Pomalý počítač. Prosím o pomc

[kuba7710]

Prosím o Vaši pomoc. Mám podezření na nějaký malware a nedokáži si s tím poradit.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19.08.2018 02
Ran by aneta (administrator) on ANETA (20-08-2018 18:08:24)
Running from C:\Users\aneta\Desktop
Loaded Profiles: aneta (Available Profiles: aneta)
Platform: Windows 10 Home Version 1803 17134.228 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfemms.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfefire.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.0_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files (x86)\WebcamMax\wcmmon.exe
(Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Microsoft Corporation) C:\Users\aneta\AppData\Local\Microsoft\OneDrive\18.131.0701.0007\FileCoAuth.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc.) C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSPanel.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Opera Software) C:\Program Files (x86)\Opera\50.0.2762.67\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\50.0.2762.67\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\50.0.2762.67\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\50.0.2762.67\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\50.0.2762.67\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\50.0.2762.67\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\50.0.2762.67\opera.exe
(forum.viry.cz) C:\Users\aneta\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-08-07] (AVAST Software)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [297784 2017-09-11] (Apple Inc.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe [63296 2014-08-20] ()
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-4254045699-3438346022-453864041-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-4254045699-3438346022-453864041-1001\...\Run: [WebcamMaxAutoRun] => C:\Program Files (x86)\WebcamMax\wcmmon.exe [1038848 2011-07-17] ()
HKU\S-1-5-21-4254045699-3438346022-453864041-1001\...\Run: [EPSON Stylus SX400 Series] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIEGE.EXE [221696 2007-12-17] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-4254045699-3438346022-453864041-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32973712 2018-07-26] (Epic Games, Inc.)
HKU\S-1-5-21-4254045699-3438346022-453864041-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-06-26] (Apple Inc.)
HKU\S-1-5-21-4254045699-3438346022-453864041-1001\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [68408 2018-06-26] (Apple Inc.)
HKU\S-1-5-21-4254045699-3438346022-453864041-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2018-06-26] (Apple Inc.)
HKU\S-1-5-21-4254045699-3438346022-453864041-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2018-06-26] (Apple Inc.)
HKU\S-1-5-21-4254045699-3438346022-453864041-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2018-06-26] (Apple Inc.)
HKU\S-1-5-21-4254045699-3438346022-453864041-1001\...\MountPoints2: F - "F:\SETUP.EXE"
HKU\S-1-5-21-4254045699-3438346022-453864041-1001\...\MountPoints2: {a021c577-526f-11e5-8262-acb57dd8a8be} - "F:\SETUP.EXE"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-10-31]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4d75ab95-09f5-4dca-92e6-e74db3a4d1df}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9569b113-e9ba-41e1-a76e-1645270a1867}: [DhcpNameServer] 195.113.44.11 195.113.0.2

Internet Explorer:
==================
HKU\S-1-5-21-4254045699-3438346022-453864041-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-4254045699-3438346022-453864041-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-02] (Google Inc.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-02] (Google Inc.)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-02] (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-02] (Google Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\mcafee\msc\mcsniepl.dll No File

FireFox:
========
FF DefaultProfile: p6w2461c.default
FF ProfilePath: C:\Users\aneta\AppData\Roaming\Mozilla\Firefox\Profiles\p6w2461c.default [2018-04-05]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\NPMCSN~1.DLL [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-01-06] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\mcafee\msc\NPMCSN~1.DLL [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-12] (Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default [2018-08-19]
CHR Extension: (Prezentace) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-15]
CHR Extension: (Dokumenty) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-15]
CHR Extension: (Disk Google) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-26]
CHR Extension: (YouTube) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-05]
CHR Extension: (Vyhledávání Google) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Avast Online Security (BETA)) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\daanglpcpkjjlkhcbladppjphglbigam [2018-08-19]
CHR Extension: (Plná Peněženka Lištička) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecmgkhgjmodembdmiimbacpjgcdimiek [2018-03-11]
CHR Extension: (Tabulky) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-07-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Gmail) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-03]
CHR Extension: (Chrome Media Router) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-05]
CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

Opera:
=======
OPR Extension: (Adblock Plus) - C:\Users\aneta\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2018-08-20]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-09-07] (Apple Inc.)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe [71168 2014-08-20] (ASUS Cloud Corporation) [File not signed]
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7780400 2018-08-07] (AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-08-07] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6875688 2018-07-09] ()
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [780928 2018-05-10] (EasyAntiCheat Ltd)
R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1037568 2014-09-18] (Intel Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [333688 2018-06-13] (HP Inc.)
R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-26] (HP Inc.)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373728 2016-11-30] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2015-01-06] (Intel Corporation)
S2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.6.1008.0\McCSPServiceHost.exe [1694152 2015-07-23] (McAfee, Inc.)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232656 2015-06-29] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [373704 2015-07-15] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [254792 2015-06-29] (McAfee, Inc.)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [106904 2018-08-03] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [197160 2018-08-07] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [229392 2018-08-07] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [201328 2018-08-07] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [346664 2018-08-07] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [59592 2018-08-07] (AVAST Software)
S3 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15360 2018-08-07] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [239680 2018-08-07] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46976 2018-08-07] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [159640 2018-08-07] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111872 2018-08-07] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [85968 2018-08-07] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1027728 2018-08-07] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [467064 2018-08-07] (AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [211160 2018-08-07] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [381584 2018-08-07] (AVAST Software)
R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [98296 2015-12-14] (ASUS Corporation)
S3 cfwids; C:\WINDOWS\system32\drivers\cfwids.sys [77536 2015-07-02] (McAfee, Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [38720 2014-09-18] (Intel Corporation)
R3 dptf_pch; C:\WINDOWS\System32\drivers\dptf_pch.sys [38208 2014-09-18] (Intel Corporation)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2015-09-08] (Disc Soft Ltd)
R3 esif_lf; C:\WINDOWS\System32\drivers\esif_lf.sys [216360 2014-09-18] (Intel Corporation)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.)
R0 IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [79016 2014-08-26] (Intel Corporation)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [129312 2015-01-06] (Intel Corporation)
R3 mfeaack; C:\WINDOWS\system32\drivers\mfeaack.sys [412440 2015-07-02] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [347800 2015-07-02] (McAfee, Inc.)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [80920 2015-07-02] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\system32\drivers\mfefirek.sys [496888 2015-07-02] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [875928 2015-07-02] (McAfee, Inc.)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [529080 2015-06-28] (McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [109728 2015-06-28] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [344704 2015-07-02] (McAfee, Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvlddmkm.sys [13754936 2016-09-12] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [895256 2015-07-08] (Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [428032 2017-02-16] (Realsil Semiconductor Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
R2 WCMVCAM; C:\WINDOWS\system32\DRIVERS\wcmvcam64.sys [1071032 2012-04-15] (Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-08-20 18:08 - 2018-08-20 18:09 - 000025117 _____ C:\Users\aneta\Desktop\FRST.txt
2018-08-20 18:02 - 2018-08-20 18:08 - 000000000 ____D C:\FRST
2018-08-20 18:00 - 2018-08-20 18:00 - 000112640 _____ (forum.viry.cz) C:\Users\aneta\Desktop\FRSTLauncher (1).exe
2018-08-20 17:58 - 2018-08-20 17:58 - 000112640 _____ (forum.viry.cz) C:\Users\aneta\Desktop\FRSTLauncher.exe
2018-08-20 17:57 - 2018-08-20 17:57 - 000112640 _____ (forum.viry.cz) C:\Users\aneta\Downloads\FRSTLauncher.exe
2018-08-20 17:50 - 2018-08-20 17:50 - 002413056 _____ (Farbar) C:\Users\aneta\Desktop\FRST64.exe
2018-08-19 14:11 - 2018-08-19 14:11 - 000000000 ___HD C:\OneDriveTemp
2018-08-16 22:29 - 2018-08-16 22:29 - 000000000 _____ C:\WINDOWS\SysWOW64\last.dump
2018-08-14 21:16 - 2018-08-03 10:39 - 021389368 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-08-14 21:16 - 2018-08-03 05:39 - 009091480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-08-14 21:16 - 2018-08-03 05:39 - 007519992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-08-14 21:16 - 2018-08-03 05:39 - 007436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-08-14 21:16 - 2018-08-03 05:25 - 006568784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-08-14 21:16 - 2018-08-03 05:23 - 025846784 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-08-14 21:16 - 2018-08-03 05:18 - 022714880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-08-14 21:16 - 2018-08-03 05:18 - 022007808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-08-14 21:16 - 2018-08-03 05:09 - 004615680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-08-14 21:16 - 2018-08-03 05:06 - 004191232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-08-14 21:16 - 2018-07-14 08:46 - 023862784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-08-14 21:16 - 2018-07-14 08:42 - 019525632 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-08-14 21:15 - 2018-08-03 10:22 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2018-08-14 21:15 - 2018-08-03 10:21 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-08-14 21:15 - 2018-08-03 10:21 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2018-08-14 21:15 - 2018-08-03 10:20 - 004049408 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2018-08-14 21:15 - 2018-08-03 10:20 - 003652608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-08-14 21:15 - 2018-08-03 10:19 - 001661440 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2018-08-14 21:15 - 2018-08-03 09:45 - 000663128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-08-14 21:15 - 2018-08-03 09:43 - 020383720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-08-14 21:15 - 2018-08-03 09:29 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2018-08-14 21:15 - 2018-08-03 09:28 - 002895360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-08-14 21:15 - 2018-08-03 09:27 - 004050432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2018-08-14 21:15 - 2018-08-03 09:27 - 001469952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2018-08-14 21:15 - 2018-08-03 05:47 - 001034624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-08-14 21:15 - 2018-08-03 05:46 - 000272296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-08-14 21:15 - 2018-08-03 05:46 - 000269248 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-08-14 21:15 - 2018-08-03 05:41 - 000568600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-08-14 21:15 - 2018-08-03 05:40 - 001221048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-08-14 21:15 - 2018-08-03 05:40 - 001030952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-08-14 21:15 - 2018-08-03 05:39 - 002829216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-08-14 21:15 - 2018-08-03 05:39 - 001457136 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-08-14 21:15 - 2018-08-03 05:39 - 000692240 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2018-08-14 21:15 - 2018-08-03 05:38 - 002765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-08-14 21:15 - 2018-08-03 05:38 - 001945792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-08-14 21:15 - 2018-08-03 05:38 - 001285536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-08-14 21:15 - 2018-08-03 05:38 - 001258288 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-08-14 21:15 - 2018-08-03 05:38 - 001140576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-08-14 21:15 - 2018-08-03 05:38 - 001097648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-08-14 21:15 - 2018-08-03 05:38 - 000983016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-08-14 21:15 - 2018-08-03 05:38 - 000713368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-08-14 21:15 - 2018-08-03 05:38 - 000604576 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-08-14 21:15 - 2018-08-03 05:26 - 006043600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-08-14 21:15 - 2018-08-03 05:25 - 002255008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-08-14 21:15 - 2018-08-03 05:25 - 001622296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-08-14 21:15 - 2018-08-03 05:25 - 001131064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-08-14 21:15 - 2018-08-03 05:25 - 000583120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-08-14 21:15 - 2018-08-03 05:25 - 000539168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2018-08-14 21:15 - 2018-08-03 05:17 - 004380160 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-08-14 21:15 - 2018-08-03 05:15 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-08-14 21:15 - 2018-08-03 05:14 - 004867584 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-08-14 21:15 - 2018-08-03 05:13 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-08-14 21:15 - 2018-08-03 05:13 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-08-14 21:15 - 2018-08-03 05:13 - 003395072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-08-14 21:15 - 2018-08-03 05:12 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-08-14 21:15 - 2018-08-03 05:12 - 002738688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-08-14 21:15 - 2018-08-03 05:12 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-08-14 21:15 - 2018-08-03 05:11 - 007577088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-08-14 21:15 - 2018-08-03 05:11 - 003712000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-08-14 21:15 - 2018-08-03 05:11 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-08-14 21:15 - 2018-08-03 05:11 - 002172928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-08-14 21:15 - 2018-08-03 05:11 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2018-08-14 21:15 - 2018-08-03 05:11 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-08-14 21:15 - 2018-08-03 05:11 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-08-14 21:15 - 2018-08-03 05:10 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-08-14 21:15 - 2018-08-03 05:09 - 005776896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-08-14 21:15 - 2018-08-03 05:09 - 001932288 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeangle.dll
2018-08-14 21:15 - 2018-08-03 05:09 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-08-14 21:15 - 2018-08-03 05:09 - 001550848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-08-14 21:15 - 2018-08-03 05:09 - 001395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-08-14 21:15 - 2018-08-03 05:09 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-08-14 21:15 - 2018-08-03 05:09 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-08-14 21:15 - 2018-08-03 05:08 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2018-08-14 21:15 - 2018-08-03 05:08 - 002236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-08-14 21:15 - 2018-08-03 05:08 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-08-14 21:15 - 2018-08-03 05:08 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-08-14 21:15 - 2018-08-03 05:08 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-08-14 21:15 - 2018-08-03 05:08 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-08-14 21:15 - 2018-08-03 05:07 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-08-14 21:15 - 2018-08-03 05:06 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-08-14 21:15 - 2018-08-03 05:06 - 000856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-08-14 21:15 - 2018-08-03 05:06 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-08-14 21:15 - 2018-08-03 05:05 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-08-14 21:15 - 2018-08-03 05:05 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-08-14 21:15 - 2018-07-15 02:56 - 001523240 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-08-14 21:15 - 2018-07-15 02:44 - 006587392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-08-14 21:15 - 2018-07-15 02:43 - 012710400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-08-14 21:15 - 2018-07-15 02:42 - 008624128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-08-14 21:15 - 2018-07-15 02:42 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-08-14 21:15 - 2018-07-15 02:39 - 001787392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2018-08-14 21:15 - 2018-07-15 02:39 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2018-08-14 21:15 - 2018-07-15 02:38 - 002051584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2018-08-14 21:15 - 2018-07-15 02:38 - 001180160 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2018-08-14 21:15 - 2018-07-15 02:38 - 001004032 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2018-08-14 21:15 - 2018-07-15 01:28 - 001327424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-08-14 21:15 - 2018-07-15 01:18 - 005657600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-08-14 21:15 - 2018-07-15 01:17 - 011901440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-08-14 21:15 - 2018-07-15 01:15 - 007987712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2018-08-14 21:15 - 2018-07-15 01:13 - 001452544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2018-08-14 21:15 - 2018-07-15 01:13 - 001308160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2018-08-14 21:15 - 2018-07-14 06:23 - 000760888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2018-08-14 21:15 - 2018-07-14 06:22 - 006813744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2018-08-14 21:15 - 2018-07-14 06:22 - 001144664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2018-08-14 21:15 - 2018-07-14 06:22 - 000510392 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2018-08-14 21:15 - 2018-07-14 06:22 - 000203560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2018-08-14 21:15 - 2018-07-14 06:21 - 000722824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-08-14 21:15 - 2018-07-14 06:20 - 000184472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2018-08-14 21:15 - 2018-07-14 06:19 - 002535032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2018-08-14 21:15 - 2018-07-14 06:19 - 001946752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-08-14 21:15 - 2018-07-14 06:19 - 000981920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2018-08-14 21:15 - 2018-07-14 06:19 - 000483024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-08-14 21:15 - 2018-07-14 06:18 - 002563984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-08-14 21:15 - 2018-07-14 06:18 - 002371416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-08-14 21:15 - 2018-07-14 06:18 - 001017584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-08-14 21:15 - 2018-07-14 06:18 - 000930712 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2018-08-14 21:15 - 2018-07-14 06:18 - 000613176 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2018-08-14 21:15 - 2018-07-14 06:18 - 000443216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2018-08-14 21:15 - 2018-07-14 06:17 - 006527056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2018-08-14 21:15 - 2018-07-14 06:17 - 002420632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-08-14 21:15 - 2018-07-14 06:17 - 000743320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2018-08-14 21:15 - 2018-07-14 06:16 - 002331576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-08-14 21:15 - 2018-07-14 06:16 - 001143096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2018-08-14 21:15 - 2018-07-14 06:16 - 000506728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2018-08-14 21:15 - 2018-07-14 06:15 - 001559368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-08-14 21:15 - 2018-07-14 06:15 - 001174552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-08-14 21:15 - 2018-07-14 06:15 - 000829856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2018-08-14 21:15 - 2018-07-14 06:01 - 006647296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2018-08-14 21:15 - 2018-07-14 05:59 - 009084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2018-08-14 21:15 - 2018-07-14 05:59 - 005883392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2018-08-14 21:15 - 2018-07-14 05:59 - 003553280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2018-08-14 21:15 - 2018-07-14 05:57 - 007057920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2018-08-14 21:15 - 2018-07-14 05:57 - 004331008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-08-14 21:15 - 2018-07-14 05:57 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-08-14 21:15 - 2018-07-14 05:56 - 004559872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-08-14 21:15 - 2018-07-14 05:56 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-08-14 21:15 - 2018-07-14 05:56 - 002697216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Controls.dll
2018-08-14 21:15 - 2018-07-14 05:56 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2018-08-14 21:15 - 2018-07-14 05:56 - 001986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2018-08-14 21:15 - 2018-07-14 05:56 - 001558016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2018-08-14 21:15 - 2018-07-14 05:55 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-08-14 21:15 - 2018-07-14 05:55 - 000993792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2018-08-14 21:15 - 2018-07-14 05:55 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2018-08-14 21:15 - 2018-07-14 05:55 - 000282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2018-08-14 21:15 - 2018-07-14 05:54 - 003319808 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-08-14 21:15 - 2018-07-14 05:54 - 002825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2018-08-14 21:15 - 2018-07-14 05:54 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-08-14 21:15 - 2018-07-14 05:54 - 001537024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2018-08-14 21:15 - 2018-07-14 05:54 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-08-14 21:15 - 2018-07-14 05:54 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2018-08-14 21:15 - 2018-07-14 05:53 - 004770816 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2018-08-14 21:15 - 2018-07-14 05:53 - 003381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2018-08-14 21:15 - 2018-07-14 05:53 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-08-14 21:15 - 2018-07-14 05:53 - 001825792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2018-08-14 21:15 - 2018-07-14 05:53 - 001668096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2018-08-14 21:15 - 2018-07-14 05:53 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2018-08-14 21:15 - 2018-07-14 05:53 - 000681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgrSvc.dll
2018-08-14 21:15 - 2018-07-14 05:53 - 000566272 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-08-14 21:15 - 2018-07-14 05:53 - 000396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2018-08-14 21:15 - 2018-07-14 05:52 - 000790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2018-08-14 21:15 - 2018-07-14 05:52 - 000506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2018-08-14 21:15 - 2018-07-14 05:51 - 003376640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2018-08-14 21:15 - 2018-07-14 05:51 - 002904576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-08-14 21:15 - 2018-07-14 05:51 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-08-14 21:15 - 2018-07-14 05:51 - 001747968 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2018-08-14 21:15 - 2018-07-14 05:51 - 001304064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2018-08-14 21:15 - 2018-07-14 05:50 - 001773056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2018-08-14 21:15 - 2018-07-14 05:50 - 001457664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-08-14 21:15 - 2018-07-14 05:50 - 001359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
2018-08-14 21:15 - 2018-07-14 05:50 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2018-08-14 21:15 - 2018-07-14 05:50 - 000949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2018-08-14 21:15 - 2018-07-14 05:50 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2018-08-14 21:15 - 2018-07-14 05:50 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2018-08-14 21:15 - 2018-07-14 05:49 - 001069568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2018-08-14 21:15 - 2018-07-14 05:49 - 000884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2018-08-14 21:14 - 2018-08-03 10:39 - 000790304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-08-14 21:14 - 2018-08-03 10:25 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-08-14 21:14 - 2018-08-03 10:25 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-08-14 21:14 - 2018-08-03 10:24 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2018-08-14 21:14 - 2018-08-03 10:24 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2018-08-14 21:14 - 2018-08-03 10:24 - 000046592 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2018-08-14 21:14 - 2018-08-03 10:21 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2018-08-14 21:14 - 2018-08-03 10:21 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-08-14 21:14 - 2018-08-03 10:20 - 000134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2018-08-14 21:14 - 2018-08-03 09:33 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2018-08-14 21:14 - 2018-08-03 09:33 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2018-08-14 21:14 - 2018-08-03 09:32 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2018-08-14 21:14 - 2018-08-03 09:30 - 000099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2018-08-14 21:14 - 2018-08-03 09:29 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-08-14 21:14 - 2018-08-03 07:41 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-08-14 21:14 - 2018-08-03 06:49 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-08-14 21:14 - 2018-08-03 05:47 - 000128920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys
2018-08-14 21:14 - 2018-08-03 05:41 - 000077608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-08-14 21:14 - 2018-08-03 05:41 - 000061736 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvhostsvc.dll
2018-08-14 21:14 - 2018-08-03 05:40 - 001064744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-08-14 21:14 - 2018-08-03 05:40 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2018-08-14 21:14 - 2018-08-03 05:40 - 000228136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ucx01000.sys
2018-08-14 21:14 - 2018-08-03 05:40 - 000136488 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-08-14 21:14 - 2018-08-03 05:40 - 000072800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2018-08-14 21:14 - 2018-08-03 05:39 - 000709824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-08-14 21:14 - 2018-08-03 05:39 - 000170936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-08-14 21:14 - 2018-08-03 05:39 - 000114080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2018-08-14 21:14 - 2018-08-03 05:39 - 000075160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys
2018-08-14 21:14 - 2018-08-03 05:39 - 000031648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhv.sys
2018-08-14 21:14 - 2018-08-03 05:38 - 000885856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-08-14 21:14 - 2018-08-03 05:38 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2018-08-14 21:14 - 2018-08-03 05:38 - 000115640 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2018-08-14 21:14 - 2018-08-03 05:27 - 000061032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2018-08-14 21:14 - 2018-08-03 05:25 - 000568568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-08-14 21:14 - 2018-08-03 05:17 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmgid.sys
2018-08-14 21:14 - 2018-08-03 05:16 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-08-14 21:14 - 2018-08-03 05:16 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2018-08-14 21:14 - 2018-08-03 05:15 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2018-08-14 21:14 - 2018-08-03 05:14 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2018-08-14 21:14 - 2018-08-03 05:14 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-08-14 21:14 - 2018-08-03 05:14 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSAssessment.dll
2018-08-14 21:14 - 2018-08-03 05:13 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2018-08-14 21:14 - 2018-08-03 05:13 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-08-14 21:14 - 2018-08-03 05:12 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2018-08-14 21:14 - 2018-08-03 05:12 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-08-14 21:14 - 2018-08-03 05:12 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2018-08-14 21:14 - 2018-08-03 05:11 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-08-14 21:14 - 2018-08-03 05:10 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2018-08-14 21:14 - 2018-08-03 05:09 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-08-14 21:14 - 2018-08-03 05:08 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-08-14 21:14 - 2018-08-03 05:08 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2018-08-14 21:14 - 2018-08-03 05:08 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-08-14 21:14 - 2018-08-03 05:08 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-08-14 21:14 - 2018-08-03 05:08 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-08-14 21:14 - 2018-08-03 05:07 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-08-14 21:14 - 2018-08-03 05:07 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2018-08-14 21:14 - 2018-08-03 05:07 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-08-14 21:14 - 2018-08-03 05:06 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-08-14 21:14 - 2018-08-03 05:06 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-08-14 21:14 - 2018-08-03 05:05 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2018-08-14 21:14 - 2018-08-03 05:04 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-08-14 21:14 - 2018-08-03 03:54 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2018-08-14 21:14 - 2018-07-15 02:58 - 000094112 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2018-08-14 21:14 - 2018-07-15 02:44 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2018-08-14 21:14 - 2018-07-15 02:41 - 000169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.XamlHost.dll
2018-08-14 21:14 - 2018-07-15 02:41 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2018-08-14 21:14 - 2018-07-15 02:38 - 000615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2018-08-14 21:14 - 2018-07-15 02:36 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2018-08-14 21:14 - 2018-07-15 01:14 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.XamlHost.dll
2018-08-14 21:14 - 2018-07-15 01:13 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2018-08-14 21:14 - 2018-07-15 01:13 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2018-08-14 21:14 - 2018-07-15 01:11 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2018-08-14 21:14 - 2018-07-14 06:37 - 000375712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-08-14 21:14 - 2018-07-14 06:37 - 000230304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2018-08-14 21:14 - 2018-07-14 06:21 - 000192920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2018-08-14 21:14 - 2018-07-14 06:19 - 000636944 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2018-08-14 21:14 - 2018-07-14 06:18 - 000376216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2018-08-14 21:14 - 2018-07-14 05:58 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2018-08-14 21:14 - 2018-07-14 05:58 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2018-08-14 21:14 - 2018-07-14 05:58 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-08-14 21:14 - 2018-07-14 05:57 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2018-08-14 21:14 - 2018-07-14 05:56 - 001703936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Controls.dll
2018-08-14 21:14 - 2018-07-14 05:56 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2018-08-14 21:14 - 2018-07-14 05:56 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2018-08-14 21:14 - 2018-07-14 05:56 - 000257536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2018-08-14 21:14 - 2018-07-14 05:56 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\raschap.dll
2018-08-14 21:14 - 2018-07-14 05:56 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgr.dll
2018-08-14 21:14 - 2018-07-14 05:55 - 001124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
2018-08-14 21:14 - 2018-07-14 05:55 - 000582144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2018-08-14 21:14 - 2018-07-14 05:55 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2018-08-14 21:14 - 2018-07-14 05:55 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2018-08-14 21:14 - 2018-07-14 05:55 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2018-08-14 21:14 - 2018-07-14 05:55 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2018-08-14 21:14 - 2018-07-14 05:55 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2018-08-14 21:14 - 2018-07-14 05:55 - 000205312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreCommonProxyStub.dll
2018-08-14 21:14 - 2018-07-14 05:55 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2018-08-14 21:14 - 2018-07-14 05:55 - 000185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2018-08-14 21:14 - 2018-07-14 05:55 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\datamarketsvc.dll
2018-08-14 21:14 - 2018-07-14 05:55 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2018-08-14 21:14 - 2018-07-14 05:55 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\EASPolicyManagerBrokerHost.exe
2018-08-14 21:14 - 2018-07-14 05:55 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-08-14 21:14 - 2018-07-14 05:54 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2018-08-14 21:14 - 2018-07-14 05:54 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2018-08-14 21:14 - 2018-07-14 05:54 - 000603648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2018-08-14 21:14 - 2018-07-14 05:54 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2018-08-14 21:14 - 2018-07-14 05:54 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2018-08-14 21:14 - 2018-07-14 05:54 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2018-08-14 21:14 - 2018-07-14 05:54 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2018-08-14 21:14 - 2018-07-14 05:54 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2018-08-14 21:14 - 2018-07-14 05:54 - 000262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\PushToInstall.dll
2018-08-14 21:14 - 2018-07-14 05:54 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\raschap.dll
2018-08-14 21:14 - 2018-07-14 05:54 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\EasPolicyManagerBrokerPS.dll
2018-08-14 21:14 - 2018-07-14 05:53 - 000705024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2018-08-14 21:14 - 2018-07-14 05:53 - 000450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreCommonProxyStub.dll
2018-08-14 21:14 - 2018-07-14 05:53 - 000220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2018-08-14 21:14 - 2018-07-14 05:52 - 000972800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2018-08-14 21:14 - 2018-07-14 05:52 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2018-08-14 21:14 - 2018-07-14 05:52 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2018-08-14 21:14 - 2018-07-14 05:51 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2018-08-14 21:14 - 2018-07-14 05:51 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-08-14 21:14 - 2018-07-14 05:50 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-08-14 21:14 - 2018-07-14 05:50 - 000522752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2018-08-14 21:14 - 2018-07-14 05:50 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-08-14 21:14 - 2018-07-13 06:30 - 002718624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-08-08 20:15 - 2018-08-19 14:12 - 000000000 ____D C:\Users\aneta\AppData\Local\CrashDumps
2018-08-08 18:41 - 2018-08-19 14:11 - 000000000 ___RD C:\Users\aneta\iCloudDrive
2018-08-08 18:41 - 2018-08-08 18:41 - 000000000 ____D C:\Users\aneta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iCloud
2018-08-08 18:41 - 2018-08-08 18:41 - 000000000 ____D C:\Users\aneta\AppData\Local\Apple Inc
2018-08-08 18:31 - 2018-08-08 18:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2018-08-08 18:28 - 2018-08-08 20:42 - 000000000 ____D C:\Users\aneta\Desktop\fotky - tisk
2018-08-08 18:28 - 2018-08-08 18:28 - 000000000 ____D C:\WINDOWS\System32\Tasks\Apple
2018-08-08 18:28 - 2018-08-08 18:28 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
2018-08-08 18:17 - 2018-08-08 18:23 - 160398136 _____ (Apple Inc.) C:\Users\aneta\Downloads\iCloudSetup.exe
2018-08-07 11:24 - 2018-08-07 11:21 - 000015360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2018-08-07 11:22 - 2018-08-07 11:21 - 000378072 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2018-07-30 21:07 - 2018-07-30 21:08 - 020013056 _____ C:\Users\aneta\Downloads\Mikroskopická anatomie 10 - Žlázy s vnitřní sekrecí.ppt
2018-07-30 21:01 - 2018-07-30 21:01 - 001520649 _____ C:\Users\aneta\Downloads\Samoléčba gynekologických zánětů.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-08-20 18:05 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-08-20 17:55 - 2018-04-05 17:16 - 000002500 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2018-08-20 17:55 - 2018-04-05 17:16 - 000002465 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2018-08-20 17:52 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-08-20 17:52 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-08-20 17:42 - 2018-06-23 16:12 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-08-20 17:40 - 2018-06-23 15:37 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-08-19 14:13 - 2018-06-23 15:54 - 001689050 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-08-19 14:13 - 2018-04-12 17:50 - 000717712 _____ C:\WINDOWS\system32\perfh005.dat
2018-08-19 14:13 - 2018-04-12 17:50 - 000144954 _____ C:\WINDOWS\system32\perfc005.dat
2018-08-19 14:13 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2018-08-19 14:11 - 2015-09-02 21:21 - 000000000 ___RD C:\Users\aneta\OneDrive
2018-08-19 14:06 - 2018-06-23 16:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-08-19 14:06 - 2017-10-18 17:54 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-08-19 14:06 - 2015-09-02 21:16 - 000000000 __SHD C:\Users\aneta\IntelGraphicsProfiles
2018-08-19 14:05 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-08-19 00:28 - 2017-11-06 21:36 - 000000000 ____D C:\Users\aneta\AppData\Roaming\TS3Client
2018-08-19 00:27 - 2018-06-23 16:12 - 000003400 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-08-19 00:27 - 2018-06-23 16:12 - 000003176 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-08-19 00:27 - 2018-06-23 16:12 - 000002856 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4254045699-3438346022-453864041-1001
2018-08-19 00:27 - 2018-06-23 16:12 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2018-08-18 20:20 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-08-15 18:45 - 2017-12-31 01:37 - 000000000 ___RD C:\Users\aneta\3D Objects
2018-08-15 18:45 - 2015-02-14 11:27 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-08-15 18:43 - 2018-06-23 15:37 - 000332144 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2018-08-14 22:59 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-08-14 22:59 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\UNP
2018-08-14 22:59 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-08-14 22:59 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2018-08-14 22:59 - 2018-04-12 01:38 - 000000000 ___RD C:\WINDOWS\PrintDialog
2018-08-14 22:59 - 2018-04-12 01:38 - 000000000 ___RD C:\Program Files\Windows Defender
2018-08-14 22:59 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-08-14 22:59 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2018-08-14 22:59 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-08-14 22:59 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-08-14 22:59 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2018-08-14 21:32 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-08-14 21:13 - 2015-09-13 01:22 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-08-14 21:01 - 2015-09-13 01:22 - 137343192 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-08-13 18:54 - 2018-04-05 17:14 - 000000000 ____D C:\Users\aneta\AppData\Local\AVAST Software
2018-08-12 20:08 - 2018-06-04 21:20 - 000000344 _____ C:\WINDOWS\Tasks\HPCeeScheduleForaneta.job
2018-08-11 19:02 - 2015-09-03 21:06 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-08-11 19:02 - 2015-09-03 21:06 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-08-11 18:26 - 2018-06-23 15:44 - 000002426 _____ C:\Users\aneta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-08-08 18:53 - 2016-06-15 11:14 - 000000000 ____D C:\Users\aneta\AppData\Roaming\Apple Computer
2018-08-08 18:41 - 2018-06-23 15:44 - 000000000 ____D C:\Users\aneta
2018-08-08 18:38 - 2018-04-11 23:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-08-08 18:31 - 2016-06-15 11:14 - 000000000 ____D C:\Users\aneta\AppData\Local\Apple Computer
2018-08-08 18:30 - 2016-06-15 11:10 - 000000000 ____D C:\Program Files\Common Files\Apple
2018-08-08 18:28 - 2016-06-15 11:12 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2018-08-07 12:44 - 2015-09-03 20:35 - 000467064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-08-07 11:22 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-08-07 11:21 - 2017-12-05 15:40 - 000197160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-08-07 11:21 - 2015-09-03 20:35 - 000381584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-08-07 11:21 - 2015-09-03 20:35 - 000211160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-08-07 11:21 - 2015-09-03 20:35 - 000159640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-08-07 11:21 - 2015-09-03 20:35 - 000111872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-08-07 11:21 - 2015-09-03 20:35 - 000085968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-08-07 11:21 - 2015-09-03 20:35 - 000046976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-08-07 11:16 - 2015-09-03 20:35 - 001027728 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-08-07 11:15 - 2018-01-06 15:38 - 000239680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-08-07 11:15 - 2017-02-11 08:27 - 000346664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbloga.sys
2018-08-07 11:15 - 2017-02-11 08:27 - 000229392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2018-08-07 11:15 - 2017-02-11 08:27 - 000201328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2018-08-07 11:15 - 2017-02-11 08:27 - 000059592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2018-08-06 17:19 - 2018-07-11 21:36 - 000836480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-08-06 17:19 - 2018-07-11 21:36 - 000181120 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-08-02 20:49 - 2018-06-23 16:45 - 000000000 ____D C:\ProgramData\Packages
2018-07-30 20:03 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\NDF

==================== Files in the root of some directories =======

2015-09-02 21:19 - 2018-02-23 21:50 - 000000165 _____ () C:\Users\aneta\AppData\Roaming\sp_data.sys

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\HPCeeScheduleForaneta.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\aneta\Desktop" je 76 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]


==================== End Of Log ==============================

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[kuba7710]

# -------------------------------
# Malwarebytes AdwCleaner 7.2.1.0
# -------------------------------
# Build: 06-26-2018
# Database: 2018-08-20.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 08-20-2018
# Duration: 00:00:05
# OS: Windows 10 Home
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

Deleted C:\Windows\System32\drivers\wcmvcam64.sys

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1290 octets] - [20/08/2018 19:18:08]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

[Rudy]

Dejte nový log FRST.

[kuba7710]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19.08.2018 02
Ran by aneta (21-08-2018 05:22:01)
Running from C:\Users\aneta\Desktop
Windows 10 Home Version 1803 17134.228 (X64) (2018-06-23 14:14:38)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4254045699-3438346022-453864041-500 - Administrator - Disabled)
aneta (S-1-5-21-4254045699-3438346022-453864041-1001 - Administrator - Enabled) => C:\Users\aneta
DefaultAccount (S-1-5-21-4254045699-3438346022-453864041-503 - Limited - Disabled)
Guest (S-1-5-21-4254045699-3438346022-453864041-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4254045699-3438346022-453864041-1003 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-4254045699-3438346022-453864041-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

1400 (HKLM-x32\...\{0919D141-CCBC-4751-997D-E022345643BE}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden
1400_Help (HKLM-x32\...\{6FBE200D-1F00-40B7-BF48-FEB265AADE94}) (Version: 82.0.242.000 - Hewlett-Packard) Hidden
1400Trb (HKLM-x32\...\{6A3C2391-BCE2-4D28-A336-73B953B4502F}) (Version: 82.0.242.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
ABBYY FineReader 6.0 Sprint (HKLM-x32\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1395.4512 - ABBYY Software House)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.011.20036 - Adobe Systems Incorporated)
Adobe Flash Player 28 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 28.0.0.161 - Adobe Systems Incorporated)
AIO_CDB_ProductContext (HKLM-x32\...\{D5045A94-1D46-44A7-9C4F-7D05B40D82EC}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (HKLM-x32\...\{2DFDE21D-AFFE-4CDD-BBD4-3B7832BEC036}) (Version: 140.0.428.000 - Hewlett-Packard) Hidden
AIO_Scan (HKLM-x32\...\{104066F4-5897-4067-85D3-4C88B67CCF75}) (Version: 130.0.421.000 - Hewlett-Packard) Hidden
Apple Mobile Device Support (HKLM\...\{E3C4B99B-BE71-4C27-8E3C-4FAE3C46E1D5}) (Version: 11.0.0.30 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.3 - ASUS)
ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 2.0.8 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.12 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.05.0001 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.0.2 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0037 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.42 - ICEpower a/s)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.5.2342 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 68.0.746.59 - AVAST Software)
Balíček ovladače systému Windows - ASUS (ATP) Mouse (11/11/2015 6.0.0.66) (HKLM\...\82D024CBD181D16D72E5AE45A426919815D5F456) (Version: 11/11/2015 6.0.0.66 - ASUS)
Bing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.30.223.228 - Broadcom Corporation)
BufferChm (HKLM-x32\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
Camera RAW Plug-In for EPSON Creativity Suite (HKLM-x32\...\{42EDF895-158C-484E-A7F2-42B90759F281}) (Version: 2.3.0.0 - SEIKO EPSON CORPORATION)
Copy (HKLM-x32\...\{9BE466FF-70B7-4DA8-807C-DB4C3610FDAA}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
Device Setup (HKLM-x32\...\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}) (Version: 1.0.18 - ASUSTek Computer Inc.)
DeviceDiscovery (HKLM-x32\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
DocProc (HKLM-x32\...\{9B362566-EC1B-4700-BB9C-EC661BDE2175}) (Version: 140.0.185.000 - Hewlett-Packard) Hidden
Epic Games Launcher (HKLM-x32\...\{93BFE5DF-776E-436F-8693-DF1F72C0E3C1}) (Version: 1.1.151.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
EPSON Attach To Email (HKLM-x32\...\{20C45B32-5AB6-46A4-94EF-58950CAF05E5}) (Version: 1.01.0000 - SEIKO EPSON) Hidden
EPSON Attach To Email (HKLM-x32\...\InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}) (Version: 1.01.0000 - SEIKO EPSON)
EPSON Easy Photo Print (HKLM-x32\...\{8A8F8391-4C2C-4BE1-A984-CD4A5A546467}) (Version: 1.5.1.0 - SEIKO EPSON CORPORATION)
EPSON File Manager (HKLM-x32\...\{46CBBDF8-55B5-40DB-B459-7B848394309C}) (Version: 1.3.1.0 - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
EPSON Scan Assistant (HKLM-x32\...\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}) (Version: 1.10.00 - )
EPSON Stylus SX200_SX400_TX200_TX400 Manuál (HKLM-x32\...\EPSON Stylus SX200_SX400_TX200_TX400 Uživatelská příručka) (Version: - )
EPSON Stylus SX400 Series Printer Uninstall (HKLM\...\EPSON Stylus SX400 Series) (Version: - SEIKO EPSON Corporation)
Fax (HKLM-x32\...\{9294F169-72EE-4D74-AE92-CA25F64B4FF8}) (Version: 140.0.307.000 - Hewlett-Packard) Hidden
Foxit PhantomPDF (HKLM-x32\...\{FC76E6BB-7CBB-4CD6-8178-3BCADC0526C3}) (Version: 6.0.62.801 - Foxit Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 68.0.3440.106 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
GPBaseService2 (HKLM-x32\...\{BB3447F6-9553-4AA9-960E-0DB5310C5779}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software (HKLM\...\{6F5B70F0-EA6C-4A5B-BB16-8390BD66B251}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.6.18.11 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{E1BB50BA-7CCB-47CD-9FE3-03AAE6EEF862}) (Version: 12.9.24.3 - Hewlett-Packard Company)
HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
iCloud (HKLM\...\{82FCC407-A0E5-4B80-9241-5ABA78B61090}) (Version: 7.6.0.15 - Apple Inc.)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1017 - Intel Corporation)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.0.10100.71 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{f5d71765-7cd1-4e68-998f-5b379e725da3}) (Version: 10.0.22 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.38.1036 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4549 - Intel Corporation)
iTunes (HKLM\...\{EB7E0903-21E9-4851-99D3-D7E54B51031C}) (Version: 12.7.0.166 - Apple Inc.)
KB4023057 (HKLM\...\{0C050BEE-16BE-4998-8959-2A421433DB6E}) (Version: 2.5.0.0 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
MarketResearch (HKLM-x32\...\{D360FA88-17C8-4F14-B67F-13AAF9607B12}) (Version: 140.0.299.000 - Hewlett-Packard) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4641.3004 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4254045699-3438346022-453864041-1001\...\OneDriveSetup.exe) (Version: 18.131.0701.0007 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Network64 (HKLM\...\{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}) (Version: 140.0.306.000 - Hewlett-Packard) Hidden
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Opera Stable 50.0.2762.67 (HKLM-x32\...\Opera 50.0.2762.67) (Version: 50.0.2762.67 - Opera Software)
Ovládací panel NVIDIA 369.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 369.09 - NVIDIA Corporation) Hidden
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{E5347310-C82F-4833-AA36-8D11E5A8A86A}) (Version: 6.6 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{D745E014-74DD-43A3-98DF-E7D38164B681}) (Version: 6.6 - Apple Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31233 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7417 - Realtek Semiconductor Corp.)
RemoveAds version 1.1 (HKLM-x32\...\{B97C999B-7BB3-4315-96E3-33AFD655454F}_is1) (Version: 1.1 - Major Share (MajorShare.com))
Scan (HKLM-x32\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
SolutionCenter (HKLM-x32\...\{BC5DD87B-0143-4D14-AAE6-97109614DC6B}) (Version: 140.0.299.000 - Hewlett-Packard) Hidden
Status (HKLM-x32\...\{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}) (Version: 140.0.342.000 - Hewlett-Packard) Hidden
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.1.6 - TeamSpeak Systems GmbH)
Toolbox (HKLM-x32\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (HKLM-x32\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
WebcamMax (HKLM-x32\...\WebcamMax) (Version: 7.9.4.6.MultiLanguage - COOLWAREMAX)
WebReg (HKLM-x32\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.297.017 - Hewlett-Packard) Hidden
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.11.399 - ASUS Cloud Corporation)
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.9840 - Broadcom Corporation)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.11.14 - WildTangent)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS)
WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-07] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-07] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-07] (AVAST Software)
ContextMenuHandlers1-x32: [EPPShellEx] -> {509FE1AF-ADD5-49EC-BC55-7CF81FD16E78} => C:\Program Files (x86)\EPSON\Creativity Suite\Easy Photo Print\EPPShell.dll [2007-03-05] (SEIKO EPSON CORPORATION)
ContextMenuHandlers1-x32: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2013-12-18] (Foxit Corporation)
ContextMenuHandlers1-x32: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\mcafee\msc\MCCTXM~1.DLL -> No File
ContextMenuHandlers1-x32: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2018-06-26] (Apple Inc.)
ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-07] (AVAST Software)
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2326} => C:\WINDOWS\system32\mscoree.dll [2018-04-12] (Microsoft Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-30] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-08-01] (NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-07] (AVAST Software)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\mcafee\msc\MCCTXM~1.DLL -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {026310A0-BEE0-4D02-95FE-B13DF7D1E60A} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {05B689B4-FB7B-4649-A732-712E285A6F2A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-08-20] (Microsoft Corporation)
Task: {088CAB1E-FF12-4F78-82E1-D768DD5CAD03} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {139C16A7-3169-44AE-BFC4-7117173DA81F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2018-05-04] (HP Inc.)
Task: {15224158-A805-49EE-A0B7-68866FF71693} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {1AD4D65C-AE99-4A3A-854F-6488CAB655DE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-03] (Google Inc.)
Task: {1C41A605-9DF4-4689-9C3C-250DC125C01E} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {2500E45E-E461-432E-8DB3-2A2D449FAD5D} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-08-18] (AVAST Software)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3B3FD5A8-5D3C-40BF-A7B1-D2179A8D2A57} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-09-11] (ASUSTek Computer Inc.)
Task: {45A4B3AD-8A75-4210-9BB2-2B67D57D9D93} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-02-07] (Adobe Systems Incorporated)
Task: {4BFC36BB-DD92-4847-8176-43378B0EDCB9} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {5358B876-61EB-44E1-BFDC-3DDA1C52C467} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.)
Task: {53EAB282-8C42-4799-B9EF-AE2949CCE38E} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-08-07] (AVAST Software)
Task: {5905F36E-A38D-4CF5-900E-072CEDC52770} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-08-20] (Microsoft Corporation)
Task: {599DFC3C-2300-4A81-B7BD-BA776877EBAE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-01-17] (Adobe Systems Incorporated)
Task: {5B7B6B31-186F-4B89-A882-435C954B75B8} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-06-11] (ASUSTek Computer Inc.)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {6B5C639E-4867-40B3-B1F6-900188299473} - System32\Tasks\Opera scheduled Autoupdate 1454658783 => C:\Program Files (x86)\Opera\launcher.exe [2018-01-22] (Opera Software)
Task: {6DA30928-130F-473E-8776-AD799C09F6DD} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-09-02] (ASUSTek Computer Inc.)
Task: {6E485102-7E6E-409F-8856-5701D879F99A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {72CFEA19-10CC-4846-8F3F-3E7E14F58E73} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {786C211C-0DF6-4C08-B525-90EF4CBBD609} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {7DE7FE99-3D2F-4E96-BE3E-3E91446A0A46} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe
Task: {7EADCE64-FB72-4522-811D-A5E68DE870F5} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-05] (AVAST Software)
Task: {7EF9551C-0D9A-4088-B380-C113A1B2F25E} - \WPD\SqmUpload_S-1-5-21-4254045699-3438346022-453864041-1001 -> No File <==== ATTENTION
Task: {8A8FFFC9-321B-41FB-B4FC-128379DCA8C0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2018-05-04] (HP Inc.)
Task: {8BE288C5-9D7D-4C2D-9987-D3A37C418DE5} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {8E6E3D8B-90FC-4A3A-8D33-F3ACDD161E73} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-03] (Google Inc.)
Task: {910CB03B-2432-4745-B785-D6C52B9363D5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-08-20] (Microsoft Corporation)
Task: {A0C6DF60-6DA2-4DBD-971A-DE78AF8E1676} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {A19967CF-E523-4023-ACB9-C08BD1F39C53} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-12-26] (Realtek Semiconductor)
Task: {A921655A-EEAD-4DFC-962B-95DEB76BC77E} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {AF4C7682-4108-47DF-B5F7-8E2B21C8E7A5} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_28_0_0_161_pepper.exe [2018-02-07] (Adobe Systems Incorporated)
Task: {B33FD910-F802-4A8E-9CC7-7D02D149F014} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {BA60B54B-0A73-4CBF-AE80-76D7C7E2D7DE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2018-06-27] (HP Inc.)
Task: {BEAE4FE1-EBC8-4DF5-93A5-79D580E0DB93} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2017-11-26] ()
Task: {C7E52340-39FB-44D3-A260-C5DA437933E1} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-12-14] (AsusTek)
Task: {C8120873-B2AB-480A-ADD9-56601A8D7510} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-08-20] (Microsoft Corporation)
Task: {DA64BB5A-D936-4D97-9A59-A5B9A8EFEE71} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-05] (AVAST Software)
Task: {E7DC4150-685B-473F-8F05-C88704F0763D} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe [2015-06-01] (McAfee, Inc.)
Task: {ED1F049B-9FAB-417E-B934-E002845C8BC5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)
Task: {F09FCD8C-2063-4EE3-B48B-246B86067AA6} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-11-05] (ASUS)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\HPCeeScheduleForaneta.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-10-18 17:54 - 2016-08-01 14:54 - 000133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-06-23 06:56 - 2018-06-23 06:56 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-06-23 06:56 - 2018-06-23 06:56 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2016-11-30 22:57 - 2016-11-30 22:57 - 000401888 _____ () C:\WINDOWS\system32\igfxTray.exe
2018-08-14 21:15 - 2018-08-03 05:09 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-08-11 18:56 - 2018-08-11 18:57 - 035124224 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-08-11 18:56 - 2018-08-11 18:57 - 000290816 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-08-11 18:56 - 2018-08-11 18:56 - 006417408 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-09-26 17:23 - 2017-09-26 17:24 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-08-11 18:56 - 2018-08-11 18:57 - 009010176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x64__8wekyb3d8bbwe\EntPlat.dll
2017-09-11 15:45 - 2017-09-11 15:45 - 000092472 _____ () C:\Program Files\iTunes\zlib1.dll
2017-09-11 15:45 - 2017-09-11 15:45 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll
2018-05-10 17:09 - 2018-05-10 17:10 - 098275328 _____ () C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libcef.dll
2018-05-10 17:10 - 2018-05-10 17:10 - 003922432 _____ () C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libGLESv2.dll
2018-05-10 17:10 - 2018-05-10 17:10 - 000092672 _____ () C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libEGL.dll
2018-07-28 13:28 - 2018-07-28 13:30 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-07-28 13:28 - 2018-07-28 13:30 - 068154880 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-10-18 19:49 - 2017-10-18 19:57 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-05-03 19:55 - 2018-05-03 19:57 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\ImagePipelineNative.dll
2018-07-14 17:04 - 2018-07-14 17:06 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-07-14 17:04 - 2018-07-14 17:05 - 004139008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-07-14 17:04 - 2018-07-14 17:06 - 000035840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-04-05 17:26 - 2018-04-05 17:30 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2018-07-28 13:28 - 2018-07-28 13:30 - 014919168 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-07-14 17:04 - 2018-07-14 17:05 - 003982848 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2018-07-28 13:28 - 2018-07-28 13:29 - 002938880 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-05-30 21:06 - 2018-05-30 21:09 - 000872448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-07-14 17:04 - 2018-07-14 17:06 - 001396224 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2018-07-28 13:28 - 2018-07-28 13:30 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-08-01 13:27 - 2018-08-01 13:27 - 000199168 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11807.1001.13.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-08-01 13:27 - 2018-08-01 13:27 - 002447072 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11807.1001.13.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-08-01 13:27 - 2018-08-01 13:27 - 007814144 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11807.1001.13.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2018-07-19 16:58 - 2018-07-19 16:59 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-07-19 16:58 - 2018-07-19 16:59 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-07-19 16:58 - 2018-07-19 16:59 - 022373888 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-07-19 16:58 - 2018-07-19 16:59 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\skypert.dll
2018-07-19 16:58 - 2018-07-19 16:59 - 000653824 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-07-02 18:14 - 2018-07-02 18:14 - 001922224 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.0_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll
2018-07-25 21:03 - 2018-07-25 21:03 - 004383232 _____ () C:\Program Files\WindowsApps\Microsoft.OneConnect_5.1807.1991.0_x64__8wekyb3d8bbwe\OneConnect.dll
2015-01-06 17:40 - 2015-01-06 17:40 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2018-03-21 21:01 - 2018-03-21 21:01 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-08-07 11:18 - 2018-08-07 11:18 - 000483544 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-08-07 11:15 - 2018-08-07 11:15 - 000282840 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2018-06-23 06:56 - 2018-06-23 06:56 - 001042232 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2018-06-23 06:56 - 2018-06-23 06:56 - 000189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2018-06-23 06:56 - 2018-06-23 06:56 - 000076088 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Public\AppData:CSM [466]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4254045699-3438346022-453864041-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{3DD08DE9-44A8-44AF-9817-2454A342F79A}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe
FirewallRules: [TCP Query User{4B973F2B-7568-4002-AD69-AD9997E9D672}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe
FirewallRules: [UDP Query User{15B8B614-8C18-4A0A-B20C-06A9F022303F}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe
FirewallRules: [TCP Query User{8A540ABE-A5F3-45BA-A402-03FC43D06D80}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe
FirewallRules: [UDP Query User{7E79545C-7E52-44FC-AFEC-3CD68BFCCF7D}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.148\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.148\deploy\leagueclient.exe
FirewallRules: [TCP Query User{BBCC9245-B978-4EFE-9687-CCB8741842B2}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.148\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.148\deploy\leagueclient.exe
FirewallRules: [UDP Query User{9FAC3786-EB2E-4531-8B83-2F88DC33B95A}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.147\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.147\deploy\leagueclient.exe
FirewallRules: [TCP Query User{CE50D50B-E455-4312-8A1D-B9E7A57E987E}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.147\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.147\deploy\leagueclient.exe
FirewallRules: [UDP Query User{73F8CD85-967E-4D73-92B7-E10F8903254D}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe
FirewallRules: [TCP Query User{2DF6F407-9599-45E1-8852-E5EDA26E7C48}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe
FirewallRules: [UDP Query User{D7C3DCAA-2C2F-435A-AECE-FB6241ABD939}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.143\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.143\deploy\leagueclient.exe
FirewallRules: [TCP Query User{43875289-AF02-4E8F-B300-EF81F254F92B}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.143\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.143\deploy\leagueclient.exe
FirewallRules: [UDP Query User{455B231D-909D-4AE0-9806-81A21AD735E1}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [TCP Query User{24DEE808-8FE7-47FB-909F-D06BE430EAAC}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [UDP Query User{2787BE60-B2A9-43D7-A513-98EF71F8D4AF}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{90DCBAC2-B2E0-44F4-82C8-3496038B86A5}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{E4A5F1A2-89E3-4DF2-8BBE-45725F6F04FE}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{AE64BCF8-3A60-4747-9B3F-E8AE1E30A7A2}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [UDP Query User{67FDE6CC-B07B-41DB-B3CD-8BFB8DFA2016}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe
FirewallRules: [TCP Query User{F0BE672E-2ADB-45A2-8E9F-4DFA7912CDC5}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe
FirewallRules: [UDP Query User{D3B02B01-68C2-4AFF-92EB-EED8F3735A96}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe
FirewallRules: [TCP Query User{EB6092D0-26C7-4E3B-A361-051E71DFB807}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe
FirewallRules: [UDP Query User{170CDC6B-13AB-4D6E-8C46-E82E3C90BD7B}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe
FirewallRules: [TCP Query User{57298532-C4FE-42F7-B7D7-B70188B4B519}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe
FirewallRules: [UDP Query User{EFBAEA2E-CECB-4004-B254-488B3DBD1FD9}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe
FirewallRules: [TCP Query User{C36B962A-A9B5-4F6F-85C4-8BDA94D6E3A8}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe
FirewallRules: [UDP Query User{63401618-BB9D-4512-AE4D-8702DA45683A}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe
FirewallRules: [TCP Query User{1E507F92-AE5E-4223-AFB7-2AA290D7E120}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe
FirewallRules: [{1AD85AD2-FF5B-40C4-99EB-EB2DE6E2665D}] => (Allow) C:\Program Files (x86)\Opera\50.0.2762.67\opera.exe
FirewallRules: [{42201877-F941-450C-A6A0-2B5F48FB8544}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{E197E3E0-3A47-4C80-996E-BDA7E9988CC5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{25E2E8AC-CA2D-41E6-A077-CBEF6AB506C2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{36CCAE0E-8097-4393-AEEE-E093CA33029E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{DEE23962-2918-4C21-88E6-31F18AB32360}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{F1EEAD65-BFBB-4C7A-A247-3BE127E196D3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{62909C18-877A-4449-976A-0A057578FBA9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{93AC2DAC-9DAC-4F1D-9949-3216D56748B2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{15AE4290-1F1A-4EAD-886A-4B7FBDCF969E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{317D1FA1-D397-47C6-9C2D-0602A5044730}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{DFC8017C-5667-4447-8B7F-F50AAF257101}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{0FCF6E52-B2D9-45C3-8721-85E825E3656D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{752A5623-9D6D-4786-AAD5-047CB8EC8221}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{7F656E36-855B-419D-950A-6DC7E986EAC4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{CEC1D903-6746-4705-8D74-8030BEC4EF34}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{A27BBD65-8A57-46D3-A9A4-9570C0351F81}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{0947DCCA-B844-4D15-AFD3-E51DF5D4DE39}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{B0BAF3D4-EC4F-4383-8C87-CE4C4ED3CD40}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{B6C8A936-4A17-4F5A-B609-0C05F85340CE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{BB20FA79-A8A0-42CC-836D-6D63A512ED7A}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{C7D9227B-ABFD-43AD-B924-C40CF500AE3E}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{533F1D5E-1349-4088-9C4C-8FF9657A9658}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{006DBAB1-2012-420E-A52C-AC84C929C137}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{D96E9358-0A46-42BD-BE52-943F688D2F8B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{9FF28AA5-8828-48D9-A89B-9DEDF7C73A7D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C5EE1A50-4D5E-45D1-BA45-923DA900951B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{75A28AC2-E19B-4065-9216-AE007C720A1A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A8C69B6D-EA18-4EE9-A57F-7CD145FBA9E4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{021C3CCC-E22E-4AF6-970A-6CD70ECC9522}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D4886BC5-846A-46B6-8EE6-BA119F0C663B}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{9CF8039F-4CFD-4438-A734-6702C70EDB59}] => (Allow) C:\Program Files (x86)\Opera\49.0.2725.64\opera.exe
FirewallRules: [TCP Query User{C036D29C-1F6A-4829-A07F-E13C1A2F61EB}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.153\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.153\deploy\leagueclient.exe
FirewallRules: [UDP Query User{034881A8-B50F-4803-9C51-6183CE4D92F8}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.153\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.153\deploy\leagueclient.exe
FirewallRules: [TCP Query User{C2FC2087-573C-4A2B-901A-DDF5918FBC29}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe
FirewallRules: [UDP Query User{A217D2C2-EA49-482E-B0F3-B87D72206BA4}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe
FirewallRules: [TCP Query User{EBEF1A2B-C4A9-412F-A118-2DF4A784D7AE}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.155\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.155\deploy\leagueclient.exe
FirewallRules: [UDP Query User{3A7CA618-AF7D-4A17-9A40-7D62CE4C190F}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.155\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.155\deploy\leagueclient.exe
FirewallRules: [TCP Query User{6C226A2E-94F0-48DD-9C80-CDDA67533250}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe
FirewallRules: [UDP Query User{EB430EE5-368D-469F-B49D-4014F90291CD}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe
FirewallRules: [TCP Query User{2209810A-482D-4B0B-BB84-F83263190655}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.157\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.157\deploy\leagueclient.exe
FirewallRules: [UDP Query User{49C923F6-C335-4CD9-BA22-7D30B184280F}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.157\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.157\deploy\leagueclient.exe
FirewallRules: [TCP Query User{4264A043-E629-477C-B875-817392FB8F99}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe
FirewallRules: [UDP Query User{6B7E1F56-4269-4EFF-AE2A-F930F97F0A32}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe
FirewallRules: [{ADF0053C-081E-4C92-A5FD-B7E4BA0C32CB}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{1CDBF9E1-C36E-41B5-9AAA-82E568D5F1A0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{71A28EBB-A7A8-4EE9-998E-BA39B0483A69}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe
FirewallRules: [UDP Query User{E031B8CC-8E37-4F5A-8B1F-A62AD1DC4BBF}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe
FirewallRules: [{DDE8A8C6-E5B7-4D6F-BB16-F7A55E57D5E7}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe

==================== Restore Points =========================

14-08-2018 20:57:18 Windows Update
14-08-2018 20:59:40 Windows Update

==================== Faulty Device Manager Devices =============

Name: WebcamMax, WDM Video Capture
Description: WebcamMax, WDM Video Capture
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: CoolwareMax
Service: WCMVCAM
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/21/2018 05:19:14 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (08/21/2018 05:18:49 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (08/21/2018 05:18:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AppleIEDAV.exe, verze: 2.1.15.81, časové razítko: 0x5b2e1ace
Název chybujícího modulu: AppleIEDAV_main.dll, verze: 2.1.15.81, časové razítko: 0x5b2f821e
Kód výjimky: 0xc0000005
Posun chyby: 0x002443d4
ID chybujícího procesu: 0x1e00
Čas spuštění chybující aplikace: 0x01d438afe176c54d
Cesta k chybující aplikaci: C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV_main.dll
ID zprávy: 493285de-4f61-46a6-84ad-591d000261ac
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (08/21/2018 05:18:04 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 30847485

Error: (08/21/2018 05:18:04 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 30847485

Error: (08/21/2018 05:18:04 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/20/2018 08:44:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4047

Error: (08/20/2018 08:44:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4047


System errors:
=============
Error: (08/21/2018 05:21:07 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (08/20/2018 08:01:03 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (08/20/2018 08:01:03 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (08/20/2018 08:01:01 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (08/20/2018 07:29:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba McAfee CSP Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (08/20/2018 07:29:59 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby mccspsvc bylo dosaženo časového limitu (30000 ms).

Error: (08/20/2018 07:26:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba WCMVCAM neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (08/20/2018 07:25:26 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\System32\bcmihvsrv64.dll


Windows Defender:
===================================
Date: 2018-08-21 05:21:53.188
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Tiggre!rfn
ID: 2147723625
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\aneta\Downloads\FRSTLauncher.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: Aneta\aneta
Název procesu: C:\Users\aneta\Desktop\FRST64.exe
Verze podpisu: AV: 1.273.1729.0, AS: 1.273.1729.0, NIS: 1.273.1729.0
Verze modulu: AM: 1.1.15200.1, NIS: 1.1.15200.1

Date: 2018-08-20 20:01:19.807
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Tiggre!rfn
ID: 2147723625
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\aneta\Desktop\FRSTLauncher (1).exe; file:_C:\Users\aneta\Desktop\FRSTLauncher.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: Aneta\aneta
Název procesu: C:\Windows\explorer.exe
Verze podpisu: AV: 1.273.1729.0, AS: 1.273.1729.0, NIS: 1.273.1729.0
Verze modulu: AM: 1.1.15200.1, NIS: 1.1.15200.1

Date: 2018-08-20 20:01:19.254
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Tiggre!rfn
ID: 2147723625
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\aneta\Desktop\FRSTLauncher (1).exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: Aneta\aneta
Název procesu: C:\Windows\explorer.exe
Verze podpisu: AV: 1.273.1729.0, AS: 1.273.1729.0, NIS: 1.273.1729.0
Verze modulu: AM: 1.1.15200.1, NIS: 1.1.15200.1

CodeIntegrity:
===================================

Date: 2018-08-20 17:42:29.073
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\ashShA64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-08-20 17:42:28.903
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Common Files\AWS\2.1.11.399\AsusWSShellExt64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-08-20 17:42:28.888
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Common Files\AWS\2.1.11.399\AsusWSShellExt64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-08-20 17:42:28.802
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Common Files\AWS\2.1.11.399\AsusWSShellExt64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-08-20 17:42:28.517
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-08-19 14:13:13.786
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\ashShA64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-08-19 14:13:13.664
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Common Files\AWS\2.1.11.399\AsusWSShellExt64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-08-19 14:13:13.587
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Common Files\AWS\2.1.11.399\AsusWSShellExt64.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Percentage of memory in use: 66%
Total physical RAM: 3998.84 MB
Available physical RAM: 1338.9 MB
Total Virtual: 6814.84 MB
Available Virtual: 3826.98 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:372.6 GB) (Free:257.79 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Data) (Fixed) (Total:542.8 GB) (Free:541.82 GB) NTFS
Drive f: (Office_2007_cz_E) (CDROM) (Total:0.54 GB) (Free:0 GB) CDFS

\\?\Volume{ba5cc5a8-9c02-45e4-b042-641b84dbb4de}\ (Recovery) (Fixed) (Total:0.88 GB) (Free:0.59 GB) NTFS
\\?\Volume{98941c61-617e-403d-9222-a96c4ead4c03}\ (Restore) (Fixed) (Total:15.01 GB) (Free:3.59 GB) NTFS
\\?\Volume{5b02d414-864c-4cc9-8d8f-c4e85fe42936}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: A561C2EC)

Partition: GPT.

==================== End of Addition.txt ============================

[Rudy]

Dal jste pouze Additional, ještě potřebuji vidět obsah souboru frst.txt.

[kuba7710]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19.08.2018 02
Ran by aneta (administrator) on ANETA (21-08-2018 05:20:02)
Running from C:\Users\aneta\Desktop
Loaded Profiles: aneta (Available Profiles: aneta)
Platform: Windows 10 Home Version 1803 17134.228 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfefire.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc.) C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\MsMpEng.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\NisSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x64__8wekyb3d8bbwe\Video.UI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSPanel.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11807.1001.13.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.0_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17134.165_none_eaf410441d6d7311\TiWorker.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-08-07] (AVAST Software)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [297784 2017-09-11] (Apple Inc.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe [63296 2014-08-20] ()
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-4254045699-3438346022-453864041-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-4254045699-3438346022-453864041-1001\...\Run: [WebcamMaxAutoRun] => C:\Program Files (x86)\WebcamMax\wcmmon.exe [1038848 2011-07-17] ()
HKU\S-1-5-21-4254045699-3438346022-453864041-1001\...\Run: [EPSON Stylus SX400 Series] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIEGE.EXE [221696 2007-12-17] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-4254045699-3438346022-453864041-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32973712 2018-07-26] (Epic Games, Inc.)
HKU\S-1-5-21-4254045699-3438346022-453864041-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-06-26] (Apple Inc.)
HKU\S-1-5-21-4254045699-3438346022-453864041-1001\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [68408 2018-06-26] (Apple Inc.)
HKU\S-1-5-21-4254045699-3438346022-453864041-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2018-06-26] (Apple Inc.)
HKU\S-1-5-21-4254045699-3438346022-453864041-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2018-06-26] (Apple Inc.)
HKU\S-1-5-21-4254045699-3438346022-453864041-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2018-06-26] (Apple Inc.)
HKU\S-1-5-21-4254045699-3438346022-453864041-1001\...\MountPoints2: F - "F:\SETUP.EXE"
HKU\S-1-5-21-4254045699-3438346022-453864041-1001\...\MountPoints2: {a021c577-526f-11e5-8262-acb57dd8a8be} - "F:\SETUP.EXE"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-10-31]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4d75ab95-09f5-4dca-92e6-e74db3a4d1df}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9569b113-e9ba-41e1-a76e-1645270a1867}: [DhcpNameServer] 195.113.44.11 195.113.0.2

Internet Explorer:
==================
HKU\S-1-5-21-4254045699-3438346022-453864041-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-4254045699-3438346022-453864041-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-02] (Google Inc.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-02] (Google Inc.)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-02] (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-02] (Google Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\mcafee\msc\mcsniepl.dll No File

FireFox:
========
FF DefaultProfile: p6w2461c.default
FF ProfilePath: C:\Users\aneta\AppData\Roaming\Mozilla\Firefox\Profiles\p6w2461c.default [2018-04-05]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\NPMCSN~1.DLL [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-01-06] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\mcafee\msc\NPMCSN~1.DLL [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-12] (Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default [2018-08-19]
CHR Extension: (Prezentace) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-15]
CHR Extension: (Dokumenty) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-15]
CHR Extension: (Disk Google) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-26]
CHR Extension: (YouTube) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-05]
CHR Extension: (Vyhledávání Google) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Avast Online Security (BETA)) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\daanglpcpkjjlkhcbladppjphglbigam [2018-08-19]
CHR Extension: (Plná Peněženka Lištička) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecmgkhgjmodembdmiimbacpjgcdimiek [2018-03-11]
CHR Extension: (Tabulky) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-07-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Gmail) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-03]
CHR Extension: (Chrome Media Router) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-05]
CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

Opera:
=======
OPR Extension: (Adblock Plus) - C:\Users\aneta\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2018-08-20]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-09-07] (Apple Inc.)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe [71168 2014-08-20] (ASUS Cloud Corporation) [File not signed]
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7780400 2018-08-07] (AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-08-07] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6875688 2018-07-09] ()
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [780928 2018-05-10] (EasyAntiCheat Ltd)
R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1037568 2014-09-18] (Intel Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [333688 2018-06-13] (HP Inc.)
R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-26] (HP Inc.)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373728 2016-11-30] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2015-01-06] (Intel Corporation)
S2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.6.1008.0\McCSPServiceHost.exe [1694152 2015-07-23] (McAfee, Inc.)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232656 2015-06-29] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [373704 2015-07-15] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [254792 2015-06-29] (McAfee, Inc.)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\NisSrv.exe [3905952 2018-08-20] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MsMpEng.exe [110944 2018-08-20] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [197160 2018-08-07] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [229392 2018-08-07] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [201328 2018-08-07] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [346664 2018-08-07] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [59592 2018-08-07] (AVAST Software)
S3 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15360 2018-08-07] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [239680 2018-08-07] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46976 2018-08-07] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [159640 2018-08-07] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111872 2018-08-07] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [85968 2018-08-07] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1027728 2018-08-07] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [467064 2018-08-07] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [211160 2018-08-07] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [381584 2018-08-07] (AVAST Software)
R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [98296 2015-12-14] (ASUS Corporation)
S3 cfwids; C:\WINDOWS\system32\drivers\cfwids.sys [77536 2015-07-02] (McAfee, Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [38720 2014-09-18] (Intel Corporation)
R3 dptf_pch; C:\WINDOWS\System32\drivers\dptf_pch.sys [38208 2014-09-18] (Intel Corporation)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2015-09-08] (Disc Soft Ltd)
R3 esif_lf; C:\WINDOWS\System32\drivers\esif_lf.sys [216360 2014-09-18] (Intel Corporation)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.)
R0 IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [79016 2014-08-26] (Intel Corporation)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [129312 2015-01-06] (Intel Corporation)
R3 mfeaack; C:\WINDOWS\system32\drivers\mfeaack.sys [412440 2015-07-02] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [347800 2015-07-02] (McAfee, Inc.)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [80920 2015-07-02] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\system32\drivers\mfefirek.sys [496888 2015-07-02] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [875928 2015-07-02] (McAfee, Inc.)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [529080 2015-06-28] (McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [109728 2015-06-28] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [344704 2015-07-02] (McAfee, Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvlddmkm.sys [13754936 2016-09-12] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [895256 2015-07-08] (Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [428032 2017-02-16] (Realsil Semiconductor Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46584 2018-08-20] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [340008 2018-08-20] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61992 2018-08-20] (Microsoft Corporation)
S2 WCMVCAM; \SystemRoot\system32\DRIVERS\wcmvcam64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-08-20 19:33 - 2018-08-20 19:29 - 000563832 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-08-20 19:16 - 2018-08-20 19:25 - 000000000 ____D C:\AdwCleaner
2018-08-20 19:15 - 2018-08-20 19:15 - 007395536 _____ (Malwarebytes) C:\Users\aneta\Desktop\AdwCleaner.exe
2018-08-20 18:09 - 2018-08-20 18:10 - 000024899 _____ C:\Users\aneta\Desktop\Addition.txt
2018-08-20 18:08 - 2018-08-21 05:21 - 000024619 _____ C:\Users\aneta\Desktop\FRST.txt
2018-08-20 18:02 - 2018-08-20 18:08 - 000000000 ____D C:\FRST
2018-08-20 17:57 - 2018-08-20 17:57 - 000112640 _____ C:\Users\aneta\Downloads\FRSTLauncher.exe
2018-08-20 17:50 - 2018-08-20 17:50 - 002413056 _____ (Farbar) C:\Users\aneta\Desktop\FRST64.exe
2018-08-19 14:11 - 2018-08-19 14:11 - 000000000 ___HD C:\OneDriveTemp
2018-08-16 22:29 - 2018-08-16 22:29 - 000000000 _____ C:\WINDOWS\SysWOW64\last.dump
2018-08-14 21:16 - 2018-08-03 10:39 - 021389368 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-08-14 21:16 - 2018-08-03 05:39 - 009091480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-08-14 21:16 - 2018-08-03 05:39 - 007519992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-08-14 21:16 - 2018-08-03 05:39 - 007436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-08-14 21:16 - 2018-08-03 05:25 - 006568784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-08-14 21:16 - 2018-08-03 05:23 - 025846784 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-08-14 21:16 - 2018-08-03 05:18 - 022714880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-08-14 21:16 - 2018-08-03 05:18 - 022007808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-08-14 21:16 - 2018-08-03 05:09 - 004615680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-08-14 21:16 - 2018-08-03 05:06 - 004191232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-08-14 21:16 - 2018-07-14 08:46 - 023862784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-08-14 21:16 - 2018-07-14 08:42 - 019525632 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-08-14 21:15 - 2018-08-03 10:22 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2018-08-14 21:15 - 2018-08-03 10:21 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-08-14 21:15 - 2018-08-03 10:21 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2018-08-14 21:15 - 2018-08-03 10:20 - 004049408 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2018-08-14 21:15 - 2018-08-03 10:20 - 003652608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-08-14 21:15 - 2018-08-03 10:19 - 001661440 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2018-08-14 21:15 - 2018-08-03 09:45 - 000663128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-08-14 21:15 - 2018-08-03 09:43 - 020383720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-08-14 21:15 - 2018-08-03 09:29 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2018-08-14 21:15 - 2018-08-03 09:28 - 002895360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-08-14 21:15 - 2018-08-03 09:27 - 004050432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2018-08-14 21:15 - 2018-08-03 09:27 - 001469952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2018-08-14 21:15 - 2018-08-03 05:47 - 001034624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-08-14 21:15 - 2018-08-03 05:46 - 000272296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-08-14 21:15 - 2018-08-03 05:46 - 000269248 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-08-14 21:15 - 2018-08-03 05:41 - 000568600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-08-14 21:15 - 2018-08-03 05:40 - 001221048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-08-14 21:15 - 2018-08-03 05:40 - 001030952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-08-14 21:15 - 2018-08-03 05:39 - 002829216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-08-14 21:15 - 2018-08-03 05:39 - 001457136 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-08-14 21:15 - 2018-08-03 05:39 - 000692240 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2018-08-14 21:15 - 2018-08-03 05:38 - 002765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-08-14 21:15 - 2018-08-03 05:38 - 001945792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-08-14 21:15 - 2018-08-03 05:38 - 001285536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-08-14 21:15 - 2018-08-03 05:38 - 001258288 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-08-14 21:15 - 2018-08-03 05:38 - 001140576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-08-14 21:15 - 2018-08-03 05:38 - 001097648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-08-14 21:15 - 2018-08-03 05:38 - 000983016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-08-14 21:15 - 2018-08-03 05:38 - 000713368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-08-14 21:15 - 2018-08-03 05:38 - 000604576 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-08-14 21:15 - 2018-08-03 05:26 - 006043600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-08-14 21:15 - 2018-08-03 05:25 - 002255008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-08-14 21:15 - 2018-08-03 05:25 - 001622296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-08-14 21:15 - 2018-08-03 05:25 - 001131064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-08-14 21:15 - 2018-08-03 05:25 - 000583120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-08-14 21:15 - 2018-08-03 05:25 - 000539168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2018-08-14 21:15 - 2018-08-03 05:17 - 004380160 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-08-14 21:15 - 2018-08-03 05:15 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-08-14 21:15 - 2018-08-03 05:14 - 004867584 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-08-14 21:15 - 2018-08-03 05:13 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-08-14 21:15 - 2018-08-03 05:13 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-08-14 21:15 - 2018-08-03 05:13 - 003395072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-08-14 21:15 - 2018-08-03 05:12 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-08-14 21:15 - 2018-08-03 05:12 - 002738688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-08-14 21:15 - 2018-08-03 05:12 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-08-14 21:15 - 2018-08-03 05:11 - 007577088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-08-14 21:15 - 2018-08-03 05:11 - 003712000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-08-14 21:15 - 2018-08-03 05:11 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-08-14 21:15 - 2018-08-03 05:11 - 002172928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-08-14 21:15 - 2018-08-03 05:11 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2018-08-14 21:15 - 2018-08-03 05:11 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-08-14 21:15 - 2018-08-03 05:11 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-08-14 21:15 - 2018-08-03 05:10 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-08-14 21:15 - 2018-08-03 05:09 - 005776896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-08-14 21:15 - 2018-08-03 05:09 - 001932288 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeangle.dll
2018-08-14 21:15 - 2018-08-03 05:09 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-08-14 21:15 - 2018-08-03 05:09 - 001550848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-08-14 21:15 - 2018-08-03 05:09 - 001395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-08-14 21:15 - 2018-08-03 05:09 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-08-14 21:15 - 2018-08-03 05:09 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-08-14 21:15 - 2018-08-03 05:08 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2018-08-14 21:15 - 2018-08-03 05:08 - 002236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-08-14 21:15 - 2018-08-03 05:08 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-08-14 21:15 - 2018-08-03 05:08 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-08-14 21:15 - 2018-08-03 05:08 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-08-14 21:15 - 2018-08-03 05:08 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-08-14 21:15 - 2018-08-03 05:07 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-08-14 21:15 - 2018-08-03 05:06 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-08-14 21:15 - 2018-08-03 05:06 - 000856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-08-14 21:15 - 2018-08-03 05:06 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-08-14 21:15 - 2018-08-03 05:05 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-08-14 21:15 - 2018-08-03 05:05 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-08-14 21:15 - 2018-07-15 02:56 - 001523240 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-08-14 21:15 - 2018-07-15 02:44 - 006587392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-08-14 21:15 - 2018-07-15 02:43 - 012710400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-08-14 21:15 - 2018-07-15 02:42 - 008624128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-08-14 21:15 - 2018-07-15 02:42 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-08-14 21:15 - 2018-07-15 02:39 - 001787392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2018-08-14 21:15 - 2018-07-15 02:39 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2018-08-14 21:15 - 2018-07-15 02:38 - 002051584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2018-08-14 21:15 - 2018-07-15 02:38 - 001180160 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2018-08-14 21:15 - 2018-07-15 02:38 - 001004032 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2018-08-14 21:15 - 2018-07-15 01:28 - 001327424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-08-14 21:15 - 2018-07-15 01:18 - 005657600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-08-14 21:15 - 2018-07-15 01:17 - 011901440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-08-14 21:15 - 2018-07-15 01:15 - 007987712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2018-08-14 21:15 - 2018-07-15 01:13 - 001452544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2018-08-14 21:15 - 2018-07-15 01:13 - 001308160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2018-08-14 21:15 - 2018-07-14 06:23 - 000760888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2018-08-14 21:15 - 2018-07-14 06:22 - 006813744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2018-08-14 21:15 - 2018-07-14 06:22 - 001144664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2018-08-14 21:15 - 2018-07-14 06:22 - 000510392 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2018-08-14 21:15 - 2018-07-14 06:22 - 000203560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2018-08-14 21:15 - 2018-07-14 06:21 - 000722824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-08-14 21:15 - 2018-07-14 06:20 - 000184472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2018-08-14 21:15 - 2018-07-14 06:19 - 002535032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2018-08-14 21:15 - 2018-07-14 06:19 - 001946752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-08-14 21:15 - 2018-07-14 06:19 - 000981920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2018-08-14 21:15 - 2018-07-14 06:19 - 000483024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-08-14 21:15 - 2018-07-14 06:18 - 002563984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-08-14 21:15 - 2018-07-14 06:18 - 002371416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-08-14 21:15 - 2018-07-14 06:18 - 001017584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-08-14 21:15 - 2018-07-14 06:18 - 000930712 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2018-08-14 21:15 - 2018-07-14 06:18 - 000613176 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2018-08-14 21:15 - 2018-07-14 06:18 - 000443216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2018-08-14 21:15 - 2018-07-14 06:17 - 006527056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2018-08-14 21:15 - 2018-07-14 06:17 - 002420632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-08-14 21:15 - 2018-07-14 06:17 - 000743320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2018-08-14 21:15 - 2018-07-14 06:16 - 002331576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-08-14 21:15 - 2018-07-14 06:16 - 001143096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2018-08-14 21:15 - 2018-07-14 06:16 - 000506728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2018-08-14 21:15 - 2018-07-14 06:15 - 001559368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-08-14 21:15 - 2018-07-14 06:15 - 001174552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-08-14 21:15 - 2018-07-14 06:15 - 000829856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2018-08-14 21:15 - 2018-07-14 06:01 - 006647296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2018-08-14 21:15 - 2018-07-14 05:59 - 009084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2018-08-14 21:15 - 2018-07-14 05:59 - 005883392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2018-08-14 21:15 - 2018-07-14 05:59 - 003553280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2018-08-14 21:15 - 2018-07-14 05:57 - 007057920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2018-08-14 21:15 - 2018-07-14 05:57 - 004331008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-08-14 21:15 - 2018-07-14 05:57 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-08-14 21:15 - 2018-07-14 05:56 - 004559872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-08-14 21:15 - 2018-07-14 05:56 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-08-14 21:15 - 2018-07-14 05:56 - 002697216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Controls.dll
2018-08-14 21:15 - 2018-07-14 05:56 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2018-08-14 21:15 - 2018-07-14 05:56 - 001986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2018-08-14 21:15 - 2018-07-14 05:56 - 001558016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2018-08-14 21:15 - 2018-07-14 05:55 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-08-14 21:15 - 2018-07-14 05:55 - 000993792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2018-08-14 21:15 - 2018-07-14 05:55 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2018-08-14 21:15 - 2018-07-14 05:55 - 000282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2018-08-14 21:15 - 2018-07-14 05:54 - 003319808 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-08-14 21:15 - 2018-07-14 05:54 - 002825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2018-08-14 21:15 - 2018-07-14 05:54 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-08-14 21:15 - 2018-07-14 05:54 - 001537024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2018-08-14 21:15 - 2018-07-14 05:54 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-08-14 21:15 - 2018-07-14 05:54 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2018-08-14 21:15 - 2018-07-14 05:53 - 004770816 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2018-08-14 21:15 - 2018-07-14 05:53 - 003381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2018-08-14 21:15 - 2018-07-14 05:53 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-08-14 21:15 - 2018-07-14 05:53 - 001825792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2018-08-14 21:15 - 2018-07-14 05:53 - 001668096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2018-08-14 21:15 - 2018-07-14 05:53 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2018-08-14 21:15 - 2018-07-14 05:53 - 000681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgrSvc.dll
2018-08-14 21:15 - 2018-07-14 05:53 - 000566272 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-08-14 21:15 - 2018-07-14 05:53 - 000396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2018-08-14 21:15 - 2018-07-14 05:52 - 000790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2018-08-14 21:15 - 2018-07-14 05:52 - 000506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2018-08-14 21:15 - 2018-07-14 05:51 - 003376640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2018-08-14 21:15 - 2018-07-14 05:51 - 002904576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-08-14 21:15 - 2018-07-14 05:51 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-08-14 21:15 - 2018-07-14 05:51 - 001747968 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2018-08-14 21:15 - 2018-07-14 05:51 - 001304064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2018-08-14 21:15 - 2018-07-14 05:50 - 001773056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2018-08-14 21:15 - 2018-07-14 05:50 - 001457664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-08-14 21:15 - 2018-07-14 05:50 - 001359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
2018-08-14 21:15 - 2018-07-14 05:50 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2018-08-14 21:15 - 2018-07-14 05:50 - 000949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2018-08-14 21:15 - 2018-07-14 05:50 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2018-08-14 21:15 - 2018-07-14 05:50 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2018-08-14 21:15 - 2018-07-14 05:49 - 001069568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2018-08-14 21:15 - 2018-07-14 05:49 - 000884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2018-08-14 21:14 - 2018-08-03 10:39 - 000790304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-08-14 21:14 - 2018-08-03 10:25 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-08-14 21:14 - 2018-08-03 10:25 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-08-14 21:14 - 2018-08-03 10:24 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2018-08-14 21:14 - 2018-08-03 10:24 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2018-08-14 21:14 - 2018-08-03 10:24 - 000046592 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2018-08-14 21:14 - 2018-08-03 10:21 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2018-08-14 21:14 - 2018-08-03 10:21 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-08-14 21:14 - 2018-08-03 10:20 - 000134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2018-08-14 21:14 - 2018-08-03 09:33 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2018-08-14 21:14 - 2018-08-03 09:33 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2018-08-14 21:14 - 2018-08-03 09:32 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2018-08-14 21:14 - 2018-08-03 09:30 - 000099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2018-08-14 21:14 - 2018-08-03 09:29 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-08-14 21:14 - 2018-08-03 07:41 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-08-14 21:14 - 2018-08-03 06:49 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-08-14 21:14 - 2018-08-03 05:47 - 000128920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys
2018-08-14 21:14 - 2018-08-03 05:41 - 000077608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-08-14 21:14 - 2018-08-03 05:41 - 000061736 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvhostsvc.dll
2018-08-14 21:14 - 2018-08-03 05:40 - 001064744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-08-14 21:14 - 2018-08-03 05:40 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2018-08-14 21:14 - 2018-08-03 05:40 - 000228136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ucx01000.sys
2018-08-14 21:14 - 2018-08-03 05:40 - 000136488 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-08-14 21:14 - 2018-08-03 05:40 - 000072800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2018-08-14 21:14 - 2018-08-03 05:39 - 000709824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-08-14 21:14 - 2018-08-03 05:39 - 000170936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-08-14 21:14 - 2018-08-03 05:39 - 000114080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2018-08-14 21:14 - 2018-08-03 05:39 - 000075160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys
2018-08-14 21:14 - 2018-08-03 05:39 - 000031648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhv.sys
2018-08-14 21:14 - 2018-08-03 05:38 - 000885856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-08-14 21:14 - 2018-08-03 05:38 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2018-08-14 21:14 - 2018-08-03 05:38 - 000115640 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2018-08-14 21:14 - 2018-08-03 05:27 - 000061032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2018-08-14 21:14 - 2018-08-03 05:25 - 000568568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-08-14 21:14 - 2018-08-03 05:17 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmgid.sys
2018-08-14 21:14 - 2018-08-03 05:16 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-08-14 21:14 - 2018-08-03 05:16 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2018-08-14 21:14 - 2018-08-03 05:15 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2018-08-14 21:14 - 2018-08-03 05:14 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2018-08-14 21:14 - 2018-08-03 05:14 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-08-14 21:14 - 2018-08-03 05:14 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSAssessment.dll
2018-08-14 21:14 - 2018-08-03 05:13 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2018-08-14 21:14 - 2018-08-03 05:13 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-08-14 21:14 - 2018-08-03 05:12 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2018-08-14 21:14 - 2018-08-03 05:12 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-08-14 21:14 - 2018-08-03 05:12 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2018-08-14 21:14 - 2018-08-03 05:11 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-08-14 21:14 - 2018-08-03 05:10 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2018-08-14 21:14 - 2018-08-03 05:09 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-08-14 21:14 - 2018-08-03 05:08 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-08-14 21:14 - 2018-08-03 05:08 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2018-08-14 21:14 - 2018-08-03 05:08 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-08-14 21:14 - 2018-08-03 05:08 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-08-14 21:14 - 2018-08-03 05:08 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-08-14 21:14 - 2018-08-03 05:07 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-08-14 21:14 - 2018-08-03 05:07 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2018-08-14 21:14 - 2018-08-03 05:07 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-08-14 21:14 - 2018-08-03 05:06 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-08-14 21:14 - 2018-08-03 05:06 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-08-14 21:14 - 2018-08-03 05:05 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2018-08-14 21:14 - 2018-08-03 05:04 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-08-14 21:14 - 2018-08-03 03:54 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2018-08-14 21:14 - 2018-07-15 02:58 - 000094112 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2018-08-14 21:14 - 2018-07-15 02:44 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2018-08-14 21:14 - 2018-07-15 02:41 - 000169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.XamlHost.dll
2018-08-14 21:14 - 2018-07-15 02:41 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2018-08-14 21:14 - 2018-07-15 02:38 - 000615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2018-08-14 21:14 - 2018-07-15 02:36 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2018-08-14 21:14 - 2018-07-15 01:14 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.XamlHost.dll
2018-08-14 21:14 - 2018-07-15 01:13 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2018-08-14 21:14 - 2018-07-15 01:13 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2018-08-14 21:14 - 2018-07-15 01:11 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2018-08-14 21:14 - 2018-07-14 06:37 - 000375712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-08-14 21:14 - 2018-07-14 06:37 - 000230304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2018-08-14 21:14 - 2018-07-14 06:21 - 000192920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2018-08-14 21:14 - 2018-07-14 06:19 - 000636944 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2018-08-14 21:14 - 2018-07-14 06:18 - 000376216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2018-08-14 21:14 - 2018-07-14 05:58 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2018-08-14 21:14 - 2018-07-14 05:58 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2018-08-14 21:14 - 2018-07-14 05:58 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-08-14 21:14 - 2018-07-14 05:57 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2018-08-14 21:14 - 2018-07-14 05:56 - 001703936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Controls.dll
2018-08-14 21:14 - 2018-07-14 05:56 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2018-08-14 21:14 - 2018-07-14 05:56 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2018-08-14 21:14 - 2018-07-14 05:56 - 000257536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2018-08-14 21:14 - 2018-07-14 05:56 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\raschap.dll
2018-08-14 21:14 - 2018-07-14 05:56 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgr.dll
2018-08-14 21:14 - 2018-07-14 05:55 - 001124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
2018-08-14 21:14 - 2018-07-14 05:55 - 000582144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2018-08-14 21:14 - 2018-07-14 05:55 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2018-08-14 21:14 - 2018-07-14 05:55 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2018-08-14 21:14 - 2018-07-14 05:55 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2018-08-14 21:14 - 2018-07-14 05:55 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2018-08-14 21:14 - 2018-07-14 05:55 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2018-08-14 21:14 - 2018-07-14 05:55 - 000205312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreCommonProxyStub.dll
2018-08-14 21:14 - 2018-07-14 05:55 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2018-08-14 21:14 - 2018-07-14 05:55 - 000185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2018-08-14 21:14 - 2018-07-14 05:55 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\datamarketsvc.dll
2018-08-14 21:14 - 2018-07-14 05:55 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2018-08-14 21:14 - 2018-07-14 05:55 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\EASPolicyManagerBrokerHost.exe
2018-08-14 21:14 - 2018-07-14 05:55 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-08-14 21:14 - 2018-07-14 05:54 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2018-08-14 21:14 - 2018-07-14 05:54 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2018-08-14 21:14 - 2018-07-14 05:54 - 000603648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2018-08-14 21:14 - 2018-07-14 05:54 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2018-08-14 21:14 - 2018-07-14 05:54 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2018-08-14 21:14 - 2018-07-14 05:54 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2018-08-14 21:14 - 2018-07-14 05:54 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2018-08-14 21:14 - 2018-07-14 05:54 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2018-08-14 21:14 - 2018-07-14 05:54 - 000262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\PushToInstall.dll
2018-08-14 21:14 - 2018-07-14 05:54 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\raschap.dll
2018-08-14 21:14 - 2018-07-14 05:54 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\EasPolicyManagerBrokerPS.dll
2018-08-14 21:14 - 2018-07-14 05:53 - 000705024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2018-08-14 21:14 - 2018-07-14 05:53 - 000450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreCommonProxyStub.dll
2018-08-14 21:14 - 2018-07-14 05:53 - 000220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2018-08-14 21:14 - 2018-07-14 05:52 - 000972800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2018-08-14 21:14 - 2018-07-14 05:52 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2018-08-14 21:14 - 2018-07-14 05:52 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2018-08-14 21:14 - 2018-07-14 05:51 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2018-08-14 21:14 - 2018-07-14 05:51 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-08-14 21:14 - 2018-07-14 05:50 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-08-14 21:14 - 2018-07-14 05:50 - 000522752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2018-08-14 21:14 - 2018-07-14 05:50 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-08-14 21:14 - 2018-07-13 06:30 - 002718624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-08-08 20:15 - 2018-08-21 05:18 - 000000000 ____D C:\Users\aneta\AppData\Local\CrashDumps
2018-08-08 18:41 - 2018-08-20 20:02 - 000000000 ___RD C:\Users\aneta\iCloudDrive
2018-08-08 18:41 - 2018-08-08 18:41 - 000000000 ____D C:\Users\aneta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iCloud
2018-08-08 18:41 - 2018-08-08 18:41 - 000000000 ____D C:\Users\aneta\AppData\Local\Apple Inc
2018-08-08 18:31 - 2018-08-08 18:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2018-08-08 18:28 - 2018-08-08 20:42 - 000000000 ____D C:\Users\aneta\Desktop\fotky - tisk
2018-08-08 18:28 - 2018-08-08 18:28 - 000000000 ____D C:\WINDOWS\System32\Tasks\Apple
2018-08-08 18:28 - 2018-08-08 18:28 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
2018-08-08 18:17 - 2018-08-08 18:23 - 160398136 _____ (Apple Inc.) C:\Users\aneta\Downloads\iCloudSetup.exe
2018-08-07 11:24 - 2018-08-07 11:21 - 000015360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2018-08-07 11:22 - 2018-08-07 11:21 - 000378072 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2018-07-30 21:07 - 2018-07-30 21:08 - 020013056 _____ C:\Users\aneta\Downloads\Mikroskopická anatomie 10 - Žlázy s vnitřní sekrecí.ppt
2018-07-30 21:01 - 2018-07-30 21:01 - 001520649 _____ C:\Users\aneta\Downloads\Samoléčba gynekologických zánětů.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-08-21 05:18 - 2018-06-23 15:37 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-08-21 05:18 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-08-20 20:03 - 2015-09-02 21:21 - 000000000 ___RD C:\Users\aneta\OneDrive
2018-08-20 20:01 - 2017-10-18 17:54 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-08-20 20:01 - 2015-09-02 21:16 - 000000000 __SHD C:\Users\aneta\IntelGraphicsProfiles
2018-08-20 19:39 - 2018-06-23 16:12 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-08-20 19:39 - 2018-04-12 01:38 - 000000000 ___RD C:\Program Files\Windows Defender
2018-08-20 19:26 - 2018-06-23 16:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-08-20 19:25 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-08-20 17:55 - 2018-04-05 17:16 - 000002500 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2018-08-20 17:55 - 2018-04-05 17:16 - 000002465 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2018-08-20 17:52 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-08-20 17:52 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-08-20 17:42 - 2018-06-23 16:12 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-08-19 14:13 - 2018-06-23 15:54 - 001689050 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-08-19 14:13 - 2018-04-12 17:50 - 000717712 _____ C:\WINDOWS\system32\perfh005.dat
2018-08-19 14:13 - 2018-04-12 17:50 - 000144954 _____ C:\WINDOWS\system32\perfc005.dat
2018-08-19 14:13 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2018-08-19 00:28 - 2017-11-06 21:36 - 000000000 ____D C:\Users\aneta\AppData\Roaming\TS3Client
2018-08-19 00:27 - 2018-06-23 16:12 - 000003400 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-08-19 00:27 - 2018-06-23 16:12 - 000003176 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-08-19 00:27 - 2018-06-23 16:12 - 000002856 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4254045699-3438346022-453864041-1001
2018-08-19 00:27 - 2018-06-23 16:12 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2018-08-18 20:20 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-08-15 18:45 - 2017-12-31 01:37 - 000000000 ___RD C:\Users\aneta\3D Objects
2018-08-15 18:45 - 2015-02-14 11:27 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-08-15 18:43 - 2018-06-23 15:37 - 000332144 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2018-08-14 22:59 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2018-08-14 22:59 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-08-14 22:59 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\UNP
2018-08-14 22:59 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-08-14 22:59 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2018-08-14 22:59 - 2018-04-12 01:38 - 000000000 ___RD C:\WINDOWS\PrintDialog
2018-08-14 22:59 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-08-14 22:59 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2018-08-14 22:59 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-08-14 22:59 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-08-14 22:59 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2018-08-14 21:32 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-08-14 21:13 - 2015-09-13 01:22 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-08-14 21:01 - 2015-09-13 01:22 - 137343192 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-08-13 18:54 - 2018-04-05 17:14 - 000000000 ____D C:\Users\aneta\AppData\Local\AVAST Software
2018-08-12 20:08 - 2018-06-04 21:20 - 000000344 _____ C:\WINDOWS\Tasks\HPCeeScheduleForaneta.job
2018-08-11 19:02 - 2015-09-03 21:06 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-08-11 19:02 - 2015-09-03 21:06 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-08-11 18:26 - 2018-06-23 15:44 - 000002426 _____ C:\Users\aneta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-08-08 18:53 - 2016-06-15 11:14 - 000000000 ____D C:\Users\aneta\AppData\Roaming\Apple Computer
2018-08-08 18:41 - 2018-06-23 15:44 - 000000000 ____D C:\Users\aneta
2018-08-08 18:38 - 2018-04-11 23:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-08-08 18:31 - 2016-06-15 11:14 - 000000000 ____D C:\Users\aneta\AppData\Local\Apple Computer
2018-08-08 18:30 - 2016-06-15 11:10 - 000000000 ____D C:\Program Files\Common Files\Apple
2018-08-08 18:28 - 2016-06-15 11:12 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2018-08-07 12:44 - 2015-09-03 20:35 - 000467064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-08-07 11:22 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-08-07 11:21 - 2017-12-05 15:40 - 000197160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-08-07 11:21 - 2015-09-03 20:35 - 000381584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-08-07 11:21 - 2015-09-03 20:35 - 000211160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-08-07 11:21 - 2015-09-03 20:35 - 000159640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-08-07 11:21 - 2015-09-03 20:35 - 000111872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-08-07 11:21 - 2015-09-03 20:35 - 000085968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-08-07 11:21 - 2015-09-03 20:35 - 000046976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-08-07 11:16 - 2015-09-03 20:35 - 001027728 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-08-07 11:15 - 2018-01-06 15:38 - 000239680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-08-07 11:15 - 2017-02-11 08:27 - 000346664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbloga.sys
2018-08-07 11:15 - 2017-02-11 08:27 - 000229392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2018-08-07 11:15 - 2017-02-11 08:27 - 000201328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2018-08-07 11:15 - 2017-02-11 08:27 - 000059592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2018-08-06 17:19 - 2018-07-11 21:36 - 000836480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-08-06 17:19 - 2018-07-11 21:36 - 000181120 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-08-02 20:49 - 2018-06-23 16:45 - 000000000 ____D C:\ProgramData\Packages
2018-07-30 20:03 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\NDF

==================== Files in the root of some directories =======

2015-09-02 21:19 - 2018-02-23 21:50 - 000000165 _____ () C:\Users\aneta\AppData\Roaming\sp_data.sys

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-06-23 15:37

==================== End of FRST.txt ============================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-4254045699-3438346022-453864041-1001\...\MountPoints2: F - "F:\SETUP.EXE"
HKU\S-1-5-21-4254045699-3438346022-453864041-1001\...\MountPoints2: {a021c577-526f-11e5-8262-acb57dd8a8be} - "F:\SETUP.EXE"
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-02] (Google Inc.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-02] (Google Inc.)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-02] (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-02] (Google Inc.)\GoogleToolbar_64.dll [2016-05-02] (Google Inc.)
C:\Program Files (x86)\Google\Google Toolbar
C:\Program Files (x86)\Microsoft\BingBar
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
ContextMenuHandlers1-x32: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\mcafee\msc\MCCTXM~1.DLL -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\mcafee\msc\MCCTXM~1.DLL -> No File
Task: {088CAB1E-FF12-4F78-82E1-D768DD5CAD03} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {15224158-A805-49EE-A0B7-68866FF71693} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {1AD4D65C-AE99-4A3A-854F-6488CAB655DE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-03] (Google Inc.)
Task: {4BFC36BB-DD92-4847-8176-43378B0EDCB9} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {6E485102-7E6E-409F-8856-5701D879F99A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {72CFEA19-10CC-4846-8F3F-3E7E14F58E73} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {7EF9551C-0D9A-4088-B380-C113A1B2F25E} - \WPD\SqmUpload_S-1-5-21-4254045699-3438346022-453864041-1001 -> No File <==== ATTENTION
Task: {B33FD910-F802-4A8E-9CC7-7D02D149F014} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
AlternateDataStreams: C:\Users\Public\AppData:CSM [466]

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

V PC jsou 2 antivry (Avast a McAfee). Jeden z nich odinstalujte.

[kuba7710]

Fix result of Farbar Recovery Scan Tool (x64) Version: 19.08.2018 02
Ran by aneta (21-08-2018 19:11:04) Run:1
Running from C:\Users\aneta\Desktop
Loaded Profiles: aneta (Available Profiles: aneta)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-4254045699-3438346022-453864041-1001\...\MountPoints2: F - "F:\SETUP.EXE"
HKU\S-1-5-21-4254045699-3438346022-453864041-1001\...\MountPoints2: {a021c577-526f-11e5-8262-acb57dd8a8be} - "F:\SETUP.EXE"
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-02] (Google Inc.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-02] (Google Inc.)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-02] (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-02] (Google Inc.)\GoogleToolbar_64.dll [2016-05-02] (Google Inc.)
C:\Program Files (x86)\Google\Google Toolbar
C:\Program Files (x86)\Microsoft\BingBar
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
ContextMenuHandlers1-x32: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\mcafee\msc\MCCTXM~1.DLL -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\mcafee\msc\MCCTXM~1.DLL -> No File
Task: {088CAB1E-FF12-4F78-82E1-D768DD5CAD03} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {15224158-A805-49EE-A0B7-68866FF71693} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {1AD4D65C-AE99-4A3A-854F-6488CAB655DE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-03] (Google Inc.)
Task: {4BFC36BB-DD92-4847-8176-43378B0EDCB9} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {6E485102-7E6E-409F-8856-5701D879F99A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {72CFEA19-10CC-4846-8F3F-3E7E14F58E73} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {7EF9551C-0D9A-4088-B380-C113A1B2F25E} - \WPD\SqmUpload_S-1-5-21-4254045699-3438346022-453864041-1001 -> No File <==== ATTENTION
Task: {B33FD910-F802-4A8E-9CC7-7D02D149F014} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
AlternateDataStreams: C:\Users\Public\AppData:CSM [466]

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
"HKU\S-1-5-21-4254045699-3438346022-453864041-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F" => removed successfully
"HKU\S-1-5-21-4254045699-3438346022-453864041-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a021c577-526f-11e5-8262-acb57dd8a8be}" => removed successfully
HKLM\Software\Classes\CLSID\{a021c577-526f-11e5-8262-acb57dd8a8be} => not found
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => removed successfully
"HKLM\Software\Classes\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => removed successfully
"HKLM\Software\Wow6432Node\Classes\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}" => removed successfully
"HKLM\Software\Wow6432Node\Classes\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => removed successfully
"HKLM\Software\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{8dcb7100-df86-4384-8842-8fa844297b3f}" => removed successfully
"HKLM\Software\Wow6432Node\Classes\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => removed successfully
"HKLM\Software\Wow6432Node\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => removed successfully
C:\Program Files (x86)\Google\Google Toolbar => moved successfully
C:\Program Files (x86)\Microsoft\BingBar => moved successfully
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\McCtxMenuFrmWrk" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => not found
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui" => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\McCtxMenuFrmWrk" => removed successfully
"HKLM\Software\Classes\CLSID\{CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{088CAB1E-FF12-4F78-82E1-D768DD5CAD03}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{088CAB1E-FF12-4F78-82E1-D768DD5CAD03}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{15224158-A805-49EE-A0B7-68866FF71693}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{15224158-A805-49EE-A0B7-68866FF71693}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1AD4D65C-AE99-4A3A-854F-6488CAB655DE}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1AD4D65C-AE99-4A3A-854F-6488CAB655DE}" => removed successfully
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4BFC36BB-DD92-4847-8176-43378B0EDCB9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4BFC36BB-DD92-4847-8176-43378B0EDCB9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6E485102-7E6E-409F-8856-5701D879F99A}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6E485102-7E6E-409F-8856-5701D879F99A}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{72CFEA19-10CC-4846-8F3F-3E7E14F58E73}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{72CFEA19-10CC-4846-8F3F-3E7E14F58E73}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7EF9551C-0D9A-4088-B380-C113A1B2F25E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7EF9551C-0D9A-4088-B380-C113A1B2F25E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-4254045699-3438346022-453864041-1001" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B33FD910-F802-4A8E-9CC7-7D02D149F014}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B33FD910-F802-4A8E-9CC7-7D02D149F014}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
C:\Users\Public\AppData => ":CSM" ADS removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 9199616 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 66095764 B
Java, Flash, Steam htmlcache => 2009 B
Windows/system/drivers => 1252374 B
Edge => 61722819 B
Chrome => 858033714 B
Firefox => 5258848 B
Opera => 93819645 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 11038 B
LocalService => 0 B
NetworkService => 8874 B
NetworkService => 0 B
aneta => 227748661 B

RecycleBin => 112 B
EmptyTemp: => 1.2 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:13:42 ====

[Rudy]

Snazáno. Nastala nějaká změna?

[kuba7710]

Počítač je o poznání svižnější. Můžu ještě udělat nějaké kroky pro jeho další zrychlení?

[Rudy]

Např. defragmentovat disk.

[kuba7710]

Moc děkuji za pomoc. Přeji hezký večer.

[Rudy]

Hezký den i vám a nemáte zač!