:\Jts
2019-08-13 19:39 - 2018-05-15 09:54 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-08-13 18:36 - 2018-05-15 10:05 - 000004194 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{1310216E-6E2A-45F2-98D9-A255B5B98AA7}
2019-08-13 16:27 - 2016-06-10 15:57 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-08-13 11:36 - 2018-05-14 11:32 - 000000000 ___DC C:\WINDOWS\Panther
2019-08-13 11:36 - 2013-01-24 16:33 - 000000000 ___DC C:\Users\Petr\AppData\Roaming\uTorrent
2019-08-13 11:21 - 2018-05-19 10:37 - 000000000 ___DC C:\Users\Petr\AppData\Local\D3DSCache
2019-08-12 22:21 - 2018-05-15 10:00 - 000000000 ____D C:\Users\Petr
2019-08-12 19:56 - 2018-04-12 01:41 - 000000000 ____D C:\WINDOWS\Setup
2019-08-12 16:00 - 2018-05-15 10:05 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2019-08-12 16:00 - 2018-05-15 10:05 - 000003954 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1379407042
2019-08-12 16:00 - 2018-05-15 10:05 - 000003362 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1378127302-1103651912-2866801594-1000
2019-08-12 16:00 - 2018-05-15 10:00 - 000002399 ____C C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-08-12 16:00 - 2017-07-08 17:43 - 000001184 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2019-08-12 16:00 - 2016-07-18 00:21 - 000000000 ___RD C:\Users\Petr\OneDrive
2019-08-12 16:00 - 2013-09-17 10:37 - 000000000 ____D C:\Program Files (x86)\Opera
2019-08-08 00:57 - 2015-06-09 10:52 - 000002336 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-08-07 18:23 - 2013-03-16 17:54 - 000000000 ___DC C:\Users\Petr\AppData\Roaming\vlc
2019-08-02 15:10 - 2017-09-29 08:48 - 000000000 ____D C:\Program Files\rempl
2019-07-27 10:25 - 2018-10-24 18:55 - 000000000 ___DC C:\Users\Petr\AppData\Local\GoToMeeting
2019-07-27 08:27 - 2018-10-24 18:55 - 000000644 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-1378127302-1103651912-2866801594-1000.job
2019-07-27 08:27 - 2018-10-24 18:55 - 000000548 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-1378127302-1103651912-2866801594-1000.job
2019-07-26 08:30 - 2018-10-24 18:55 - 000003796 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-1378127302-1103651912-2866801594-1000
2019-07-26 08:30 - 2018-10-24 18:55 - 000003700 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-1378127302-1103651912-2866801594-1000
2019-07-20 19:26 - 2013-01-24 16:54 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

==================== Files in the root of some directories ================

2017-08-25 09:08 - 2017-08-25 09:08 - 000000600 ____C () C:\Users\Petr\AppData\Roaming\winscp.rnd
2017-10-02 20:45 - 2017-10-02 21:04 - 000029696 ____C () C:\Users\Petr\AppData\Local\MSGBOX.EXE
2017-05-14 20:40 - 2017-05-14 20:40 - 000000852 ____C () C:\Users\Petr\AppData\Local\recently-used.xbel
2015-01-06 12:37 - 2015-02-09 18:43 - 000007601 ____C () C:\Users\Petr\AppData\Local\resmon.resmoncfg

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================