Právě je 19 lis 2017 02:14

Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Všechny časy jsou v UTC + 1 hodina


Pravidla fóra


Pokud chcete pomoc, vložte log z RSIT [návod zde] nebo FRST [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz



Odeslat nové téma Odpovědět na téma  [ Příspěvků: 11 ] 
Autor Zpráva
 Předmět příspěvku: Zpomaleny notebook
PříspěvekNapsal: 16 zář 2017 17:18 
Offline
Vzorný návštěvník
Vzorný návštěvník

Registrován: 21 kvě 2008 10:42
Příspěvky: 121
Bydliště: Ostrava
Zdravím ,prosím o kontrolu logu notebook se zpomalil a seka se .
Logfile of random's system information tool 1.16 (written by random/random)
Run by Jana at 2017-09-16 18:15:36
Microsoft Windows 10 Home
System drive C: has 571 GB (83%) free of 689 GB
Total RAM: 4072 MB (50% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:15:43, on 16.9.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.15063.0608)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
c:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\WINDOWS\SysWOW64\ctfmon.exe
C:\Program Files\trend micro\Jana_RSITx64.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - (no file)
F2 - REG:system.ini: UserInit=
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll
O2 - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [GSplay.exe] C:\Users\Jana\Desktop\GSplay.exe
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
O23 - Service: aswbIDSAgent - AVAST Software s.r.o. - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall Service (avast! Firewall) - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10391 bytes

====== Enumerating Processes ======

C:\WINDOWS\system32\fontdrvhost.exe
c:\windows\system32\svchost.exe -k dcomlaunch -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
c:\windows\system32\svchost.exe -k rpcss
c:\windows\system32\svchost.exe -k dcomlaunch -s LSM
c:\windows\system32\svchost.exe -k netsvcs -s Schedule
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s NcbService
c:\windows\system32\svchost.exe -k netsvcs -s ProfSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s EventLog
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s TimeBrokerSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
c:\windows\system32\svchost.exe -k netsvcs -s UserManager
c:\windows\system32\svchost.exe -k appmodel -s StateRepository
C:\WINDOWS\system32\atiesrxx.exe
c:\windows\system32\svchost.exe -k localservice -s nsi
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s Dhcp
c:\windows\system32\svchost.exe -k netsvcs -s Themes
c:\windows\system32\svchost.exe -k localservice -s EventSystem
c:\windows\system32\svchost.exe -k netsvcs -s SENS
c:\windows\system32\svchost.exe -k networkservice -s NlaSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -s FontCache
c:\windows\system32\svchost.exe -k localservice -s netprofm
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
c:\windows\system32\svchost.exe -k networkservice -s Dnscache
c:\windows\system32\svchost.exe -k netsvcs -s Appinfo
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
c:\windows\system32\svchost.exe -k netsvcs -s ShellHWDetection
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
c:\windows\system32\svchost.exe -k networkservice -s LanmanWorkstation
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s DeviceAssociationService
C:\WINDOWS\system32\dashost.exe
c:\windows\system32\svchost.exe -k localservice -s WinHttpAutoProxySvc
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s SSDPSRV
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
c:\windows\system32\svchost.exe -k apphost -s AppHostSvc
"C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe"
c:\windows\system32\svchost.exe -k netsvcs -s CertPropSvc
c:\windows\system32\svchost.exe -k networkservice -s CryptSvc
C:\WINDOWS\System32\svchost.exe -k utcsvc
c:\windows\system32\svchost.exe -k iissvcs
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s FDResPub
c:\windows\system32\svchost.exe -k netsvcs -s IKEEXT
c:\windows\system32\svchost.exe -k netsvcs -s Winmgmt
c:\windows\system32\svchost.exe -k localservicenonetwork -s DPS
C:\WINDOWS\system32\mqsvc.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s PcaSvc
c:\windows\system32\svchost.exe -k netsvcs -s LanmanServer
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s TrkWks
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s SysMain
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k appmodel -s tiledatamodelsvc
c:\windows\system32\svchost.exe -k netsvcs -s WpnService
c:\windows\system32\svchost.exe -k netsvcs -s iphlpsvc
c:\windows\system32\svchost.exe -k localservice -s WdiServiceHost
c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe
c:\windows\system32\svchost.exe -k netsvcs -s Browser
"c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe" -netmsmqactivator
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s wscsvc
c:\windows\system32\svchost.exe -k localservice -s CDPSvc
c:\windows\system32\svchost.exe -k netsvcs -s TokenBroker
C:\WINDOWS\system32\wbem\wmiprvse.exe
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -s PolicyAgent
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
c:\windows\system32\svchost.exe -k localservice -s LicenseManager
c:\windows\system32\svchost.exe -k netsvcs -s DoSvc
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s StorSvc
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\svchost.exe -k netsvcs -s lfsvc
C:\WINDOWS\System32\WinLogon.exe -SpecialSession
C:\WINDOWS\System32\fontdrvhost.exe
C:\WINDOWS\System32\dwm.exe
C:\WINDOWS\system32\atieclxx.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -s lmhosts
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe"
c:\windows\system32\sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
"C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe"
"C:\Program Files\ASUS\P4G\BatteryLife.exe"
"c:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
c:\windows\system32\taskhostw.exe
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
C:\Windows\SysWOW64\ACEngSvr.exe -Embedding
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -s WdiSystemHost
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\AsScrPro.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SF3
C:\Program Files\AVAST Software\Avast\AvastUI.exe
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /AECBYLISTENTOSTATUS
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Jana\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=60.0.3112.113 --initial-client-data=0x8,0x1e8,0x1ec,0x98,0x1f0,0x7ff804b229b8,0x7ff804b229f8,0x7ff804b229d0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=1596 --on-initialized-event-handle=672 --parent-handle=680 /prefetch:6
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1444,15358734988794897045,9629832573422788425,131072 --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,10,20,21,24,28,43,77 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x1002 --gpu-device-id=0x6760 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=15.201.1151.1008 --gpu-driver-date=11-4-2015 --service-request-channel-token=F5371E8B76B2D5330079D0C6483868EB --mojo-platform-channel-handle=1496 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1444,15358734988794897045,9629832573422788425,131072 --service-pipe-token=4C654DCA2099D64119B40000631B888B --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=4C654DCA2099D64119B40000631B888B --renderer-client-id=4 --mojo-platform-channel-handle=3584 /prefetch:1
c:\windows\system32\svchost.exe -k unistacksvcgroup
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1444,15358734988794897045,9629832573422788425,131072 --service-pipe-token=32A304B215705AD82666840C1F0C29F3 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=32A304B215705AD82666840C1F0C29F3 --renderer-client-id=10 --mojo-platform-channel-handle=2020 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1444,15358734988794897045,9629832573422788425,131072 --service-pipe-token=F5F65916A0F432E8DD9D505AC58F74BD --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=F5F65916A0F432E8DD9D505AC58F74BD --renderer-client-id=12 --mojo-platform-channel-handle=7700 /prefetch:1
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
C:\WINDOWS\SysWOW64\ctfmon.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1444,15358734988794897045,9629832573422788425,131072 --service-pipe-token=CEF49CF060A15070F13CDB6059FC51AB --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=CEF49CF060A15070F13CDB6059FC51AB --renderer-client-id=27 --mojo-platform-channel-handle=7580 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1444,15358734988794897045,9629832573422788425,131072 --service-pipe-token=DC3F5A0C9D6B3401D0032BDD085F304F --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=DC3F5A0C9D6B3401D0032BDD085F304F --renderer-client-id=31 --mojo-platform-channel-handle=7036 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1444,15358734988794897045,9629832573422788425,131072 --service-pipe-token=7B8778BDF17163B8D3F442BA1494ACD7 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=7B8778BDF17163B8D3F442BA1494ACD7 --renderer-client-id=35 --mojo-platform-channel-handle=8268 /prefetch:1
c:\windows\system32\svchost.exe -k netsvcs
C:\WINDOWS\servicing\TrustedInstaller.exe
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe23_ Global\UsGthrCtrlFltPipeMssGthrPipe23 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 692 696 704 8192 700
C:\WINDOWS\system32\svchost.exe -k netsvcs -s gpsvc
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca
C:\Windows\System32\smartscreen.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k netsvcs -s wlidsvc
C:\WINDOWS\system32\AUDIODG.EXE 0x4bc
"C:\Users\Jana\Desktop\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe

====== Scheduled tasks folder ======

C:\WINDOWS\system32\tasks\ACC - C:\Program Files\DriverSetupUtility\FUB\FUB_Send.bat
C:\WINDOWS\system32\tasks\Adobe Flash Player PPAPI Notifier - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_130_pepper.exe -check pepperplugin
C:\WINDOWS\system32\tasks\Adobe Flash Player Updater - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\system32\tasks\ASUS Live Update - c:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\WINDOWS\system32\tasks\ASUS P4G - C:\Program Files\ASUS\P4G\BatteryLife.exe
C:\WINDOWS\system32\tasks\ASUS SmartLogon Console Sensor - C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
C:\WINDOWS\system32\tasks\ATKOSD2 - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\WINDOWS\system32\tasks\Avast Emergency Update - C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\OneDrive Standalone Update Task-S-1-5-21-2566585407-4284200854-934862898-1001 - %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
C:\WINDOWS\system32\tasks\Opera scheduled Autoupdate 1498841812 - C:\Users\Jana\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0)
C:\WINDOWS\system32\tasks\RtHDVBg - "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SF3
C:\WINDOWS\system32\tasks\RtHDVBg_ListenToDevice - "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /AECBYLISTENTOSTATUS
C:\WINDOWS\system32\tasks\RTKCPL - "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
C:\WINDOWS\system32\tasks\SafeZone scheduled Autoupdate 1498842471 - C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
C:\WINDOWS\system32\tasks\SidebarExecute - C:\Program Files\Windows Sidebar\sidebar.exe /addGadget
C:\WINDOWS\system32\tasks\User_Feed_Synchronization-{8BA9F51F-28D5-46AF-97BD-F403D23B84AA} - C:\WINDOWS\system32\msfeedssync.exe sync
C:\WINDOWS\system32\tasks\{0234B137-0C37-48D0-841A-965D18F2021E} - "c:\program files (x86)\google\chrome\application\chrome.exe" http://www.skype.com/go/downloading?sou ... rror=12002
C:\WINDOWS\system32\tasks\{219A2511-99D3-45C5-9789-0E71F2A3DE03} - C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\ASUS\Wireless Console 3\AegisI5.exe" -d "C:\Program Files (x86)\ASUS\Wireless Console 3"
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTask - %windir%\System32\XblGameSaveTask.exe standby
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon - %windir%\System32\XblGameSaveTask.exe logon
C:\WINDOWS\system32\tasks\Microsoft\Windows\WwanSvc\NotificationTask - %SystemRoot%\System32\WiFiTask.exe wwan
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join - %SystemRoot%\System32\dsregcmd.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sih - %systemroot%\System32\sihclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sihboot - %systemroot%\System32\sihclient.exe /boot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -upload
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance - C:\Program Files\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup - C:\Program Files\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCleanup
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan - C:\Program Files\Windows Defender\MpCmdRun.exe Scan -ScheduleJob -ScanTrigger 55
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification - C:\Program Files\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdVerification
C:\WINDOWS\system32\tasks\Microsoft\Windows\WCM\WiFiTask - %SystemRoot%\System32\WiFiTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Combined Scan Download Install - %systemroot%\system32\usoclient.exe ScanInstallWait
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Reboot - %systemroot%\system32\MusNotification.exe Reboot
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Refresh Settings - %systemroot%\system32\usoclient.exe RefreshSettings
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot - %systemroot%\system32\usoclient.exe ResumeUpdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan - %systemroot%\system32\usoclient.exe StartScan
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display - C:\windows\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot - C:\windows\system32\MusNotification.exe ReadyToReboot
C:\WINDOWS\system32\tasks\Microsoft\Windows\UNP\RunCampaignManager - %windir%\System32\UNP\UNPCampaignManager.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\WINDOWS\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition - %SystemRoot%\system32\ClipRenew.exe -e
C:\WINDOWS\system32\tasks\Microsoft\Windows\Subscription\LicenseAcquisition - %SystemRoot%\system32\ClipRenew.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization - %windir%\system32\defrag.exe -c -h -g -# -m 8 -i 13500
C:\WINDOWS\system32\tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask - %windir%\system32\speech_onecore\common\SpeechModelDownload.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceManagerTask - %windir%\system32\spaceman.exe /Work
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SharedPC\Account Cleanup - %windir%\System32\rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\NlaSvc\WiFiTask - %SystemRoot%\System32\WiFiTask.exe nla
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\Lpksetup - C:\Windows\System32\lpksetup.exe -v
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\Mcbuilder - C:\Windows\System32\mcbuilder.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\mcupdate_scheduled - %SystemRoot%\ehome\mcupdate -crl -hms -pscn 15
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Cellular - %windir%\system32\ProvTool.exe /turn 7 /source CellStateChangeTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Logon - %windir%\system32\ProvTool.exe /turn 5 /source LogonIdleTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotificationWindows.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\WindowsActionDialog - %windir%\System32\WindowsActionDialog.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClient - %windir%\system32\dmclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload - %windir%\system32\dmclient.exe utcwnf
C:\WINDOWS\system32\tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask - %windir%\system32\MDMAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DUSM\dusmtask - %SystemRoot%\System32\dusmtask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskFootprint\Diagnostics - %windir%\system32\disksnapshot.exe -z
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\Device Information\Device - %windir%\system32\devicecensus.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Clip\License Validation - %SystemRoot%\system32\ClipUp.exe -p -s -o
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierdaily - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierinstall - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup - %windir%\system32\dstokenclean.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattelrunner.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe

=========Google Chrome=========

C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek 1 Prezentace Google 0.9
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension bfbmjmiodbnnpllbbbfblcplfjjepjdn 1 Zhasnout světla 3.2.0.14
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension coobgpohoikkiipiblmjeljniedjpjpf 1 Vyhledávání Google 0.0.0.30
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension ennkphjdgehloodpbhlhldgbnhmacadg 1 Settings 0.2
Extension felcaaldnbdncclmgdcncolpebgiejap 1 Tabulky Google 1.1
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google offline 1.4
Extension gighmmpiobklfepjocnamgkkbiglidom 1 AdBlock 2.57
Extension hkkmaoibnpgeoicicbjpcklbkdickdcj 1 Reklamní-Kupony.cz - slevové kupony 1.0
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.38
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf 1 Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nfojfpgdlapjkpehegmfpcpbfnddpbab 1 Instantní zrcátko 1.5.1
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.2.0
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.0
Extension pafkbggdmjlpgkdkcbjmhmfcdpncadgh 1 Google Now 1.2.0.1
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Homepage: http://www.google.com
default_search_provider.search_url:
C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck]
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho]
"Path"=C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki]
"Path"=


======Registry dump ======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-07-15 473152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-07-15 186944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-03-18 629152]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2015-08-13 361984]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2000-01-01 1467400]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2017-09-03 239856]
"WindowsDefender"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-03-18 629152]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GSplay.exe"=C:\Users\Jana\Desktop\GSplay.exe [2017-02-01 4772747]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ACMON]
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-02-06 102568]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2015-09-24 40336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2016-05-14 3058304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSWebStorage]
C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe /S []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe /MONITOR []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2000-01-01 16696840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2017-08-25 27832272]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wireless Console 3]
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2011-10-19 2319536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AsusVibeLauncher.lnk]
C:\PROGRA~2\ASUS\AsusVibe\ASUSVI~2.EXE [2012-01-13 549040]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]
"ASUSPRP"=C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2012-02-24 3331312]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2011-12-23 318080]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2011-10-25 174720]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"Wireless Console 3"=C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2011-10-19 2319536]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-03-15 587288]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2015-11-04 767176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders" = credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"DSCAutomationHostEnabled"=2
"EnableCursorSuppression"=1
"EnableUIADesktopToggle"=0
"undockwithoutlogon"=1
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"PromptOnSecureDesktop"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=0
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
"StubPath" = %SystemRoot%\inf\unregmp2.exe /ShowWMP
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath" = "C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.113\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.VP60"=vp6vfw.dll
"vidc.VP61"=vp6vfw.dll

====== File associations ======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

====== List of files/folders created in the last 1 month ======

2017-09-16 18:15:37 ----D---- C:\Program Files\trend micro
2017-09-16 18:15:36 ----D---- C:\rsit
2017-09-16 10:38:41 ----D---- C:\ProgramData\SWCUTemp
2017-09-14 17:52:38 ----A---- C:\WINDOWS\SYSWOW64\XpsPrint.dll
2017-09-14 17:52:38 ----A---- C:\WINDOWS\SYSWOW64\PCPKsp.dll
2017-09-14 17:52:37 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2017-09-14 17:52:37 ----A---- C:\WINDOWS\SYSWOW64\TpmCoreProvisioning.dll
2017-09-14 17:52:37 ----A---- C:\WINDOWS\SYSWOW64\OpcServices.dll
2017-09-14 17:52:37 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2017-09-14 17:52:37 ----A---- C:\WINDOWS\SYSWOW64\d3d10warp.dll
2017-09-14 17:52:36 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2017-09-14 17:52:36 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2017-09-14 17:52:36 ----A---- C:\WINDOWS\SYSWOW64\odbcconf.dll
2017-09-14 17:52:36 ----A---- C:\WINDOWS\SYSWOW64\netlogon.dll
2017-09-14 17:52:35 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_47.dll
2017-09-14 17:52:35 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2017-09-14 17:52:34 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Resources.dll
2017-09-14 17:52:34 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2017-09-14 17:52:34 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2017-09-14 17:52:33 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2017-09-14 17:52:32 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2017-09-14 17:52:31 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2017-09-14 17:52:30 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2017-09-14 17:52:29 ----A---- C:\WINDOWS\SYSWOW64\offreg.dll
2017-09-14 17:52:29 ----A---- C:\WINDOWS\SYSWOW64\CoreMessaging.dll
2017-09-14 17:52:28 ----A---- C:\WINDOWS\SYSWOW64\WWAHost.exe
2017-09-14 17:52:28 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2017-09-14 17:52:27 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2017-09-14 17:52:27 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2017-09-14 17:52:26 ----A---- C:\WINDOWS\SYSWOW64\AzureSettingSyncProvider.dll
2017-09-14 17:52:26 ----A---- C:\WINDOWS\SYSWOW64\ActivationManager.dll
2017-09-14 17:52:25 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2017-09-14 17:52:24 ----A---- C:\WINDOWS\SYSWOW64\twinui.appcore.dll
2017-09-14 17:52:24 ----A---- C:\WINDOWS\SYSWOW64\RstrtMgr.dll
2017-09-14 17:52:24 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2017-09-14 17:52:23 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2017-09-14 17:52:22 ----A---- C:\WINDOWS\SYSWOW64\CredentialUIBroker.exe
2017-09-14 17:52:21 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2017-09-14 17:52:21 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2017-09-14 17:52:20 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2017-09-14 17:52:19 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2017-09-14 17:52:18 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2017-09-14 17:52:17 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2017-09-14 17:52:17 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2017-09-14 17:52:14 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2017-09-14 17:52:07 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2017-09-14 17:52:07 ----A---- C:\WINDOWS\SYSWOW64\cldapi.dll
2017-09-14 17:52:06 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2017-09-14 17:52:03 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2017-09-14 17:52:02 ----A---- C:\WINDOWS\SYSWOW64\WpcWebFilter.dll
2017-09-14 17:52:02 ----A---- C:\WINDOWS\SYSWOW64\wermgr.exe
2017-09-14 17:52:02 ----A---- C:\WINDOWS\SYSWOW64\WerFault.exe
2017-09-14 17:52:02 ----A---- C:\WINDOWS\SYSWOW64\rasapi32.dll
2017-09-14 17:52:02 ----A---- C:\WINDOWS\SYSWOW64\Faultrep.dll
2017-09-14 17:52:02 ----A---- C:\WINDOWS\SYSWOW64\DWWIN.EXE
2017-09-14 17:52:01 ----A---- C:\WINDOWS\SYSWOW64\werui.dll
2017-09-14 17:52:01 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2017-09-14 17:52:01 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2017-09-14 17:51:59 ----A---- C:\WINDOWS\SYSWOW64\mfds.dll
2017-09-14 17:51:59 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2017-09-14 17:51:59 ----A---- C:\WINDOWS\system32\drivers\dumpsd.sys
2017-09-14 17:51:58 ----A---- C:\WINDOWS\SYSWOW64\wevtapi.dll
2017-09-14 17:51:58 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2017-09-14 17:51:58 ----A---- C:\WINDOWS\SYSWOW64\SHCore.dll
2017-09-14 17:51:58 ----A---- C:\WINDOWS\system32\mssprxy.dll
2017-09-14 17:51:57 ----A---- C:\WINDOWS\SYSWOW64\msvproc.dll
2017-09-14 17:51:56 ----A---- C:\WINDOWS\SYSWOW64\setupapi.dll
2017-09-14 17:51:56 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2017-09-14 17:51:55 ----A---- C:\WINDOWS\SYSWOW64\winhttp.dll
2017-09-14 17:51:55 ----A---- C:\WINDOWS\SYSWOW64\tdh.dll
2017-09-14 17:51:55 ----A---- C:\WINDOWS\SYSWOW64\dinput8.dll
2017-09-14 17:51:55 ----A---- C:\WINDOWS\SYSWOW64\cryptngc.dll
2017-09-14 17:51:55 ----A---- C:\WINDOWS\system32\drivers\hidbth.sys
2017-09-14 17:51:54 ----A---- C:\WINDOWS\SYSWOW64\tbs.dll
2017-09-14 17:51:54 ----A---- C:\WINDOWS\SYSWOW64\nshwfp.dll
2017-09-14 17:51:54 ----A---- C:\WINDOWS\system32\nshwfp.dll
2017-09-14 17:51:53 ----A---- C:\WINDOWS\SYSWOW64\win32u.dll
2017-09-14 17:51:53 ----A---- C:\WINDOWS\SYSWOW64\rasgcw.dll
2017-09-14 17:51:53 ----A---- C:\WINDOWS\SYSWOW64\ntprint.dll
2017-09-14 17:51:53 ----A---- C:\WINDOWS\SYSWOW64\dsreg.dll
2017-09-14 17:51:53 ----A---- C:\WINDOWS\SYSWOW64\appidapi.dll
2017-09-14 17:51:53 ----A---- C:\WINDOWS\system32\drivers\usbser.sys
2017-09-14 17:51:53 ----A---- C:\WINDOWS\system32\BthHFSrv.dll
2017-09-14 17:51:52 ----A---- C:\WINDOWS\SYSWOW64\srpapi.dll
2017-09-14 17:51:52 ----A---- C:\WINDOWS\SYSWOW64\rasdlg.dll
2017-09-14 17:51:52 ----A---- C:\WINDOWS\SYSWOW64\ngccredprov.dll
2017-09-14 17:51:51 ----A---- C:\WINDOWS\SYSWOW64\wisp.dll
2017-09-14 17:51:51 ----A---- C:\WINDOWS\SYSWOW64\rasplap.dll
2017-09-14 17:51:50 ----A---- C:\WINDOWS\SYSWOW64\win32k.sys
2017-09-14 17:51:50 ----A---- C:\WINDOWS\SYSWOW64\rasman.dll
2017-09-14 17:51:49 ----A---- C:\WINDOWS\system32\drivers\buttonconverter.sys
2017-09-14 17:51:46 ----A---- C:\WINDOWS\SYSWOW64\Phoneutil.dll
2017-09-14 17:51:46 ----A---- C:\WINDOWS\SYSWOW64\dinput.dll
2017-09-14 17:51:46 ----A---- C:\WINDOWS\SYSWOW64\authz.dll
2017-09-14 17:51:46 ----A---- C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2017-09-14 17:51:45 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.Vpn.dll
2017-09-14 17:51:45 ----A---- C:\WINDOWS\SYSWOW64\shdocvw.dll
2017-09-14 17:51:45 ----A---- C:\WINDOWS\SYSWOW64\ntprint.exe
2017-09-14 17:51:38 ----A---- C:\WINDOWS\system32\WWAHost.exe
2017-09-14 17:51:38 ----A---- C:\WINDOWS\system32\storewuauth.dll
2017-09-14 17:51:36 ----A---- C:\WINDOWS\system32\mstscax.dll
2017-09-14 17:51:32 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2017-09-14 17:51:32 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2017-09-14 17:51:31 ----A---- C:\WINDOWS\system32\diagtrack.dll
2017-09-14 17:51:30 ----A---- C:\WINDOWS\system32\ngcsvc.dll
2017-09-14 17:51:28 ----A---- C:\WINDOWS\system32\WinBioDataModel.dll
2017-09-14 17:51:24 ----A---- C:\WINDOWS\system32\NgcCtnr.dll
2017-09-14 17:51:24 ----A---- C:\WINDOWS\system32\cryptngc.dll
2017-09-14 17:51:23 ----A---- C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-09-14 17:51:22 ----A---- C:\WINDOWS\system32\drivers\UcmCx.sys
2017-09-14 17:51:19 ----A---- C:\WINDOWS\system32\Phoneutil.dll
2017-09-14 17:51:19 ----A---- C:\WINDOWS\system32\ngccredprov.dll
2017-09-14 17:51:18 ----A---- C:\WINDOWS\system32\ngcrecovery.dll
2017-09-14 17:51:18 ----A---- C:\WINDOWS\system32\ngcpopkeysrv.dll
2017-09-14 17:51:16 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2017-09-14 17:51:16 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2017-09-14 17:51:15 ----A---- C:\WINDOWS\system32\jscript9.dll
2017-09-14 17:51:14 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2017-09-14 17:51:14 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2017-09-14 17:51:14 ----A---- C:\WINDOWS\system32\MshtmlDac.dll
2017-09-14 17:51:14 ----A---- C:\WINDOWS\system32\dxtrans.dll
2017-09-14 17:51:13 ----A---- C:\WINDOWS\system32\mshtmled.dll
2017-09-14 17:51:12 ----A---- C:\WINDOWS\system32\rdpudd.dll
2017-09-14 17:51:12 ----A---- C:\WINDOWS\system32\Chakra.dll
2017-09-14 17:51:12 ----A---- C:\WINDOWS\system32\drivers\netio.sys
2017-09-14 17:51:11 ----A---- C:\WINDOWS\system32\mfcore.dll
2017-09-14 17:51:10 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2017-09-14 17:51:10 ----A---- C:\WINDOWS\system32\iepeers.dll
2017-09-14 17:51:10 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2017-09-14 17:51:09 ----A---- C:\WINDOWS\system32\mshtml.dll
2017-09-14 17:51:08 ----A---- C:\WINDOWS\system32\win32spl.dll
2017-09-14 17:51:08 ----A---- C:\WINDOWS\system32\localspl.dll
2017-09-14 17:51:07 ----A---- C:\WINDOWS\system32\KernelBase.dll
2017-09-14 17:51:07 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2017-09-14 17:51:06 ----A---- C:\WINDOWS\system32\offreg.dll
2017-09-14 17:51:06 ----A---- C:\WINDOWS\system32\edgehtml.dll
2017-09-14 17:51:02 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2017-09-14 17:51:00 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2017-09-14 17:50:57 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2017-09-14 17:50:53 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2017-09-14 17:50:51 ----A---- C:\WINDOWS\system32\XpsPrint.dll
2017-09-14 17:50:50 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2017-09-14 17:50:49 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2017-09-14 17:50:49 ----A---- C:\WINDOWS\system32\ieproxy.dll
2017-09-14 17:50:48 ----A---- C:\WINDOWS\system32\wmpps.dll
2017-09-14 17:50:48 ----A---- C:\WINDOWS\system32\mfps.dll
2017-09-14 17:50:47 ----A---- C:\WINDOWS\system32\nettrace.dll
2017-09-14 17:50:47 ----A---- C:\WINDOWS\system32\msvproc.dll
2017-09-14 17:50:47 ----A---- C:\WINDOWS\system32\mfds.dll
2017-09-14 17:50:46 ----A---- C:\WINDOWS\system32\rasgcw.dll
2017-09-14 17:50:46 ----A---- C:\WINDOWS\system32\printfilterpipelinesvc.exe
2017-09-14 17:50:45 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2017-09-14 17:50:44 ----A---- C:\WINDOWS\system32\rasdlg.dll
2017-09-14 17:50:44 ----A---- C:\WINDOWS\system32\drivers\ksecdd.sys
2017-09-14 17:50:43 ----A---- C:\WINDOWS\system32\rasplap.dll
2017-09-14 17:50:43 ----A---- C:\WINDOWS\system32\ntprint.dll
2017-09-14 17:50:43 ----A---- C:\WINDOWS\system32\drivers\nsiproxy.sys
2017-09-14 17:50:42 ----A---- C:\WINDOWS\system32\SEMgrPS.dll
2017-09-14 17:50:41 ----A---- C:\WINDOWS\system32\wpnpinst.exe
2017-09-14 17:50:41 ----A---- C:\WINDOWS\system32\spoolsv.exe
2017-09-14 17:50:41 ----A---- C:\WINDOWS\system32\ntprint.exe
2017-09-14 17:50:41 ----A---- C:\WINDOWS\system32\inetpp.dll
2017-09-14 17:50:40 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2017-09-14 17:50:40 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2017-09-14 17:50:39 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2017-09-14 17:50:39 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2017-09-14 17:50:39 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2017-09-14 17:50:39 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2017-09-14 17:50:38 ----A---- C:\WINDOWS\system32\webcheck.dll
2017-09-14 17:50:38 ----A---- C:\WINDOWS\system32\msfeeds.dll
2017-09-14 17:50:37 ----A---- C:\WINDOWS\system32\wudriver.dll
2017-09-14 17:50:37 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2017-09-14 17:50:36 ----A---- C:\WINDOWS\system32\WpAXHolder.dll
2017-09-14 17:50:34 ----A---- C:\WINDOWS\system32\wermgr.exe
2017-09-14 17:50:34 ----A---- C:\WINDOWS\system32\ieframe.dll
2017-09-14 17:50:33 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2017-09-14 17:50:33 ----A---- C:\WINDOWS\system32\wersvc.dll
2017-09-14 17:50:33 ----A---- C:\WINDOWS\system32\WerFault.exe
2017-09-14 17:50:33 ----A---- C:\WINDOWS\system32\wer.dll
2017-09-14 17:50:33 ----A---- C:\WINDOWS\system32\wc_storage.dll
2017-09-14 17:50:33 ----A---- C:\WINDOWS\system32\odbcconf.dll
2017-09-14 17:50:33 ----A---- C:\WINDOWS\system32\Faultrep.dll
2017-09-14 17:50:32 ----A---- C:\WINDOWS\system32\ntdll.dll
2017-09-14 17:50:31 ----A---- C:\WINDOWS\system32\dbgeng.dll
2017-09-14 17:50:31 ----A---- C:\WINDOWS\system32\D3DCompiler_47.dll
2017-09-14 17:50:29 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2017-09-14 17:50:25 ----A---- C:\WINDOWS\system32\browserbroker.dll
2017-09-14 17:50:23 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-09-14 17:50:23 ----A---- C:\WINDOWS\system32\ActivationManager.dll
2017-09-14 17:50:22 ----A---- C:\WINDOWS\system32\d3d10warp.dll
2017-09-14 17:50:21 ----A---- C:\WINDOWS\system32\LocationFramework.dll
2017-09-14 17:50:20 ----A---- C:\WINDOWS\system32\drivers\partmgr.sys
2017-09-14 17:50:20 ----A---- C:\WINDOWS\system32\drivers\netbt.sys
2017-09-14 17:50:20 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2017-09-14 17:50:19 ----A---- C:\WINDOWS\system32\datamarketsvc.dll
2017-09-14 17:50:18 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-09-14 17:50:18 ----A---- C:\WINDOWS\system32\vss_ps.dll
2017-09-14 17:50:17 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2017-09-14 17:50:17 ----A---- C:\WINDOWS\system32\OpcServices.dll
2017-09-14 17:50:16 ----A---- C:\WINDOWS\system32\wercplsupport.dll
2017-09-14 17:50:16 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2017-09-14 17:50:15 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-09-14 17:50:13 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-09-14 17:50:11 ----A---- C:\WINDOWS\system32\windows.storage.dll
2017-09-14 17:50:10 ----A---- C:\WINDOWS\system32\wwansvc.dll
2017-09-14 17:50:10 ----A---- C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-09-14 17:50:10 ----A---- C:\WINDOWS\system32\NotificationController.dll
2017-09-14 17:50:08 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2017-09-14 17:50:08 ----A---- C:\WINDOWS\system32\StartTileData.dll
2017-09-14 17:50:08 ----A---- C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-09-14 17:50:07 ----A---- C:\WINDOWS\system32\RstrtMgr.dll
2017-09-14 17:50:07 ----A---- C:\WINDOWS\system32\msIso.dll
2017-09-14 17:50:07 ----A---- C:\WINDOWS\system32\iertutil.dll
2017-09-14 17:50:06 ----A---- C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-09-14 17:50:06 ----A---- C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-09-14 17:50:05 ----A---- C:\WINDOWS\system32\twinui.dll
2017-09-14 17:50:05 ----A---- C:\WINDOWS\system32\twinui.appcore.dll
2017-09-14 17:50:04 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2017-09-14 17:50:03 ----A---- C:\WINDOWS\system32\win32kfull.sys
2017-09-14 17:50:01 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-09-14 17:50:00 ----A---- C:\WINDOWS\system32\winlogon.exe
2017-09-14 17:50:00 ----A---- C:\WINDOWS\explorer.exe
2017-09-14 17:49:59 ----A---- C:\WINDOWS\system32\wininet.dll
2017-09-14 17:49:58 ----A---- C:\WINDOWS\system32\rpcss.dll
2017-09-14 17:49:58 ----A---- C:\WINDOWS\system32\combase.dll
2017-09-14 17:49:57 ----A---- C:\WINDOWS\system32\wuuhosdeployment.dll
2017-09-14 17:49:57 ----A---- C:\WINDOWS\system32\wsqmcons.exe
2017-09-14 17:49:57 ----A---- C:\WINDOWS\system32\TpmTasks.dll
2017-09-14 17:49:57 ----A---- C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-09-14 17:49:57 ----A---- C:\WINDOWS\system32\rasmans.dll
2017-09-14 17:49:57 ----A---- C:\WINDOWS\system32\DWWIN.EXE
2017-09-14 17:49:57 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-09-14 17:49:56 ----A---- C:\WINDOWS\system32\wuuhext.dll
2017-09-14 17:49:56 ----A---- C:\WINDOWS\system32\SIHClient.exe
2017-09-14 17:49:56 ----A---- C:\WINDOWS\system32\hvloader.exe
2017-09-14 17:49:56 ----A---- C:\WINDOWS\system32\hvax64.exe
2017-09-14 17:49:55 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2017-09-14 17:49:55 ----A---- C:\WINDOWS\system32\drivers\fvevol.sys
2017-09-14 17:49:55 ----A---- C:\WINDOWS\system32\cldapi.dll
2017-09-14 17:49:53 ----A---- C:\WINDOWS\system32\winsrvext.dll
2017-09-14 17:49:53 ----A---- C:\WINDOWS\system32\werconcpl.dll
2017-09-14 17:49:52 ----A---- C:\WINDOWS\system32\werui.dll
2017-09-14 17:49:52 ----A---- C:\WINDOWS\system32\urlmon.dll
2017-09-14 17:49:52 ----A---- C:\WINDOWS\system32\rasapi32.dll
2017-09-14 17:49:51 ----A---- C:\WINDOWS\system32\PCPKsp.dll
2017-09-14 17:49:51 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2017-09-14 17:49:50 ----A---- C:\WINDOWS\system32\wuaueng.dll
2017-09-14 17:49:50 ----A---- C:\WINDOWS\system32\wuapi.dll
2017-09-14 17:49:50 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-09-14 17:49:49 ----A---- C:\WINDOWS\system32\win32kbase.sys
2017-09-14 17:49:49 ----A---- C:\WINDOWS\system32\hvix64.exe
2017-09-14 17:49:49 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2017-09-14 17:49:48 ----A---- C:\WINDOWS\system32\MrmCoreR.dll
2017-09-14 17:49:48 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2017-09-14 17:49:48 ----A---- C:\WINDOWS\system32\kerberos.dll
2017-09-14 17:49:48 ----A---- C:\WINDOWS\system32\ClipSVC.dll
2017-09-14 17:49:47 ----A---- C:\WINDOWS\system32\shell32.dll
2017-09-14 17:49:43 ----A---- C:\WINDOWS\system32\gdi32full.dll
2017-09-14 17:49:42 ----A---- C:\WINDOWS\system32\GamePanel.exe
2017-09-14 17:49:42 ----A---- C:\WINDOWS\system32\aadtb.dll
2017-09-14 17:49:41 ----A---- C:\WINDOWS\system32\wpx.dll
2017-09-14 17:49:40 ----A---- C:\WINDOWS\SYSWOW64\UIRibbonRes.dll
2017-09-14 17:49:40 ----A---- C:\WINDOWS\system32\WpcWebFilter.dll
2017-09-14 17:49:40 ----A---- C:\WINDOWS\system32\UIRibbonRes.dll
2017-09-14 17:49:40 ----A---- C:\WINDOWS\system32\netlogon.dll
2017-09-14 17:49:39 ----A---- C:\WINDOWS\system32\Windows.CloudStore.dll
2017-09-14 17:49:39 ----A---- C:\WINDOWS\system32\sppobjs.dll
2017-09-14 17:49:39 ----A---- C:\WINDOWS\system32\aadcloudap.dll
2017-09-14 17:49:38 ----A---- C:\WINDOWS\system32\rascustom.dll
2017-09-14 17:49:38 ----A---- C:\WINDOWS\system32\daxexec.dll
2017-09-14 17:49:37 ----A---- C:\WINDOWS\system32\wlidsvc.dll
2017-09-14 17:49:36 ----A---- C:\WINDOWS\system32\bcdedit.exe
2017-09-14 17:49:34 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2017-09-14 17:49:32 ----A---- C:\WINDOWS\system32\winhttp.dll
2017-09-14 17:49:31 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2017-09-14 17:49:30 ----A---- C:\WINDOWS\system32\wevtapi.dll
2017-09-14 17:49:30 ----A---- C:\WINDOWS\system32\SHCore.dll
2017-09-14 17:49:29 ----A---- C:\WINDOWS\system32\winsrv.dll
2017-09-14 17:49:29 ----A---- C:\WINDOWS\system32\user32.dll
2017-09-14 17:49:29 ----A---- C:\WINDOWS\system32\iphlpsvc.dll
2017-09-14 17:49:26 ----A---- C:\WINDOWS\system32\propsys.dll
2017-09-14 17:49:25 ----A---- C:\WINDOWS\system32\tpmvsc.dll
2017-09-14 17:49:25 ----A---- C:\WINDOWS\system32\httpprxm.dll
2017-09-14 17:49:23 ----A---- C:\WINDOWS\system32\wisp.dll
2017-09-14 17:49:23 ----A---- C:\WINDOWS\system32\lsasrv.dll
2017-09-14 17:49:22 ----A---- C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2017-09-14 17:49:22 ----A---- C:\WINDOWS\system32\PhoneService.dll
2017-09-14 17:49:21 ----A---- C:\WINDOWS\system32\tdh.dll
2017-09-14 17:49:21 ----A---- C:\WINDOWS\system32\dsreg.dll
2017-09-14 17:49:21 ----A---- C:\WINDOWS\system32\dinput8.dll
2017-09-14 17:49:20 ----A---- C:\WINDOWS\system32\profsvc.dll
2017-09-14 17:49:19 ----A---- C:\WINDOWS\system32\RasMediaManager.dll
2017-09-14 17:49:19 ----A---- C:\WINDOWS\system32\csplte.dll
2017-09-14 17:49:18 ----A---- C:\WINDOWS\system32\PhoneProviders.dll
2017-09-14 17:49:18 ----A---- C:\WINDOWS\system32\nltest.exe
2017-09-14 17:49:16 ----A---- C:\WINDOWS\system32\win32u.dll
2017-09-14 17:49:16 ----A---- C:\WINDOWS\system32\tbs.dll
2017-09-14 17:49:16 ----A---- C:\WINDOWS\system32\setupapi.dll
2017-09-14 17:49:15 ----A---- C:\WINDOWS\system32\EnterpriseAPNCsp.dll
2017-09-14 17:49:15 ----A---- C:\WINDOWS\system32\CfgSPCellular.dll
2017-09-14 17:49:14 ----A---- C:\WINDOWS\system32\srpapi.dll
2017-09-14 17:49:14 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2017-09-14 17:49:14 ----A---- C:\WINDOWS\system32\appidapi.dll
2017-09-14 17:49:13 ----A---- C:\WINDOWS\system32\rasman.dll
2017-09-14 17:49:13 ----A---- C:\WINDOWS\system32\dab.dll
2017-09-14 17:49:12 ----A---- C:\WINDOWS\system32\win32k.sys
2017-09-14 17:49:12 ----A---- C:\WINDOWS\system32\dinput.dll
2017-09-14 17:49:11 ----A---- C:\WINDOWS\system32\wups.dll
2017-09-14 17:49:11 ----A---- C:\WINDOWS\system32\authz.dll
2017-09-14 17:49:11 ----A---- C:\WINDOWS\system32\appinfo.dll
2017-09-14 17:49:10 ----A---- C:\WINDOWS\system32\shdocvw.dll
2017-09-10 09:44:07 ----A---- C:\WINDOWS\system32\drivers\aswNetSec.sys
2017-09-10 09:43:56 ----A---- C:\WINDOWS\system32\aswBoot.exe
2017-09-03 19:01:51 ----D---- C:\mfe
2017-09-03 18:24:52 ----D---- C:\Program Files\VS Revo Group
2017-08-21 02:12:01 ----D---- C:\Users\Jana\AppData\Roaming\dvdcss
2017-08-17 23:55:21 ----SD---- C:\WINDOWS\SYSWOW64\Microsoft

====== List of files/folders modified in the last 1 month ======

2017-09-16 18:15:43 ----D---- C:\WINDOWS\Prefetch
2017-09-16 18:15:37 ----RD---- C:\Program Files
2017-09-16 18:02:06 ----D---- C:\WINDOWS\system32\sru
2017-09-16 17:59:01 ----D---- C:\WINDOWS\Temp
2017-09-16 17:28:34 ----D---- C:\WINDOWS\system32\SleepStudy
2017-09-16 12:20:30 ----RD---- C:\WINDOWS\Microsoft.NET
2017-09-16 12:19:49 ----RD---- C:\WINDOWS\assembly
2017-09-16 12:07:20 ----D---- C:\WINDOWS\System32
2017-09-16 12:07:20 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-09-16 12:04:56 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2017-09-16 12:04:37 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2017-09-16 11:32:31 ----D---- C:\WINDOWS\system32\config
2017-09-16 11:25:18 ----D---- C:\WINDOWS\system32\DriverStore
2017-09-16 11:25:16 ----D---- C:\WINDOWS\WinSxS
2017-09-16 10:44:25 ----D---- C:\WINDOWS\system32\catroot2
2017-09-16 10:38:41 ----HD---- C:\ProgramData
2017-09-16 10:36:56 ----D---- C:\WINDOWS\AppReadiness
2017-09-16 10:34:02 ----D---- C:\WINDOWS\rescache
2017-09-15 14:31:23 ----HD---- C:\Program Files\WindowsApps
2017-09-15 00:04:28 ----D---- C:\Users\Jana\AppData\Roaming\vlc
2017-09-14 22:53:45 ----D---- C:\ProgramData\updater2
2017-09-14 22:34:54 ----D---- C:\WINDOWS\INF
2017-09-14 22:33:22 ----SHD---- C:\Boot
2017-09-14 19:12:09 ----D---- C:\Windows
2017-09-14 19:09:34 ----SD---- C:\WINDOWS\SYSWOW64\F12
2017-09-14 19:09:34 ----D---- C:\WINDOWS\SYSWOW64\wbem
2017-09-14 19:09:34 ----D---- C:\WINDOWS\SYSWOW64\setup
2017-09-14 19:09:34 ----D---- C:\WINDOWS\SYSWOW64\en-US
2017-09-14 19:09:33 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2017-09-14 19:09:33 ----D---- C:\WINDOWS\SysWOW64
2017-09-14 19:09:26 ----SD---- C:\WINDOWS\system32\F12
2017-09-14 19:09:26 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2017-09-14 19:09:26 ----D---- C:\WINDOWS\system32\wbem
2017-09-14 19:09:26 ----D---- C:\WINDOWS\system32\setup
2017-09-14 19:09:26 ----D---- C:\WINDOWS\system32\en-US
2017-09-14 19:09:26 ----D---- C:\WINDOWS\system32\drivers\UMDF
2017-09-14 19:09:26 ----D---- C:\WINDOWS\system32\drivers
2017-09-14 19:09:26 ----D---- C:\WINDOWS\system32\cs-CZ
2017-09-14 19:09:25 ----D---- C:\WINDOWS\system32\cs
2017-09-14 19:09:24 ----D---- C:\WINDOWS\ShellExperiences
2017-09-14 19:09:23 ----D---- C:\Program Files\Windows Photo Viewer
2017-09-14 19:09:23 ----D---- C:\Program Files\Windows Mail
2017-09-14 19:09:23 ----D---- C:\Program Files\Internet Explorer
2017-09-14 19:09:23 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2017-09-14 19:09:23 ----D---- C:\Program Files (x86)\Windows Mail
2017-09-14 19:09:23 ----D---- C:\Program Files (x86)\Internet Explorer
2017-09-14 18:01:45 ----D---- C:\WINDOWS\system32\MRT
2017-09-14 18:01:35 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-09-14 18:01:31 ----D---- C:\WINDOWS\CbsTemp
2017-09-12 16:34:58 ----SHD---- C:\System Volume Information
2017-09-12 14:54:41 ----D---- C:\WINDOWS\system32\Macromed
2017-09-12 14:54:38 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2017-09-10 12:17:34 ----D---- C:\Users\Jana\AppData\Roaming\.minecraft
2017-09-10 09:45:50 ----A---- C:\WINDOWS\system32\ServiceFilter.ini
2017-09-10 09:44:32 ----D---- C:\WINDOWS\system32\Tasks
2017-09-05 21:06:09 ----SHD---- C:\WINDOWS\Installer
2017-09-05 21:06:09 ----D---- C:\ProgramData\Skype
2017-09-05 21:05:55 ----RD---- C:\Program Files (x86)\Skype
2017-09-05 21:05:55 ----D---- C:\Program Files (x86)\Common Files
2017-09-03 19:01:50 ----SH---- C:\Program Files (x86)\desktop.ini
2017-09-03 19:01:50 ----RD---- C:\Users
2017-09-03 19:01:50 ----RD---- C:\Program Files (x86)
2017-09-03 18:58:44 ----D---- C:\WINDOWS\Tasks
2017-09-03 18:58:39 ----D---- C:\Program Files\Common Files
2017-09-03 18:30:09 ----DC---- C:\WINDOWS\Panther
2017-09-03 18:30:08 ----D---- C:\WINDOWS\Minidump
2017-09-03 18:30:08 ----D---- C:\WINDOWS\LiveKernelReports
2017-09-03 18:13:46 ----SD---- C:\ProgramData\Microsoft
2017-09-03 18:11:33 ----D---- C:\Users\Jana\AppData\Roaming\uTorrent
2017-09-03 18:09:00 ----D---- C:\AdwCleaner
2017-09-02 17:15:22 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2017-08-31 15:10:50 ----D---- C:\Users\Jana\AppData\Roaming\Kodi
2017-08-18 00:15:45 ----D---- C:\WINDOWS\system32\NDF

File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed

====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [2017-09-03 198976]
R0 aswblog;aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [2017-09-03 343296]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [2017-09-03 57736]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2017-09-03 84416]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2017-09-03 361336]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2017-03-18 49568]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [2017-09-03 320528]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2017-09-03 41832]
R1 aswNetSec;aswNetSec; C:\WINDOWS\system32\drivers\aswNetSec.sys [2017-09-10 555072]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2017-09-03 110376]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2017-09-03 1016384]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2017-09-03 590880]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
R1 MpKsl26359ac2;MpKsl26359ac2; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DE4AC1A3-9755-4077-A7C1-0D7ED27F6DB2}\MpKsl26359ac2.sys [2017-09-16 44928]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2017-09-03 147784]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2017-09-03 199312]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2017-03-18 14336]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2015-12-16 21648880]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2015-12-16 674288]
R3 AtiHDAudioService;@oem8.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWT6.sys [2015-05-28 102912]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2017-03-18 53664]
R3 dtlitescsibus;@oem11.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2017-01-30 30264]
R3 dtliteusbbus;@oem1.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2017-01-30 47672]
R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\WINDOWS\System32\drivers\L1C63x64.sys [2017-03-18 121344]
R3 MQAC;@mqutil.dll,-6101; C:\WINDOWS\system32\drivers\mqac.sys [2017-07-18 177664]
R3 netr28x;@netr28x.inf,%Generic.Service.DispName%;Ralink 802.11n Extensible Wireless Driver; C:\WINDOWS\System32\drivers\netr28x.sys [2017-03-18 2537984]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-03-18 64416]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2017-03-18 91040]
S2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2017-03-18 12288]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-03-18 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2017-03-18 17920]
S3 aswHwid;aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [2017-09-03 47016]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2016-09-05 131712]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2017-03-18 74648]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-03-18 347032]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-03-18 2104224]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2017-03-18 33280]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-03-18 70656]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-03-18 85504]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-03-18 168448]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-03-18 36864]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2017-03-18 120320]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2017-03-18 405408]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2017-03-18 51104]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2017-03-18 122368]
S3 netvsc;netvsc; C:\WINDOWS\System32\drivers\netvsc.sys [2017-07-18 118784]
S3 nvdimmn;@nvdimmn.inf,%nvdimmn.SvcDesc%;Microsoft NVDIMM-N device driver; C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-03-18 80896]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2017-03-18 101376]
S3 ReFS;ReFS; C:\WINDOWS\system32\drivers\ReFS.sys [2017-03-18 1735584]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2017-03-18 31128]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2017-03-20 40352]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2016-09-05 165504]

====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2011-03-04 379520]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2015-12-16 255472]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; %windir%\system32\svchost.exe -k apphost;"ServiceDll" = %windir%\system32\inetsrv\apphostsvc.dll
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2011-11-21 80512]
R2 ASUS InstantOn;ASUS InstantOn Service; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [2012-02-03 277120]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-09-03 275208]
R2 avast! Firewall;Avast Firewall Service; C:\Program Files\AVAST Software\Avast\afwServ.exe [2017-09-10 322976]
R2 CDPUserSvc_c6137d;Uživatelská služba platformy připojených zařízení_c6137d; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\dusmsvc.dll
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-21 325656]
R2 MSMQ;@mqutil.dll,-6102; C:\WINDOWS\system32\mqsvc.exe [2017-07-18 26112]
R2 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-18 136360]
R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-18 136360]
R2 OneSyncSvc_c6137d;Hostitel synchronizace_c6137d; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2017-07-18 336320]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2017-02-10 43696]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; %SystemRoot%\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" = %SystemRoot%\System32\CDPUserSvc.dll
S2 NetTcpActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-18 136360]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-07-18 317408]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-03-18 52920]
S3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2017-09-03 7452288]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; %SystemRoot%\system32\svchost.exe -k DevicesFlow;"ServiceDll" = %SystemRoot%\System32\DevicesFlowBroker.dll
S3 DevicesFlowUserSvc_c6137d;Tok zařízení_c6137d; C:\WINDOWS\system32\svchost.exe -k DevicesFlow;"ServiceDll" =
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2016-12-22 1471168]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; %SystemRoot%\System32\svchost.exe -k Camera;"ServiceDll" = %SystemRoot%\system32\FrameServer.dll
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\hvhostsvc.dll
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\IpxlatCfg.dll
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\irmon.dll
S3 MessagingService_c6137d;Služba zasílání zpráv_c6137d; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; %SystemRoot%\system32\svchost.exe -k netsvcs;"ServiceDll" = %SystemRoot%\System32\NaturalAuth.dll
S3 PimIndexMaintenanceSvc_c6137d;Data kontaktů_c6137d; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\RMapi.dll
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; %SystemRoot%\system32\svchost.exe -k LocalService;"ServiceDll" = %SystemRoot%\system32\SEMgrSvc.dll
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2017-03-18 891904]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; %SystemRoot%\System32\svchost.exe -k netsvcs;"ServiceDll" = %systemroot%\system32\Windows.SharedPC.AccountManager.dll

-----------------EOF-----------------


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: Zpomaleny notebook
PříspěvekNapsal: 16 zář 2017 17:46 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 100938
Bydliště: Plzeň
Zdravím!
Spusťte tuto utilitu:

Citace:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: Zpomaleny notebook
PříspěvekNapsal: 16 zář 2017 17:58 
Offline
Vzorný návštěvník
Vzorný návštěvník

Registrován: 21 kvě 2008 10:42
Příspěvky: 121
Bydliště: Ostrava
# AdwCleaner 7.0.2.1 - Logfile created on Sat Sep 16 16:51:46 2017
# Updated on 2017/29/08 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\Users\host\Documents\PCSpeedUp
Deleted: C:\Users\Public\Documents\Downloaded Installers
Deleted: C:\ProgramData\DriverSetupUtility
Deleted: C:\Program Files\DriverSetupUtility
Deleted: C:\Users\All Users\DriverSetupUtility
Deleted: C:\Users\host\AppData\Local\\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp
Deleted: C:\Users\host\AppData\Local\AskPartnerNetwork
Deleted: C:\Users\host\AppData\Local\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp
Deleted: C:\ProgramData\SlimWare Utilities, Inc
Deleted: C:\Users\All Users\SlimWare Utilities, Inc


***** [ Files ] *****

Deleted: C:\Users\Jana\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Facebook.lnk
Deleted: C:\Users\host\Documents\PCSpeedUp-Silent-Update.exe
Deleted: C:\Users\host\Documents\PCSUUpdate.exe


***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted: [Key] - HKLM\SOFTWARE\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted: [Key] - HKLM\SOFTWARE\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted: [Key] - HKLM\SOFTWARE\SLIMWARE UTILITIES, INC.


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[C1].txt - [1605 B] - [2016/6/2 15:43:37]
C:/AdwCleaner/AdwCleaner[C2].txt - [1651 B] - [2016/7/24 9:30:43]
C:/AdwCleaner/AdwCleaner[C3].txt - [3291 B] - [2017/4/30 9:51:0]
C:/AdwCleaner/AdwCleaner[S1].txt - [1380 B] - [2016/5/13 21:15:53]
C:/AdwCleaner/AdwCleaner[S2].txt - [1492 B] - [2016/6/2 15:41:28]
C:/AdwCleaner/AdwCleaner[S3].txt - [1377 B] - [2016/6/11 13:42:50]
C:/AdwCleaner/AdwCleaner[S4].txt - [1452 B] - [2016/7/24 9:28:23]
C:/AdwCleaner/AdwCleaner[S5].txt - [2945 B] - [2017/4/30 9:50:37]


########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt ##########


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: Zpomaleny notebook
PříspěvekNapsal: 16 zář 2017 19:12 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 100938
Bydliště: Plzeň
Teď dejte log FRST: https://forum.viry.cz/viewtopic.php?f=13&t=152707 .

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: Zpomaleny notebook
PříspěvekNapsal: 08 říj 2017 07:19 
Offline
Vzorný návštěvník
Vzorný návštěvník

Registrován: 21 kvě 2008 10:42
Příspěvky: 121
Bydliště: Ostrava
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-10-2014 (ATTENTION: ====> FRST version is 1085 days old and could be outdated)
Ran by Jana (administrator) on JANA-PC on 08-10-2017 08:15:42
Running from C:\Users\host\Desktop
Loaded Profile: Jana (Available profiles: Jana & DefaultAppPool)
Platform: Windows 10 Home (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\fontdrvhost.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(Microsoft Corporation) C:\Windows\System32\fontdrvhost.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
(Microsoft Corporation) C:\Windows\System32\sihost.exe
(ASUS) C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Microsoft Corporation) C:\Windows\System32\taskhostw.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ASUS) C:\Windows\AsScrPro.exe
(Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ASUS) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\backgroundTaskHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [361984 2015-08-13] (Alcor Micro Corp.)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1467400 2000-01-01] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [239856 2017-09-03] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3331312 2012-02-24] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [318080 2011-12-23] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174720 2011-10-25] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2319536 2011-10-19] (ASUS)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <====== ATTENTION
HKLM-x32\...\Winlogon: [Userinit] [X]
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [20488312 2017-03-18] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [20488312 2017-03-18] (Microsoft Corporation)
HKU\S-1-5-21-2566585407-4284200854-934862898-1001\...\Run: [GSplay.exe] => C:\Users\Jana\Desktop\GSplay.exe [4772747 2017-02-01] ()
HKU\S-1-5-21-2566585407-4284200854-934862898-1001\...\MountPoints2: {1e781731-79bf-11e7-a5a0-3085a9014682} - "F:\Lenovo_Suite.exe"
HKU\S-1-5-21-2566585407-4284200854-934862898-1001\...\MountPoints2: {1e781768-79bf-11e7-a5a0-3085a9014682} - "F:\Lenovo_Suite.exe"
HKU\S-1-5-21-2566585407-4284200854-934862898-1001\...\MountPoints2: {1e78178e-79bf-11e7-a5a0-3085a9014682} - "F:\Lenovo_Suite.exe"
HKU\S-1-5-21-2566585407-4284200854-934862898-1001\...\MountPoints2: {1e781795-79bf-11e7-a5a0-3085a9014682} - "F:\Lenovo_Suite.exe"
HKU\S-1-5-21-2566585407-4284200854-934862898-1001\...\MountPoints2: {1e7817ac-79bf-11e7-a5a0-3085a9014682} - "F:\Lenovo_Suite.exe"
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Jana\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Jana\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Jana\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Jana\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Jana\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Users\Jana\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Jana\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Jana\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Jana\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Jana\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Jana\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Users\Jana\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 0x875B6EFC8FE5D101
URLSearchHook: HKCU - (No Name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No File
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll (Oracle Corporation)
BHO-x32: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll (Oracle Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll (Microsoft Corporation)
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll (Microsoft Corporation)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler-x32: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
Handler-x32: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/SAFFPlugin -> C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor

Chrome:
=======
CHR Profile: C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-13]
CHR Extension: (Please enter your password) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2016-05-13]
CHR Extension: (YouTube) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-08-13]
CHR Extension: (Google Search) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-13]
CHR Extension: (Google Sheets) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-13]
CHR Extension: (Google Docs Offline) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-13]
CHR Extension: (AdBlock) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-05-13]
CHR Extension: (Reklamní-Kupony.cz - slevové kupony) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkkmaoibnpgeoicicbjpcklbkdickdcj [2016-05-13]
CHR Extension: (Instant Mirror) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfojfpgdlapjkpehegmfpcpbfnddpbab [2016-05-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-13]
CHR Extension: (Gmail) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-13]
CHR Profile: C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Docs) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-14]
CHR Extension: (Google Drive) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-14]
CHR Extension: (YouTube) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-14]
CHR Extension: (Avast SafePrice) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-07-03]
CHR Extension: (Google Sheets) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-05-14]
CHR Extension: (Google Docs Offline) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-14]
CHR Extension: (Avast Online Security) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-07-03]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-14]
CHR Extension: (Gmail) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-14]
CHR Extension: (Chrome Media Router) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-10]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx []

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AJRouter; C:\Windows\System32\AJRouter.dll [24576 2017-03-18] (Microsoft Corporation)
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120 2012-02-03] (ASUS)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7452288 2017-09-03] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [275208 2017-09-03] (AVAST Software)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [431616 2017-09-05] (Microsoft Corporation)
R2 CDPSvc; C:\Windows\System32\CDPSvc.dll [970240 2017-07-18] (Microsoft Corporation)
R3 ClipSVC; C:\Windows\System32\ClipSVC.dll [872472 2017-09-05] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\system32\coremessaging.dll [923040 2017-09-05] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\SysWOW64\coremessaging.dll [583160 2017-09-05] (Microsoft Corporation)
S3 DevQueryBroker; C:\Windows\system32\DevQueryBroker.dll [33792 2017-03-18] (Microsoft Corporation)
S3 diagnosticshub.standardcollector.service; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [86528 2017-03-18] (Microsoft Corporation)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [2516480 2017-09-05] (Microsoft Corporation)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2016-12-22] (Disc Soft Ltd)
S3 DmEnrollmentSvc; C:\Windows\system32\Windows.Internal.Management.dll [536064 2017-07-28] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\SysWOW64\Windows.Internal.Management.dll [394240 2017-08-01] (Microsoft Corporation)
S3 dmwappushservice; C:\Windows\system32\dmwappushsvc.dll [55296 2017-03-18] (Microsoft Corporation)
S2 DoSvc; C:\Windows\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation)
S2 DoSvc; C:\Windows\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation)
R3 DsSvc; C:\Windows\System32\DsSvc.dll [149504 2017-03-18] (Microsoft Corporation)
R2 DusmSvc; C:\Windows\System32\dusmsvc.dll [302592 2017-03-18] (Microsoft Corporation)
S3 embeddedmode; C:\Windows\System32\embeddedmodesvc.dll [149504 2017-07-18] (Microsoft Corporation)
S3 EntAppSvc; C:\Windows\system32\EnterpriseAppMgmtSvc.dll [301056 2017-07-18] (Microsoft Corporation)
S3 FrameServer; C:\Windows\system32\FrameServer.dll [600576 2017-07-28] (Microsoft Corporation)
S3 HvHost; C:\Windows\System32\hvhostsvc.dll [59800 2017-03-18] (Microsoft Corporation)
S3 icssvc; C:\Windows\System32\tetheringservice.dll [210432 2017-03-18] (Microsoft Corporation)
S3 IpxlatCfgSvc; C:\Windows\System32\IpxlatCfg.dll [64000 2017-03-18] (Microsoft Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [69632 2017-03-18] (Microsoft Corporation)
R3 lfsvc; C:\Windows\System32\lfsvc.dll [43520 2017-03-18] (Microsoft Corporation)
R3 LicenseManager; C:\Windows\system32\LicenseManagerSvc.dll [26624 2017-03-18] (Microsoft Corporation)
S2 MapsBroker; C:\Windows\System32\moshost.dll [90624 2017-03-18] (Microsoft Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2017-07-18] (Microsoft Corporation)
S3 NaturalAuthentication; C:\Windows\System32\NaturalAuth.dll [723968 2017-03-18] (Microsoft Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [657408 2017-09-05] (Microsoft Corporation)
S3 NetSetupSvc; C:\Windows\System32\NetSetupSvc.dll [261632 2017-03-18] (Microsoft Corporation)
S3 NgcCtnrSvc; C:\Windows\System32\NgcCtnrSvc.dll [491520 2017-09-05] (Microsoft Corporation)
S3 NgcSvc; C:\Windows\system32\ngcsvc.dll [1046016 2017-09-05] (Microsoft Corporation)
S3 PhoneSvc; C:\Windows\System32\PhoneService.dll [773120 2017-09-05] (Microsoft Corporation)
S3 RetailDemo; C:\Windows\system32\RDXService.dll [647168 2017-07-18] (Microsoft Corporation)
R3 RmSvc; C:\Windows\System32\RMapi.dll [152576 2017-03-18] (Microsoft Corporation)
R2 SecurityHealthService; C:\Windows\system32\SecurityHealthService.exe [336320 2017-07-18] (Microsoft Corporation)
S3 SEMgrSvc; C:\Windows\system32\SEMgrSvc.dll [1191424 2017-03-18] (Microsoft Corporation)
S3 SensorDataService; C:\Windows\System32\SensorDataService.exe [1284608 2017-03-18] (Microsoft Corporation)
S3 SensorService; C:\Windows\system32\SensorService.dll [548864 2017-07-18] (Microsoft Corporation)
S4 shpamsvc; C:\Windows\system32\Windows.SharedPC.AccountManager.dll [192512 2017-07-18] (Microsoft Corporation)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [20992 2017-03-18] (Microsoft Corporation)
S3 SmsRouter; C:\Windows\system32\SmsRouterSvc.dll [582656 2017-08-01] (Microsoft Corporation)
S3 spectrum; C:\Windows\system32\spectrum.exe [891904 2017-03-18] (Microsoft Corporation)
R3 StateRepository; C:\Windows\system32\windows.staterepository.dll [5302968 2017-07-28] (Microsoft Corporation)
R3 StateRepository; C:\Windows\SysWOW64\windows.staterepository.dll [4213656 2017-07-28] (Microsoft Corporation)
S3 TieringEngineService; C:\Windows\system32\TieringEngineService.exe [302592 2017-03-18] (Microsoft Corporation)
R2 tiledatamodelsvc; C:\Windows\system32\tileobjserver.dll [632832 2017-07-18] (Microsoft Corporation)
R3 TimeBrokerSvc; C:\Windows\System32\TimeBrokerServer.dll [165888 2017-03-18] (Microsoft Corporation)
R3 TokenBroker; C:\Windows\System32\TokenBroker.dll [1052160 2017-08-01] (Microsoft Corporation)
R3 TokenBroker; C:\Windows\SysWOW64\TokenBroker.dll [798208 2017-08-01] (Microsoft Corporation)
S4 tzautoupdate; C:\Windows\system32\tzautoupdate.dll [95744 2017-03-18] (Microsoft Corporation)
R2 UserManager; C:\Windows\System32\usermgr.dll [877568 2017-03-18] (Microsoft Corporation)
S3 UsoSvc; C:\Windows\system32\usocore.dll [681984 2017-07-18] (Microsoft Corporation)
S3 vmicrdv; C:\Windows\System32\icsvcext.dll [307712 2017-03-18] (Microsoft Corporation)
S3 vmicvmsession; C:\Windows\System32\icsvc.dll [283648 2017-03-18] (Microsoft Corporation)
S3 vmicvss; C:\Windows\System32\icsvcext.dll [307712 2017-03-18] (Microsoft Corporation)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [82432 2017-07-18] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [559104 2017-07-18] (Microsoft Corporation)
S3 WalletService; C:\Windows\system32\WalletService.dll [428032 2017-03-18] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WFDSConMgrSvc; C:\Windows\System32\wfdsconmgrsvc.dll [555008 2017-07-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-07-18] (Microsoft Corporation)
S3 wisvc; C:\Windows\system32\flightsettings.dll [699904 2017-07-28] (Microsoft Corporation)
S3 wlpasvc; C:\Windows\System32\lpasvc.dll [1298432 2017-07-28] (Microsoft Corporation)
R2 WpnService; C:\Windows\system32\WpnService.dll [276480 2017-03-18] (Microsoft Corporation)
S3 xbgm; C:\Windows\System32\xbgmsvc.dll [301216 2017-03-18] (Microsoft Corporation)
S3 XblAuthManager; C:\Windows\System32\XblAuthManager.dll [1015296 2017-07-28] (Microsoft Corporation)
S3 XblGameSave; C:\Windows\System32\XblGameSave.dll [1135104 2017-03-18] (Microsoft Corporation)
S3 XboxGipSvc; C:\Windows\System32\XboxGipSvc.dll [18944 2017-03-18] (Microsoft Corporation)
S3 XboxNetApiSvc; C:\Windows\system32\XboxNetApiSvc.dll [1067008 2017-07-18] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AcpiDev; C:\Windows\System32\drivers\AcpiDev.sys [20480 2017-03-18] (Microsoft Corporation)
S3 applockerfltr; C:\Windows\System32\drivers\applockerfltr.sys [17920 2017-03-18] (Microsoft Corporation)
R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [320528 2017-09-03] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [198976 2017-09-03] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [343296 2017-09-03] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [57736 2017-09-03] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [47016 2017-09-03] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [41832 2017-09-03] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [147784 2017-09-03] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [110376 2017-09-03] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [84416 2017-09-03] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1016384 2017-09-03] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [590880 2017-09-03] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [199312 2017-09-18] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [361784 2017-09-30] (AVAST Software)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
S0 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [533920 2017-03-18] (QLogic Corporation)
S3 buttonconverter; C:\Windows\System32\drivers\buttonconverter.sys [39424 2017-09-05] (Microsoft Corporation)
R3 CAD; C:\Windows\System32\drivers\CAD.sys [53664 2017-03-18] (Microsoft Corporation)
S3 CapImg; C:\Windows\System32\drivers\capimg.sys [122880 2017-03-18] (Microsoft Corporation)
S2 CDPUserSvc; No ImagePath
R2 CDPUserSvc_1c43f74; No ImagePath
S3 cht4iscsi; C:\Windows\System32\drivers\cht4sx64.sys [347032 2017-03-18] (Chelsio Communications)
S3 cht4vbd; C:\Windows\System32\drivers\cht4vx64.sys [2104224 2017-03-18] (Chelsio Communications)
S2 CldFlt; C:\Windows\System32\drivers\cldflt.sys [12288 2017-03-18] (Microsoft Corporation)
R2 clreg; C:\Windows\System32\drivers\registry.sys [14336 2017-03-18] (Microsoft Corporation)
S4 cnghwassist; C:\Windows\System32\DRIVERS\cnghwassist.sys [39840 2017-03-18] (Microsoft Corporation)
R3 CompositeBus; C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_de4c68ea4fb1be53\CompositeBus.sys [40448 2017-03-18] (Microsoft Corporation)
S3 DevicesFlowUserSvc; No ImagePath
S3 DevicesFlowUserSvc_1c43f74; No ImagePath
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2017-01-30] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2017-01-30] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3419040 2017-03-18] (QLogic Corporation)
R1 FileCrypt; C:\Windows\System32\drivers\filecrypt.sys [54272 2017-03-18] (Microsoft Corporation)
S3 genericusbfn; C:\Windows\System32\drivers\genericusbfn.sys [21504 2017-03-18] (Microsoft Corporation)
R1 GpuEnergyDrv; C:\Windows\System32\drivers\gpuenergydrv.sys [8192 2017-03-18] (Microsoft Corporation)
S3 hidinterrupt; C:\Windows\System32\drivers\hidinterrupt.sys [51104 2017-03-18] (Microsoft Corporation)
S3 hvservice; C:\Windows\System32\drivers\hvservice.sys [74648 2017-03-18] (Microsoft Corporation)
S3 iagpio; C:\Windows\System32\drivers\iagpio.sys [33280 2017-03-18] (Intel(R) Corporation)
S3 iai2c; C:\Windows\System32\drivers\iai2c.sys [81408 2017-03-18] (Intel(R) Corporation)
S3 iaLPSS2i_GPIO2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [70656 2017-03-18] (Intel Corporation)
S3 iaLPSS2i_GPIO2_BXT_P; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [85504 2017-03-18] (Intel Corporation)
S3 iaLPSS2i_I2C; C:\Windows\System32\drivers\iaLPSS2i_I2C.sys [165376 2017-03-18] (Intel Corporation)
S3 iaLPSS2i_I2C_BXT_P; C:\Windows\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [168448 2017-03-18] (Intel Corporation)
S3 ibbus; C:\Windows\System32\drivers\ibbus.sys [526240 2017-03-18] (Mellanox)
S3 IndirectKmd; C:\Windows\System32\drivers\IndirectKmd.sys [36864 2017-03-18] (Microsoft Corporation)
R0 iorate; C:\Windows\System32\drivers\iorate.sys [49568 2017-03-18] (Microsoft Corporation)
S0 LSI_SAS2i; C:\Windows\System32\drivers\lsi_sas2i.sys [123808 2017-03-18] (LSI Corporation)
S0 LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [103328 2017-03-18] (Avago Technologies)
S3 mausbhost; C:\Windows\System32\drivers\mausbhost.sys [405408 2017-03-18] (Microsoft Corporation)
S3 mausbip; C:\Windows\System32\drivers\mausbip.sys [51104 2017-03-18] (Microsoft Corporation)
S0 megasas; C:\Windows\System32\drivers\megasas.sys [59808 2017-03-18] (Avago Technologies)
S0 megasas2i; C:\Windows\System32\drivers\MegaSas2i.sys [64416 2017-03-18] (Avago Technologies)
S3 MessagingService; No ImagePath
S3 MessagingService_1c43f74; No ImagePath
S3 mlx4_bus; C:\Windows\System32\drivers\mlx4_bus.sys [842656 2017-03-18] (Mellanox)
R2 MMCSS; C:\Windows\system32\drivers\mmcss.sys [50688 2017-03-18] (Microsoft Corporation)
R1 MpKsl26359ac2; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DE4AC1A3-9755-4077-A7C1-0D7ED27F6DB2}\MpKsl26359ac2.sys [44928 2017-09-16] (Microsoft Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [177664 2017-07-18] (Microsoft Corporation)
S3 ndfltr; C:\Windows\System32\drivers\ndfltr.sys [108960 2017-03-18] (Mellanox)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [122368 2017-03-18] (Microsoft Corporation)
R3 netr28x; C:\Windows\System32\drivers\netr28x.sys [2537984 2017-03-18] (MediaTek Inc.)
S3 netvsc; C:\Windows\System32\drivers\netvsc.sys [118784 2017-07-18] (Microsoft Corporation)
S3 nvdimmn; C:\Windows\System32\drivers\nvdimmn.sys [80896 2017-03-18] (Microsoft Corporation)
S2 OneSyncSvc; No ImagePath
R2 OneSyncSvc_1c43f74; No ImagePath
S0 percsas2i; C:\Windows\System32\drivers\percsas2i.sys [58784 2017-03-18] (Avago Technologies)
S0 percsas3i; C:\Windows\System32\drivers\percsas3i.sys [61848 2017-03-18] (Avago Technologies)
S3 PimIndexMaintenanceSvc; No ImagePath
S3 PimIndexMaintenanceSvc_1c43f74; No ImagePath
S3 pmem; C:\Windows\System32\drivers\pmem.sys [101376 2017-03-18] (Microsoft Corporation)
S3 ReFSv1; C:\Windows\System32\Drivers\ReFSv1.sys [936864 2017-03-18] (Microsoft Corporation)
S0 scmbus; C:\Windows\System32\drivers\scmbus.sys [91040 2017-03-18] (Microsoft Corporation)
S3 SDFRd; C:\Windows\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 SpatialGraphFilter; C:\Windows\System32\drivers\SpatialGraphFilter.sys [40352 2017-03-20] (Microsoft Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R2 storqosflt; C:\Windows\System32\drivers\storqosflt.sys [79872 2017-03-18] (Microsoft Corporation)
S0 storufs; C:\Windows\System32\drivers\storufs.sys [36760 2017-03-18] (Microsoft Corporation)
S3 UcmCx0101; C:\Windows\System32\Drivers\UcmCx.sys [104960 2017-09-05] (Microsoft Corporation)
S3 UcmTcpciCx0101; C:\Windows\System32\Drivers\UcmTcpciCx.sys [179200 2017-03-18] (Microsoft Corporation)
S3 UcmUcsi; C:\Windows\System32\drivers\UcmUcsi.sys [51712 2017-07-28] (Microsoft Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [45568 2017-03-18] (Microsoft Corporation)
S3 Ufx01000; C:\Windows\System32\drivers\ufx01000.sys [263584 2017-03-18] (Microsoft Corporation)
S3 UfxChipidea; C:\Windows\System32\drivers\UfxChipidea.sys [98712 2017-03-18] (Microsoft Corporation)
S3 ufxsynopsys; C:\Windows\System32\drivers\ufxsynopsys.sys [138656 2017-03-18] (Microsoft Corporation)
S3 UnistoreSvc; No ImagePath
S3 UnistoreSvc_1c43f74; No ImagePath
S3 UrsChipidea; C:\Windows\System32\drivers\urschipidea.sys [29600 2017-03-18] (Microsoft Corporation)
S3 UrsCx01000; C:\Windows\System32\drivers\urscx01000.sys [59288 2017-03-18] (Microsoft Corporation)
S3 UrsSynopsys; C:\Windows\System32\drivers\urssynopsys.sys [28064 2017-03-18] (Microsoft Corporation)
S3 UserDataSvc; No ImagePath
S3 UserDataSvc_1c43f74; No ImagePath
S3 vhf; C:\Windows\System32\drivers\vhf.sys [35328 2017-03-18] (Microsoft Corporation)
S3 vmgid; C:\Windows\System32\drivers\vmgid.sys [10240 2017-03-18] (Microsoft Corporation)
R0 volume; C:\Windows\System32\drivers\volume.sys [16288 2017-03-18] (Microsoft Corporation)
R2 wcifs; C:\Windows\system32\drivers\wcifs.sys [142752 2017-07-18] (Microsoft Corporation)
S3 wcnfs; C:\Windows\system32\drivers\wcnfs.sys [72192 2017-03-18] (Microsoft Corporation)
S3 wdiwifi; C:\Windows\System32\DRIVERS\wdiwifi.sys [757248 2017-07-18] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
R0 WindowsTrustedRT; C:\Windows\System32\drivers\WindowsTrustedRT.sys [70232 2017-03-18] (Microsoft Corporation)
R0 WindowsTrustedRTProxy; C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys [18520 2017-03-18] (Microsoft Corporation)
S3 WinMad; C:\Windows\System32\drivers\winmad.sys [32160 2017-03-18] (Mellanox)
S3 WinNat; C:\Windows\System32\drivers\winnat.sys [217088 2017-03-18] (Microsoft Corporation)
S3 WinVerbs; C:\Windows\System32\drivers\winverbs.sys [64920 2017-03-18] (Mellanox)
S2 WpnUserService; No ImagePath
R2 WpnUserService_1c43f74; No ImagePath
S3 xboxgip; C:\Windows\System32\drivers\xboxgip.sys [277504 2017-07-18] (Microsoft Corporation)
S3 xinputhid; C:\Windows\System32\drivers\xinputhid.sys [46592 2017-03-18] (Microsoft Corporation)
U3 idsvc; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

NETSVC: dosvc -> No ServiceDLL Path.
NETSVC: shpamsvc -> C:\Windows\system32\Windows.SharedPC.AccountManager.dll (Microsoft Corporation)
NETSVC: XblGameSave -> C:\Windows\System32\XblGameSave.dll (Microsoft Corporation)
NETSVC: NaturalAuthentication -> C:\Windows\System32\NaturalAuth.dll (Microsoft Corporation)
NETSVC: UserManager -> C:\Windows\System32\usermgr.dll (Microsoft Corporation)
NETSVC: XblAuthManager -> C:\Windows\System32\XblAuthManager.dll (Microsoft Corporation)
NETSVC: DmEnrollmentSvc -> C:\Windows\system32\Windows.Internal.Management.dll (Microsoft Corporation)
NETSVC: xbgm -> C:\Windows\System32\xbgmsvc.dll (Microsoft Corporation)
NETSVC: TokenBroker -> C:\Windows\System32\TokenBroker.dll (Microsoft Corporation)
NETSVC: dmwappushservice -> C:\Windows\system32\dmwappushsvc.dll (Microsoft Corporation)
NETSVC: wisvc -> C:\Windows\system32\flightsettings.dll (Microsoft Corporation)
NETSVC: WpnService -> C:\Windows\system32\WpnService.dll (Microsoft Corporation)
NETSVC: XboxNetApiSvc -> C:\Windows\system32\XboxNetApiSvc.dll (Microsoft Corporation)
NETSVC: UsoSvc -> C:\Windows\system32\usocore.dll (Microsoft Corporation)
NETSVC: NetSetupSvc -> C:\Windows\System32\NetSetupSvc.dll (Microsoft Corporation)
NETSVC: XboxGipSvc -> C:\Windows\System32\XboxGipSvc.dll (Microsoft Corporation)
NETSVCx32: TokenBroker -> C:\Windows\SysWOW64\TokenBroker.dll (Microsoft Corporation)
NETSVCx32: UserManager -> C:\Windows\SysWOW64\usermgr.dll ==> No File.

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2017-10-08 08:15 - 2017-10-08 08:15 - 00000000 ____D () C:\FRST
2017-10-07 16:53 - 2017-10-07 16:53 - 00000000 ____D () C:\ProgramData\SWCUTemp
2017-09-30 11:28 - 2017-09-30 11:28 - 00001981 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2017-09-30 11:28 - 2017-09-30 11:28 - 00001969 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2017-09-30 11:27 - 2017-09-03 19:55 - 00401488 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-09-23 12:12 - 2017-09-23 12:12 - 00811576 _____ (Roblox Corporation) C:\Users\Jana\Downloads\RobloxPlayerLauncher (1).exe
2017-09-16 18:46 - 2017-09-16 18:46 - 08182736 _____ (Malwarebytes) C:\Users\Jana\Desktop\adwcleaner_7.0.2.1.exe
2017-09-16 18:15 - 2017-09-16 18:15 - 00000000 ____D () C:\rsit
2017-09-16 18:15 - 2017-09-16 18:15 - 00000000 ____D () C:\Program Files\trend micro
2017-09-16 18:14 - 2017-09-16 18:14 - 01329152 _____ () C:\Users\Jana\Desktop\RSITx64.exe
2017-09-14 17:52 - 2017-09-05 07:12 - 01409048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-09-14 17:52 - 2017-09-05 07:12 - 00627080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-09-14 17:52 - 2017-09-05 06:53 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-09-14 17:52 - 2017-09-05 06:52 - 02259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-09-14 17:52 - 2017-09-05 06:46 - 04471888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-09-14 17:52 - 2017-09-05 06:45 - 05821496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-09-14 17:52 - 2017-09-05 06:45 - 02476712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-09-14 17:52 - 2017-09-05 06:45 - 02166808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-09-14 17:52 - 2017-09-05 06:45 - 00750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-09-14 17:52 - 2017-09-05 06:45 - 00085784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialUIBroker.exe
2017-09-14 17:52 - 2017-09-05 06:43 - 00611096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-09-14 17:52 - 2017-09-05 06:43 - 00359560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-09-14 17:52 - 2017-09-05 06:43 - 00280480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-09-14 17:52 - 2017-09-05 06:43 - 00169376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-09-14 17:52 - 2017-09-05 06:42 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-09-14 17:52 - 2017-09-05 06:42 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-09-14 17:52 - 2017-09-05 06:42 - 00182688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-09-14 17:52 - 2017-09-05 06:41 - 20373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-09-14 17:52 - 2017-09-05 06:41 - 06761560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-09-14 17:52 - 2017-09-05 06:41 - 04671832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-09-14 17:52 - 2017-09-05 06:37 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-09-14 17:52 - 2017-09-05 06:26 - 02953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-09-14 17:52 - 2017-09-05 06:26 - 00404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-09-14 17:52 - 2017-09-05 06:25 - 13844480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-09-14 17:52 - 2017-09-05 06:25 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-09-14 17:52 - 2017-09-05 06:24 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-09-14 17:52 - 2017-09-05 06:23 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-09-14 17:52 - 2017-09-05 06:22 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-09-14 17:52 - 2017-09-05 06:21 - 06728704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-09-14 17:52 - 2017-09-05 06:20 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-09-14 17:52 - 2017-09-05 06:19 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-09-14 17:52 - 2017-09-05 06:18 - 00471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-09-14 17:52 - 2017-09-05 06:16 - 05961728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-09-14 17:52 - 2017-09-05 06:16 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-09-14 17:52 - 2017-09-05 06:15 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-09-14 17:52 - 2017-09-05 06:15 - 00657408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-09-14 17:52 - 2017-09-05 06:15 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-09-14 17:52 - 2017-09-05 06:15 - 00430592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-09-14 17:52 - 2017-09-05 06:14 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-09-14 17:52 - 2017-09-05 06:14 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-09-14 17:52 - 2017-09-05 06:13 - 07598080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-09-14 17:52 - 2017-09-05 06:13 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-09-14 17:52 - 2017-09-05 06:12 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-09-14 17:52 - 2017-09-05 06:12 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-09-14 17:52 - 2017-09-05 06:12 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-09-14 17:52 - 2017-09-05 06:11 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-09-14 17:52 - 2017-09-05 06:11 - 01355264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2017-09-14 17:52 - 2017-09-05 06:11 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-09-14 17:52 - 2017-09-05 06:11 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-09-14 17:52 - 2017-09-05 06:11 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-09-14 17:52 - 2017-09-05 06:10 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-09-14 17:52 - 2017-09-05 06:10 - 01627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-09-14 17:52 - 2017-09-05 06:10 - 00761344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-09-14 17:52 - 2017-09-05 06:06 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-09-14 17:52 - 2017-09-05 06:04 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RstrtMgr.dll
2017-09-14 17:52 - 2017-09-05 06:04 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-09-14 17:51 - 2017-09-05 07:30 - 00287648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-09-14 17:51 - 2017-09-05 07:27 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-09-14 17:51 - 2017-09-05 07:24 - 00519584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2017-09-14 17:51 - 2017-09-05 07:23 - 01242528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-09-14 17:51 - 2017-09-05 07:21 - 00189344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-09-14 17:51 - 2017-09-05 07:18 - 00820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-09-14 17:51 - 2017-09-05 07:16 - 00546208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-09-14 17:51 - 2017-09-05 07:14 - 04708504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-09-14 17:51 - 2017-09-05 07:14 - 00094624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-09-14 17:51 - 2017-09-05 07:12 - 01292880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-09-14 17:51 - 2017-09-05 07:12 - 00081176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2017-09-14 17:51 - 2017-09-05 07:11 - 02675104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-09-14 17:51 - 2017-09-05 06:50 - 04330920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2017-09-14 17:51 - 2017-09-05 06:45 - 23679488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-09-14 17:51 - 2017-09-05 06:44 - 00569264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2017-09-14 17:51 - 2017-09-05 06:43 - 00042456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbs.dll
2017-09-14 17:51 - 2017-09-05 06:42 - 00703056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-09-14 17:51 - 2017-09-05 06:42 - 00291904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2017-09-14 17:51 - 2017-09-05 06:41 - 01106904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2017-09-14 17:51 - 2017-09-05 06:41 - 01013912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2017-09-14 17:51 - 2017-09-05 06:40 - 00052768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2017-09-14 17:51 - 2017-09-05 06:28 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2017-09-14 17:51 - 2017-09-05 06:28 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
2017-09-14 17:51 - 2017-09-05 06:27 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-09-14 17:51 - 2017-09-05 06:27 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2017-09-14 17:51 - 2017-09-05 06:26 - 00107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2017-09-14 17:51 - 2017-09-05 06:26 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-09-14 17:51 - 2017-09-05 06:25 - 01448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-09-14 17:51 - 2017-09-05 06:25 - 00293376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-09-14 17:51 - 2017-09-05 06:24 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-09-14 17:51 - 2017-09-05 06:24 - 00182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcrecovery.dll
2017-09-14 17:51 - 2017-09-05 06:24 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-09-14 17:51 - 2017-09-05 06:23 - 20509184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-09-14 17:51 - 2017-09-05 06:23 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-09-14 17:51 - 2017-09-05 06:23 - 00107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2017-09-14 17:51 - 2017-09-05 06:22 - 23684608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-09-14 17:51 - 2017-09-05 06:22 - 00742912 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2017-09-14 17:51 - 2017-09-05 06:22 - 00640512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2017-09-14 17:51 - 2017-09-05 06:22 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-09-14 17:51 - 2017-09-05 06:22 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2017-09-14 17:51 - 2017-09-05 06:22 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-09-14 17:51 - 2017-09-05 06:22 - 00165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-09-14 17:51 - 2017-09-05 06:21 - 01178624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2017-09-14 17:51 - 2017-09-05 06:21 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-09-14 17:51 - 2017-09-05 06:21 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2017-09-14 17:51 - 2017-09-05 06:21 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2017-09-14 17:51 - 2017-09-05 06:21 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2017-09-14 17:51 - 2017-09-05 06:21 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.exe
2017-09-14 17:51 - 2017-09-05 06:20 - 00546816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-09-14 17:51 - 2017-09-05 06:19 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.dll
2017-09-14 17:51 - 2017-09-05 06:19 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2017-09-14 17:51 - 2017-09-05 06:19 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput.dll
2017-09-14 17:51 - 2017-09-05 06:19 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-09-14 17:51 - 2017-09-05 06:19 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-09-14 17:51 - 2017-09-05 06:18 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2017-09-14 17:51 - 2017-09-05 06:18 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-09-14 17:51 - 2017-09-05 06:18 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll
2017-09-14 17:51 - 2017-09-05 06:18 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-09-14 17:51 - 2017-09-05 06:18 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput8.dll
2017-09-14 17:51 - 2017-09-05 06:18 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasman.dll
2017-09-14 17:51 - 2017-09-05 06:17 - 08213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-09-14 17:51 - 2017-09-05 06:17 - 08207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-09-14 17:51 - 2017-09-05 06:17 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2017-09-14 17:51 - 2017-09-05 06:17 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2017-09-14 17:51 - 2017-09-05 06:17 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2017-09-14 17:51 - 2017-09-05 06:17 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-09-14 17:51 - 2017-09-05 06:16 - 00844288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2017-09-14 17:51 - 2017-09-05 06:16 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2017-09-14 17:51 - 2017-09-05 06:16 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2017-09-14 17:51 - 2017-09-05 06:15 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-09-14 17:51 - 2017-09-05 06:15 - 01143296 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-09-14 17:51 - 2017-09-05 06:15 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2017-09-14 17:51 - 2017-09-05 06:14 - 02516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-09-14 17:51 - 2017-09-05 06:14 - 01583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-09-14 17:51 - 2017-09-05 06:14 - 01046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-09-14 17:51 - 2017-09-05 06:14 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-09-14 17:51 - 2017-09-05 06:14 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-09-14 17:51 - 2017-09-05 06:11 - 01463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-09-14 17:51 - 2017-09-05 06:10 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthHFSrv.dll
2017-09-14 17:51 - 2017-09-05 06:06 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2017-09-14 17:51 - 2017-09-05 06:06 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-09-14 17:50 - 2017-09-05 07:31 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-09-14 17:50 - 2017-09-05 07:27 - 00136096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-09-14 17:50 - 2017-09-05 07:26 - 08319904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-09-14 17:50 - 2017-09-05 07:26 - 01930840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-09-14 17:50 - 2017-09-05 07:25 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-09-14 17:50 - 2017-09-05 07:25 - 00159648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-09-14 17:50 - 2017-09-05 07:24 - 00923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-09-14 17:50 - 2017-09-05 07:19 - 04848960 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-09-14 17:50 - 2017-09-05 07:18 - 07326128 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-09-14 17:50 - 2017-09-05 07:18 - 05477096 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-09-14 17:50 - 2017-09-05 07:18 - 02972552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2017-09-14 17:50 - 2017-09-05 07:18 - 02647224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-09-14 17:50 - 2017-09-05 07:18 - 00212384 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-09-14 17:50 - 2017-09-05 07:17 - 00316320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-09-14 17:50 - 2017-09-05 07:16 - 00724200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-09-14 17:50 - 2017-09-05 07:16 - 00410168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-09-14 17:50 - 2017-09-05 07:16 - 00182688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-09-14 17:50 - 2017-09-05 07:15 - 00654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-09-14 17:50 - 2017-09-05 07:14 - 07907344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-09-14 17:50 - 2017-09-05 07:14 - 01146176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2017-09-14 17:50 - 2017-09-05 07:14 - 00958664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2017-09-14 17:50 - 2017-09-05 07:14 - 00254176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-09-14 17:50 - 2017-09-05 07:11 - 00610720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2017-09-14 17:50 - 2017-09-05 07:11 - 00387936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-09-14 17:50 - 2017-09-05 06:53 - 01620880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-09-14 17:50 - 2017-09-05 06:31 - 03668992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-09-14 17:50 - 2017-09-05 06:30 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-09-14 17:50 - 2017-09-05 06:29 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrPS.dll
2017-09-14 17:50 - 2017-09-05 06:28 - 17371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-09-14 17:50 - 2017-09-05 06:28 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-09-14 17:50 - 2017-09-05 06:27 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-09-14 17:50 - 2017-09-05 06:27 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-09-14 17:50 - 2017-09-05 06:27 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\datamarketsvc.dll
2017-09-14 17:50 - 2017-09-05 06:27 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-09-14 17:50 - 2017-09-05 06:26 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.exe
2017-09-14 17:50 - 2017-09-05 06:26 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnpinst.exe
2017-09-14 17:50 - 2017-09-05 06:25 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nsiproxy.sys
2017-09-14 17:50 - 2017-09-05 06:24 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.dll
2017-09-14 17:50 - 2017-09-05 06:24 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-09-14 17:50 - 2017-09-05 06:23 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-09-14 17:50 - 2017-09-05 06:23 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2017-09-14 17:50 - 2017-09-05 06:22 - 00477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll
2017-09-14 17:50 - 2017-09-05 06:22 - 00388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-09-14 17:50 - 2017-09-05 06:22 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-09-14 17:50 - 2017-09-05 06:22 - 00173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2017-09-14 17:50 - 2017-09-05 06:21 - 01051136 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2017-09-14 17:50 - 2017-09-05 06:21 - 00946688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2017-09-14 17:50 - 2017-09-05 06:21 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-09-14 17:50 - 2017-09-05 06:20 - 07337472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-09-14 17:50 - 2017-09-05 06:20 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-09-14 17:50 - 2017-09-05 06:20 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-09-14 17:50 - 2017-09-05 06:20 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-09-14 17:50 - 2017-09-05 06:20 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2017-09-14 17:50 - 2017-09-05 06:19 - 19336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-09-14 17:50 - 2017-09-05 06:18 - 12801536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-09-14 17:50 - 2017-09-05 06:18 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-09-14 17:50 - 2017-09-05 06:18 - 02078720 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-09-14 17:50 - 2017-09-05 06:18 - 00921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2017-09-14 17:50 - 2017-09-05 06:18 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-09-14 17:50 - 2017-09-05 06:18 - 00832000 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2017-09-14 17:50 - 2017-09-05 06:18 - 00803328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-09-14 17:50 - 2017-09-05 06:18 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-09-14 17:50 - 2017-09-05 06:18 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-09-14 17:50 - 2017-09-05 06:18 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-09-14 17:50 - 2017-09-05 06:18 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-09-14 17:50 - 2017-09-05 06:17 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-09-14 17:50 - 2017-09-05 06:17 - 01397760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-09-14 17:50 - 2017-09-05 06:17 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2017-09-14 17:50 - 2017-09-05 06:16 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-09-14 17:50 - 2017-09-05 06:15 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-09-14 17:50 - 2017-09-05 06:15 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-09-14 17:50 - 2017-09-05 06:15 - 02503680 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-09-14 17:50 - 2017-09-05 06:15 - 01077248 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-09-14 17:50 - 2017-09-05 06:15 - 00706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-09-14 17:50 - 2017-09-05 06:15 - 00664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-09-14 17:50 - 2017-09-05 06:15 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-09-14 17:50 - 2017-09-05 06:14 - 11887104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-09-14 17:50 - 2017-09-05 06:14 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-09-14 17:50 - 2017-09-05 06:14 - 02177024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2017-09-14 17:50 - 2017-09-05 06:14 - 02006528 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2017-09-14 17:50 - 2017-09-05 06:14 - 01657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-09-14 17:50 - 2017-09-05 06:13 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-09-14 17:50 - 2017-09-05 06:12 - 06265856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-09-14 17:50 - 2017-09-05 06:11 - 03654656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-09-14 17:50 - 2017-09-05 06:07 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\RstrtMgr.dll
2017-09-14 17:50 - 2017-09-05 06:07 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-09-14 17:50 - 2017-09-01 07:55 - 00031932 _____ () C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-09-14 17:49 - 2017-09-05 07:31 - 01596592 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-09-14 17:49 - 2017-09-05 07:31 - 01346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-09-14 17:49 - 2017-09-05 07:31 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-09-14 17:49 - 2017-09-05 07:31 - 01024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-09-14 17:49 - 2017-09-05 07:31 - 00821664 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-09-14 17:49 - 2017-09-05 07:31 - 00115792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2017-09-14 17:49 - 2017-09-05 07:23 - 04462120 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2017-09-14 17:49 - 2017-09-05 07:20 - 01057824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2017-09-14 17:49 - 2017-09-05 07:19 - 02443168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-09-14 17:49 - 2017-09-05 07:18 - 01668344 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2017-09-14 17:49 - 2017-09-05 07:18 - 00685512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2017-09-14 17:49 - 2017-09-05 07:16 - 01320344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-09-14 17:49 - 2017-09-05 07:16 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-09-14 17:49 - 2017-09-05 07:16 - 00715168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-09-14 17:49 - 2017-09-05 07:16 - 00228256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-09-14 17:49 - 2017-09-05 07:16 - 00049720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbs.dll
2017-09-14 17:49 - 2017-09-05 07:15 - 03116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-09-14 17:49 - 2017-09-05 07:15 - 00871448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-09-14 17:49 - 2017-09-05 07:15 - 00381824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2017-09-14 17:49 - 2017-09-05 07:15 - 00257440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-09-14 17:49 - 2017-09-05 07:14 - 21352656 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-09-14 17:49 - 2017-09-05 07:13 - 01619816 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-09-14 17:49 - 2017-09-05 07:13 - 00064680 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2017-09-14 17:49 - 2017-09-05 06:30 - 01639936 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-09-14 17:49 - 2017-09-05 06:30 - 01275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-09-14 17:49 - 2017-09-05 06:30 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-09-14 17:49 - 2017-09-05 06:30 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-09-14 17:49 - 2017-09-05 06:30 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-09-14 17:49 - 2017-09-05 06:30 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-09-14 17:49 - 2017-09-05 06:30 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll
2017-09-14 17:49 - 2017-09-05 06:30 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-09-14 17:49 - 2017-09-05 06:27 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\CfgSPCellular.dll
2017-09-14 17:49 - 2017-09-05 06:27 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAPNCsp.dll
2017-09-14 17:49 - 2017-09-05 06:27 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-09-14 17:49 - 2017-09-05 06:26 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2017-09-14 17:49 - 2017-09-05 06:26 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\csplte.dll
2017-09-14 17:49 - 2017-09-05 06:26 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2017-09-14 17:49 - 2017-09-05 06:26 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2017-09-14 17:49 - 2017-09-05 06:26 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-09-14 17:49 - 2017-09-05 06:25 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-09-14 17:49 - 2017-09-05 06:25 - 00527872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-09-14 17:49 - 2017-09-05 06:25 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-09-14 17:49 - 2017-09-05 06:25 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-09-14 17:49 - 2017-09-05 06:24 - 00385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\tpmvsc.dll
2017-09-14 17:49 - 2017-09-05 06:24 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2017-09-14 17:49 - 2017-09-05 06:24 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput.dll
2017-09-14 17:49 - 2017-09-05 06:24 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2017-09-14 17:49 - 2017-09-05 06:23 - 00739840 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2017-09-14 17:49 - 2017-09-05 06:23 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-09-14 17:49 - 2017-09-05 06:23 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2017-09-14 17:49 - 2017-09-05 06:23 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasman.dll
2017-09-14 17:49 - 2017-09-05 06:22 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-09-14 17:49 - 2017-09-05 06:22 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-09-14 17:49 - 2017-09-05 06:22 - 00413184 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2017-09-14 17:49 - 2017-09-05 06:22 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2017-09-14 17:49 - 2017-09-05 06:22 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput8.dll
2017-09-14 17:49 - 2017-09-05 06:21 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2017-09-14 17:49 - 2017-09-05 06:21 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2017-09-14 17:49 - 2017-09-05 06:20 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-09-14 17:49 - 2017-09-05 06:20 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-09-14 17:49 - 2017-09-05 06:19 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-09-14 17:49 - 2017-09-05 06:19 - 01085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-09-14 17:49 - 2017-09-05 06:19 - 01028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-09-14 17:49 - 2017-09-05 06:19 - 00996864 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2017-09-14 17:49 - 2017-09-05 06:19 - 00772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-09-14 17:49 - 2017-09-05 06:19 - 00772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-09-14 17:49 - 2017-09-05 06:19 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2017-09-14 17:49 - 2017-09-05 06:18 - 00922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-09-14 17:49 - 2017-09-05 06:18 - 00874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-09-14 17:49 - 2017-09-05 06:18 - 00564736 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2017-09-14 17:49 - 2017-09-05 06:18 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-09-14 17:49 - 2017-09-05 06:17 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-09-14 17:49 - 2017-09-05 06:16 - 02805248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-09-14 17:49 - 2017-09-05 06:16 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2017-09-14 17:49 - 2017-09-05 06:16 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2017-09-14 17:49 - 2017-09-05 06:16 - 00397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-09-14 17:49 - 2017-09-05 06:15 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-09-14 17:49 - 2017-09-05 06:15 - 02055680 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-09-14 17:49 - 2017-09-05 06:15 - 01736704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2017-09-14 17:49 - 2017-09-05 06:15 - 01460224 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-09-14 17:49 - 2017-09-05 06:15 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-09-14 17:49 - 2017-09-05 06:14 - 02445824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-09-14 17:49 - 2017-09-05 06:14 - 00986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-09-14 17:49 - 2017-09-05 06:14 - 00810496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-09-14 17:49 - 2017-09-05 06:13 - 01802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-09-14 17:49 - 2017-09-05 06:13 - 00407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-09-14 17:49 - 2017-09-05 06:12 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2017-09-14 17:49 - 2017-09-05 06:11 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2017-09-14 17:49 - 2017-09-05 06:09 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2017-09-14 17:21 - 2017-09-14 18:11 - 925633060 _____ () C:\Users\Jana\Downloads\Lidská-stonožka-1-CZ-tit.---by-Baggio88.avi

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2017-10-08 08:16 - 2014-10-19 17:17 - 00037071 _____ () C:\Users\host\Desktop\FRST.txt
2017-10-08 08:11 - 2017-07-18 17:59 - 00004192 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{8BA9F51F-28D5-46AF-97BD-F403D23B84AA}
2017-10-08 08:08 - 2017-03-18 23:03 - 00000000 ____D () C:\WINDOWS\system32\sru
2017-10-08 08:08 - 2016-05-16 13:40 - 00000380 _____ () C:\Users\Jana\AppData\Roaming\sp_data.sys
2017-10-08 01:51 - 2017-07-18 17:39 - 00000000 ____D () C:\Users\Jana
2017-10-07 22:11 - 2016-05-13 21:17 - 00000000 ____D () C:\Users\Jana\AppData\Roaming\Kodi
2017-10-07 22:10 - 2017-07-18 17:32 - 00000000 ____D () C:\WINDOWS\system32\SleepStudy
2017-10-06 20:58 - 2017-02-01 19:21 - 00000000 ____D () C:\Users\Jana\AppData\Roaming\.minecraft
2017-10-06 20:57 - 2017-02-01 19:35 - 00000000 ____D () C:\Users\Jana\GSplay
2017-10-06 14:22 - 2016-05-13 23:01 - 00000275 _____ () C:\WINDOWS\WindowsUpdate.log
2017-10-06 14:18 - 2017-07-18 17:59 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2017-10-06 14:08 - 2017-03-18 23:03 - 00000000 ____D () C:\WINDOWS\AppReadiness
2017-10-05 18:06 - 2016-12-18 15:53 - 00001469 _____ () C:\Users\Jana\Desktop\Roblox Player.lnk
2017-10-05 18:06 - 2016-12-18 15:52 - 00001284 _____ () C:\Users\Jana\Desktop\Roblox Studio.lnk
2017-10-05 18:06 - 2016-12-18 15:52 - 00000000 ____D () C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2017-10-04 17:55 - 2017-07-18 17:59 - 00004154 _____ () C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1498841812
2017-10-01 23:26 - 2016-10-02 17:43 - 00000000 ____D () C:\Users\Jana\AppData\Roaming\vlc
2017-10-01 12:55 - 2017-07-18 17:39 - 00000000 ____D () C:\Users\DefaultAppPool
2017-09-30 19:05 - 2016-10-02 18:15 - 00022678 _____ () C:\WINDOWS\PFRO.log
2017-09-30 11:28 - 2017-07-18 17:59 - 00004006 _____ () C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1498842471
2017-09-30 11:28 - 2017-06-30 19:08 - 00001090 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-09-30 11:27 - 2017-08-04 20:52 - 00061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2017-09-30 11:27 - 2017-07-18 17:59 - 00003994 _____ () C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-09-30 11:27 - 2017-06-30 19:03 - 00361784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys
2017-09-28 11:00 - 2017-03-18 23:03 - 00000000 ____D () C:\WINDOWS\system32\NDF
2017-09-27 19:53 - 2012-02-24 13:40 - 00002274 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-09-22 10:00 - 2017-08-04 16:02 - 00003358 _____ () C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2566585407-4284200854-934862898-1001
2017-09-22 10:00 - 2016-05-28 11:19 - 00002425 _____ () C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-09-22 10:00 - 2016-05-28 11:19 - 00000000 ___RD () C:\Users\Jana\OneDrive
2017-09-18 16:56 - 2017-06-30 19:03 - 00199312 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-09-16 19:00 - 2017-07-18 17:38 - 02229956 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2017-09-16 19:00 - 2017-03-20 06:43 - 00940656 _____ () C:\WINDOWS\system32\perfh005.dat
2017-09-16 19:00 - 2017-03-20 06:43 - 00221478 _____ () C:\WINDOWS\system32\perfc005.dat
2017-09-16 18:52 - 2017-03-18 13:40 - 01048576 _____ () C:\WINDOWS\system32\config\BBI
2017-09-16 18:47 - 2016-05-13 23:15 - 00000000 ____D () C:\AdwCleaner
2017-09-16 12:04 - 2016-06-02 17:56 - 00544424 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-09-16 10:34 - 2017-03-18 23:03 - 00000000 ____D () C:\WINDOWS\rescache
2017-09-14 22:53 - 2017-07-15 17:10 - 00000000 ____D () C:\ProgramData\updater2
2017-09-14 22:32 - 2017-07-18 17:32 - 00217328 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2017-09-14 19:09 - 2017-03-20 06:43 - 00000000 ____D () C:\WINDOWS\system32\cs
2017-09-14 19:09 - 2017-03-18 23:03 - 00000000 ___SD () C:\WINDOWS\SysWOW64\F12
2017-09-14 19:09 - 2017-03-18 23:03 - 00000000 ___SD () C:\WINDOWS\system32\F12
2017-09-14 19:09 - 2017-03-18 23:03 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2017-09-14 19:09 - 2017-03-18 23:03 - 00000000 ____D () C:\WINDOWS\system32\WinBioPlugIns
2017-09-14 19:09 - 2017-03-18 23:03 - 00000000 ____D () C:\WINDOWS\system32\setup
2017-09-14 19:09 - 2017-03-18 23:03 - 00000000 ____D () C:\WINDOWS\ShellExperiences
2017-09-14 19:09 - 2017-03-18 23:03 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2017-09-14 19:09 - 2017-03-18 23:03 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2017-09-14 18:04 - 2016-06-02 20:05 - 00000000 ____D () C:\WINDOWS\system32\MRT
2017-09-14 18:01 - 2017-03-18 22:51 - 00000000 ____D () C:\WINDOWS\CbsTemp
2017-09-14 18:01 - 2016-06-02 20:05 - 138202976 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-09-12 14:55 - 2017-07-18 17:59 - 00004648 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-09-12 14:54 - 2017-03-18 23:03 - 00000000 ____D () C:\WINDOWS\SysWOW64\Macromed
2017-09-12 14:54 - 2017-03-18 23:03 - 00000000 ____D () C:\WINDOWS\system32\Macromed
2017-09-10 09:45 - 2015-08-14 06:39 - 00001582 _____ () C:\WINDOWS\system32\ServiceFilter.ini

Some content of TEMP:
====================
C:\Users\Jana\AppData\Local\Temp\sqlite-3.8.2-x86-sqlitejdbc.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe IS MISSING <==== ATTENTION!.
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2017-10-05 19:03

==================== End Of Log ============================


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: Zpomaleny notebook
PříspěvekNapsal: 08 říj 2017 07:19 
Offline
Vzorný návštěvník
Vzorný návštěvník

Registrován: 21 kvě 2008 10:42
Příspěvky: 121
Bydliště: Ostrava
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-10-2014 (ATTENTION: ====> FRST version is 1085 days old and could be outdated)
Ran by Jana (administrator) on JANA-PC on 08-10-2017 08:15:42
Running from C:\Users\host\Desktop
Loaded Profile: Jana (Available profiles: Jana & DefaultAppPool)
Platform: Windows 10 Home (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\fontdrvhost.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(Microsoft Corporation) C:\Windows\System32\fontdrvhost.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
(Microsoft Corporation) C:\Windows\System32\sihost.exe
(ASUS) C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Microsoft Corporation) C:\Windows\System32\taskhostw.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ASUS) C:\Windows\AsScrPro.exe
(Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ASUS) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\backgroundTaskHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [361984 2015-08-13] (Alcor Micro Corp.)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1467400 2000-01-01] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [239856 2017-09-03] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3331312 2012-02-24] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [318080 2011-12-23] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174720 2011-10-25] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2319536 2011-10-19] (ASUS)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <====== ATTENTION
HKLM-x32\...\Winlogon: [Userinit] [X]
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [20488312 2017-03-18] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [20488312 2017-03-18] (Microsoft Corporation)
HKU\S-1-5-21-2566585407-4284200854-934862898-1001\...\Run: [GSplay.exe] => C:\Users\Jana\Desktop\GSplay.exe [4772747 2017-02-01] ()
HKU\S-1-5-21-2566585407-4284200854-934862898-1001\...\MountPoints2: {1e781731-79bf-11e7-a5a0-3085a9014682} - "F:\Lenovo_Suite.exe"
HKU\S-1-5-21-2566585407-4284200854-934862898-1001\...\MountPoints2: {1e781768-79bf-11e7-a5a0-3085a9014682} - "F:\Lenovo_Suite.exe"
HKU\S-1-5-21-2566585407-4284200854-934862898-1001\...\MountPoints2: {1e78178e-79bf-11e7-a5a0-3085a9014682} - "F:\Lenovo_Suite.exe"
HKU\S-1-5-21-2566585407-4284200854-934862898-1001\...\MountPoints2: {1e781795-79bf-11e7-a5a0-3085a9014682} - "F:\Lenovo_Suite.exe"
HKU\S-1-5-21-2566585407-4284200854-934862898-1001\...\MountPoints2: {1e7817ac-79bf-11e7-a5a0-3085a9014682} - "F:\Lenovo_Suite.exe"
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Jana\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Jana\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Jana\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Jana\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Jana\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Users\Jana\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Jana\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Jana\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Jana\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Jana\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Jana\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Users\Jana\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 0x875B6EFC8FE5D101
URLSearchHook: HKCU - (No Name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No File
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll (Oracle Corporation)
BHO-x32: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll (Oracle Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll (Microsoft Corporation)
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll (Microsoft Corporation)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler-x32: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
Handler-x32: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/SAFFPlugin -> C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor

Chrome:
=======
CHR Profile: C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-13]
CHR Extension: (Please enter your password) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2016-05-13]
CHR Extension: (YouTube) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-08-13]
CHR Extension: (Google Search) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-13]
CHR Extension: (Google Sheets) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-13]
CHR Extension: (Google Docs Offline) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-13]
CHR Extension: (AdBlock) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-05-13]
CHR Extension: (Reklamní-Kupony.cz - slevové kupony) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkkmaoibnpgeoicicbjpcklbkdickdcj [2016-05-13]
CHR Extension: (Instant Mirror) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfojfpgdlapjkpehegmfpcpbfnddpbab [2016-05-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-13]
CHR Extension: (Gmail) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-13]
CHR Profile: C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Docs) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-14]
CHR Extension: (Google Drive) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-14]
CHR Extension: (YouTube) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-14]
CHR Extension: (Avast SafePrice) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-07-03]
CHR Extension: (Google Sheets) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-05-14]
CHR Extension: (Google Docs Offline) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-14]
CHR Extension: (Avast Online Security) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-07-03]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-14]
CHR Extension: (Gmail) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-14]
CHR Extension: (Chrome Media Router) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-10]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx []

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AJRouter; C:\Windows\System32\AJRouter.dll [24576 2017-03-18] (Microsoft Corporation)
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120 2012-02-03] (ASUS)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7452288 2017-09-03] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [275208 2017-09-03] (AVAST Software)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [431616 2017-09-05] (Microsoft Corporation)
R2 CDPSvc; C:\Windows\System32\CDPSvc.dll [970240 2017-07-18] (Microsoft Corporation)
R3 ClipSVC; C:\Windows\System32\ClipSVC.dll [872472 2017-09-05] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\system32\coremessaging.dll [923040 2017-09-05] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\SysWOW64\coremessaging.dll [583160 2017-09-05] (Microsoft Corporation)
S3 DevQueryBroker; C:\Windows\system32\DevQueryBroker.dll [33792 2017-03-18] (Microsoft Corporation)
S3 diagnosticshub.standardcollector.service; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [86528 2017-03-18] (Microsoft Corporation)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [2516480 2017-09-05] (Microsoft Corporation)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2016-12-22] (Disc Soft Ltd)
S3 DmEnrollmentSvc; C:\Windows\system32\Windows.Internal.Management.dll [536064 2017-07-28] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\SysWOW64\Windows.Internal.Management.dll [394240 2017-08-01] (Microsoft Corporation)
S3 dmwappushservice; C:\Windows\system32\dmwappushsvc.dll [55296 2017-03-18] (Microsoft Corporation)
S2 DoSvc; C:\Windows\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation)
S2 DoSvc; C:\Windows\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation)
R3 DsSvc; C:\Windows\System32\DsSvc.dll [149504 2017-03-18] (Microsoft Corporation)
R2 DusmSvc; C:\Windows\System32\dusmsvc.dll [302592 2017-03-18] (Microsoft Corporation)
S3 embeddedmode; C:\Windows\System32\embeddedmodesvc.dll [149504 2017-07-18] (Microsoft Corporation)
S3 EntAppSvc; C:\Windows\system32\EnterpriseAppMgmtSvc.dll [301056 2017-07-18] (Microsoft Corporation)
S3 FrameServer; C:\Windows\system32\FrameServer.dll [600576 2017-07-28] (Microsoft Corporation)
S3 HvHost; C:\Windows\System32\hvhostsvc.dll [59800 2017-03-18] (Microsoft Corporation)
S3 icssvc; C:\Windows\System32\tetheringservice.dll [210432 2017-03-18] (Microsoft Corporation)
S3 IpxlatCfgSvc; C:\Windows\System32\IpxlatCfg.dll [64000 2017-03-18] (Microsoft Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [69632 2017-03-18] (Microsoft Corporation)
R3 lfsvc; C:\Windows\System32\lfsvc.dll [43520 2017-03-18] (Microsoft Corporation)
R3 LicenseManager; C:\Windows\system32\LicenseManagerSvc.dll [26624 2017-03-18] (Microsoft Corporation)
S2 MapsBroker; C:\Windows\System32\moshost.dll [90624 2017-03-18] (Microsoft Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2017-07-18] (Microsoft Corporation)
S3 NaturalAuthentication; C:\Windows\System32\NaturalAuth.dll [723968 2017-03-18] (Microsoft Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [657408 2017-09-05] (Microsoft Corporation)
S3 NetSetupSvc; C:\Windows\System32\NetSetupSvc.dll [261632 2017-03-18] (Microsoft Corporation)
S3 NgcCtnrSvc; C:\Windows\System32\NgcCtnrSvc.dll [491520 2017-09-05] (Microsoft Corporation)
S3 NgcSvc; C:\Windows\system32\ngcsvc.dll [1046016 2017-09-05] (Microsoft Corporation)
S3 PhoneSvc; C:\Windows\System32\PhoneService.dll [773120 2017-09-05] (Microsoft Corporation)
S3 RetailDemo; C:\Windows\system32\RDXService.dll [647168 2017-07-18] (Microsoft Corporation)
R3 RmSvc; C:\Windows\System32\RMapi.dll [152576 2017-03-18] (Microsoft Corporation)
R2 SecurityHealthService; C:\Windows\system32\SecurityHealthService.exe [336320 2017-07-18] (Microsoft Corporation)
S3 SEMgrSvc; C:\Windows\system32\SEMgrSvc.dll [1191424 2017-03-18] (Microsoft Corporation)
S3 SensorDataService; C:\Windows\System32\SensorDataService.exe [1284608 2017-03-18] (Microsoft Corporation)
S3 SensorService; C:\Windows\system32\SensorService.dll [548864 2017-07-18] (Microsoft Corporation)
S4 shpamsvc; C:\Windows\system32\Windows.SharedPC.AccountManager.dll [192512 2017-07-18] (Microsoft Corporation)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [20992 2017-03-18] (Microsoft Corporation)
S3 SmsRouter; C:\Windows\system32\SmsRouterSvc.dll [582656 2017-08-01] (Microsoft Corporation)
S3 spectrum; C:\Windows\system32\spectrum.exe [891904 2017-03-18] (Microsoft Corporation)
R3 StateRepository; C:\Windows\system32\windows.staterepository.dll [5302968 2017-07-28] (Microsoft Corporation)
R3 StateRepository; C:\Windows\SysWOW64\windows.staterepository.dll [4213656 2017-07-28] (Microsoft Corporation)
S3 TieringEngineService; C:\Windows\system32\TieringEngineService.exe [302592 2017-03-18] (Microsoft Corporation)
R2 tiledatamodelsvc; C:\Windows\system32\tileobjserver.dll [632832 2017-07-18] (Microsoft Corporation)
R3 TimeBrokerSvc; C:\Windows\System32\TimeBrokerServer.dll [165888 2017-03-18] (Microsoft Corporation)
R3 TokenBroker; C:\Windows\System32\TokenBroker.dll [1052160 2017-08-01] (Microsoft Corporation)
R3 TokenBroker; C:\Windows\SysWOW64\TokenBroker.dll [798208 2017-08-01] (Microsoft Corporation)
S4 tzautoupdate; C:\Windows\system32\tzautoupdate.dll [95744 2017-03-18] (Microsoft Corporation)
R2 UserManager; C:\Windows\System32\usermgr.dll [877568 2017-03-18] (Microsoft Corporation)
S3 UsoSvc; C:\Windows\system32\usocore.dll [681984 2017-07-18] (Microsoft Corporation)
S3 vmicrdv; C:\Windows\System32\icsvcext.dll [307712 2017-03-18] (Microsoft Corporation)
S3 vmicvmsession; C:\Windows\System32\icsvc.dll [283648 2017-03-18] (Microsoft Corporation)
S3 vmicvss; C:\Windows\System32\icsvcext.dll [307712 2017-03-18] (Microsoft Corporation)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [82432 2017-07-18] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [559104 2017-07-18] (Microsoft Corporation)
S3 WalletService; C:\Windows\system32\WalletService.dll [428032 2017-03-18] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WFDSConMgrSvc; C:\Windows\System32\wfdsconmgrsvc.dll [555008 2017-07-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-07-18] (Microsoft Corporation)
S3 wisvc; C:\Windows\system32\flightsettings.dll [699904 2017-07-28] (Microsoft Corporation)
S3 wlpasvc; C:\Windows\System32\lpasvc.dll [1298432 2017-07-28] (Microsoft Corporation)
R2 WpnService; C:\Windows\system32\WpnService.dll [276480 2017-03-18] (Microsoft Corporation)
S3 xbgm; C:\Windows\System32\xbgmsvc.dll [301216 2017-03-18] (Microsoft Corporation)
S3 XblAuthManager; C:\Windows\System32\XblAuthManager.dll [1015296 2017-07-28] (Microsoft Corporation)
S3 XblGameSave; C:\Windows\System32\XblGameSave.dll [1135104 2017-03-18] (Microsoft Corporation)
S3 XboxGipSvc; C:\Windows\System32\XboxGipSvc.dll [18944 2017-03-18] (Microsoft Corporation)
S3 XboxNetApiSvc; C:\Windows\system32\XboxNetApiSvc.dll [1067008 2017-07-18] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AcpiDev; C:\Windows\System32\drivers\AcpiDev.sys [20480 2017-03-18] (Microsoft Corporation)
S3 applockerfltr; C:\Windows\System32\drivers\applockerfltr.sys [17920 2017-03-18] (Microsoft Corporation)
R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [320528 2017-09-03] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [198976 2017-09-03] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [343296 2017-09-03] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [57736 2017-09-03] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [47016 2017-09-03] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [41832 2017-09-03] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [147784 2017-09-03] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [110376 2017-09-03] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [84416 2017-09-03] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1016384 2017-09-03] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [590880 2017-09-03] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [199312 2017-09-18] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [361784 2017-09-30] (AVAST Software)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
S0 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [533920 2017-03-18] (QLogic Corporation)
S3 buttonconverter; C:\Windows\System32\drivers\buttonconverter.sys [39424 2017-09-05] (Microsoft Corporation)
R3 CAD; C:\Windows\System32\drivers\CAD.sys [53664 2017-03-18] (Microsoft Corporation)
S3 CapImg; C:\Windows\System32\drivers\capimg.sys [122880 2017-03-18] (Microsoft Corporation)
S2 CDPUserSvc; No ImagePath
R2 CDPUserSvc_1c43f74; No ImagePath
S3 cht4iscsi; C:\Windows\System32\drivers\cht4sx64.sys [347032 2017-03-18] (Chelsio Communications)
S3 cht4vbd; C:\Windows\System32\drivers\cht4vx64.sys [2104224 2017-03-18] (Chelsio Communications)
S2 CldFlt; C:\Windows\System32\drivers\cldflt.sys [12288 2017-03-18] (Microsoft Corporation)
R2 clreg; C:\Windows\System32\drivers\registry.sys [14336 2017-03-18] (Microsoft Corporation)
S4 cnghwassist; C:\Windows\System32\DRIVERS\cnghwassist.sys [39840 2017-03-18] (Microsoft Corporation)
R3 CompositeBus; C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_de4c68ea4fb1be53\CompositeBus.sys [40448 2017-03-18] (Microsoft Corporation)
S3 DevicesFlowUserSvc; No ImagePath
S3 DevicesFlowUserSvc_1c43f74; No ImagePath
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2017-01-30] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2017-01-30] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3419040 2017-03-18] (QLogic Corporation)
R1 FileCrypt; C:\Windows\System32\drivers\filecrypt.sys [54272 2017-03-18] (Microsoft Corporation)
S3 genericusbfn; C:\Windows\System32\drivers\genericusbfn.sys [21504 2017-03-18] (Microsoft Corporation)
R1 GpuEnergyDrv; C:\Windows\System32\drivers\gpuenergydrv.sys [8192 2017-03-18] (Microsoft Corporation)
S3 hidinterrupt; C:\Windows\System32\drivers\hidinterrupt.sys [51104 2017-03-18] (Microsoft Corporation)
S3 hvservice; C:\Windows\System32\drivers\hvservice.sys [74648 2017-03-18] (Microsoft Corporation)
S3 iagpio; C:\Windows\System32\drivers\iagpio.sys [33280 2017-03-18] (Intel(R) Corporation)
S3 iai2c; C:\Windows\System32\drivers\iai2c.sys [81408 2017-03-18] (Intel(R) Corporation)
S3 iaLPSS2i_GPIO2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [70656 2017-03-18] (Intel Corporation)
S3 iaLPSS2i_GPIO2_BXT_P; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [85504 2017-03-18] (Intel Corporation)
S3 iaLPSS2i_I2C; C:\Windows\System32\drivers\iaLPSS2i_I2C.sys [165376 2017-03-18] (Intel Corporation)
S3 iaLPSS2i_I2C_BXT_P; C:\Windows\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [168448 2017-03-18] (Intel Corporation)
S3 ibbus; C:\Windows\System32\drivers\ibbus.sys [526240 2017-03-18] (Mellanox)
S3 IndirectKmd; C:\Windows\System32\drivers\IndirectKmd.sys [36864 2017-03-18] (Microsoft Corporation)
R0 iorate; C:\Windows\System32\drivers\iorate.sys [49568 2017-03-18] (Microsoft Corporation)
S0 LSI_SAS2i; C:\Windows\System32\drivers\lsi_sas2i.sys [123808 2017-03-18] (LSI Corporation)
S0 LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [103328 2017-03-18] (Avago Technologies)
S3 mausbhost; C:\Windows\System32\drivers\mausbhost.sys [405408 2017-03-18] (Microsoft Corporation)
S3 mausbip; C:\Windows\System32\drivers\mausbip.sys [51104 2017-03-18] (Microsoft Corporation)
S0 megasas; C:\Windows\System32\drivers\megasas.sys [59808 2017-03-18] (Avago Technologies)
S0 megasas2i; C:\Windows\System32\drivers\MegaSas2i.sys [64416 2017-03-18] (Avago Technologies)
S3 MessagingService; No ImagePath
S3 MessagingService_1c43f74; No ImagePath
S3 mlx4_bus; C:\Windows\System32\drivers\mlx4_bus.sys [842656 2017-03-18] (Mellanox)
R2 MMCSS; C:\Windows\system32\drivers\mmcss.sys [50688 2017-03-18] (Microsoft Corporation)
R1 MpKsl26359ac2; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DE4AC1A3-9755-4077-A7C1-0D7ED27F6DB2}\MpKsl26359ac2.sys [44928 2017-09-16] (Microsoft Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [177664 2017-07-18] (Microsoft Corporation)
S3 ndfltr; C:\Windows\System32\drivers\ndfltr.sys [108960 2017-03-18] (Mellanox)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [122368 2017-03-18] (Microsoft Corporation)
R3 netr28x; C:\Windows\System32\drivers\netr28x.sys [2537984 2017-03-18] (MediaTek Inc.)
S3 netvsc; C:\Windows\System32\drivers\netvsc.sys [118784 2017-07-18] (Microsoft Corporation)
S3 nvdimmn; C:\Windows\System32\drivers\nvdimmn.sys [80896 2017-03-18] (Microsoft Corporation)
S2 OneSyncSvc; No ImagePath
R2 OneSyncSvc_1c43f74; No ImagePath
S0 percsas2i; C:\Windows\System32\drivers\percsas2i.sys [58784 2017-03-18] (Avago Technologies)
S0 percsas3i; C:\Windows\System32\drivers\percsas3i.sys [61848 2017-03-18] (Avago Technologies)
S3 PimIndexMaintenanceSvc; No ImagePath
S3 PimIndexMaintenanceSvc_1c43f74; No ImagePath
S3 pmem; C:\Windows\System32\drivers\pmem.sys [101376 2017-03-18] (Microsoft Corporation)
S3 ReFSv1; C:\Windows\System32\Drivers\ReFSv1.sys [936864 2017-03-18] (Microsoft Corporation)
S0 scmbus; C:\Windows\System32\drivers\scmbus.sys [91040 2017-03-18] (Microsoft Corporation)
S3 SDFRd; C:\Windows\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 SpatialGraphFilter; C:\Windows\System32\drivers\SpatialGraphFilter.sys [40352 2017-03-20] (Microsoft Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R2 storqosflt; C:\Windows\System32\drivers\storqosflt.sys [79872 2017-03-18] (Microsoft Corporation)
S0 storufs; C:\Windows\System32\drivers\storufs.sys [36760 2017-03-18] (Microsoft Corporation)
S3 UcmCx0101; C:\Windows\System32\Drivers\UcmCx.sys [104960 2017-09-05] (Microsoft Corporation)
S3 UcmTcpciCx0101; C:\Windows\System32\Drivers\UcmTcpciCx.sys [179200 2017-03-18] (Microsoft Corporation)
S3 UcmUcsi; C:\Windows\System32\drivers\UcmUcsi.sys [51712 2017-07-28] (Microsoft Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [45568 2017-03-18] (Microsoft Corporation)
S3 Ufx01000; C:\Windows\System32\drivers\ufx01000.sys [263584 2017-03-18] (Microsoft Corporation)
S3 UfxChipidea; C:\Windows\System32\drivers\UfxChipidea.sys [98712 2017-03-18] (Microsoft Corporation)
S3 ufxsynopsys; C:\Windows\System32\drivers\ufxsynopsys.sys [138656 2017-03-18] (Microsoft Corporation)
S3 UnistoreSvc; No ImagePath
S3 UnistoreSvc_1c43f74; No ImagePath
S3 UrsChipidea; C:\Windows\System32\drivers\urschipidea.sys [29600 2017-03-18] (Microsoft Corporation)
S3 UrsCx01000; C:\Windows\System32\drivers\urscx01000.sys [59288 2017-03-18] (Microsoft Corporation)
S3 UrsSynopsys; C:\Windows\System32\drivers\urssynopsys.sys [28064 2017-03-18] (Microsoft Corporation)
S3 UserDataSvc; No ImagePath
S3 UserDataSvc_1c43f74; No ImagePath
S3 vhf; C:\Windows\System32\drivers\vhf.sys [35328 2017-03-18] (Microsoft Corporation)
S3 vmgid; C:\Windows\System32\drivers\vmgid.sys [10240 2017-03-18] (Microsoft Corporation)
R0 volume; C:\Windows\System32\drivers\volume.sys [16288 2017-03-18] (Microsoft Corporation)
R2 wcifs; C:\Windows\system32\drivers\wcifs.sys [142752 2017-07-18] (Microsoft Corporation)
S3 wcnfs; C:\Windows\system32\drivers\wcnfs.sys [72192 2017-03-18] (Microsoft Corporation)
S3 wdiwifi; C:\Windows\System32\DRIVERS\wdiwifi.sys [757248 2017-07-18] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
R0 WindowsTrustedRT; C:\Windows\System32\drivers\WindowsTrustedRT.sys [70232 2017-03-18] (Microsoft Corporation)
R0 WindowsTrustedRTProxy; C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys [18520 2017-03-18] (Microsoft Corporation)
S3 WinMad; C:\Windows\System32\drivers\winmad.sys [32160 2017-03-18] (Mellanox)
S3 WinNat; C:\Windows\System32\drivers\winnat.sys [217088 2017-03-18] (Microsoft Corporation)
S3 WinVerbs; C:\Windows\System32\drivers\winverbs.sys [64920 2017-03-18] (Mellanox)
S2 WpnUserService; No ImagePath
R2 WpnUserService_1c43f74; No ImagePath
S3 xboxgip; C:\Windows\System32\drivers\xboxgip.sys [277504 2017-07-18] (Microsoft Corporation)
S3 xinputhid; C:\Windows\System32\drivers\xinputhid.sys [46592 2017-03-18] (Microsoft Corporation)
U3 idsvc; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

NETSVC: dosvc -> No ServiceDLL Path.
NETSVC: shpamsvc -> C:\Windows\system32\Windows.SharedPC.AccountManager.dll (Microsoft Corporation)
NETSVC: XblGameSave -> C:\Windows\System32\XblGameSave.dll (Microsoft Corporation)
NETSVC: NaturalAuthentication -> C:\Windows\System32\NaturalAuth.dll (Microsoft Corporation)
NETSVC: UserManager -> C:\Windows\System32\usermgr.dll (Microsoft Corporation)
NETSVC: XblAuthManager -> C:\Windows\System32\XblAuthManager.dll (Microsoft Corporation)
NETSVC: DmEnrollmentSvc -> C:\Windows\system32\Windows.Internal.Management.dll (Microsoft Corporation)
NETSVC: xbgm -> C:\Windows\System32\xbgmsvc.dll (Microsoft Corporation)
NETSVC: TokenBroker -> C:\Windows\System32\TokenBroker.dll (Microsoft Corporation)
NETSVC: dmwappushservice -> C:\Windows\system32\dmwappushsvc.dll (Microsoft Corporation)
NETSVC: wisvc -> C:\Windows\system32\flightsettings.dll (Microsoft Corporation)
NETSVC: WpnService -> C:\Windows\system32\WpnService.dll (Microsoft Corporation)
NETSVC: XboxNetApiSvc -> C:\Windows\system32\XboxNetApiSvc.dll (Microsoft Corporation)
NETSVC: UsoSvc -> C:\Windows\system32\usocore.dll (Microsoft Corporation)
NETSVC: NetSetupSvc -> C:\Windows\System32\NetSetupSvc.dll (Microsoft Corporation)
NETSVC: XboxGipSvc -> C:\Windows\System32\XboxGipSvc.dll (Microsoft Corporation)
NETSVCx32: TokenBroker -> C:\Windows\SysWOW64\TokenBroker.dll (Microsoft Corporation)
NETSVCx32: UserManager -> C:\Windows\SysWOW64\usermgr.dll ==> No File.

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2017-10-08 08:15 - 2017-10-08 08:15 - 00000000 ____D () C:\FRST
2017-10-07 16:53 - 2017-10-07 16:53 - 00000000 ____D () C:\ProgramData\SWCUTemp
2017-09-30 11:28 - 2017-09-30 11:28 - 00001981 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2017-09-30 11:28 - 2017-09-30 11:28 - 00001969 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2017-09-30 11:27 - 2017-09-03 19:55 - 00401488 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-09-23 12:12 - 2017-09-23 12:12 - 00811576 _____ (Roblox Corporation) C:\Users\Jana\Downloads\RobloxPlayerLauncher (1).exe
2017-09-16 18:46 - 2017-09-16 18:46 - 08182736 _____ (Malwarebytes) C:\Users\Jana\Desktop\adwcleaner_7.0.2.1.exe
2017-09-16 18:15 - 2017-09-16 18:15 - 00000000 ____D () C:\rsit
2017-09-16 18:15 - 2017-09-16 18:15 - 00000000 ____D () C:\Program Files\trend micro
2017-09-16 18:14 - 2017-09-16 18:14 - 01329152 _____ () C:\Users\Jana\Desktop\RSITx64.exe
2017-09-14 17:52 - 2017-09-05 07:12 - 01409048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-09-14 17:52 - 2017-09-05 07:12 - 00627080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-09-14 17:52 - 2017-09-05 06:53 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-09-14 17:52 - 2017-09-05 06:52 - 02259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-09-14 17:52 - 2017-09-05 06:46 - 04471888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-09-14 17:52 - 2017-09-05 06:45 - 05821496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-09-14 17:52 - 2017-09-05 06:45 - 02476712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-09-14 17:52 - 2017-09-05 06:45 - 02166808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-09-14 17:52 - 2017-09-05 06:45 - 00750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-09-14 17:52 - 2017-09-05 06:45 - 00085784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialUIBroker.exe
2017-09-14 17:52 - 2017-09-05 06:43 - 00611096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-09-14 17:52 - 2017-09-05 06:43 - 00359560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-09-14 17:52 - 2017-09-05 06:43 - 00280480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-09-14 17:52 - 2017-09-05 06:43 - 00169376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-09-14 17:52 - 2017-09-05 06:42 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-09-14 17:52 - 2017-09-05 06:42 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-09-14 17:52 - 2017-09-05 06:42 - 00182688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-09-14 17:52 - 2017-09-05 06:41 - 20373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-09-14 17:52 - 2017-09-05 06:41 - 06761560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-09-14 17:52 - 2017-09-05 06:41 - 04671832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-09-14 17:52 - 2017-09-05 06:37 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-09-14 17:52 - 2017-09-05 06:26 - 02953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-09-14 17:52 - 2017-09-05 06:26 - 00404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-09-14 17:52 - 2017-09-05 06:25 - 13844480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-09-14 17:52 - 2017-09-05 06:25 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-09-14 17:52 - 2017-09-05 06:24 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-09-14 17:52 - 2017-09-05 06:23 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-09-14 17:52 - 2017-09-05 06:22 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-09-14 17:52 - 2017-09-05 06:21 - 06728704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-09-14 17:52 - 2017-09-05 06:20 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-09-14 17:52 - 2017-09-05 06:19 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-09-14 17:52 - 2017-09-05 06:18 - 00471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-09-14 17:52 - 2017-09-05 06:16 - 05961728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-09-14 17:52 - 2017-09-05 06:16 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-09-14 17:52 - 2017-09-05 06:15 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-09-14 17:52 - 2017-09-05 06:15 - 00657408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-09-14 17:52 - 2017-09-05 06:15 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-09-14 17:52 - 2017-09-05 06:15 - 00430592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-09-14 17:52 - 2017-09-05 06:14 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-09-14 17:52 - 2017-09-05 06:14 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-09-14 17:52 - 2017-09-05 06:13 - 07598080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-09-14 17:52 - 2017-09-05 06:13 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-09-14 17:52 - 2017-09-05 06:12 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-09-14 17:52 - 2017-09-05 06:12 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-09-14 17:52 - 2017-09-05 06:12 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-09-14 17:52 - 2017-09-05 06:11 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-09-14 17:52 - 2017-09-05 06:11 - 01355264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2017-09-14 17:52 - 2017-09-05 06:11 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-09-14 17:52 - 2017-09-05 06:11 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-09-14 17:52 - 2017-09-05 06:11 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-09-14 17:52 - 2017-09-05 06:10 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-09-14 17:52 - 2017-09-05 06:10 - 01627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-09-14 17:52 - 2017-09-05 06:10 - 00761344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-09-14 17:52 - 2017-09-05 06:06 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-09-14 17:52 - 2017-09-05 06:04 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RstrtMgr.dll
2017-09-14 17:52 - 2017-09-05 06:04 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-09-14 17:51 - 2017-09-05 07:30 - 00287648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-09-14 17:51 - 2017-09-05 07:27 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-09-14 17:51 - 2017-09-05 07:24 - 00519584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2017-09-14 17:51 - 2017-09-05 07:23 - 01242528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-09-14 17:51 - 2017-09-05 07:21 - 00189344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-09-14 17:51 - 2017-09-05 07:18 - 00820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-09-14 17:51 - 2017-09-05 07:16 - 00546208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-09-14 17:51 - 2017-09-05 07:14 - 04708504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-09-14 17:51 - 2017-09-05 07:14 - 00094624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-09-14 17:51 - 2017-09-05 07:12 - 01292880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-09-14 17:51 - 2017-09-05 07:12 - 00081176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2017-09-14 17:51 - 2017-09-05 07:11 - 02675104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-09-14 17:51 - 2017-09-05 06:50 - 04330920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2017-09-14 17:51 - 2017-09-05 06:45 - 23679488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-09-14 17:51 - 2017-09-05 06:44 - 00569264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2017-09-14 17:51 - 2017-09-05 06:43 - 00042456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbs.dll
2017-09-14 17:51 - 2017-09-05 06:42 - 00703056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-09-14 17:51 - 2017-09-05 06:42 - 00291904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2017-09-14 17:51 - 2017-09-05 06:41 - 01106904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2017-09-14 17:51 - 2017-09-05 06:41 - 01013912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2017-09-14 17:51 - 2017-09-05 06:40 - 00052768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2017-09-14 17:51 - 2017-09-05 06:28 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2017-09-14 17:51 - 2017-09-05 06:28 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
2017-09-14 17:51 - 2017-09-05 06:27 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-09-14 17:51 - 2017-09-05 06:27 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2017-09-14 17:51 - 2017-09-05 06:26 - 00107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2017-09-14 17:51 - 2017-09-05 06:26 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-09-14 17:51 - 2017-09-05 06:25 - 01448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-09-14 17:51 - 2017-09-05 06:25 - 00293376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-09-14 17:51 - 2017-09-05 06:24 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-09-14 17:51 - 2017-09-05 06:24 - 00182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcrecovery.dll
2017-09-14 17:51 - 2017-09-05 06:24 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-09-14 17:51 - 2017-09-05 06:23 - 20509184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-09-14 17:51 - 2017-09-05 06:23 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-09-14 17:51 - 2017-09-05 06:23 - 00107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2017-09-14 17:51 - 2017-09-05 06:22 - 23684608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-09-14 17:51 - 2017-09-05 06:22 - 00742912 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2017-09-14 17:51 - 2017-09-05 06:22 - 00640512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2017-09-14 17:51 - 2017-09-05 06:22 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-09-14 17:51 - 2017-09-05 06:22 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2017-09-14 17:51 - 2017-09-05 06:22 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-09-14 17:51 - 2017-09-05 06:22 - 00165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-09-14 17:51 - 2017-09-05 06:21 - 01178624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2017-09-14 17:51 - 2017-09-05 06:21 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-09-14 17:51 - 2017-09-05 06:21 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2017-09-14 17:51 - 2017-09-05 06:21 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2017-09-14 17:51 - 2017-09-05 06:21 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2017-09-14 17:51 - 2017-09-05 06:21 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.exe
2017-09-14 17:51 - 2017-09-05 06:20 - 00546816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-09-14 17:51 - 2017-09-05 06:19 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.dll
2017-09-14 17:51 - 2017-09-05 06:19 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2017-09-14 17:51 - 2017-09-05 06:19 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput.dll
2017-09-14 17:51 - 2017-09-05 06:19 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-09-14 17:51 - 2017-09-05 06:19 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-09-14 17:51 - 2017-09-05 06:18 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2017-09-14 17:51 - 2017-09-05 06:18 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-09-14 17:51 - 2017-09-05 06:18 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll
2017-09-14 17:51 - 2017-09-05 06:18 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-09-14 17:51 - 2017-09-05 06:18 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput8.dll
2017-09-14 17:51 - 2017-09-05 06:18 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasman.dll
2017-09-14 17:51 - 2017-09-05 06:17 - 08213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-09-14 17:51 - 2017-09-05 06:17 - 08207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-09-14 17:51 - 2017-09-05 06:17 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2017-09-14 17:51 - 2017-09-05 06:17 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2017-09-14 17:51 - 2017-09-05 06:17 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2017-09-14 17:51 - 2017-09-05 06:17 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-09-14 17:51 - 2017-09-05 06:16 - 00844288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2017-09-14 17:51 - 2017-09-05 06:16 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2017-09-14 17:51 - 2017-09-05 06:16 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2017-09-14 17:51 - 2017-09-05 06:15 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-09-14 17:51 - 2017-09-05 06:15 - 01143296 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-09-14 17:51 - 2017-09-05 06:15 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2017-09-14 17:51 - 2017-09-05 06:14 - 02516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-09-14 17:51 - 2017-09-05 06:14 - 01583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-09-14 17:51 - 2017-09-05 06:14 - 01046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-09-14 17:51 - 2017-09-05 06:14 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-09-14 17:51 - 2017-09-05 06:14 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-09-14 17:51 - 2017-09-05 06:11 - 01463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-09-14 17:51 - 2017-09-05 06:10 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthHFSrv.dll
2017-09-14 17:51 - 2017-09-05 06:06 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2017-09-14 17:51 - 2017-09-05 06:06 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-09-14 17:50 - 2017-09-05 07:31 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-09-14 17:50 - 2017-09-05 07:27 - 00136096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-09-14 17:50 - 2017-09-05 07:26 - 08319904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-09-14 17:50 - 2017-09-05 07:26 - 01930840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-09-14 17:50 - 2017-09-05 07:25 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-09-14 17:50 - 2017-09-05 07:25 - 00159648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-09-14 17:50 - 2017-09-05 07:24 - 00923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-09-14 17:50 - 2017-09-05 07:19 - 04848960 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-09-14 17:50 - 2017-09-05 07:18 - 07326128 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-09-14 17:50 - 2017-09-05 07:18 - 05477096 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-09-14 17:50 - 2017-09-05 07:18 - 02972552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2017-09-14 17:50 - 2017-09-05 07:18 - 02647224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-09-14 17:50 - 2017-09-05 07:18 - 00212384 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-09-14 17:50 - 2017-09-05 07:17 - 00316320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-09-14 17:50 - 2017-09-05 07:16 - 00724200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-09-14 17:50 - 2017-09-05 07:16 - 00410168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-09-14 17:50 - 2017-09-05 07:16 - 00182688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-09-14 17:50 - 2017-09-05 07:15 - 00654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-09-14 17:50 - 2017-09-05 07:14 - 07907344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-09-14 17:50 - 2017-09-05 07:14 - 01146176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2017-09-14 17:50 - 2017-09-05 07:14 - 00958664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2017-09-14 17:50 - 2017-09-05 07:14 - 00254176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-09-14 17:50 - 2017-09-05 07:11 - 00610720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2017-09-14 17:50 - 2017-09-05 07:11 - 00387936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-09-14 17:50 - 2017-09-05 06:53 - 01620880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-09-14 17:50 - 2017-09-05 06:31 - 03668992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-09-14 17:50 - 2017-09-05 06:30 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-09-14 17:50 - 2017-09-05 06:29 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrPS.dll
2017-09-14 17:50 - 2017-09-05 06:28 - 17371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-09-14 17:50 - 2017-09-05 06:28 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-09-14 17:50 - 2017-09-05 06:27 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-09-14 17:50 - 2017-09-05 06:27 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-09-14 17:50 - 2017-09-05 06:27 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\datamarketsvc.dll
2017-09-14 17:50 - 2017-09-05 06:27 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-09-14 17:50 - 2017-09-05 06:26 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.exe
2017-09-14 17:50 - 2017-09-05 06:26 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnpinst.exe
2017-09-14 17:50 - 2017-09-05 06:25 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nsiproxy.sys
2017-09-14 17:50 - 2017-09-05 06:24 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.dll
2017-09-14 17:50 - 2017-09-05 06:24 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-09-14 17:50 - 2017-09-05 06:23 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-09-14 17:50 - 2017-09-05 06:23 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2017-09-14 17:50 - 2017-09-05 06:22 - 00477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll
2017-09-14 17:50 - 2017-09-05 06:22 - 00388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-09-14 17:50 - 2017-09-05 06:22 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-09-14 17:50 - 2017-09-05 06:22 - 00173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2017-09-14 17:50 - 2017-09-05 06:21 - 01051136 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2017-09-14 17:50 - 2017-09-05 06:21 - 00946688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2017-09-14 17:50 - 2017-09-05 06:21 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-09-14 17:50 - 2017-09-05 06:20 - 07337472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-09-14 17:50 - 2017-09-05 06:20 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-09-14 17:50 - 2017-09-05 06:20 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-09-14 17:50 - 2017-09-05 06:20 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-09-14 17:50 - 2017-09-05 06:20 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2017-09-14 17:50 - 2017-09-05 06:19 - 19336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-09-14 17:50 - 2017-09-05 06:18 - 12801536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-09-14 17:50 - 2017-09-05 06:18 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-09-14 17:50 - 2017-09-05 06:18 - 02078720 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-09-14 17:50 - 2017-09-05 06:18 - 00921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2017-09-14 17:50 - 2017-09-05 06:18 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-09-14 17:50 - 2017-09-05 06:18 - 00832000 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2017-09-14 17:50 - 2017-09-05 06:18 - 00803328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-09-14 17:50 - 2017-09-05 06:18 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-09-14 17:50 - 2017-09-05 06:18 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-09-14 17:50 - 2017-09-05 06:18 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-09-14 17:50 - 2017-09-05 06:18 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-09-14 17:50 - 2017-09-05 06:17 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-09-14 17:50 - 2017-09-05 06:17 - 01397760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-09-14 17:50 - 2017-09-05 06:17 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2017-09-14 17:50 - 2017-09-05 06:16 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-09-14 17:50 - 2017-09-05 06:15 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-09-14 17:50 - 2017-09-05 06:15 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-09-14 17:50 - 2017-09-05 06:15 - 02503680 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-09-14 17:50 - 2017-09-05 06:15 - 01077248 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-09-14 17:50 - 2017-09-05 06:15 - 00706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-09-14 17:50 - 2017-09-05 06:15 - 00664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-09-14 17:50 - 2017-09-05 06:15 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-09-14 17:50 - 2017-09-05 06:14 - 11887104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-09-14 17:50 - 2017-09-05 06:14 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-09-14 17:50 - 2017-09-05 06:14 - 02177024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2017-09-14 17:50 - 2017-09-05 06:14 - 02006528 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2017-09-14 17:50 - 2017-09-05 06:14 - 01657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-09-14 17:50 - 2017-09-05 06:13 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-09-14 17:50 - 2017-09-05 06:12 - 06265856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-09-14 17:50 - 2017-09-05 06:11 - 03654656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-09-14 17:50 - 2017-09-05 06:07 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\RstrtMgr.dll
2017-09-14 17:50 - 2017-09-05 06:07 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-09-14 17:50 - 2017-09-01 07:55 - 00031932 _____ () C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-09-14 17:49 - 2017-09-05 07:31 - 01596592 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-09-14 17:49 - 2017-09-05 07:31 - 01346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-09-14 17:49 - 2017-09-05 07:31 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-09-14 17:49 - 2017-09-05 07:31 - 01024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-09-14 17:49 - 2017-09-05 07:31 - 00821664 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-09-14 17:49 - 2017-09-05 07:31 - 00115792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2017-09-14 17:49 - 2017-09-05 07:23 - 04462120 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2017-09-14 17:49 - 2017-09-05 07:20 - 01057824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2017-09-14 17:49 - 2017-09-05 07:19 - 02443168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-09-14 17:49 - 2017-09-05 07:18 - 01668344 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2017-09-14 17:49 - 2017-09-05 07:18 - 00685512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2017-09-14 17:49 - 2017-09-05 07:16 - 01320344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-09-14 17:49 - 2017-09-05 07:16 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-09-14 17:49 - 2017-09-05 07:16 - 00715168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-09-14 17:49 - 2017-09-05 07:16 - 00228256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-09-14 17:49 - 2017-09-05 07:16 - 00049720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbs.dll
2017-09-14 17:49 - 2017-09-05 07:15 - 03116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-09-14 17:49 - 2017-09-05 07:15 - 00871448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-09-14 17:49 - 2017-09-05 07:15 - 00381824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2017-09-14 17:49 - 2017-09-05 07:15 - 00257440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-09-14 17:49 - 2017-09-05 07:14 - 21352656 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-09-14 17:49 - 2017-09-05 07:13 - 01619816 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-09-14 17:49 - 2017-09-05 07:13 - 00064680 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2017-09-14 17:49 - 2017-09-05 06:30 - 01639936 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-09-14 17:49 - 2017-09-05 06:30 - 01275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-09-14 17:49 - 2017-09-05 06:30 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-09-14 17:49 - 2017-09-05 06:30 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-09-14 17:49 - 2017-09-05 06:30 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-09-14 17:49 - 2017-09-05 06:30 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-09-14 17:49 - 2017-09-05 06:30 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll
2017-09-14 17:49 - 2017-09-05 06:30 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-09-14 17:49 - 2017-09-05 06:27 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\CfgSPCellular.dll
2017-09-14 17:49 - 2017-09-05 06:27 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAPNCsp.dll
2017-09-14 17:49 - 2017-09-05 06:27 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-09-14 17:49 - 2017-09-05 06:26 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2017-09-14 17:49 - 2017-09-05 06:26 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\csplte.dll
2017-09-14 17:49 - 2017-09-05 06:26 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2017-09-14 17:49 - 2017-09-05 06:26 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2017-09-14 17:49 - 2017-09-05 06:26 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-09-14 17:49 - 2017-09-05 06:25 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-09-14 17:49 - 2017-09-05 06:25 - 00527872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-09-14 17:49 - 2017-09-05 06:25 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-09-14 17:49 - 2017-09-05 06:25 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-09-14 17:49 - 2017-09-05 06:24 - 00385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\tpmvsc.dll
2017-09-14 17:49 - 2017-09-05 06:24 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2017-09-14 17:49 - 2017-09-05 06:24 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput.dll
2017-09-14 17:49 - 2017-09-05 06:24 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2017-09-14 17:49 - 2017-09-05 06:23 - 00739840 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2017-09-14 17:49 - 2017-09-05 06:23 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-09-14 17:49 - 2017-09-05 06:23 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2017-09-14 17:49 - 2017-09-05 06:23 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasman.dll
2017-09-14 17:49 - 2017-09-05 06:22 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-09-14 17:49 - 2017-09-05 06:22 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-09-14 17:49 - 2017-09-05 06:22 - 00413184 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2017-09-14 17:49 - 2017-09-05 06:22 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2017-09-14 17:49 - 2017-09-05 06:22 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput8.dll
2017-09-14 17:49 - 2017-09-05 06:21 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2017-09-14 17:49 - 2017-09-05 06:21 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2017-09-14 17:49 - 2017-09-05 06:20 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-09-14 17:49 - 2017-09-05 06:20 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-09-14 17:49 - 2017-09-05 06:19 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-09-14 17:49 - 2017-09-05 06:19 - 01085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-09-14 17:49 - 2017-09-05 06:19 - 01028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-09-14 17:49 - 2017-09-05 06:19 - 00996864 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2017-09-14 17:49 - 2017-09-05 06:19 - 00772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-09-14 17:49 - 2017-09-05 06:19 - 00772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-09-14 17:49 - 2017-09-05 06:19 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2017-09-14 17:49 - 2017-09-05 06:18 - 00922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-09-14 17:49 - 2017-09-05 06:18 - 00874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-09-14 17:49 - 2017-09-05 06:18 - 00564736 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2017-09-14 17:49 - 2017-09-05 06:18 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-09-14 17:49 - 2017-09-05 06:17 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-09-14 17:49 - 2017-09-05 06:16 - 02805248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-09-14 17:49 - 2017-09-05 06:16 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2017-09-14 17:49 - 2017-09-05 06:16 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2017-09-14 17:49 - 2017-09-05 06:16 - 00397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-09-14 17:49 - 2017-09-05 06:15 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-09-14 17:49 - 2017-09-05 06:15 - 02055680 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-09-14 17:49 - 2017-09-05 06:15 - 01736704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2017-09-14 17:49 - 2017-09-05 06:15 - 01460224 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-09-14 17:49 - 2017-09-05 06:15 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-09-14 17:49 - 2017-09-05 06:14 - 02445824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-09-14 17:49 - 2017-09-05 06:14 - 00986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-09-14 17:49 - 2017-09-05 06:14 - 00810496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-09-14 17:49 - 2017-09-05 06:13 - 01802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-09-14 17:49 - 2017-09-05 06:13 - 00407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-09-14 17:49 - 2017-09-05 06:12 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2017-09-14 17:49 - 2017-09-05 06:11 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2017-09-14 17:49 - 2017-09-05 06:09 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2017-09-14 17:21 - 2017-09-14 18:11 - 925633060 _____ () C:\Users\Jana\Downloads\Lidská-stonožka-1-CZ-tit.---by-Baggio88.avi

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2017-10-08 08:16 - 2014-10-19 17:17 - 00037071 _____ () C:\Users\host\Desktop\FRST.txt
2017-10-08 08:11 - 2017-07-18 17:59 - 00004192 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{8BA9F51F-28D5-46AF-97BD-F403D23B84AA}
2017-10-08 08:08 - 2017-03-18 23:03 - 00000000 ____D () C:\WINDOWS\system32\sru
2017-10-08 08:08 - 2016-05-16 13:40 - 00000380 _____ () C:\Users\Jana\AppData\Roaming\sp_data.sys
2017-10-08 01:51 - 2017-07-18 17:39 - 00000000 ____D () C:\Users\Jana
2017-10-07 22:11 - 2016-05-13 21:17 - 00000000 ____D () C:\Users\Jana\AppData\Roaming\Kodi
2017-10-07 22:10 - 2017-07-18 17:32 - 00000000 ____D () C:\WINDOWS\system32\SleepStudy
2017-10-06 20:58 - 2017-02-01 19:21 - 00000000 ____D () C:\Users\Jana\AppData\Roaming\.minecraft
2017-10-06 20:57 - 2017-02-01 19:35 - 00000000 ____D () C:\Users\Jana\GSplay
2017-10-06 14:22 - 2016-05-13 23:01 - 00000275 _____ () C:\WINDOWS\WindowsUpdate.log
2017-10-06 14:18 - 2017-07-18 17:59 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2017-10-06 14:08 - 2017-03-18 23:03 - 00000000 ____D () C:\WINDOWS\AppReadiness
2017-10-05 18:06 - 2016-12-18 15:53 - 00001469 _____ () C:\Users\Jana\Desktop\Roblox Player.lnk
2017-10-05 18:06 - 2016-12-18 15:52 - 00001284 _____ () C:\Users\Jana\Desktop\Roblox Studio.lnk
2017-10-05 18:06 - 2016-12-18 15:52 - 00000000 ____D () C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2017-10-04 17:55 - 2017-07-18 17:59 - 00004154 _____ () C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1498841812
2017-10-01 23:26 - 2016-10-02 17:43 - 00000000 ____D () C:\Users\Jana\AppData\Roaming\vlc
2017-10-01 12:55 - 2017-07-18 17:39 - 00000000 ____D () C:\Users\DefaultAppPool
2017-09-30 19:05 - 2016-10-02 18:15 - 00022678 _____ () C:\WINDOWS\PFRO.log
2017-09-30 11:28 - 2017-07-18 17:59 - 00004006 _____ () C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1498842471
2017-09-30 11:28 - 2017-06-30 19:08 - 00001090 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-09-30 11:27 - 2017-08-04 20:52 - 00061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2017-09-30 11:27 - 2017-07-18 17:59 - 00003994 _____ () C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-09-30 11:27 - 2017-06-30 19:03 - 00361784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys
2017-09-28 11:00 - 2017-03-18 23:03 - 00000000 ____D () C:\WINDOWS\system32\NDF
2017-09-27 19:53 - 2012-02-24 13:40 - 00002274 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-09-22 10:00 - 2017-08-04 16:02 - 00003358 _____ () C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2566585407-4284200854-934862898-1001
2017-09-22 10:00 - 2016-05-28 11:19 - 00002425 _____ () C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-09-22 10:00 - 2016-05-28 11:19 - 00000000 ___RD () C:\Users\Jana\OneDrive
2017-09-18 16:56 - 2017-06-30 19:03 - 00199312 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-09-16 19:00 - 2017-07-18 17:38 - 02229956 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2017-09-16 19:00 - 2017-03-20 06:43 - 00940656 _____ () C:\WINDOWS\system32\perfh005.dat
2017-09-16 19:00 - 2017-03-20 06:43 - 00221478 _____ () C:\WINDOWS\system32\perfc005.dat
2017-09-16 18:52 - 2017-03-18 13:40 - 01048576 _____ () C:\WINDOWS\system32\config\BBI
2017-09-16 18:47 - 2016-05-13 23:15 - 00000000 ____D () C:\AdwCleaner
2017-09-16 12:04 - 2016-06-02 17:56 - 00544424 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-09-16 10:34 - 2017-03-18 23:03 - 00000000 ____D () C:\WINDOWS\rescache
2017-09-14 22:53 - 2017-07-15 17:10 - 00000000 ____D () C:\ProgramData\updater2
2017-09-14 22:32 - 2017-07-18 17:32 - 00217328 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2017-09-14 19:09 - 2017-03-20 06:43 - 00000000 ____D () C:\WINDOWS\system32\cs
2017-09-14 19:09 - 2017-03-18 23:03 - 00000000 ___SD () C:\WINDOWS\SysWOW64\F12
2017-09-14 19:09 - 2017-03-18 23:03 - 00000000 ___SD () C:\WINDOWS\system32\F12
2017-09-14 19:09 - 2017-03-18 23:03 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2017-09-14 19:09 - 2017-03-18 23:03 - 00000000 ____D () C:\WINDOWS\system32\WinBioPlugIns
2017-09-14 19:09 - 2017-03-18 23:03 - 00000000 ____D () C:\WINDOWS\system32\setup
2017-09-14 19:09 - 2017-03-18 23:03 - 00000000 ____D () C:\WINDOWS\ShellExperiences
2017-09-14 19:09 - 2017-03-18 23:03 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2017-09-14 19:09 - 2017-03-18 23:03 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2017-09-14 18:04 - 2016-06-02 20:05 - 00000000 ____D () C:\WINDOWS\system32\MRT
2017-09-14 18:01 - 2017-03-18 22:51 - 00000000 ____D () C:\WINDOWS\CbsTemp
2017-09-14 18:01 - 2016-06-02 20:05 - 138202976 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-09-12 14:55 - 2017-07-18 17:59 - 00004648 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-09-12 14:54 - 2017-03-18 23:03 - 00000000 ____D () C:\WINDOWS\SysWOW64\Macromed
2017-09-12 14:54 - 2017-03-18 23:03 - 00000000 ____D () C:\WINDOWS\system32\Macromed
2017-09-10 09:45 - 2015-08-14 06:39 - 00001582 _____ () C:\WINDOWS\system32\ServiceFilter.ini

Some content of TEMP:
====================
C:\Users\Jana\AppData\Local\Temp\sqlite-3.8.2-x86-sqlitejdbc.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe IS MISSING <==== ATTENTION!.
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2017-10-05 19:03

==================== End Of Log ============================


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: Zpomaleny notebook
PříspěvekNapsal: 08 říj 2017 11:47 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 100938
Bydliště: Plzeň
Máte starý FRST. Stáhněte aktuální a znovu spusťte. Dejte nový log.

Citace:
ATTENTION: ====> FRST version is 1085 days old and could be outdated

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: Zpomaleny notebook
PříspěvekNapsal: 25 říj 2017 17:45 
Offline
Vzorný návštěvník
Vzorný návštěvník

Registrován: 21 kvě 2008 10:42
Příspěvky: 121
Bydliště: Ostrava
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-10-2017
Ran by Jana (administrator) on JANA-PC (25-10-2017 18:34:11)
Running from C:\Users\Jana\Desktop
Loaded Profiles: Jana & DefaultAppPool (Available Profiles: Jana & DefaultAppPool)
Platform: Windows 10 Home Version 1703 15063.674 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
(ASUS) C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\w3wp.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ASUS) C:\Windows\AsScrPro.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ASUS) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.7.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Spotify Ltd) C:\Users\Jana\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
() C:\Program Files\WindowsApps\Microsoft.MSPaint_3.1710.4027.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentask.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [361984 2015-08-13] (Alcor Micro Corp.)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1467400 2000-01-01] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [253344 2017-10-17] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3331312 2012-02-24] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [318080 2011-12-23] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174720 2011-10-25] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2319536 2011-10-19] (ASUS)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-2566585407-4284200854-934862898-1001\...\Run: [GSplay.exe] => C:\Users\Jana\Desktop\GSplay.exe [4772747 2017-02-01] ()
HKU\S-1-5-21-2566585407-4284200854-934862898-1001\...\Run: [Spotify] => C:\Users\Jana\AppData\Roaming\Spotify\Spotify.exe [21093488 2017-10-24] (Spotify Ltd)
HKU\S-1-5-21-2566585407-4284200854-934862898-1001\...\Run: [Spotify Web Helper] => C:\Users\Jana\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-10-24] (Spotify Ltd)
HKU\S-1-5-21-2566585407-4284200854-934862898-1001\...\MountPoints2: {1e781731-79bf-11e7-a5a0-3085a9014682} - "F:\Lenovo_Suite.exe"
HKU\S-1-5-21-2566585407-4284200854-934862898-1001\...\MountPoints2: {1e781768-79bf-11e7-a5a0-3085a9014682} - "F:\Lenovo_Suite.exe"
HKU\S-1-5-21-2566585407-4284200854-934862898-1001\...\MountPoints2: {1e78178e-79bf-11e7-a5a0-3085a9014682} - "F:\Lenovo_Suite.exe"
HKU\S-1-5-21-2566585407-4284200854-934862898-1001\...\MountPoints2: {1e781795-79bf-11e7-a5a0-3085a9014682} - "F:\Lenovo_Suite.exe"
HKU\S-1-5-21-2566585407-4284200854-934862898-1001\...\MountPoints2: {1e7817ac-79bf-11e7-a5a0-3085a9014682} - "F:\Lenovo_Suite.exe"
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517120 2017-03-18] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{b457cd3f-0711-457d-a130-d7fa1196ed51}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{cee2ea69-91fd-459c-a363-76587be644fd}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-2566585407-4284200854-934862898-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com/
HKU\S-1-5-21-2566585407-4284200854-934862898-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
URLSearchHook: HKU\S-1-5-21-2566585407-4284200854-934862898-1001 - (No Name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No File
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2566585407-4284200854-934862898-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2566585407-4284200854-934862898-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-07-15] (Oracle Corporation)
BHO-x32: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-07-15] (Oracle Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore => not found
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor => not found
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-07-15] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-07-15] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/SAFFPlugin -> C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default [2017-09-16]
CHR Extension: (Disk Google) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-13]
CHR Extension: (Zhasnout světla) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2016-05-13]
CHR Extension: (YouTube) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-13]
CHR Extension: (Vyhledávání Google) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-13]
CHR Extension: (Tabulky Google) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-13]
CHR Extension: (AdBlock) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-05-14]
CHR Extension: (Reklamní-Kupony.cz - slevové kupony) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkkmaoibnpgeoicicbjpcklbkdickdcj [2016-05-13]
CHR Extension: (Instantní zrcátko) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfojfpgdlapjkpehegmfpcpbfnddpbab [2016-05-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-13]
CHR Extension: (Gmail) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-13]
CHR Profile: C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-10-25]
CHR Extension: (Dokumenty) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Disk Google) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-14]
CHR Extension: (YouTube) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-14]
CHR Extension: (Avast SafePrice) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-10-17]
CHR Extension: (Tabulky) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-14]
CHR Extension: (Avast Online Security) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-10-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Gmail) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-14]
CHR Extension: (Chrome Media Router) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-30]
CHR Profile: C:\Users\Jana\AppData\Local\Google\Chrome\User Data\System Profile [2017-10-08]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120 2012-02-03] (ASUS)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7446024 2017-10-17] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [281416 2017-10-17] (AVAST Software)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2016-12-22] (Disc Soft Ltd)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-07-18] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [321032 2017-10-17] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [198976 2017-10-17] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [343288 2017-10-17] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [57736 2017-10-17] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [47008 2017-10-17] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [41832 2017-09-03] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [147776 2017-10-17] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [110376 2017-10-17] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [84416 2017-10-17] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1020536 2017-10-17] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [587168 2017-10-17] (AVAST Software)
S2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [201352 2017-10-17] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [363440 2017-10-17] (AVAST Software)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-01-30] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-01-30] (Disc Soft Ltd)
R3 netr28x; C:\WINDOWS\System32\drivers\netr28x.sys [2537984 2017-03-18] (MediaTek Inc.)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-10-25 18:34 - 2017-10-25 18:35 - 000019355 _____ C:\Users\Jana\Desktop\FRST.txt
2017-10-25 18:17 - 2017-10-25 18:17 - 002403328 _____ (Farbar) C:\Users\Jana\Desktop\FRST64.exe
2017-10-24 18:59 - 2017-10-24 18:59 - 000000000 ___RD C:\Users\Jana\3D Objects
2017-10-22 17:44 - 2017-09-30 07:45 - 000511896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2017-10-22 17:44 - 2017-09-30 07:40 - 000336320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-10-22 17:44 - 2017-09-30 04:29 - 001408536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-10-22 17:44 - 2017-09-30 04:29 - 000804784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-10-22 17:44 - 2017-09-30 04:26 - 001333136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-10-22 17:44 - 2017-09-30 04:26 - 001292872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-10-22 17:44 - 2017-09-30 04:10 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-10-22 17:44 - 2017-09-30 04:10 - 000606072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-10-22 17:44 - 2017-09-30 04:10 - 000480920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2017-10-22 17:44 - 2017-09-30 04:09 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-10-22 17:44 - 2017-09-30 04:09 - 000787712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2017-10-22 17:44 - 2017-09-30 04:06 - 004471368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-10-22 17:44 - 2017-09-30 04:05 - 005827744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-10-22 17:44 - 2017-09-30 04:05 - 002603744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2017-10-22 17:44 - 2017-09-30 04:05 - 001266544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-10-22 17:44 - 2017-09-30 04:05 - 000750488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-10-22 17:44 - 2017-09-30 04:05 - 000559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-10-22 17:44 - 2017-09-30 04:04 - 004215184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2017-10-22 17:44 - 2017-09-30 04:04 - 000612120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-10-22 17:44 - 2017-09-30 04:04 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-10-22 17:44 - 2017-09-30 04:04 - 000438096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-10-22 17:44 - 2017-09-30 04:04 - 000347544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-10-22 17:44 - 2017-09-30 04:04 - 000182680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-10-22 17:44 - 2017-09-30 04:03 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-10-22 17:44 - 2017-09-30 04:03 - 006768288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-10-22 17:44 - 2017-09-30 04:03 - 001439032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-10-22 17:44 - 2017-09-30 04:02 - 000175512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-10-22 17:44 - 2017-09-29 09:45 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-10-22 17:44 - 2017-09-29 09:43 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-10-22 17:44 - 2017-09-29 09:43 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2017-10-22 17:44 - 2017-09-29 09:41 - 013844992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-10-22 17:44 - 2017-09-29 09:40 - 006728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-10-22 17:44 - 2017-09-29 09:40 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-10-22 17:44 - 2017-09-29 09:39 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-10-22 17:44 - 2017-09-29 09:38 - 005721600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-10-22 17:44 - 2017-09-29 09:38 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-10-22 17:44 - 2017-09-29 09:38 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-10-22 17:44 - 2017-09-29 09:38 - 000308224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-10-22 17:44 - 2017-09-29 09:38 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-10-22 17:44 - 2017-09-29 09:37 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2017-10-22 17:44 - 2017-09-29 09:37 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2017-10-22 17:44 - 2017-09-29 09:36 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-10-22 17:44 - 2017-09-29 09:34 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-10-22 17:44 - 2017-09-29 09:34 - 000798720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-10-22 17:44 - 2017-09-29 09:34 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-10-22 17:44 - 2017-09-29 09:33 - 007598080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-10-22 17:44 - 2017-09-29 09:33 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-10-22 17:44 - 2017-09-29 09:33 - 001506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-10-22 17:44 - 2017-09-29 09:32 - 002782720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2017-10-22 17:44 - 2017-09-29 09:32 - 002340864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-10-22 17:44 - 2017-09-29 09:32 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-10-22 17:44 - 2017-09-29 09:32 - 001244160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-10-22 17:44 - 2017-09-29 09:32 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-10-22 17:44 - 2017-09-29 09:32 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-10-22 17:44 - 2017-09-29 09:29 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2017-10-22 17:44 - 2017-09-29 09:24 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-10-22 17:44 - 2017-09-20 17:08 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-10-22 17:44 - 2017-09-20 17:08 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-10-22 17:44 - 2017-09-20 17:08 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-10-22 17:44 - 2017-09-19 01:09 - 000554400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-10-22 17:43 - 2017-09-30 07:49 - 001004136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-10-22 17:43 - 2017-09-30 07:42 - 000820120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-10-22 17:43 - 2017-09-30 07:41 - 000259400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2017-10-22 17:43 - 2017-09-30 07:40 - 000173976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2017-10-22 17:43 - 2017-09-30 07:36 - 002672024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-10-22 17:43 - 2017-09-30 04:10 - 000508344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-10-22 17:43 - 2017-09-30 04:01 - 000124544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2017-10-22 17:43 - 2017-09-29 09:44 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2017-10-22 17:43 - 2017-09-29 09:43 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2017-10-22 17:43 - 2017-09-29 09:42 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mgmtapi.dll
2017-10-22 17:43 - 2017-09-29 09:41 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2017-10-22 17:43 - 2017-09-29 09:40 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-10-22 17:43 - 2017-09-29 09:39 - 020511232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-10-22 17:43 - 2017-09-29 09:38 - 001135616 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icuuc.dll
2017-10-22 17:43 - 2017-09-29 09:38 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2017-10-22 17:43 - 2017-09-29 09:38 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2017-10-22 17:43 - 2017-09-29 09:36 - 019337216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-10-22 17:43 - 2017-09-29 09:35 - 003654656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-10-22 17:43 - 2017-09-29 09:34 - 006255616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-10-22 17:43 - 2017-09-29 09:34 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2017-10-22 17:43 - 2017-09-29 09:31 - 003107328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-10-22 17:43 - 2017-09-29 09:31 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-10-22 17:43 - 2017-09-29 09:31 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-10-22 17:43 - 2017-09-29 09:31 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-10-22 17:43 - 2017-09-29 09:29 - 001460736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2017-10-22 17:43 - 2017-09-29 09:29 - 001318912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2017-10-22 17:43 - 2017-09-29 09:29 - 000724992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-10-22 17:43 - 2017-09-29 09:29 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-10-22 17:43 - 2017-09-29 09:29 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2017-10-22 17:43 - 2017-09-29 09:28 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2017-10-22 17:43 - 2017-09-29 09:28 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2017-10-22 17:43 - 2017-09-29 09:28 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-10-22 17:43 - 2017-09-29 09:28 - 000297984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2017-10-22 17:43 - 2017-09-29 09:28 - 000104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2017-10-22 17:43 - 2017-09-29 09:28 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cipher.exe
2017-10-22 17:43 - 2017-09-29 09:27 - 000409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-10-22 17:43 - 2017-09-29 09:27 - 000350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2017-10-22 17:43 - 2017-09-29 09:26 - 008213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-10-22 17:43 - 2017-09-29 09:25 - 008199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-10-22 17:43 - 2017-09-29 09:24 - 001628672 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2017-10-22 17:43 - 2017-09-29 09:23 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-10-22 17:43 - 2017-09-29 09:21 - 003304448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-10-22 17:43 - 2017-09-29 09:21 - 000414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-10-22 17:43 - 2017-09-29 09:20 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2017-10-22 17:43 - 2017-09-29 09:20 - 000286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-10-22 17:43 - 2017-09-29 09:19 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2017-10-22 17:43 - 2017-09-29 09:18 - 000215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\manage-bde.exe
2017-10-22 17:43 - 2017-09-29 09:18 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2017-10-22 17:43 - 2017-09-29 07:40 - 000804312 _____ C:\WINDOWS\SysWOW64\locale.nls
2017-10-22 17:43 - 2017-09-29 07:40 - 000804312 _____ C:\WINDOWS\system32\locale.nls
2017-10-22 17:43 - 2017-09-19 00:20 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tetheringclient.dll
2017-10-22 17:43 - 2017-09-19 00:15 - 000648704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-10-22 17:42 - 2017-09-30 07:51 - 000661224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-10-22 17:42 - 2017-09-30 07:49 - 000777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-10-22 17:42 - 2017-09-30 07:49 - 000135576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-10-22 17:42 - 2017-09-30 07:48 - 008319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-10-22 17:42 - 2017-09-30 07:48 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-10-22 17:42 - 2017-09-30 07:48 - 002327448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-10-22 17:42 - 2017-09-30 07:47 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-10-22 17:42 - 2017-09-30 07:47 - 001194792 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2017-10-22 17:42 - 2017-09-30 07:44 - 000181912 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2017-10-22 17:42 - 2017-09-30 07:43 - 007318888 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-10-22 17:42 - 2017-09-30 07:41 - 005304496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2017-10-22 17:42 - 2017-09-30 07:41 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-10-22 17:42 - 2017-09-30 07:40 - 000724704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-10-22 17:42 - 2017-09-30 07:38 - 007910072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-10-22 17:42 - 2017-09-30 07:38 - 002239136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-10-22 17:42 - 2017-09-30 07:36 - 000057976 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2017-10-22 17:42 - 2017-09-30 04:10 - 001150776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-10-22 17:42 - 2017-09-29 09:46 - 023678976 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-10-22 17:42 - 2017-09-29 09:39 - 011888640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-10-22 17:42 - 2017-09-29 09:34 - 017370624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-10-22 17:42 - 2017-09-29 09:33 - 000658944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-10-22 17:42 - 2017-09-29 09:32 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2017-10-22 17:42 - 2017-09-29 09:32 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mgmtapi.dll
2017-10-22 17:42 - 2017-09-29 09:30 - 023686144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-10-22 17:42 - 2017-09-29 09:29 - 008333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-10-22 17:42 - 2017-09-29 09:28 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-10-22 17:42 - 2017-09-29 09:28 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-10-22 17:42 - 2017-09-29 09:27 - 012803072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-10-22 17:42 - 2017-09-29 09:27 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-10-22 17:42 - 2017-09-29 09:26 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2017-10-22 17:42 - 2017-09-29 09:25 - 002760704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-10-22 17:42 - 2017-09-29 09:25 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-10-22 17:42 - 2017-09-29 09:23 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-10-22 17:42 - 2017-09-29 09:23 - 003140096 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2017-10-22 17:42 - 2017-09-29 09:23 - 001887744 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-10-22 17:42 - 2017-09-29 09:23 - 001398784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-10-22 17:42 - 2017-09-29 09:23 - 000756224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-10-22 17:42 - 2017-09-29 09:22 - 002829824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-10-22 17:42 - 2017-09-29 09:21 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-10-22 17:42 - 2017-09-29 09:21 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2017-10-22 17:42 - 2017-09-29 09:20 - 000804864 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2017-10-22 17:42 - 2017-09-29 09:20 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2017-10-22 17:42 - 2017-09-29 09:19 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2017-10-22 17:42 - 2017-09-29 09:19 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2017-10-22 17:42 - 2017-09-19 01:20 - 001065104 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-10-22 17:42 - 2017-09-19 01:20 - 000900376 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-10-22 17:42 - 2017-09-19 01:17 - 001395664 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-10-22 17:42 - 2017-09-19 01:17 - 001186464 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-10-22 17:42 - 2017-09-19 00:25 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\eShims.dll
2017-10-22 17:42 - 2017-09-19 00:20 - 000831488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-10-22 17:41 - 2017-09-30 07:52 - 001595152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-10-22 17:41 - 2017-09-30 07:51 - 001458320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-10-22 17:41 - 2017-09-30 07:51 - 001147288 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-10-22 17:41 - 2017-09-30 07:50 - 001346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-10-22 17:41 - 2017-09-30 07:50 - 001068208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-10-22 17:41 - 2017-09-30 07:50 - 001024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-10-22 17:41 - 2017-09-30 07:48 - 000644696 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2017-10-22 17:41 - 2017-09-30 07:44 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-10-22 17:41 - 2017-09-30 07:43 - 002442136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-10-22 17:41 - 2017-09-30 07:42 - 004848952 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-10-22 17:41 - 2017-09-30 07:42 - 001506712 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-10-22 17:41 - 2017-09-30 07:41 - 005477600 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-10-22 17:41 - 2017-09-30 07:41 - 002086808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-10-22 17:41 - 2017-09-30 07:41 - 000961944 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-10-22 17:41 - 2017-09-30 07:41 - 000651672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-10-22 17:41 - 2017-09-30 07:41 - 000257432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-10-22 17:41 - 2017-09-30 07:41 - 000228248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-10-22 17:41 - 2017-09-30 07:40 - 000558912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-10-22 17:41 - 2017-09-30 07:40 - 000408984 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-10-22 17:41 - 2017-09-30 07:40 - 000184728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2017-10-22 17:41 - 2017-09-30 07:39 - 021351760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-10-22 17:41 - 2017-09-30 07:39 - 000203672 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-10-22 17:41 - 2017-09-29 09:34 - 003669504 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-10-22 17:41 - 2017-09-29 09:32 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-10-22 17:41 - 2017-09-29 09:32 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2017-10-22 17:41 - 2017-09-29 09:32 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-10-22 17:41 - 2017-09-29 09:31 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-10-22 17:41 - 2017-09-29 09:30 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-10-22 17:41 - 2017-09-29 09:30 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-10-22 17:41 - 2017-09-29 09:30 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-10-22 17:41 - 2017-09-29 09:30 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-10-22 17:41 - 2017-09-29 09:29 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-10-22 17:41 - 2017-09-29 09:29 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2017-10-22 17:41 - 2017-09-29 09:29 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-10-22 17:41 - 2017-09-29 09:29 - 000304640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2017-10-22 17:41 - 2017-09-29 09:28 - 000556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-10-22 17:41 - 2017-09-29 09:28 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-10-22 17:41 - 2017-09-29 09:28 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-10-22 17:41 - 2017-09-29 09:27 - 001321984 ____R (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2017-10-22 17:41 - 2017-09-29 09:27 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2017-10-22 17:41 - 2017-09-29 09:27 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-10-22 17:41 - 2017-09-29 09:26 - 002809344 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-10-22 17:41 - 2017-09-29 09:26 - 001468928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-10-22 17:41 - 2017-09-29 09:26 - 001269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-10-22 17:41 - 2017-09-29 09:26 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-10-22 17:41 - 2017-09-29 09:25 - 004175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-10-22 17:41 - 2017-09-29 09:24 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-10-22 17:41 - 2017-09-29 09:24 - 002503680 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-10-22 17:41 - 2017-09-29 09:24 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-10-22 17:41 - 2017-09-29 09:24 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-10-22 17:41 - 2017-09-29 09:24 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-10-22 17:41 - 2017-09-29 09:23 - 002730496 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-10-22 17:41 - 2017-09-29 09:23 - 002446336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-10-22 17:41 - 2017-09-29 09:23 - 002055680 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-10-22 17:41 - 2017-09-29 09:23 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-10-22 17:41 - 2017-09-29 09:23 - 001460224 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-10-22 17:41 - 2017-09-29 09:23 - 001052672 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-10-22 17:41 - 2017-09-29 09:23 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-10-22 17:41 - 2017-09-29 09:23 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-10-22 17:41 - 2017-09-29 09:23 - 000841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-10-22 17:41 - 2017-09-29 09:23 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-10-22 17:41 - 2017-09-29 09:22 - 001802240 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-10-22 17:41 - 2017-09-29 09:22 - 001438208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-10-22 17:41 - 2017-09-29 09:22 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-10-22 17:41 - 2017-09-29 09:21 - 000722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-10-22 17:41 - 2017-09-29 09:21 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2017-10-22 17:41 - 2017-09-29 09:20 - 001811456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2017-10-22 17:41 - 2017-09-29 09:19 - 002088448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2017-10-22 17:41 - 2017-09-29 09:18 - 002438656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-10-22 17:41 - 2017-09-29 09:18 - 001527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-10-22 17:41 - 2017-09-29 09:18 - 000893440 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2017-10-22 17:41 - 2017-09-29 09:18 - 000603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2017-10-22 17:41 - 2017-09-19 01:18 - 000965024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-10-22 17:41 - 2017-09-19 01:17 - 000821664 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-10-22 17:41 - 2017-09-19 01:11 - 001018272 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2017-10-22 17:40 - 2017-09-30 07:40 - 000642680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-10-22 17:40 - 2017-09-30 07:40 - 000072944 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2017-10-22 17:40 - 2017-09-29 09:33 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2017-10-22 17:40 - 2017-09-29 09:32 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2017-10-22 17:40 - 2017-09-29 09:31 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\efssvc.dll
2017-10-22 17:40 - 2017-09-29 09:30 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2017-10-22 17:40 - 2017-09-29 09:29 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ServiceWorkerHost.exe
2017-10-22 17:40 - 2017-09-29 09:27 - 000565760 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2017-10-22 17:40 - 2017-09-29 09:27 - 000538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2017-10-22 17:40 - 2017-09-29 09:26 - 000356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2017-10-22 17:40 - 2017-09-29 09:23 - 000512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2017-10-22 17:40 - 2017-09-29 09:21 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\regsvc.dll
2017-10-22 17:40 - 2017-09-29 09:21 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2017-10-22 17:40 - 2017-09-29 09:20 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiexe.dll
2017-10-22 17:40 - 2017-09-29 09:18 - 000347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2017-10-22 17:40 - 2017-09-29 09:18 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2017-10-22 17:40 - 2017-09-29 09:18 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\cipher.exe
2017-10-22 17:40 - 2017-09-19 00:26 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2017-10-22 17:40 - 2017-09-19 00:23 - 000210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2017-10-17 14:31 - 2017-10-17 14:31 - 000401488 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-10-13 15:35 - 2017-10-13 15:35 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-10-08 10:04 - 2017-10-08 10:04 - 000153956 _____ C:\Users\Jana\Desktop\Backup jana 2017-10-08.mpb
2017-10-08 10:02 - 2017-10-08 10:04 - 000000000 ____D C:\Users\Jana\Desktop\Aplikace zaloha mobil
2017-10-08 09:37 - 2017-10-08 09:37 - 000000000 ____D C:\Users\Jana\.android
2017-10-08 09:36 - 2017-10-08 11:20 - 000000000 ____D C:\Users\Jana\AppData\Roaming\MyPhoneExplorer
2017-10-08 09:36 - 2017-10-08 09:36 - 000002128 _____ C:\Users\Public\Desktop\MyPhoneExplorer.lnk
2017-10-08 09:36 - 2017-10-08 09:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPhoneExplorer
2017-10-08 09:36 - 2017-10-08 09:36 - 000000000 ____D C:\Program Files (x86)\MyPhoneExplorer
2017-10-08 09:34 - 2017-10-08 09:35 - 008477880 _____ C:\Users\Jana\Downloads\MyPhoneExplorer_Setup_v1.8.8.exe
2017-10-08 08:22 - 2017-10-25 18:17 - 000000000 ____D C:\Users\Jana\AppData\Local\Spotify
2017-10-08 08:22 - 2017-10-08 08:22 - 000001886 _____ C:\Users\Jana\Desktop\Spotify.lnk
2017-10-08 08:22 - 2017-10-08 08:22 - 000001872 _____ C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2017-10-08 08:20 - 2017-10-25 18:16 - 000000000 ____D C:\Users\Jana\AppData\Roaming\Spotify
2017-10-08 08:20 - 2017-10-08 08:20 - 000723152 _____ (Spotify Ltd) C:\Users\Jana\Downloads\SpotifySetup.exe
2017-10-08 08:15 - 2017-10-25 18:34 - 000000000 ____D C:\FRST
2017-09-30 11:28 - 2017-09-30 11:28 - 000001981 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2017-09-30 11:28 - 2017-09-30 11:28 - 000001969 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-10-25 18:24 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-10-25 18:24 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-10-25 18:18 - 2017-07-18 17:59 - 000004192 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{8BA9F51F-28D5-46AF-97BD-F403D23B84AA}
2017-10-25 18:17 - 2017-07-18 17:59 - 000004648 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-10-25 18:17 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-10-25 18:17 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-10-25 18:13 - 2017-07-18 17:39 - 000000000 ____D C:\Users\Jana
2017-10-25 18:13 - 2016-05-16 13:40 - 000000380 _____ C:\Users\Jana\AppData\Roaming\sp_data.sys
2017-10-24 18:53 - 2017-07-18 17:38 - 002258606 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-10-24 18:53 - 2017-03-20 06:43 - 000955454 _____ C:\WINDOWS\system32\perfh005.dat
2017-10-24 18:53 - 2017-03-20 06:43 - 000225878 _____ C:\WINDOWS\system32\perfc005.dat
2017-10-24 18:52 - 2016-02-13 15:12 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-10-24 18:48 - 2017-03-18 23:01 - 000000000 ____D C:\WINDOWS\INF
2017-10-24 18:47 - 2017-07-18 17:32 - 000217328 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-10-24 18:46 - 2017-07-18 17:59 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-10-24 18:07 - 2017-07-18 17:32 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-10-24 18:07 - 2017-03-18 13:40 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2017-10-24 18:06 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-10-24 18:06 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\Provisioning
2017-10-24 18:05 - 2017-03-18 23:03 - 000230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2017-10-24 18:05 - 2017-03-18 23:03 - 000207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2017-10-24 16:12 - 2017-03-18 22:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-10-24 15:50 - 2017-07-18 17:59 - 000004154 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1498841812
2017-10-22 10:18 - 2017-02-01 19:21 - 000000000 ____D C:\Users\Jana\AppData\Roaming\.minecraft
2017-10-22 10:17 - 2017-02-01 19:35 - 000000000 ____D C:\Users\Jana\GSplay
2017-10-22 09:52 - 2016-12-18 15:53 - 000001469 _____ C:\Users\Jana\Desktop\Roblox Player.lnk
2017-10-22 09:52 - 2016-12-18 15:52 - 000001284 _____ C:\Users\Jana\Desktop\Roblox Studio.lnk
2017-10-22 09:52 - 2016-12-18 15:52 - 000000000 ____D C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2017-10-17 14:32 - 2017-08-04 20:52 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2017-10-17 14:31 - 2017-07-18 17:59 - 000003994 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-10-17 14:31 - 2017-06-30 19:03 - 000587168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2017-10-17 14:31 - 2017-06-30 19:03 - 000363440 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2017-10-17 14:31 - 2017-06-30 19:03 - 000201352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-10-17 14:31 - 2017-06-30 19:03 - 000147776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-10-17 14:31 - 2017-06-30 19:03 - 000110376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-10-17 14:31 - 2017-06-30 19:03 - 000084416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-10-17 14:31 - 2017-06-30 19:03 - 000047008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-10-17 14:31 - 2017-06-30 18:55 - 000000000 ____D C:\ProgramData\AVAST Software
2017-10-17 14:29 - 2017-06-30 19:03 - 001020536 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2017-10-17 14:29 - 2017-06-30 19:03 - 000343288 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
2017-10-17 14:29 - 2017-06-30 19:03 - 000321032 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2017-10-17 14:29 - 2017-06-30 19:03 - 000198976 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2017-10-17 14:29 - 2017-06-30 19:03 - 000057736 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2017-10-13 15:41 - 2016-06-02 20:05 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-10-13 15:35 - 2016-06-02 20:05 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-10-13 02:21 - 2017-08-11 18:36 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-10-13 02:21 - 2017-08-11 18:36 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-10-11 19:02 - 2017-07-18 17:39 - 000000000 ____D C:\Users\DefaultAppPool
2017-10-08 22:32 - 2016-10-02 17:43 - 000000000 ____D C:\Users\Jana\AppData\Roaming\vlc
2017-10-08 11:39 - 2015-08-14 06:39 - 000002027 _____ C:\WINDOWS\system32\AutoRunFilter.ini
2017-10-08 10:41 - 2015-08-13 21:25 - 000001141 _____ C:\Users\Public\Desktop\VLC media player.lnk
2017-10-08 08:17 - 2014-10-19 17:17 - 000080197 _____ C:\Users\host\Desktop\FRST.txt
2017-10-07 22:11 - 2016-05-13 21:17 - 000000000 ____D C:\Users\Jana\AppData\Roaming\Kodi
2017-09-30 11:28 - 2017-07-18 17:59 - 000004006 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1498842471
2017-09-30 11:28 - 2017-06-30 19:08 - 000001090 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-09-30 04:10 - 2009-07-29 08:03 - 000395312 __RSH C:\bootmgr
2017-09-28 11:00 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-09-27 19:53 - 2012-02-24 13:40 - 000002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

==================== Files in the root of some directories =======

2016-05-16 13:40 - 2017-10-25 18:13 - 000000380 _____ () C:\Users\Jana\AppData\Roaming\sp_data.sys
2012-02-24 13:55 - 2010-10-06 19:45 - 000131984 _____ () C:\ProgramData\FullRemove.exe
2016-05-13 21:13 - 2016-05-13 21:13 - 000000016 _____ () C:\ProgramData\mntemp

Some files in TEMP:
====================
2017-10-12 17:59 - 2017-10-12 17:59 - 001671168 _____ (Opera Software) C:\Users\Jana\AppData\Local\Temp\Opera_installer_201710125942722.dll
2017-09-04 20:54 - 2017-09-04 20:54 - 000685568 _____ () C:\Users\Jana\AppData\Local\Temp\sqlite-3.8.2-x86-sqlitejdbc.dll
2017-10-08 10:36 - 2017-10-08 10:36 - 030950664 _____ () C:\Users\Jana\AppData\Local\Temp\vlc-2.2.6-win32.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-10-25 18:25

==================== End of FRST.txt ============================


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: Zpomaleny notebook
PříspěvekNapsal: 25 říj 2017 18:12 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 100938
Bydliště: Plzeň
Teď je to OK. Otevřte poznámkový blok a zkopírujte do něj:

Citace:
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-2566585407-4284200854-934862898-1001\...\MountPoints2: {1e781731-79bf-11e7-a5a0-3085a9014682} - "F:\Lenovo_Suite.exe"
HKU\S-1-5-21-2566585407-4284200854-934862898-1001\...\MountPoints2: {1e781768-79bf-11e7-a5a0-3085a9014682} - "F:\Lenovo_Suite.exe"
HKU\S-1-5-21-2566585407-4284200854-934862898-1001\...\MountPoints2: {1e78178e-79bf-11e7-a5a0-3085a9014682} - "F:\Lenovo_Suite.exe"
HKU\S-1-5-21-2566585407-4284200854-934862898-1001\...\MountPoints2: {1e781795-79bf-11e7-a5a0-3085a9014682} - "F:\Lenovo_Suite.exe"
HKU\S-1-5-21-2566585407-4284200854-934862898-1001\...\MountPoints2: {1e7817ac-79bf-11e7-a5a0-3085a9014682} - "F:\Lenovo_Suite.exe"
URLSearchHook: HKU\S-1-5-21-2566585407-4284200854-934862898-1001 - (No Name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No File
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2566585407-4284200854-934862898-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2566585407-4284200854-934862898-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
BHO-x32: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore => not found
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor => not found
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll [No File]
FF Plugin-x32: @mcafee.com/SAFFPlugin -> C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll [No File]
U3 idsvc; no ImagePath
C:\Users\Jana\AppData\Local\Temp

EmptyTemp:
End


Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: Zpomaleny notebook
PříspěvekNapsal: 25 říj 2017 18:26 
Offline
Vzorný návštěvník
Vzorný návštěvník

Registrován: 21 kvě 2008 10:42
Příspěvky: 121
Bydliště: Ostrava
Fix result of Farbar Recovery Scan Tool (x64) Version: 25-10-2017
Ran by Jana (25-10-2017 19:15:44) Run:1
Running from C:\Users\Jana\Desktop
Loaded Profiles: Jana (Available Profiles: Jana & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-2566585407-4284200854-934862898-1001\...\MountPoints2: {1e781731-79bf-11e7-a5a0-3085a9014682} - "F:\Lenovo_Suite.exe"
HKU\S-1-5-21-2566585407-4284200854-934862898-1001\...\MountPoints2: {1e781768-79bf-11e7-a5a0-3085a9014682} - "F:\Lenovo_Suite.exe"
HKU\S-1-5-21-2566585407-4284200854-934862898-1001\...\MountPoints2: {1e78178e-79bf-11e7-a5a0-3085a9014682} - "F:\Lenovo_Suite.exe"
HKU\S-1-5-21-2566585407-4284200854-934862898-1001\...\MountPoints2: {1e781795-79bf-11e7-a5a0-3085a9014682} - "F:\Lenovo_Suite.exe"
HKU\S-1-5-21-2566585407-4284200854-934862898-1001\...\MountPoints2: {1e7817ac-79bf-11e7-a5a0-3085a9014682} - "F:\Lenovo_Suite.exe"
URLSearchHook: HKU\S-1-5-21-2566585407-4284200854-934862898-1001 - (No Name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No File
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2566585407-4284200854-934862898-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2566585407-4284200854-934862898-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
BHO-x32: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore => not found
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor => not found
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll [No File]
FF Plugin-x32: @mcafee.com/SAFFPlugin -> C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll [No File]
U3 idsvc; no ImagePath
C:\Users\Jana\AppData\Local\Temp

EmptyTemp:
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
HKU\S-1-5-21-2566585407-4284200854-934862898-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1e781731-79bf-11e7-a5a0-3085a9014682} => key removed successfully
HKLM\Software\Classes\CLSID\{1e781731-79bf-11e7-a5a0-3085a9014682} => key not found.
HKU\S-1-5-21-2566585407-4284200854-934862898-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1e781768-79bf-11e7-a5a0-3085a9014682} => key removed successfully
HKLM\Software\Classes\CLSID\{1e781768-79bf-11e7-a5a0-3085a9014682} => key not found.
HKU\S-1-5-21-2566585407-4284200854-934862898-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1e78178e-79bf-11e7-a5a0-3085a9014682} => key removed successfully
HKLM\Software\Classes\CLSID\{1e78178e-79bf-11e7-a5a0-3085a9014682} => key not found.
HKU\S-1-5-21-2566585407-4284200854-934862898-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1e781795-79bf-11e7-a5a0-3085a9014682} => key removed successfully
HKLM\Software\Classes\CLSID\{1e781795-79bf-11e7-a5a0-3085a9014682} => key not found.
HKU\S-1-5-21-2566585407-4284200854-934862898-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1e7817ac-79bf-11e7-a5a0-3085a9014682} => key removed successfully
HKLM\Software\Classes\CLSID\{1e7817ac-79bf-11e7-a5a0-3085a9014682} => key not found.
HKU\S-1-5-21-2566585407-4284200854-934862898-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} => value removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKU\S-1-5-21-2566585407-4284200854-934862898-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-2566585407-4284200854-934862898-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} => key removed successfully
HKLM\Software\Classes\CLSID\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} => key removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} => key not found.
HKLM\Software\Classes\PROTOCOLS\Handler\dssrequest => key removed successfully
HKLM\Software\Classes\CLSID\{5513F07E-936B-4E52-9B00-067394E91CC5} => key not found.
HKLM\Software\Classes\PROTOCOLS\Handler\sacore => key removed successfully
HKLM\Software\Classes\CLSID\{5513F07E-936B-4E52-9B00-067394E91CC5} => key not found.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60} => value removed successfully
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92} => value removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer => key removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@mcafee.com/SAFFPlugin => key removed successfully
HKLM\System\CurrentControlSet\Services\idsvc => key removed successfully
idsvc => service removed successfully
C:\Users\Jana\AppData\Local\Temp => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8151040 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 129695051 B
Java, Flash, Steam htmlcache => 937 B
Windows/system/drivers => 2289132 B
Edge => 1156952 B
Chrome => 803121033 B
Firefox => 0 B
Opera => 62995410 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 28986 B
NetworkService => 455854 B
Jana => 66833985 B
DefaultAppPool => 0 B

RecycleBin => 281595460 B
EmptyTemp: => 1.3 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:17:09 ====


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: Zpomaleny notebook
PříspěvekNapsal: 25 říj 2017 19:08 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 100938
Bydliště: Plzeň
Smazáno. Nastala nějaká změna?

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
Odpovědět s citací  
Zobrazit příspěvky za předchozí:  Seřadit podle  
Odeslat nové téma Odpovědět na téma  [ Příspěvků: 11 ] 

Všechny časy jsou v UTC + 1 hodina


Kdo je online

Uživatelé procházející toto fórum: Žádní registrovaní uživatelé


Nemůžete zakládat nová témata v tomto fóru
Nemůžete odpovídat v tomto fóru
Nemůžete upravovat své příspěvky v tomto fóru
Nemůžete mazat své příspěvky v tomto fóru
Nemůžete přikládat soubory v tomto fóru

Hledat:
Přejít na:  
Založeno na phpBB® Forum Software © phpBB Group
Český překlad – phpBB.cz
Přispějete na provoz fóra?
>