Zpomalený notebook

Zpráva

Gwenardell · #1 Příspěvek od **Gwenardell** » 07 črc 2019 10:27

Prosím o pomoc s notebookem, který je poslední dobou extrémně zpomalený, jde to poznat hlavně v prohlížeči.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 3-07-2019
Ran by helen (administrator) on LAPTOP-S2PCB5HK (LENOVO 80JV) (07-07-2019 11:15:04)
Running from C:\Users\helen\Desktop
Loaded Profiles: helen (Available Profiles: helen)
Platform: Windows 10 Home Version 1803 17134.829 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.XboxApp_48.54.25001.0_x64__8wekyb3d8bbwe\XboxApp.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterImportAgent.exe
(DEVGURU CO LTD -> DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(Fortemedia Inc. -> ) C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Intel(R) Biometric and Context Agent -> Intel(R) Corporation) C:\Program Files\Intel\BCA\pabeSvc64.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel® Trusted Connect Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(LENOVO -> Lenovo(beijing) Limited) C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\SDXHelper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\helen\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11905.1001.4.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Seznam.cz, a.s. -> ) C:\Users\helen\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Seznam.cz, a.s. -> ) C:\Users\helen\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16412920 2016-06-24] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1415928 2016-06-24] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1415928 2016-06-24] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1415928 2016-06-24] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-07-27] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [Bluetooth] => C:\Program Files\Lenovo\Bluetooth Software\bttray.exe [535808 2015-07-08] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [262024 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [LenovoUtility] => C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe [911272 2017-07-27] (LENOVO -> Lenovo(beijing) Limited)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] (Seznam.cz, a.s. -> )
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-31940000-418457942-2495688642-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\helen\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-31940000-418457942-2495688642-1001\...\Run: [PhotoMasterImportAgent] => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterImportAgent.exe [675608 2016-09-22] (CyberLink Corp. -> CyberLink Corp.)
HKU\S-1-5-21-31940000-418457942-2495688642-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\helen\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-31940000-418457942-2495688642-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\helen\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-31940000-418457942-2495688642-1001\...\RunOnce: [Uninstall 19.086.0502.0006\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\helen\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\amd64"
HKU\S-1-5-21-31940000-418457942-2495688642-1001\...\RunOnce: [Uninstall 19.086.0502.0006] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\helen\AppData\Local\Microsoft\OneDrive\19.086.0502.0006"
HKU\S-1-5-21-31940000-418457942-2495688642-1001\...\MountPoints2: {a027a701-095f-11e9-9c70-acd1b8e0ece4} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-31940000-418457942-2495688642-1001\...\MountPoints2: {db602746-20fd-11e9-9c73-acd1b8e0ece4} - "E:\HiSuiteDownLoader.exe"
HKLM\Software\...\AppCompatFlags\Custom\Heroes3.exe: [{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}.sdb] -> GOG.com Heroes of Might and Magic 3
HKLM\Software\...\AppCompatFlags\InstalledSDB\{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}: [DatabasePath] -> C:\WINDOWS\AppPatch\Custom\{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}.sdb
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.100\Installer\chrmstp.exe [2019-06-21] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\75.0.1447.80\Installer\chrmstp.exe [2019-06-30] (AVAST Software s.r.o. -> AVAST Software)
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\Lenovo\Bluetooth Software\\BtwCP.dll [2015-07-08] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{B7724AE5-1135-4889-8A5F-CA98BE6CA1ED}] -> C:\Program Files\TrueKey\McAfee.TrueKey.CredentialProvider.dll [2016-07-22] (McAfee, Inc. -> McAfee, Inc.)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1031F5BB-2AC8-4108-B354-D626F2A01DCA} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe [676176 2016-05-18] (LENOVO -> Lenovo)
Task: {1A874086-5735-4C9B-8130-7A758BA462F6} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26804232 2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {1F17FBA4-FFEA-4B50-AB50-06CEFDF68DCB} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {20EBABF8-D8F1-4EE6-87A5-5E9709401047} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_207_Plugin.exe [1457208 2019-06-12] (Adobe Inc. -> Adobe)
Task: {255CB322-11A5-4967-A7E9-A6DC82D138D1} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1504376 2019-07-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {272873C5-2E6F-41D5-91DC-3593E17A4E16} - System32\Tasks\CyberLink\Photo Master Gadget startup => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe [745240 2016-09-22] (CyberLink Corp. -> CyberLink Corp.)
Task: {274A019A-18D7-4741-B901-F0E24B450513} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe
Task: {2CB43A2A-435A-483D-8A48-95B8F45B1850} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {2D5B8379-B425-4C19-91BF-C66793725C26} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4544064 2019-07-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {2DBF3B5C-B78D-44FC-9A4F-E3C535CB1082} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1448296 2019-07-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {48538956-473E-4C00-A79F-91631A45A592} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\59759eaa-f9c8-478e-9c43-1b037ab743d2 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [76968 2019-04-24] (Lenovo -> Lenovo Group Ltd.)
Task: {49843303-D0C0-479A-B483-8D576ADC99B1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {4D71E0A9-DFC1-4998-BA05-BD88CD55AC1A} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {4F5564CC-664E-4243-9A91-D09C2A67703C} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2934152 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
Task: {55EB75EC-DCFF-4247-8126-3A025CEBF3CD} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\c62bf3e9-469c-4032-b8f3-f4a4e0c23a46 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [76968 2019-04-24] (Lenovo -> Lenovo Group Ltd.)
Task: {59CCBB61-3A58-431B-98BB-5996D63A3C45} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [287688 2016-06-24] (LENOVO -> Lenovo)
Task: {5FF7CC3C-4E23-449E-87F3-7033E88FF385} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1448296 2019-07-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {65DEA2C4-0657-4CA1-9223-F25B84CFB683} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2281944 2019-06-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {8219AB6D-5798-4AB9-AF2E-7BD0C5805B54} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1815792 2019-06-12] (AVAST Software s.r.o. -> AVAST Software)
Task: {824E61D1-6C36-43F4-ACE2-3DD50D54F81A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26804232 2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {8691357B-93C1-4554-9C90-4593639C0EE6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-03-19] (Google Inc -> Google Inc.)
Task: {8C97DDB3-E245-4016-B008-FF9A0529A6EF} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-09] (AVAST Software s.r.o. -> AVAST Software)
Task: {94E6E880-9DCB-4D94-B1D6-4DC27E5CC091} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => %windir%\system32\sc.exe START ImControllerService
Task: {96A4E098-562E-4E57-B6D9-B17DC98C043F} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [54440 2019-04-24] (Lenovo -> Lenovo Group Ltd.)
Task: {990C989F-E7B3-4FB3-B00E-F510A853CA90} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [113200 2019-07-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {9F73A902-57D6-4659-BB8D-643C556A46B1} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [16832 2015-07-08] (LENOVO -> Lenovo)
Task: {A3821E52-1F98-4A56-AB94-B8CDDEAECC33} - System32\Tasks\Lenovo\SHPrompt => C:\Program Files (x86)\Lenovo\SHAREit\ShareitPrompt.exe [829344 2015-07-13] (LENOVO -> )
Task: {A8DCA070-90E8-4CB3-A0AD-05E12EC64A57} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\5867125e-8b77-40f2-ae8d-60999802149e => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [76968 2019-04-24] (Lenovo -> Lenovo Group Ltd.)
Task: {AA1AA359-1D68-4DF1-8795-872E3D998AEF} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1815792 2019-06-12] (AVAST Software s.r.o. -> AVAST Software)
Task: {AC842410-F378-476D-86B6-3ADE5DE1F1B7} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-09] (AVAST Software s.r.o. -> AVAST Software)
Task: {AD7D1577-65D5-4A61-BC00-0F57D9B2FD08} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-03-19] (Google Inc -> Google Inc.)
Task: {B296730E-6216-4554-AAB7-C07A1B6F223C} - System32\Tasks\{1B2DA86E-7160-40E5-B184-74CCA60EF23E} => C:\WINDOWS\system32\pcalua.exe -a "C:\Users\helen\Downloads\allinon1 - 3.58f\wog358f\Install.exe" -d "C:\Users\helen\Downloads\allinon1 - 3.58f\wog358f"
Task: {BF7CDD4C-1FE6-4194-B65D-56CC910FED86} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-06-12] (Adobe Inc. -> Adobe)
Task: {C231E787-0829-4DE0-B380-9E0D24C624DB} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [113200 2019-07-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {E6FC7663-C77E-4992-B9B7-2EA06BFCAA6A} - System32\Tasks\Lenovo\SHUpdate => C:\Program Files (x86)\Lenovo\SHAREit\ShareitUpdater.exe [808352 2015-07-13] (LENOVO -> )
Task: {E8D15056-2900-4ECD-98CD-0597DE97712E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4544064 2019-07-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {EF330285-DBD0-4644-9324-DA2543B87945} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe [676176 2016-05-18] (LENOVO -> Lenovo)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 176.74.128.10 176.74.128.11
Tcpip\..\Interfaces\{4dd19970-c1e3-4507-8169-91ee19f3688d}: [DhcpNameServer] 176.74.128.10 176.74.128.11

Internet Explorer:
==================
HKU\S-1-5-21-31940000-418457942-2495688642-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=28314
HKU\S-1-5-21-31940000-418457942-2495688642-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-31940000-418457942-2495688642-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKU\S-1-5-21-31940000-418457942-2495688642-1001 -> {0F8567B1-FA53-4600-8203-68880F2697E8} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_28314
SearchScopes: HKU\S-1-5-21-31940000-418457942-2495688642-1001 -> {120C2082-DEEF-477B-BB1F-D10FF81C7CDC} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_28314
SearchScopes: HKU\S-1-5-21-31940000-418457942-2495688642-1001 -> {5C5E67D6-A38D-4229-A1AC-E4DEE6D1F989} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_28314
SearchScopes: HKU\S-1-5-21-31940000-418457942-2495688642-1001 -> {6A331565-8D53-4022-81D9-FB9EFBDC58DE} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_28314
SearchScopes: HKU\S-1-5-21-31940000-418457942-2495688642-1001 -> {7F401C83-45B4-4F2B-856F-C5727D9DD7ED} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_28314
SearchScopes: HKU\S-1-5-21-31940000-418457942-2495688642-1001 -> {AEF852C1-21F2-41BF-B89A-0528A934D187} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_28314
SearchScopes: HKU\S-1-5-21-31940000-418457942-2495688642-1001 -> {B2518FA9-3ED0-4BFB-8459-63A58D2F34DB} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_28314
SearchScopes: HKU\S-1-5-21-31940000-418457942-2495688642-1001 -> {BE6EE522-B49B-4E68-898B-82984AD5B3EE} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_28314
SearchScopes: HKU\S-1-5-21-31940000-418457942-2495688642-1001 -> {C068B513-AB32-4F64-B138-96263DD078D2} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_28314
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-07-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-07-15] (Intel(R) Security True Key -> Intel Security)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-07-15] (Intel(R) Security True Key -> Intel Security)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-06] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: hkkqchdr.default
FF ProfilePath: C:\Users\helen\AppData\Roaming\Mozilla\Firefox\Profiles\hkkqchdr.default [2019-07-07]
FF Extension: (Firefox Hotfix) - C:\Users\helen\AppData\Roaming\Mozilla\Firefox\Profiles\hkkqchdr.default\Extensions\firefox-hotfix@mozilla.org.xpi [2017-03-10] [Legacy]
FF Extension: (Seznam pro Firefox - Esko) - C:\Users\helen\AppData\Roaming\Mozilla\Firefox\Profiles\hkkqchdr.default\Extensions\sko-extension@firma.seznam.cz.xpi [2017-11-29]
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\helen\AppData\Roaming\Mozilla\Firefox\Profiles\hkkqchdr.default\Extensions\sp@avast.com.xpi [2019-06-06]
FF Extension: (Avast Online Security) - C:\Users\helen\AppData\Roaming\Mozilla\Firefox\Profiles\hkkqchdr.default\Extensions\wrc@avast.com.xpi [2019-06-08]
FF Extension: (No Name) - C:\Users\helen\AppData\Roaming\Mozilla\Firefox\Profiles\hkkqchdr.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-04-20]
FF Extension: (Seznam pro Firefox - Email) - C:\Users\helen\AppData\Roaming\Mozilla\Firefox\Profiles\hkkqchdr.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2017-10-31]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_207.dll [2019-06-12] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_207.dll [2019-06-12] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR NewTab: Default -> Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR Profile: C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default [2019-04-29]
CHR Extension: (Slides) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-15]
CHR Extension: (Docs) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-15]
CHR Extension: (Google Drive) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-19]
CHR Extension: (Seznam doplněk - Email) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2019-03-15]
CHR Extension: (Seznam doplněk - Esko-) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2019-03-15]
CHR Extension: (YouTube) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-19]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-03-15]
CHR Extension: (Sheets) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-15]
CHR Extension: (Google Docs Offline) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-02-22]
CHR Extension: (Avast Online Security) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-03-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-11-13]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2019-03-15]
CHR Extension: (Gmail) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-19]
CHR Extension: (Chrome Media Router) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-16]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6844776 2019-05-29] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-09] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [409224 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-09] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\75.0.1447.80\elevation_service.exe [978720 2019-06-12] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [980224 2015-07-08] (Broadcom Corporation -> Broadcom Corporation.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11413600 2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373736 2017-05-02] (Intel(R) pGFX -> Intel Corporation)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [76968 2019-04-24] (Lenovo -> Lenovo Group Ltd.)
R3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
R2 IntelBCAsvc; C:\Program Files\Intel\BCA\pabeSvc64.exe [3026584 2016-05-06] (Intel(R) Biometric and Context Agent -> Intel(R) Corporation)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223008 2015-06-24] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.599\McCHSvc.exe [404376 2017-09-05] (McAfee, Inc. -> McAfee, Inc.)
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-03] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [267360 2017-01-23] (Synaptics Incorporated -> Synaptics Incorporated)
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [908256 2016-07-22] (McAfee, Inc. -> McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [15736 2016-07-22] (McAfee, Inc. -> McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2016-07-22] (McAfee, Inc. -> McAfee, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4413440 2019-03-14] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107160 2019-02-16] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-04-26] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37104 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [207448 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [262496 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [205848 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [61472 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-07] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [279120 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [168104 2019-06-20] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112312 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [87944 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1030784 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [477584 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [225600 2019-06-18] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [385880 2019-05-30] (AVAST Software s.r.o. -> AVAST Software)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 iaLPSS_GPIO; C:\WINDOWS\System32\drivers\iaLPSS_GPIO.sys [46856 2015-06-15] (Intel Corporation - Client Components Group -> Intel Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek Semiconductor Corp -> Realtek )
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3049176 2015-05-29] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [72800 2017-01-23] (Synaptics Incorporated -> Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-07 11:15 - 2019-07-07 11:17 - 000040166 _____ C:\Users\helen\Desktop\FRST.txt
2019-07-07 11:12 - 2019-07-07 11:12 - 002420224 _____ (Farbar) C:\Users\helen\Desktop\FRST64.exe
2019-07-07 11:05 - 2019-07-07 11:05 - 000000000 ___HD C:\$SysReset
2019-07-01 19:26 - 2019-07-01 19:26 - 000002566 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-07-01 19:26 - 2019-07-01 19:26 - 000002560 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-07-01 19:26 - 2019-07-01 19:26 - 000002537 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-07-01 19:26 - 2019-07-01 19:26 - 000002532 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-07-01 19:26 - 2019-07-01 19:26 - 000002525 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype pro firmy.lnk
2019-07-01 19:26 - 2019-07-01 19:26 - 000002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-07-01 19:26 - 2019-07-01 19:26 - 000002458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-07-01 19:26 - 2019-07-01 19:26 - 000002454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-07-01 19:26 - 2019-07-01 19:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2019-06-25 05:36 - 2019-06-25 06:01 - 467424252 _____ C:\Users\helen\Downloads\Downton Abbey s05e08.avi
2019-06-24 06:42 - 2019-06-24 06:59 - 323032842 _____ C:\Users\helen\Downloads\Downton Abbey s05e07.avi
2019-06-23 19:08 - 2019-06-23 19:11 - 000544256 _____ C:\Users\helen\Desktop\poster_Telc_2019.pdf
2019-06-23 18:58 - 2019-06-23 19:11 - 001981335 _____ C:\Users\helen\Downloads\poster_Telc_2019.pptx
2019-06-23 15:39 - 2019-06-23 15:57 - 328992170 _____ C:\Users\helen\Downloads\Downton Abbey s05e06.avi
2019-06-23 09:39 - 2019-06-23 09:57 - 321699118 _____ C:\Users\helen\Downloads\Downton-Abbey-S05E05.AVI.avi
2019-06-23 09:38 - 2019-06-23 09:38 - 000000000 ____D C:\ProgramData\TrueKey
2019-06-22 20:13 - 2019-06-22 20:30 - 304336877 _____ C:\Users\helen\Downloads\Downton.Abbey.s05e04.hdtv.x264-fov.mp4
2019-06-21 16:33 - 2019-06-21 16:49 - 283283320 _____ C:\Users\helen\Downloads\Downton.Abbey.s05e03.hdtv.x264-fov.avi
2019-06-20 23:32 - 2019-06-20 23:47 - 280919304 _____ C:\Users\helen\Downloads\Downton.Abbey.S05E02.HDTV.x264-RiVER.mp4
2019-06-20 20:52 - 2019-06-20 21:14 - 386141142 _____ C:\Users\helen\Downloads\Downton.Abbey.S05E01.HDTV.x264-TLA.mp4
2019-06-20 06:37 - 2019-06-20 07:11 - 631603954 _____ C:\Users\helen\Downloads\Downton-Abbey-S04E09a10.avi.part
2019-06-20 06:37 - 2019-06-20 06:37 - 000000000 _____ C:\Users\helen\Downloads\Downton-Abbey-S04E09a10.avi
2019-06-19 17:28 - 2019-06-19 17:40 - 220658874 _____ C:\Users\helen\Downloads\Downton.Abbey.S04E08.mkv
2019-06-19 08:10 - 2019-06-19 08:19 - 168583481 _____ C:\Users\helen\Downloads\Downton.Abbey.S04E07.mkv.part
2019-06-19 08:10 - 2019-06-19 08:10 - 000000000 _____ C:\Users\helen\Downloads\Downton.Abbey.S04E07.mkv
2019-06-19 07:21 - 2019-06-19 07:30 - 168666517 _____ C:\Users\helen\Downloads\Downton.Abbey.S04E06.mkv.part
2019-06-19 07:21 - 2019-06-19 07:21 - 000000000 _____ C:\Users\helen\Downloads\Downton.Abbey.S04E06.mkv
2019-06-18 19:28 - 2019-07-02 19:18 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-06-18 17:43 - 2019-06-18 17:43 - 000001521 _____ C:\Users\helen\AppData\Local\recently-used.xbel
2019-06-18 07:29 - 2019-06-18 07:39 - 173410519 _____ C:\Users\helen\Downloads\Downton.Abbey.S04E05.mkv.part
2019-06-18 07:29 - 2019-06-18 07:29 - 000000000 _____ C:\Users\helen\Downloads\Downton.Abbey.S04E05.mkv
2019-06-16 15:39 - 2019-06-16 15:39 - 000174001 _____ C:\Users\helen\Downloads\Downton.Abbey.S03E08.mkv
2019-06-14 18:54 - 2019-06-16 17:46 - 170189646 _____ C:\Users\helen\Downloads\Downton.Abbey.S04E04.mkv.part
2019-06-14 18:54 - 2019-06-16 17:36 - 000000000 _____ C:\Users\helen\Downloads\Downton.Abbey.S04E04.mkv
2019-06-14 17:51 - 2019-06-14 18:02 - 168682266 _____ C:\Users\helen\Downloads\Downton.Abbey.S04E03.mkv
2019-06-14 17:38 - 2019-06-14 17:47 - 168727017 _____ C:\Users\helen\Downloads\Downton.Abbey.S04E02.mkv
2019-06-14 17:11 - 2019-06-14 17:24 - 209766205 _____ C:\Users\helen\Downloads\Downton.Abbey.S04E01.mkv
2019-06-14 15:49 - 2019-06-14 16:09 - 366879028 _____ C:\Users\helen\Downloads\Downton.Abbey.S03E09.christmas.special.mkv
2019-06-13 07:31 - 2019-06-13 07:40 - 168633281 _____ C:\Users\helen\Downloads\Downton.Abbey.S03E07.mkv.part
2019-06-13 07:31 - 2019-06-13 07:31 - 000000000 _____ C:\Users\helen\Downloads\Downton.Abbey.S03E07.mkv
2019-06-12 23:43 - 2019-06-12 23:52 - 168401652 _____ C:\Users\helen\Downloads\Downton.Abbey.S03E06.mkv.part
2019-06-12 23:43 - 2019-06-12 23:43 - 000000000 _____ C:\Users\helen\Downloads\Downton.Abbey.S03E06.mkv
2019-06-12 23:00 - 2019-06-12 23:10 - 168478504 _____ C:\Users\helen\Downloads\Downton.Abbey.S03E05.mkv.part
2019-06-12 23:00 - 2019-06-12 23:00 - 000000000 _____ C:\Users\helen\Downloads\Downton.Abbey.S03E05.mkv
2019-06-12 21:44 - 2019-06-07 13:04 - 021388752 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-06-12 21:44 - 2019-06-07 13:04 - 001633136 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-06-12 21:44 - 2019-06-07 12:48 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-06-12 21:44 - 2019-06-07 12:47 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-06-12 21:44 - 2019-06-07 12:45 - 012756480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-06-12 21:44 - 2019-06-07 12:42 - 003613696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-06-12 21:44 - 2019-06-07 12:40 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-06-12 21:44 - 2019-06-07 12:40 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-06-12 21:44 - 2019-06-07 12:23 - 001453920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-06-12 21:44 - 2019-06-07 12:19 - 020383832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-06-12 21:44 - 2019-06-07 12:07 - 011942400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-06-12 21:44 - 2019-06-07 12:04 - 004056064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-06-12 21:44 - 2019-06-07 12:04 - 002881536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-06-12 21:44 - 2019-06-07 12:04 - 001471488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-06-12 21:44 - 2019-06-07 08:07 - 000707384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-06-12 21:44 - 2019-06-07 08:01 - 001035040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-06-12 21:44 - 2019-06-07 07:58 - 001220112 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-06-12 21:44 - 2019-06-07 07:58 - 001027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-06-12 21:44 - 2019-06-07 07:58 - 000422416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll
2019-06-12 21:44 - 2019-06-07 07:57 - 007519896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-06-12 21:44 - 2019-06-07 07:57 - 007436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-06-12 21:44 - 2019-06-07 07:57 - 002811192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-06-12 21:44 - 2019-06-07 07:57 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-06-12 21:44 - 2019-06-07 07:57 - 001934808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-06-12 21:44 - 2019-06-07 07:57 - 001209696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-06-12 21:44 - 2019-06-07 07:57 - 000792888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-06-12 21:44 - 2019-06-07 07:57 - 000709728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-06-12 21:44 - 2019-06-07 07:57 - 000594024 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-06-12 21:44 - 2019-06-07 07:57 - 000435000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-06-12 21:44 - 2019-06-07 07:57 - 000413720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2019-06-12 21:44 - 2019-06-07 07:57 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-06-12 21:44 - 2019-06-07 07:57 - 000383504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-06-12 21:44 - 2019-06-07 07:57 - 000170296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-06-12 21:44 - 2019-06-07 07:57 - 000148280 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2019-06-12 21:44 - 2019-06-07 07:57 - 000137448 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2019-06-12 21:44 - 2019-06-07 07:56 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-06-12 21:44 - 2019-06-07 07:46 - 006569344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-06-12 21:44 - 2019-06-07 07:46 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-06-12 21:44 - 2019-06-07 07:46 - 001805656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-06-12 21:44 - 2019-06-07 07:46 - 001011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-06-12 21:44 - 2019-06-07 07:46 - 000357072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2019-06-12 21:44 - 2019-06-07 07:38 - 025857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-06-12 21:44 - 2019-06-07 07:37 - 022019584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-06-12 21:44 - 2019-06-07 07:31 - 019372544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-06-12 21:44 - 2019-06-07 07:27 - 022718976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-06-12 21:44 - 2019-06-07 07:24 - 005784064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-06-12 21:44 - 2019-06-07 07:24 - 003400704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-06-12 21:44 - 2019-06-07 07:22 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-06-12 21:44 - 2019-06-07 07:22 - 003710976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-06-12 21:44 - 2019-06-07 07:22 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
2019-06-12 21:44 - 2019-06-07 07:21 - 007588864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-06-12 21:44 - 2019-06-07 07:21 - 004866048 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-06-12 21:44 - 2019-06-07 07:21 - 001778688 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-06-12 21:44 - 2019-06-07 07:21 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-06-12 21:44 - 2019-06-07 07:21 - 000473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-06-12 21:44 - 2019-06-07 07:21 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-06-12 21:44 - 2019-06-07 07:20 - 002610688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-06-12 21:44 - 2019-06-07 07:20 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-06-12 21:44 - 2019-06-07 07:20 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-06-12 21:44 - 2019-06-07 07:19 - 003212288 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-06-12 21:44 - 2019-06-07 07:19 - 002175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-06-12 21:44 - 2019-06-07 07:19 - 001560576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-06-12 21:44 - 2019-06-07 07:19 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-06-12 21:44 - 2019-06-07 07:18 - 002166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-06-12 21:44 - 2019-06-07 07:18 - 000686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-06-12 21:44 - 2019-06-07 07:18 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-06-12 21:44 - 2019-06-07 07:17 - 001920000 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-06-12 21:44 - 2019-06-07 07:17 - 000961024 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-06-12 21:44 - 2019-06-07 07:17 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-06-12 21:44 - 2019-06-07 07:16 - 001102336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-06-12 21:44 - 2019-06-07 07:16 - 000900096 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-06-12 21:44 - 2019-06-07 07:16 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-06-12 21:44 - 2019-05-19 00:12 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-06-12 21:44 - 2019-05-17 14:40 - 002394960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2019-06-12 21:44 - 2019-05-17 14:40 - 000280888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2019-06-12 21:44 - 2019-05-17 14:27 - 006586880 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-06-12 21:44 - 2019-05-17 14:26 - 004393984 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-06-12 21:44 - 2019-05-17 14:25 - 004718080 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-06-12 21:44 - 2019-05-17 14:25 - 004491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2019-06-12 21:44 - 2019-05-17 14:21 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2019-06-12 21:44 - 2019-05-17 14:00 - 005658112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-06-12 21:44 - 2019-05-17 13:58 - 003397632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2019-06-12 21:44 - 2019-05-17 10:52 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-06-12 21:44 - 2019-05-17 09:07 - 000105272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2019-06-12 21:44 - 2019-05-17 08:44 - 000550520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2019-06-12 21:44 - 2019-05-17 08:42 - 005625160 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-06-12 21:44 - 2019-05-17 08:42 - 004789944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-06-12 21:44 - 2019-05-17 08:42 - 002256560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-06-12 21:44 - 2019-05-17 08:42 - 001989552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-06-12 21:44 - 2019-05-17 08:42 - 001980256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-06-12 21:44 - 2019-05-17 08:42 - 001620264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-06-12 21:44 - 2019-05-17 08:42 - 001380096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2019-06-12 21:44 - 2019-05-17 08:42 - 000125504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2019-06-12 21:44 - 2019-05-17 08:30 - 013878784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-06-12 21:44 - 2019-05-17 08:26 - 002969600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-06-12 21:44 - 2019-05-17 08:23 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2019-06-12 21:44 - 2019-05-17 08:21 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2019-06-12 21:44 - 2019-05-17 08:19 - 004515840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-06-12 21:44 - 2019-05-17 08:19 - 001630720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-06-12 21:44 - 2019-05-17 08:19 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2019-06-12 21:44 - 2019-05-17 08:18 - 002796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2019-06-12 21:44 - 2019-05-17 08:08 - 000723432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-06-12 21:44 - 2019-05-17 08:08 - 000491200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-06-12 21:44 - 2019-05-17 08:08 - 000401328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2019-06-12 21:44 - 2019-05-17 08:07 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-06-12 21:44 - 2019-05-17 08:07 - 002768960 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-06-12 21:44 - 2019-05-17 08:07 - 002571640 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-06-12 21:44 - 2019-05-17 08:07 - 002467320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-06-12 21:44 - 2019-05-17 08:07 - 001459120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-06-12 21:44 - 2019-05-17 08:07 - 001288712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-06-12 21:44 - 2019-05-17 08:07 - 001260272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-06-12 21:44 - 2019-05-17 08:06 - 001943136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-06-12 21:44 - 2019-05-17 08:06 - 001784696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-06-12 21:44 - 2019-05-17 08:06 - 000151888 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2019-06-12 21:44 - 2019-05-17 08:04 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-06-12 21:44 - 2019-05-17 07:44 - 016597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-06-12 21:44 - 2019-05-17 07:38 - 004709376 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-06-12 21:44 - 2019-05-17 07:37 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-06-12 21:44 - 2019-05-17 07:35 - 000362496 _____ (Microsoft Corporation) C:\WINDOWS\system32\esentutl.exe
2019-06-12 21:44 - 2019-05-17 07:34 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2019-06-12 21:44 - 2019-05-17 07:34 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-06-12 21:44 - 2019-05-17 07:34 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2019-06-12 21:44 - 2019-05-17 07:34 - 000047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll
2019-06-12 21:44 - 2019-05-17 07:33 - 003091456 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-06-12 21:44 - 2019-05-17 07:33 - 002912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-06-12 21:44 - 2019-05-17 07:33 - 002370560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-06-12 21:44 - 2019-05-17 07:33 - 001487360 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2019-06-12 21:44 - 2019-05-17 07:33 - 000787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2019-06-12 21:44 - 2019-05-17 07:31 - 004937216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-06-12 21:44 - 2019-05-17 07:31 - 003376640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2019-06-12 21:44 - 2019-05-17 07:31 - 003293184 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2019-06-12 21:44 - 2019-05-17 07:31 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-06-12 21:44 - 2019-05-17 07:31 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-06-12 21:44 - 2019-05-17 07:31 - 001383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-06-12 21:44 - 2019-05-17 07:31 - 001215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-06-12 21:44 - 2019-05-17 07:31 - 001211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2019-06-12 21:44 - 2019-05-17 07:31 - 001027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2019-06-12 21:44 - 2019-05-17 07:31 - 000620032 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-06-12 21:44 - 2019-05-17 07:30 - 000917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2019-06-12 21:44 - 2019-05-17 07:30 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-06-12 21:44 - 2019-05-17 07:30 - 000276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2019-06-12 21:43 - 2019-06-07 12:41 - 004055552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-06-12 21:43 - 2019-06-07 12:10 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-06-12 21:43 - 2019-06-07 07:58 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-06-12 21:43 - 2019-06-07 07:58 - 000135176 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-06-12 21:43 - 2019-06-07 07:58 - 000076304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-06-12 21:43 - 2019-06-07 07:57 - 000494304 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-06-12 21:43 - 2019-06-07 07:56 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-06-12 21:43 - 2019-06-07 07:47 - 000380432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-06-12 21:43 - 2019-06-07 07:47 - 000097272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2019-06-12 21:43 - 2019-06-07 07:46 - 000581048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-06-12 21:43 - 2019-06-07 07:46 - 000128792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2019-06-12 21:43 - 2019-06-07 07:24 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-06-12 21:43 - 2019-06-07 07:23 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-06-12 21:43 - 2019-06-07 07:23 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-06-12 21:43 - 2019-06-07 07:23 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-06-12 21:43 - 2019-06-07 07:22 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-06-12 21:43 - 2019-06-07 07:22 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2019-06-12 21:43 - 2019-06-07 07:20 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-06-12 21:43 - 2019-06-07 07:19 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-06-12 21:43 - 2019-06-07 07:19 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll
2019-06-12 21:43 - 2019-06-07 07:16 - 000478720 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2019-06-12 21:43 - 2019-06-07 06:00 - 000001308 _____ C:\WINDOWS\system32\tcbres.wim
2019-06-12 21:43 - 2019-05-19 00:12 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-06-12 21:43 - 2019-05-19 00:12 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-06-12 21:43 - 2019-05-19 00:12 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-06-12 21:43 - 2019-05-17 14:44 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-06-12 21:43 - 2019-05-17 14:25 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsUpdateElevatedInstaller.exe
2019-06-12 21:43 - 2019-05-17 14:24 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2019-06-12 21:43 - 2019-05-17 14:23 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2019-06-12 21:43 - 2019-05-17 14:22 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2019-06-12 21:43 - 2019-05-17 14:22 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2019-06-12 21:43 - 2019-05-17 14:21 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2019-06-12 21:43 - 2019-05-17 14:21 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-06-12 21:43 - 2019-05-17 14:21 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3gpui.dll
2019-06-12 21:43 - 2019-05-17 14:21 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2019-06-12 21:43 - 2019-05-17 14:20 - 002084864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-06-12 21:43 - 2019-05-17 14:19 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2019-06-12 21:43 - 2019-05-17 14:07 - 002206424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2019-06-12 21:43 - 2019-05-17 13:56 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2019-06-12 21:43 - 2019-05-17 13:56 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3gpui.dll
2019-06-12 21:43 - 2019-05-17 13:55 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2019-06-12 21:43 - 2019-05-17 13:55 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2019-06-12 21:43 - 2019-05-17 13:55 - 000470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2019-06-12 21:43 - 2019-05-17 13:54 - 002016768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-06-12 21:43 - 2019-05-17 13:54 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2019-06-12 21:43 - 2019-05-17 11:33 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-06-12 21:43 - 2019-05-17 08:44 - 000829960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2019-06-12 21:43 - 2019-05-17 08:43 - 000297688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2019-06-12 21:43 - 2019-05-17 08:42 - 001130568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-06-12 21:43 - 2019-05-17 08:42 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2019-06-12 21:43 - 2019-05-17 08:23 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2019-06-12 21:43 - 2019-05-17 08:23 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-06-12 21:43 - 2019-05-17 08:22 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2019-06-12 21:43 - 2019-05-17 08:22 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2019-06-12 21:43 - 2019-05-17 08:21 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-06-12 21:43 - 2019-05-17 08:21 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esentutl.exe
2019-06-12 21:43 - 2019-05-17 08:20 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2019-06-12 21:43 - 2019-05-17 08:20 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2019-06-12 21:43 - 2019-05-17 08:19 - 001110528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2019-06-12 21:43 - 2019-05-17 08:19 - 001073664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-06-12 21:43 - 2019-05-17 08:19 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2019-06-12 21:43 - 2019-05-17 08:18 - 001006592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2019-06-12 21:43 - 2019-05-17 08:18 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-06-12 21:43 - 2019-05-17 08:08 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-06-12 21:43 - 2019-05-17 08:07 - 000930616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2019-06-12 21:43 - 2019-05-17 08:07 - 000275768 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-06-12 21:43 - 2019-05-17 08:07 - 000260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-06-12 21:43 - 2019-05-17 08:06 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2019-06-12 21:43 - 2019-05-17 08:06 - 001140992 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-06-12 21:43 - 2019-05-17 08:06 - 001098056 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-06-12 21:43 - 2019-05-17 08:06 - 000983424 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-06-12 21:43 - 2019-05-17 08:00 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2019-06-12 21:43 - 2019-05-17 07:37 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2019-06-12 21:43 - 2019-05-17 07:37 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DuCsps.dll
2019-06-12 21:43 - 2019-05-17 07:36 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-06-12 21:43 - 2019-05-17 07:36 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2019-06-12 21:43 - 2019-05-17 07:36 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2019-06-12 21:43 - 2019-05-17 07:36 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2019-06-12 21:43 - 2019-05-17 07:36 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2019-06-12 21:43 - 2019-05-17 07:36 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2019-06-12 21:43 - 2019-05-17 07:36 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-06-12 21:43 - 2019-05-17 07:35 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-06-12 21:43 - 2019-05-17 07:35 - 000322560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-06-12 21:43 - 2019-05-17 07:34 - 000671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2019-06-12 21:43 - 2019-05-17 07:34 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2019-06-12 21:43 - 2019-05-17 07:34 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-06-12 21:43 - 2019-05-17 07:34 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2019-06-12 21:43 - 2019-05-17 07:33 - 001214464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-06-12 21:43 - 2019-05-17 07:33 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2019-06-12 21:43 - 2019-05-17 07:32 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2019-06-12 21:43 - 2019-05-17 07:32 - 000815104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-06-12 21:43 - 2019-05-17 07:31 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-06-12 21:15 - 2019-06-12 21:24 - 168745492 _____ C:\Users\helen\Downloads\Downton.Abbey.S03E04.mkv
2019-06-11 18:35 - 2019-06-11 18:45 - 166568259 _____ C:\Users\helen\Downloads\Downton.Abbey.S03E03.mkv
2019-06-11 17:47 - 2019-06-11 17:47 - 000000000 _____ C:\Users\helen\Downloads\Downton.Abbey.S03E02.mkv
2019-06-11 17:46 - 2019-06-11 17:56 - 168651097 _____ C:\Users\helen\Downloads\Downton.Abbey.S03E02.mkv.part
2019-06-11 06:48 - 2019-06-11 06:59 - 209918902 _____ C:\Users\helen\Downloads\Downton.Abbey.S03E01.mkv.part
2019-06-11 06:48 - 2019-06-11 06:48 - 000000000 _____ C:\Users\helen\Downloads\Downton.Abbey.S03E01.mkv
2019-06-10 07:45 - 2019-06-10 08:05 - 366794237 _____ C:\Users\helen\Downloads\downton.abbey.christmas.special.2011.480p.mkv.part
2019-06-10 07:45 - 2019-06-10 07:45 - 000000000 _____ C:\Users\helen\Downloads\downton.abbey.christmas.special.2011.480p.mkv
2019-06-09 23:43 - 2019-06-09 23:52 - 170651733 _____ C:\Users\helen\Downloads\downton.abbey.s02e08.mkv
2019-06-09 22:57 - 2019-06-09 23:06 - 170709741 _____ C:\Users\helen\Downloads\downton.abbey.s02e07.mkv.part
2019-06-09 22:57 - 2019-06-09 22:57 - 000000000 _____ C:\Users\helen\Downloads\downton.abbey.s02e07.mkv
2019-06-09 21:39 - 2019-06-09 21:48 - 160118122 _____ C:\Users\helen\Downloads\downton.abbey.s02e06.mkv.part
2019-06-09 21:39 - 2019-06-09 21:39 - 000000000 _____ C:\Users\helen\Downloads\downton.abbey.s02e06.mkv
2019-06-09 20:29 - 2019-06-09 20:39 - 170368438 _____ C:\Users\helen\Downloads\downton.abbey.s02e05.mkv
2019-06-09 14:07 - 2019-06-09 14:56 - 295035930 _____ C:\Users\helen\Downloads\Downton.Abbey.S02E04.720p.BluRay.x265.HEVC.TVS.Farda.DL.mkv.part
2019-06-09 14:07 - 2019-06-09 14:07 - 000000000 _____ C:\Users\helen\Downloads\Downton.Abbey.S02E04.720p.BluRay.x265.HEVC.TVS.Farda.DL.mkv
2019-06-09 13:11 - 2019-06-09 13:34 - 405417727 _____ C:\Users\helen\Downloads\Downton.Abbey.S02E03.DVDRip.XviD-0.mkv.part
2019-06-09 13:11 - 2019-06-09 13:11 - 000000000 _____ C:\Users\helen\Downloads\Downton.Abbey.S02E03.DVDRip.XviD-0.mkv
2019-06-08 19:20 - 2019-06-08 19:35 - 160241535 _____ C:\Users\helen\Downloads\downton.abbey.s02e02.mkv.part
2019-06-08 19:20 - 2019-06-08 19:20 - 000000000 _____ C:\Users\helen\Downloads\downton.abbey.s02e02.mkv
2019-06-08 09:56 - 2019-06-08 10:55 - 362546806 _____ C:\Users\helen\Downloads\Downton.Abbey.S02E01.720p.BluRay.x265.HEVC.TVS.Farda.DL.mkv.part
2019-06-07 09:04 - 2019-06-07 09:14 - 181589241 _____ C:\Users\helen\Downloads\downton.abbey.s01e07.Tehmovies.ir.mkv
2019-06-07 00:18 - 2019-06-07 00:27 - 168435076 _____ C:\Users\helen\Downloads\downton.abbey.s01e06.Tehmovies.ir.mkv

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-07 11:15 - 2017-10-16 22:12 - 000000000 ____D C:\FRST
2019-07-07 11:08 - 2018-06-16 08:38 - 000004162 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{62D9231A-5F82-4B44-B1D0-93D26DD0F831}
2019-07-07 11:07 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-07-07 10:55 - 2018-06-15 02:48 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-07-05 18:05 - 2018-01-12 17:43 - 000000000 ____D C:\Users\helen\AppData\Local\Packages
2019-07-05 04:10 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-07-04 18:58 - 2018-06-16 08:38 - 000003374 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-31940000-418457942-2495688642-1001
2019-07-04 18:58 - 2018-06-16 08:12 - 000002366 _____ C:\Users\helen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-07-04 18:58 - 2016-06-24 17:31 - 000000000 ___RD C:\Users\helen\OneDrive
2019-07-02 16:58 - 2018-06-16 08:38 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-07-01 21:07 - 2018-06-16 08:38 - 000003746 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-07-01 21:07 - 2018-06-16 08:38 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2019-07-01 21:07 - 2018-06-16 08:38 - 000003446 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2019-07-01 21:07 - 2018-06-16 08:38 - 000003400 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-07-01 21:07 - 2018-06-16 08:38 - 000003176 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-07-01 21:07 - 2018-06-16 08:38 - 000002374 _____ C:\WINDOWS\System32\Tasks\{1B2DA86E-7160-40E5-B184-74CCA60EF23E}
2019-07-01 21:07 - 2018-06-16 08:38 - 000002274 _____ C:\WINDOWS\System32\Tasks\DolbySelectorTask
2019-07-01 21:07 - 2018-06-16 08:38 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2019-07-01 20:36 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-07-01 19:25 - 2015-09-02 18:46 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-07-01 19:11 - 2016-11-18 22:12 - 000000000 ____D C:\Users\helen\AppData\LocalLow\Mozilla
2019-06-30 13:13 - 2018-08-19 22:04 - 000000000 ____D C:\Users\helen\AppData\Local\CrashDumps
2019-06-30 11:09 - 2019-04-17 19:40 - 000003856 _____ C:\WINDOWS\System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2019-06-30 11:09 - 2019-04-17 19:40 - 000003272 _____ C:\WINDOWS\System32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2019-06-30 11:09 - 2018-04-09 00:17 - 000002505 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2019-06-30 11:09 - 2018-04-09 00:17 - 000002470 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2019-06-30 10:52 - 2018-07-09 20:28 - 000000000 ____D C:\ProgramData\Packages
2019-06-30 10:34 - 2018-06-16 08:12 - 000000000 ____D C:\Users\helen
2019-06-30 10:34 - 2017-10-25 20:16 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-06-30 10:34 - 2016-06-24 17:27 - 000000000 __SHD C:\Users\helen\IntelGraphicsProfiles
2019-06-30 10:29 - 2018-06-16 08:38 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-06-30 10:29 - 2016-06-24 17:33 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-06-25 06:01 - 2016-06-25 12:26 - 000000000 ____D C:\Users\helen\AppData\Roaming\vlc
2019-06-21 23:54 - 2017-03-19 19:23 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-06-21 23:54 - 2017-03-19 19:23 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-06-21 18:24 - 2017-09-29 16:59 - 000000000 ____D C:\Program Files\rempl
2019-06-20 18:47 - 2016-08-10 10:11 - 000168104 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-06-19 10:15 - 2018-06-16 08:23 - 001692472 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-06-19 10:15 - 2018-06-15 12:28 - 000717298 _____ C:\WINDOWS\system32\perfh005.dat
2019-06-19 10:15 - 2018-06-15 12:28 - 000145074 _____ C:\WINDOWS\system32\perfc005.dat
2019-06-19 10:15 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-06-19 10:12 - 2016-06-24 17:33 - 000001231 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-06-19 10:10 - 2018-01-12 18:10 - 000000000 ___RD C:\Users\helen\3D Objects
2019-06-19 10:10 - 2016-04-27 08:39 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-06-19 10:08 - 2018-06-15 02:48 - 000434080 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-06-19 10:06 - 2018-04-11 23:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-06-19 10:05 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-06-19 10:05 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-06-19 10:05 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\Provisioning
2019-06-19 10:05 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-06-19 10:01 - 2016-08-23 13:44 - 000000000 ____D C:\Users\helen\.gimp-2.8
2019-06-18 17:43 - 2016-08-23 13:49 - 000000000 ____D C:\Users\helen\AppData\Local\gtk-2.0
2019-06-18 17:08 - 2017-07-08 18:19 - 000000000 ____D C:\Program Files\UNP
2019-06-18 07:33 - 2016-08-10 10:11 - 000225600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-06-14 19:00 - 2016-06-26 08:19 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-06-13 21:24 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-06-12 22:21 - 2016-06-25 08:21 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-06-12 21:40 - 2016-06-25 08:21 - 135349160 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-06-12 07:06 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-06-12 07:06 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed

==================== Files in the root of some directories ================

2019-06-18 17:43 - 2019-06-18 17:43 - 000001521 _____ () C:\Users\helen\AppData\Local\recently-used.xbel

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 3-07-2019
Ran by helen (07-07-2019 11:18:33)
Running from C:\Users\helen\Desktop
Windows 10 Home Version 1803 17134.829 (X64) (2018-06-16 06:40:31)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-31940000-418457942-2495688642-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-31940000-418457942-2495688642-503 - Limited - Disabled)
Guest (S-1-5-21-31940000-418457942-2495688642-501 - Limited - Disabled)
helen (S-1-5-21-31940000-418457942-2495688642-1001 - Administrator - Enabled) => C:\Users\helen
WDAGUtilityAccount (S-1-5-21-31940000-418457942-2495688642-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.207 - Adobe)
Application Verifier x64 External Package (HKLM\...\{62CB44B2-8007-DBB2-1CBA-5CB7309EB3C3}) (Version: 10.1.17134.12 - Microsoft) Hidden
Atom (HKU\S-1-5-21-31940000-418457942-2495688642-1001\...\atom) (Version: 1.32.2 - GitHub Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.5.2378 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 75.0.1447.80 - AVAST Software)
calibre (HKLM-x32\...\{4E5DD3E4-963F-4EDA-8863-A6B691CECC1E}) (Version: 2.76.0 - Kovid Goyal)
Components (HKLM-x32\...\{1720B0E0-C520-43A6-B677-97A1D80F3B99}) (Version: 1.0.023.00 - Lenovo) Hidden
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
EndNote X7 (HKLM-x32\...\{86B3F2D6-AC2B-0017-8AE1-F2F77F781B0C}) (Version: 17.2.1.8311 - Thomson Reuters)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.5.0.4.1001 - Genesys Logic)
GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team)
Git version 2.19.1 (HKLM\...\Git_is1) (Version: 2.19.1 - The Git Development Community)
GOG.com Heroes of Might and Magic 3 (HKLM\...\{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}.sdb) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.100 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
Heroes of Might and Magic 2 GOLD (HKLM-x32\...\Heroes of Might and Magic 2 GOLD_is1) (Version: - GOG.com)
Intel Security True Key (HKLM\...\TrueKey) (Version: 4.4.135.1 - Intel Security)
Intel(R) Chipset Device Software (HKLM-x32\...\{c6cff78a-cccb-49d5-be68-ae0ec5f0d48a}) (Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1153 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4624 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.6.0.1029 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.253.0 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Kits Configuration Installer (HKLM-x32\...\{6F502640-B753-C101-FFA5-B38C3FA5B29A}) (Version: 10.1.17134.12 - Microsoft) Hidden
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.1.690 - Broadcom Corporation)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11103 - Realtek Semiconductor Corp.)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 2.0.9.0 - Lenovo)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.4706 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.4706 - CyberLink Corp.)
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 2.5.5720.01 - CyberLink Corp.)
Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.019.00 - Lenovo)
Lenovo_Wireless_Driver (HKLM-x32\...\{5D642A72-8194-4A22-80DA-11FE610CCA8E}) (Version: 7.35.267 - Lenovo)
LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.9 - Thibaut Lauziere)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.599.11 - McAfee, Inc.)
Metric Collection SDK (HKLM-x32\...\{DDAA788F-52E6-44EA-ADB8-92837B11BF26}) (Version: 1.1.0012.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.11727.20230 - Microsoft Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.11727.20230 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-31940000-418457942-2495688642-1001\...\OneDriveSetup.exe) (Version: 19.103.0527.0003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-31940000-418457942-2495688642-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.30.2 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.17.1298.831 - Microsoft Corporation)
Mozilla Firefox 67.0.3 (x64 cs) (HKLM\...\Mozilla Firefox 67.0.3 (x64 cs)) (Version: 67.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 67.0.3.7108 - Mozilla)
MSI Development Tools (HKLM-x32\...\{1E406B46-65F4-91CE-65DA-DB66D5443B68}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11727.20230 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11727.20230 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11727.20230 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.11727.20230 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.11727.20230 - Microsoft Corporation) Hidden
OpenOffice 4.1.2 (HKLM-x32\...\{69D27D4C-36CE-4CB2-A290-C38B0A990955}) (Version: 4.12.9782 - Apache Software Foundation)
Python 3.6.4 (32-bit) (HKU\S-1-5-21-31940000-418457942-2495688642-1001\...\{9218130b-5ad0-4cf7-82be-6993cfd6cb84}) (Version: 3.6.4150.0 - Python Software Foundation)
Python 3.6.4 Add to Path (32-bit) (HKLM-x32\...\{B7F6071F-CC88-469C-9AC6-BEBA83594819}) (Version: 3.6.4150.0 - Python Software Foundation) Hidden
Python 3.6.4 Core Interpreter (32-bit) (HKLM-x32\...\{D188614B-E656-4EF1-9F5A-23559EBE8F5A}) (Version: 3.6.4150.0 - Python Software Foundation) Hidden
Python 3.6.4 Development Libraries (32-bit) (HKLM-x32\...\{C3797E33-967D-4687-8F1A-9DE771A00125}) (Version: 3.6.4150.0 - Python Software Foundation) Hidden
Python 3.6.4 Documentation (32-bit) (HKLM-x32\...\{E09874D3-E898-4AB6-B043-EE24DF786088}) (Version: 3.6.4150.0 - Python Software Foundation) Hidden
Python 3.6.4 Executables (32-bit) (HKLM-x32\...\{47A75DB9-F3F5-4697-9261-DBA5162DBB9E}) (Version: 3.6.4150.0 - Python Software Foundation) Hidden
Python 3.6.4 pip Bootstrap (32-bit) (HKLM-x32\...\{54142B43-2FA5-4BBA-BF03-27C10EB50C1E}) (Version: 3.6.4150.0 - Python Software Foundation) Hidden
Python 3.6.4 Standard Library (32-bit) (HKLM-x32\...\{2832768E-9BCA-4421-950C-7186B3BDFC45}) (Version: 3.6.4150.0 - Python Software Foundation) Hidden
Python 3.6.4 Tcl/Tk Support (32-bit) (HKLM-x32\...\{20888FA1-8127-42E3-969F-9BF93245AC83}) (Version: 3.6.4150.0 - Python Software Foundation) Hidden
Python 3.6.4 Test Suite (32-bit) (HKLM-x32\...\{D14FB2FA-51B2-415C-93BF-5053102235EE}) (Version: 3.6.4150.0 - Python Software Foundation) Hidden
Python 3.6.4 Utility Scripts (32-bit) (HKLM-x32\...\{D0730E44-E519-4F39-B926-E2FC0449D67C}) (Version: 3.6.4150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{B42FF40A-60D4-4096-AC47-C86153D72797}) (Version: 3.6.6196.0 - Python Software Foundation)
qBittorrent 3.3.11 (HKLM-x32\...\qBittorrent) (Version: 3.3.11 - The qBittorrent project)
REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: 2.5.005.12 - Lenovo)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7606 - Realtek Semiconductor Corp.)
ResearchSoft Direct Export Helper (HKLM-x32\...\ResearchSoft Direct Export Helper) (Version: - Thomson Reuters)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.51.0 - SAMSUNG Electronics Co., Ltd.)
SDK ARM Additions (HKLM-x32\...\{346B2C02-CC0D-6E09-8B9D-CAA2821473CF}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
SDK ARM Redistributables (HKLM-x32\...\{825784BB-114D-ADB3-B65F-E1EB2A63C3BC}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
Seznam Software (HKU\S-1-5-21-31940000-418457942-2495688642-1001\...\SeznamInstall) (Version: - Seznam.cz)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.5.5.0 - Lenovo)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
SnapGene Viewer (HKLM-x32\...\SnapGene Viewer) (Version: 4.3.7 - GSL Biotech LLC)
Universal CRT Extension SDK (HKLM-x32\...\{18ABFDF6-23D9-87E6-015E-FFE3C7F153D5}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{0D6B41AF-D117-8944-A059-3F9346A896C5}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{B6273353-8B54-1F89-1A16-5940925104CE}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{BA6F1D53-C3F2-F9D5-80CE-CEF608E36AD3}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{6E43CA0C-046E-4F38-A0A2-3B1BA139B661}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{775886B8-DEE1-CB20-8A94-FC09FA54ECF6}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo)
vcpp_crt.redist.clickonce (HKLM-x32\...\{D182FB25-9A73-4725-A2C4-2C33900B920E}) (Version: 14.15.26706 - Microsoft Corporation) Hidden
Visual Studio Build Tools 2017 (HKLM-x32\...\5cf44176) (Version: 15.8.28010.2046 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.6 - VideoLAN)
vs_FileTracker_Singleton (HKLM-x32\...\{8EB2C670-04C2-482D-BACD-B4095E27FD39}) (Version: 15.6.27309 - Microsoft Corporation) Hidden
WinAppDeploy (HKLM-x32\...\{5AD4A604-B476-1578-2A20-6B02FC6258BE}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
Windows Driver Package - Pololu Corporation CP2102 USB-to-Serial Bridge Driver (10/05/2012 6.6.0.0) (HKLM\...\CBDC7C39EE7C949A0CE5E2BAFB214055611003A7) (Version: 10/05/2012 6.6.0.0 - Pololu Corporation)
Windows Driver Package - Silicon Laboratories (silabenm) Ports (10/05/2012 6.6.0.0) (HKLM\...\5118100F6945E20FB40C6DEA7D3D348AFD9E43D7) (Version: 10/05/2012 6.6.0.0 - Silicon Laboratories)
Windows Mobile Connectivity Tools 10.0.15254.0 - Desktop x86 (HKLM-x32\...\{833F02C5-2C39-49F6-BD64-91D351081274}) (Version: 10.1.15254.1 - Microsoft Corporation)
Windows SDK AddOn (HKLM-x32\...\{E77C2F78-6089-48F8-89DF-DDF2850DFFD9}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.17134.12 (HKLM-x32\...\{5f83ccda-0498-4b97-a298-16a642bf49f2}) (Version: 10.1.17134.12 - Microsoft Corporation)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{389D182F-0ADA-5C7E-FF32-2573A821592C}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{C3776B36-B34E-00E2-3009-95A6F1870B58}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{965D1746-D94A-49B9-2A48-A14914CA3B57}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{84C6B91B-67DA-DDE3-86F1-87A3E307E8C1}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
WinRT Intellisense Mobile - en-us (HKLM-x32\...\{3755CD99-C62E-3312-DDD3-29A4F259270D}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{729DA966-8590-2C1F-2178-16C1D32FD7FD}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{F1C18506-3168-A9D9-E2D9-D23A512A326E}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{4095D263-6A13-78D3-DEDA-AA3452011F6E}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{C3243E23-2EB6-4419-2692-40944923B112}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden

Packages:
=========
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.142.300.0_x86__kgqvnymyfvs32 [2019-07-01] (king.com)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_100.1.575.0_x64__v10z8vjag6ke6 [2019-06-30] (HP Inc.)
Lenovo Settings -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoSettings_3.177.0.0_x86__4642shxvsv8s2 [2018-01-03] (LENOVO INCORPORATED.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_4.27.32.0_x86__k1h2ywk1493x8 [2019-03-26] (LENOVO INC.)
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe [2019-06-01] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1807.8.0_x64__8wekyb3d8bbwe [2018-08-01] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1807.9.0_x64__8wekyb3d8bbwe [2018-08-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2018-11-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_3.9.4100.0_x64__8wekyb3d8bbwe [2019-04-19] (Microsoft Studios) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.11723.0_x64__8wekyb3d8bbwe [2019-06-30] (Microsoft Corporation) [MS Ad]
Microsoft Phone -> C:\Program Files\WindowsApps\Microsoft.CommsPhone_3.43.20002.1000_x64__8wekyb3d8bbwe [2018-09-09] (Microsoft Corporation)
Microsoft Phone Companion -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1802.311.0_x64__8wekyb3d8bbwe [2018-02-13] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-16] (Microsoft Studios) [MS Ad]
Microsoft Treasure Hunt -> C:\Program Files\WindowsApps\Microsoft.MicrosoftTreasureHunt_1.2.1812.2011_x86__8wekyb3d8bbwe [2019-03-23] (Microsoft Studios) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.29.10701.0_x64__8wekyb3d8bbwe [2019-03-22] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.28.3242.0_x64__8wekyb3d8bbwe [2018-12-15] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-09] (Twitter Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-31940000-418457942-2495688642-1001_Classes\CLSID\{cece6816-6107-4dc7-bdbc-20cd5ae1ffed}\localserver32 -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoAppPromotionPlugin\x64\DesktopToastsHelper.exe => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2015-07-13] (LENOVO -> Lenovo)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2015-07-13] (LENOVO -> Lenovo)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-05-02] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2017-01-30 19:38 - 2016-09-22 08:11 - 000081920 _____ () [File not signed] C:\Program Files (x86)\Lenovo\Lenovo Photo Master\koan\_ctypes.pyd
2015-05-19 18:11 - 2015-05-19 18:11 - 000335872 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
2017-01-30 19:39 - 2016-09-22 08:06 - 001732608 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\PyImage\ijl20.dll
2015-07-27 20:28 - 2015-07-27 20:28 - 000562688 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2015-07-27 20:28 - 2015-07-27 20:28 - 000285184 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2017-01-30 19:39 - 2016-09-22 08:06 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Lenovo\Lenovo Photo Master\MSVCR71.dll
2018-04-20 04:18 - 2018-04-20 04:18 - 000444416 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\D3DREF9.DLL
2018-06-16 08:15 - 2018-06-16 08:15 - 001105920 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80.DLL
2018-06-16 08:15 - 2018-06-16 08:15 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80U.DLL
2018-06-16 08:15 - 2018-06-16 08:15 - 000057344 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_03ca5532205cb096\MFC80ENU.DLL
2017-01-30 19:39 - 2016-09-22 08:11 - 002113536 _____ (Python Software Foundation) [File not signed] C:\Program Files (x86)\Lenovo\Lenovo Photo Master\koan\python25.dll
2016-08-04 20:46 - 2014-07-08 13:07 - 001148928 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\TrueKey\SQLite.Interop.dll
2019-03-15 09:38 - 2018-08-12 21:29 - 001255424 _____ (Robert Simpson, et al.) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\GenericMessagingPlugin\x86\x86\SQLite.Interop.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 13:04 - 2019-01-08 08:04 - 000000869 _____ C:\WINDOWS\system32\drivers\etc\hosts

0.0.0.1 mssplus.mcafee.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Program Files (x86)\Lenovo\FusionEngine;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Lenovo\Bluetooth Software\;C:\Program Files\Lenovo\Bluetooth Software\syswow64;C:\Program Files (x86)\Calibre2\;C:\Program Files (x86)\Skype\Phone\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Git\cmd
HKU\S-1-5-21-31940000-418457942-2495688642-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
DNS Servers: 176.74.128.10 - 176.74.128.11
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{AF9264E1-F9DE-41EC-AADD-E26B3275FE22}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{5AB112F1-CD08-465B-AF21-A16E26891E90}C:\users\helen\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\helen\appdata\roaming\utorrent\utorrent.exe No File
FirewallRules: [TCP Query User{4AC97270-21FB-4D28-AE69-A7A3941AB86C}C:\users\helen\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\helen\appdata\roaming\utorrent\utorrent.exe No File
FirewallRules: [{ACC83C66-2D6F-4429-9DF6-5BE20798F6BD}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)
FirewallRules: [{AFB8763A-8F81-49E7-89D6-6895D56FBE1E}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)
FirewallRules: [{B9A1AC6B-4AAC-4FC0-902E-2F54BA20DABD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3D92CDE5-FDF2-49D8-B82B-74C59F54F630}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{ED9B406C-7333-4E97-AC30-A7063F3F2965}C:\gog games\heroes of might and magic 3 complete\heroes3.exe] => (Allow) C:\gog games\heroes of might and magic 3 complete\heroes3.exe No File
FirewallRules: [UDP Query User{B9406F95-F881-45C9-94C0-0D63AA05A5C5}C:\gog games\heroes of might and magic 3 complete\heroes3.exe] => (Allow) C:\gog games\heroes of might and magic 3 complete\heroes3.exe No File
FirewallRules: [TCP Query User{AA44ECDE-B654-4C32-807D-74B00D738DF2}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{FF8CC766-3569-4B8C-B472-A8E838325723}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{30B2E0A0-53F4-4007-A512-20E6F8699E84}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{008DEF7C-80EF-48F7-AB4F-024F9019A622}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [TCP Query User{1FBF4027-FA51-4F5C-98C8-B15B513DC32C}C:\program files (x86)\gog.com\heroes of might and magic 2 gold\dosbox\dosbox.exe] => (Allow) C:\program files (x86)\gog.com\heroes of might and magic 2 gold\dosbox\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [UDP Query User{B67908C7-B50F-45DA-B766-37EF36903D22}C:\program files (x86)\gog.com\heroes of might and magic 2 gold\dosbox\dosbox.exe] => (Allow) C:\program files (x86)\gog.com\heroes of might and magic 2 gold\dosbox\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [{83B2740E-3DEA-40BC-9C75-C30FC0B5621D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe No File
FirewallRules: [{574F463C-485D-4CEB-BC0B-063430F14AC2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe No File
FirewallRules: [{8F6B940F-6212-48E0-8972-A414C6A76339}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{4BDD7485-B63E-4427-B358-A4D23CDD2DFE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{2B3D62B9-420D-4A56-8128-A9B0DED9C3E6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\System\witcher.exe No File
FirewallRules: [{C3D7FFA8-3A8C-4775-BB03-9151B788743E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\System\witcher.exe No File
FirewallRules: [{DD6F81BD-34AE-4496-BE6B-8AAF40ECC73C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\System\djinni!.exe No File
FirewallRules: [{89DA6BBF-4FF3-4D6A-A2CC-9F01C9EC2E77}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\System\djinni!.exe No File
FirewallRules: [{E5FDF4D9-2928-4B10-9833-7AC2BA659557}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe No File
FirewallRules: [{07BD2464-28FC-4C75-A311-9E1C0C8F8CAD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe No File
FirewallRules: [TCP Query User{20F131EB-0F61-43B5-BC8F-7739540E3AC2}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{50B78EB7-EBE1-4F8B-AC29-AE5826B7CDA5}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E4F90CC2-5FC8-4F11-9AD3-A1BB35076591}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{69D4F0AF-5B38-44B9-952F-516CD90B43F4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{66D6711F-5EA3-49A6-B858-A471ADD97DE1}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CD0F5CB3-4562-4D02-B3DC-D7A946F4156A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C6D98263-8AED-4CF7-A0DF-72166609F2B9}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CC7CD67B-A833-462D-A4B1-F009524B19EF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{63AB6ACD-8F3E-43BD-855A-79DF38A4959D}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software)

==================== Restore Points =========================

12-06-2019 21:38:53 Windows Update
21-06-2019 18:22:37 Windows Update
30-06-2019 17:16:53 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (07/07/2019 11:09:24 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: Windows cannot load the extensible counter DLL rdyboost. The first four bytes (DWORD) of the Data section contains the Windows error code.

Error: (07/07/2019 11:09:22 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Error: (07/07/2019 11:07:57 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.

Error: (07/05/2019 09:23:24 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.

Error: (07/05/2019 09:07:39 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.

Error: (07/05/2019 08:23:25 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.

Error: (07/05/2019 08:07:38 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.

Error: (07/05/2019 07:23:24 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.

System errors:
=============
Error: (07/07/2019 11:17:24 AM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-S2PCB5HK)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user LAPTOP-S2PCB5HK\helen SID (S-1-5-21-31940000-418457942-2495688642-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (07/07/2019 11:08:17 AM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-S2PCB5HK)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
and APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
to the user LAPTOP-S2PCB5HK\helen SID (S-1-5-21-31940000-418457942-2495688642-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.

Error: (07/07/2019 11:01:41 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (07/05/2019 09:09:38 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-S2PCB5HK)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user LAPTOP-S2PCB5HK\helen SID (S-1-5-21-31940000-418457942-2495688642-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (07/05/2019 09:03:56 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (07/05/2019 08:59:34 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (07/05/2019 08:23:51 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-S2PCB5HK)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user LAPTOP-S2PCB5HK\helen SID (S-1-5-21-31940000-418457942-2495688642-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (07/05/2019 08:09:32 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-S2PCB5HK)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user LAPTOP-S2PCB5HK\helen SID (S-1-5-21-31940000-418457942-2495688642-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

==================== Memory info ===========================

BIOS: Lenovo BDCN71WW 08/03/2016
Motherboard: LENOVO Lenovo U41-70
Processor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Percentage of memory in use: 80%
Total physical RAM: 4001.92 MB
Available physical RAM: 790.51 MB
Total Virtual: 10063.73 MB
Available Virtual: 3491.33 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:419.45 GB) (Free:336.63 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.45 GB) NTFS

\\?\Volume{253911bd-8f26-4382-adc2-a3e87ebe024b}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.52 GB) NTFS
\\?\Volume{3234bc63-a5c0-47f9-bc55-a89935bf2adf}\ (LENOVO_PART) (Fixed) (Total:19.09 GB) (Free:7.05 GB) NTFS
\\?\Volume{a4f53d4c-23d1-4ee8-b7f6-747619b31131}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 3495B3E9)

Partition: GPT.

==================== End of Addition.txt ============================

#2 Příspěvek od **Diallix** » 07 črc 2019 11:15

Dobry den.

Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.

Gwenardell · #3 Příspěvek od **Gwenardell** » 07 črc 2019 12:03

Dobrý den,

děkuji. Tady je obsah logu:

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-06-28.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-07-2019
# Duration: 00:00:08
# OS: Windows 10 Home
# Cleaned: 12
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Seznam.cz
Deleted C:\Users\helen\AppData\Roaming\Seznam.cz

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.autoupdate
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall
Deleted HKCU\Software\Mozilla\NativeMessagingHosts\sznpp_nm
Deleted HKCU\Software\Seznam.cz
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|seznam-listicka-distribuce
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|seznam-listicka-distribuce

***** [ Chromium (and derivatives) ] *****

Deleted Seznam doplněk - Email
Deleted Seznam doplněk - Esko

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2297 octets] - [07/07/2019 12:51:51]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

#4 Příspěvek od **Diallix** » 07 črc 2019 12:08

poprosim o nove logy z FRST + ADDITION

Gwenardell · #5 Příspěvek od **Gwenardell** » 07 črc 2019 12:22

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 3-07-2019
Ran by helen (administrator) on LAPTOP-S2PCB5HK (LENOVO 80JV) (07-07-2019 13:15:54)
Running from C:\Users\helen\Desktop
Loaded Profiles: helen (Available Profiles: helen)
Platform: Windows 10 Home Version 1803 17134.829 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterImportAgent.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe
(DEVGURU CO LTD -> DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Biometric and Context Agent -> Intel(R) Corporation) C:\Program Files\Intel\BCA\pabeSvc64.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(LENOVO -> Lenovo(beijing) Limited) C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\SDXHelper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\helen\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17134.760_none_eaef1a361d71e348\TiWorker.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16412920 2016-06-24] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1415928 2016-06-24] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1415928 2016-06-24] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1415928 2016-06-24] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-07-27] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [Bluetooth] => C:\Program Files\Lenovo\Bluetooth Software\bttray.exe [535808 2015-07-08] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [262024 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [LenovoUtility] => C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe [911272 2017-07-27] (LENOVO -> Lenovo(beijing) Limited)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-31940000-418457942-2495688642-1001\...\Run: [PhotoMasterImportAgent] => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterImportAgent.exe [675608 2016-09-22] (CyberLink Corp. -> CyberLink Corp.)
HKU\S-1-5-21-31940000-418457942-2495688642-1001\...\MountPoints2: {a027a701-095f-11e9-9c70-acd1b8e0ece4} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-31940000-418457942-2495688642-1001\...\MountPoints2: {db602746-20fd-11e9-9c73-acd1b8e0ece4} - "E:\HiSuiteDownLoader.exe"
HKLM\Software\...\AppCompatFlags\Custom\Heroes3.exe: [{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}.sdb] -> GOG.com Heroes of Might and Magic 3
HKLM\Software\...\AppCompatFlags\InstalledSDB\{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}: [DatabasePath] -> C:\WINDOWS\AppPatch\Custom\{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}.sdb
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.100\Installer\chrmstp.exe [2019-06-21] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\75.0.1447.80\Installer\chrmstp.exe [2019-06-30] (AVAST Software s.r.o. -> AVAST Software)
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\Lenovo\Bluetooth Software\\BtwCP.dll [2015-07-08] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{B7724AE5-1135-4889-8A5F-CA98BE6CA1ED}] -> C:\Program Files\TrueKey\McAfee.TrueKey.CredentialProvider.dll [2016-07-22] (McAfee, Inc. -> McAfee, Inc.)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1031F5BB-2AC8-4108-B354-D626F2A01DCA} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe [676176 2016-05-18] (LENOVO -> Lenovo)
Task: {1A874086-5735-4C9B-8130-7A758BA462F6} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26804232 2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {1F17FBA4-FFEA-4B50-AB50-06CEFDF68DCB} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {20EBABF8-D8F1-4EE6-87A5-5E9709401047} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_207_Plugin.exe [1457208 2019-06-12] (Adobe Inc. -> Adobe)
Task: {255CB322-11A5-4967-A7E9-A6DC82D138D1} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1504376 2019-07-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {272873C5-2E6F-41D5-91DC-3593E17A4E16} - System32\Tasks\CyberLink\Photo Master Gadget startup => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe [745240 2016-09-22] (CyberLink Corp. -> CyberLink Corp.)
Task: {274A019A-18D7-4741-B901-F0E24B450513} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe
Task: {2CB43A2A-435A-483D-8A48-95B8F45B1850} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {2D5B8379-B425-4C19-91BF-C66793725C26} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4544064 2019-07-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {2DBF3B5C-B78D-44FC-9A4F-E3C535CB1082} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1448296 2019-07-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {48538956-473E-4C00-A79F-91631A45A592} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\59759eaa-f9c8-478e-9c43-1b037ab743d2 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [76968 2019-04-24] (Lenovo -> Lenovo Group Ltd.)
Task: {49843303-D0C0-479A-B483-8D576ADC99B1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {4D71E0A9-DFC1-4998-BA05-BD88CD55AC1A} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {4F5564CC-664E-4243-9A91-D09C2A67703C} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2934152 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
Task: {55EB75EC-DCFF-4247-8126-3A025CEBF3CD} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\c62bf3e9-469c-4032-b8f3-f4a4e0c23a46 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [76968 2019-04-24] (Lenovo -> Lenovo Group Ltd.)
Task: {59CCBB61-3A58-431B-98BB-5996D63A3C45} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [287688 2016-06-24] (LENOVO -> Lenovo)
Task: {5FF7CC3C-4E23-449E-87F3-7033E88FF385} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1448296 2019-07-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {65DEA2C4-0657-4CA1-9223-F25B84CFB683} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2281944 2019-06-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {8219AB6D-5798-4AB9-AF2E-7BD0C5805B54} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1815792 2019-06-12] (AVAST Software s.r.o. -> AVAST Software)
Task: {824E61D1-6C36-43F4-ACE2-3DD50D54F81A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26804232 2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {8691357B-93C1-4554-9C90-4593639C0EE6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-03-19] (Google Inc -> Google Inc.)
Task: {8C97DDB3-E245-4016-B008-FF9A0529A6EF} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-09] (AVAST Software s.r.o. -> AVAST Software)
Task: {94E6E880-9DCB-4D94-B1D6-4DC27E5CC091} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => %windir%\system32\sc.exe START ImControllerService
Task: {96A4E098-562E-4E57-B6D9-B17DC98C043F} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [54440 2019-04-24] (Lenovo -> Lenovo Group Ltd.)
Task: {990C989F-E7B3-4FB3-B00E-F510A853CA90} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [113200 2019-07-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {9F73A902-57D6-4659-BB8D-643C556A46B1} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [16832 2015-07-08] (LENOVO -> Lenovo)
Task: {A3821E52-1F98-4A56-AB94-B8CDDEAECC33} - System32\Tasks\Lenovo\SHPrompt => C:\Program Files (x86)\Lenovo\SHAREit\ShareitPrompt.exe [829344 2015-07-13] (LENOVO -> )
Task: {A8DCA070-90E8-4CB3-A0AD-05E12EC64A57} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\5867125e-8b77-40f2-ae8d-60999802149e => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [76968 2019-04-24] (Lenovo -> Lenovo Group Ltd.)
Task: {AA1AA359-1D68-4DF1-8795-872E3D998AEF} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1815792 2019-06-12] (AVAST Software s.r.o. -> AVAST Software)
Task: {AC842410-F378-476D-86B6-3ADE5DE1F1B7} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-09] (AVAST Software s.r.o. -> AVAST Software)
Task: {AD7D1577-65D5-4A61-BC00-0F57D9B2FD08} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-03-19] (Google Inc -> Google Inc.)
Task: {B296730E-6216-4554-AAB7-C07A1B6F223C} - System32\Tasks\{1B2DA86E-7160-40E5-B184-74CCA60EF23E} => C:\WINDOWS\system32\pcalua.exe -a "C:\Users\helen\Downloads\allinon1 - 3.58f\wog358f\Install.exe" -d "C:\Users\helen\Downloads\allinon1 - 3.58f\wog358f"
Task: {BF7CDD4C-1FE6-4194-B65D-56CC910FED86} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-06-12] (Adobe Inc. -> Adobe)
Task: {C231E787-0829-4DE0-B380-9E0D24C624DB} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [113200 2019-07-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {E6FC7663-C77E-4992-B9B7-2EA06BFCAA6A} - System32\Tasks\Lenovo\SHUpdate => C:\Program Files (x86)\Lenovo\SHAREit\ShareitUpdater.exe [808352 2015-07-13] (LENOVO -> )
Task: {E8D15056-2900-4ECD-98CD-0597DE97712E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4544064 2019-07-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {EF330285-DBD0-4644-9324-DA2543B87945} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe [676176 2016-05-18] (LENOVO -> Lenovo)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 176.74.128.10 176.74.128.11
Tcpip\..\Interfaces\{4dd19970-c1e3-4507-8169-91ee19f3688d}: [DhcpNameServer] 176.74.128.10 176.74.128.11

Internet Explorer:
==================
HKU\S-1-5-21-31940000-418457942-2495688642-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=28314
HKU\S-1-5-21-31940000-418457942-2495688642-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-31940000-418457942-2495688642-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKU\S-1-5-21-31940000-418457942-2495688642-1001 -> {0F8567B1-FA53-4600-8203-68880F2697E8} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_28314
SearchScopes: HKU\S-1-5-21-31940000-418457942-2495688642-1001 -> {120C2082-DEEF-477B-BB1F-D10FF81C7CDC} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_28314
SearchScopes: HKU\S-1-5-21-31940000-418457942-2495688642-1001 -> {5C5E67D6-A38D-4229-A1AC-E4DEE6D1F989} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_28314
SearchScopes: HKU\S-1-5-21-31940000-418457942-2495688642-1001 -> {6A331565-8D53-4022-81D9-FB9EFBDC58DE} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_28314
SearchScopes: HKU\S-1-5-21-31940000-418457942-2495688642-1001 -> {7F401C83-45B4-4F2B-856F-C5727D9DD7ED} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_28314
SearchScopes: HKU\S-1-5-21-31940000-418457942-2495688642-1001 -> {AEF852C1-21F2-41BF-B89A-0528A934D187} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_28314
SearchScopes: HKU\S-1-5-21-31940000-418457942-2495688642-1001 -> {B2518FA9-3ED0-4BFB-8459-63A58D2F34DB} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_28314
SearchScopes: HKU\S-1-5-21-31940000-418457942-2495688642-1001 -> {BE6EE522-B49B-4E68-898B-82984AD5B3EE} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_28314
SearchScopes: HKU\S-1-5-21-31940000-418457942-2495688642-1001 -> {C068B513-AB32-4F64-B138-96263DD078D2} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_28314
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-07-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-07-15] (Intel(R) Security True Key -> Intel Security)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-07-15] (Intel(R) Security True Key -> Intel Security)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-06] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: hkkqchdr.default
FF ProfilePath: C:\Users\helen\AppData\Roaming\Mozilla\Firefox\Profiles\hkkqchdr.default [2019-07-07]
FF Extension: (Firefox Hotfix) - C:\Users\helen\AppData\Roaming\Mozilla\Firefox\Profiles\hkkqchdr.default\Extensions\firefox-hotfix@mozilla.org.xpi [2017-03-10] [Legacy]
FF Extension: (Seznam pro Firefox - Esko) - C:\Users\helen\AppData\Roaming\Mozilla\Firefox\Profiles\hkkqchdr.default\Extensions\sko-extension@firma.seznam.cz.xpi [2017-11-29]
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\helen\AppData\Roaming\Mozilla\Firefox\Profiles\hkkqchdr.default\Extensions\sp@avast.com.xpi [2019-06-06]
FF Extension: (Avast Online Security) - C:\Users\helen\AppData\Roaming\Mozilla\Firefox\Profiles\hkkqchdr.default\Extensions\wrc@avast.com.xpi [2019-06-08]
FF Extension: (No Name) - C:\Users\helen\AppData\Roaming\Mozilla\Firefox\Profiles\hkkqchdr.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-04-20]
FF Extension: (Seznam pro Firefox - Email) - C:\Users\helen\AppData\Roaming\Mozilla\Firefox\Profiles\hkkqchdr.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2017-10-31]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_207.dll [2019-06-12] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_207.dll [2019-06-12] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR NewTab: Default -> Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR Profile: C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default [2019-04-29]
CHR Extension: (Slides) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-15]
CHR Extension: (Docs) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-15]
CHR Extension: (Google Drive) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-19]
CHR Extension: (Seznam doplněk - Email) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2019-03-15]
CHR Extension: (Seznam doplněk - Esko-) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2019-03-15]
CHR Extension: (YouTube) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-19]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-03-15]
CHR Extension: (Sheets) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-15]
CHR Extension: (Google Docs Offline) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-02-22]
CHR Extension: (Avast Online Security) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-03-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-11-13]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2019-03-15]
CHR Extension: (Gmail) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-19]
CHR Extension: (Chrome Media Router) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-16]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6844776 2019-05-29] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-09] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [409224 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-09] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\75.0.1447.80\elevation_service.exe [978720 2019-06-12] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [980224 2015-07-08] (Broadcom Corporation -> Broadcom Corporation.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11413600 2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373736 2017-05-02] (Intel(R) pGFX -> Intel Corporation)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [76968 2019-04-24] (Lenovo -> Lenovo Group Ltd.)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Trusted Connect Service -> Intel(R) Corporation)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
R2 IntelBCAsvc; C:\Program Files\Intel\BCA\pabeSvc64.exe [3026584 2016-05-06] (Intel(R) Biometric and Context Agent -> Intel(R) Corporation)
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223008 2015-06-24] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.599\McCHSvc.exe [404376 2017-09-05] (McAfee, Inc. -> McAfee, Inc.)
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-03] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [267360 2017-01-23] (Synaptics Incorporated -> Synaptics Incorporated)
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [908256 2016-07-22] (McAfee, Inc. -> McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [15736 2016-07-22] (McAfee, Inc. -> McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2016-07-22] (McAfee, Inc. -> McAfee, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4413440 2019-03-14] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107160 2019-02-16] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-04-26] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37104 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [207448 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [262496 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [205848 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [61472 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-07] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [279120 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [168104 2019-06-20] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112312 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [87944 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1030784 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [477584 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [225600 2019-06-18] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [385880 2019-05-30] (AVAST Software s.r.o. -> AVAST Software)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 iaLPSS_GPIO; C:\WINDOWS\System32\drivers\iaLPSS_GPIO.sys [46856 2015-06-15] (Intel Corporation - Client Components Group -> Intel Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek Semiconductor Corp -> Realtek )
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3049176 2015-05-29] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [72800 2017-01-23] (Synaptics Incorporated -> Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-07 12:46 - 2019-07-07 12:46 - 007025360 _____ (Malwarebytes) C:\Users\helen\Desktop\adwcleaner_7.3.exe
2019-07-07 11:18 - 2019-07-07 11:23 - 000042166 _____ C:\Users\helen\Desktop\Addition.txt
2019-07-07 11:15 - 2019-07-07 13:18 - 000037332 _____ C:\Users\helen\Desktop\FRST.txt
2019-07-07 11:12 - 2019-07-07 11:12 - 002420224 _____ (Farbar) C:\Users\helen\Desktop\FRST64.exe
2019-07-07 11:05 - 2019-07-07 11:05 - 000000000 ___HD C:\$SysReset
2019-07-02 19:18 - 2019-07-07 13:01 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-07-01 19:26 - 2019-07-01 19:26 - 000002566 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-07-01 19:26 - 2019-07-01 19:26 - 000002560 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-07-01 19:26 - 2019-07-01 19:26 - 000002537 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-07-01 19:26 - 2019-07-01 19:26 - 000002532 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-07-01 19:26 - 2019-07-01 19:26 - 000002525 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype pro firmy.lnk
2019-07-01 19:26 - 2019-07-01 19:26 - 000002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-07-01 19:26 - 2019-07-01 19:26 - 000002458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-07-01 19:26 - 2019-07-01 19:26 - 000002454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-07-01 19:26 - 2019-07-01 19:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2019-06-25 05:36 - 2019-06-25 06:01 - 467424252 _____ C:\Users\helen\Downloads\Downton Abbey s05e08.avi
2019-06-24 06:42 - 2019-06-24 06:59 - 323032842 _____ C:\Users\helen\Downloads\Downton Abbey s05e07.avi
2019-06-23 19:08 - 2019-06-23 19:11 - 000544256 _____ C:\Users\helen\Desktop\poster_Telc_2019.pdf
2019-06-23 18:58 - 2019-06-23 19:11 - 001981335 _____ C:\Users\helen\Downloads\poster_Telc_2019.pptx
2019-06-23 15:39 - 2019-06-23 15:57 - 328992170 _____ C:\Users\helen\Downloads\Downton Abbey s05e06.avi
2019-06-23 09:39 - 2019-06-23 09:57 - 321699118 _____ C:\Users\helen\Downloads\Downton-Abbey-S05E05.AVI.avi
2019-06-23 09:38 - 2019-06-23 09:38 - 000000000 ____D C:\ProgramData\TrueKey
2019-06-22 20:13 - 2019-06-22 20:30 - 304336877 _____ C:\Users\helen\Downloads\Downton.Abbey.s05e04.hdtv.x264-fov.mp4
2019-06-21 16:33 - 2019-06-21 16:49 - 283283320 _____ C:\Users\helen\Downloads\Downton.Abbey.s05e03.hdtv.x264-fov.avi
2019-06-20 23:32 - 2019-06-20 23:47 - 280919304 _____ C:\Users\helen\Downloads\Downton.Abbey.S05E02.HDTV.x264-RiVER.mp4
2019-06-20 20:52 - 2019-06-20 21:14 - 386141142 _____ C:\Users\helen\Downloads\Downton.Abbey.S05E01.HDTV.x264-TLA.mp4
2019-06-20 06:37 - 2019-06-20 07:11 - 631603954 _____ C:\Users\helen\Downloads\Downton-Abbey-S04E09a10.avi.part
2019-06-20 06:37 - 2019-06-20 06:37 - 000000000 _____ C:\Users\helen\Downloads\Downton-Abbey-S04E09a10.avi
2019-06-19 17:28 - 2019-06-19 17:40 - 220658874 _____ C:\Users\helen\Downloads\Downton.Abbey.S04E08.mkv
2019-06-19 08:10 - 2019-06-19 08:19 - 168583481 _____ C:\Users\helen\Downloads\Downton.Abbey.S04E07.mkv.part
2019-06-19 08:10 - 2019-06-19 08:10 - 000000000 _____ C:\Users\helen\Downloads\Downton.Abbey.S04E07.mkv
2019-06-19 07:21 - 2019-06-19 07:30 - 168666517 _____ C:\Users\helen\Downloads\Downton.Abbey.S04E06.mkv.part
2019-06-19 07:21 - 2019-06-19 07:21 - 000000000 _____ C:\Users\helen\Downloads\Downton.Abbey.S04E06.mkv
2019-06-18 17:43 - 2019-06-18 17:43 - 000001521 _____ C:\Users\helen\AppData\Local\recently-used.xbel
2019-06-18 07:29 - 2019-06-18 07:39 - 173410519 _____ C:\Users\helen\Downloads\Downton.Abbey.S04E05.mkv.part
2019-06-18 07:29 - 2019-06-18 07:29 - 000000000 _____ C:\Users\helen\Downloads\Downton.Abbey.S04E05.mkv
2019-06-16 15:39 - 2019-06-16 15:39 - 000174001 _____ C:\Users\helen\Downloads\Downton.Abbey.S03E08.mkv
2019-06-14 18:54 - 2019-06-16 17:46 - 170189646 _____ C:\Users\helen\Downloads\Downton.Abbey.S04E04.mkv.part
2019-06-14 18:54 - 2019-06-16 17:36 - 000000000 _____ C:\Users\helen\Downloads\Downton.Abbey.S04E04.mkv
2019-06-14 17:51 - 2019-06-14 18:02 - 168682266 _____ C:\Users\helen\Downloads\Downton.Abbey.S04E03.mkv
2019-06-14 17:38 - 2019-06-14 17:47 - 168727017 _____ C:\Users\helen\Downloads\Downton.Abbey.S04E02.mkv
2019-06-14 17:11 - 2019-06-14 17:24 - 209766205 _____ C:\Users\helen\Downloads\Downton.Abbey.S04E01.mkv
2019-06-14 15:49 - 2019-06-14 16:09 - 366879028 _____ C:\Users\helen\Downloads\Downton.Abbey.S03E09.christmas.special.mkv
2019-06-13 07:31 - 2019-06-13 07:40 - 168633281 _____ C:\Users\helen\Downloads\Downton.Abbey.S03E07.mkv.part
2019-06-13 07:31 - 2019-06-13 07:31 - 000000000 _____ C:\Users\helen\Downloads\Downton.Abbey.S03E07.mkv
2019-06-12 23:43 - 2019-06-12 23:52 - 168401652 _____ C:\Users\helen\Downloads\Downton.Abbey.S03E06.mkv.part
2019-06-12 23:43 - 2019-06-12 23:43 - 000000000 _____ C:\Users\helen\Downloads\Downton.Abbey.S03E06.mkv
2019-06-12 23:00 - 2019-06-12 23:10 - 168478504 _____ C:\Users\helen\Downloads\Downton.Abbey.S03E05.mkv.part
2019-06-12 23:00 - 2019-06-12 23:00 - 000000000 _____ C:\Users\helen\Downloads\Downton.Abbey.S03E05.mkv
2019-06-12 21:44 - 2019-06-07 13:04 - 021388752 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-06-12 21:44 - 2019-06-07 13:04 - 001633136 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-06-12 21:44 - 2019-06-07 12:48 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-06-12 21:44 - 2019-06-07 12:47 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-06-12 21:44 - 2019-06-07 12:45 - 012756480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-06-12 21:44 - 2019-06-07 12:42 - 003613696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-06-12 21:44 - 2019-06-07 12:40 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-06-12 21:44 - 2019-06-07 12:40 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-06-12 21:44 - 2019-06-07 12:23 - 001453920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-06-12 21:44 - 2019-06-07 12:19 - 020383832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-06-12 21:44 - 2019-06-07 12:07 - 011942400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-06-12 21:44 - 2019-06-07 12:04 - 004056064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-06-12 21:44 - 2019-06-07 12:04 - 002881536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-06-12 21:44 - 2019-06-07 12:04 - 001471488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-06-12 21:44 - 2019-06-07 08:07 - 000707384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-06-12 21:44 - 2019-06-07 08:01 - 001035040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-06-12 21:44 - 2019-06-07 07:58 - 001220112 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-06-12 21:44 - 2019-06-07 07:58 - 001027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-06-12 21:44 - 2019-06-07 07:58 - 000422416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll
2019-06-12 21:44 - 2019-06-07 07:57 - 007519896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-06-12 21:44 - 2019-06-07 07:57 - 007436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-06-12 21:44 - 2019-06-07 07:57 - 002811192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-06-12 21:44 - 2019-06-07 07:57 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-06-12 21:44 - 2019-06-07 07:57 - 001934808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-06-12 21:44 - 2019-06-07 07:57 - 001209696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-06-12 21:44 - 2019-06-07 07:57 - 000792888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-06-12 21:44 - 2019-06-07 07:57 - 000709728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-06-12 21:44 - 2019-06-07 07:57 - 000594024 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-06-12 21:44 - 2019-06-07 07:57 - 000435000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-06-12 21:44 - 2019-06-07 07:57 - 000413720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2019-06-12 21:44 - 2019-06-07 07:57 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-06-12 21:44 - 2019-06-07 07:57 - 000383504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-06-12 21:44 - 2019-06-07 07:57 - 000170296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-06-12 21:44 - 2019-06-07 07:57 - 000148280 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2019-06-12 21:44 - 2019-06-07 07:57 - 000137448 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2019-06-12 21:44 - 2019-06-07 07:56 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-06-12 21:44 - 2019-06-07 07:46 - 006569344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-06-12 21:44 - 2019-06-07 07:46 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-06-12 21:44 - 2019-06-07 07:46 - 001805656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-06-12 21:44 - 2019-06-07 07:46 - 001011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-06-12 21:44 - 2019-06-07 07:46 - 000357072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2019-06-12 21:44 - 2019-06-07 07:38 - 025857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-06-12 21:44 - 2019-06-07 07:37 - 022019584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-06-12 21:44 - 2019-06-07 07:31 - 019372544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-06-12 21:44 - 2019-06-07 07:27 - 022718976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-06-12 21:44 - 2019-06-07 07:24 - 005784064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-06-12 21:44 - 2019-06-07 07:24 - 003400704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-06-12 21:44 - 2019-06-07 07:22 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-06-12 21:44 - 2019-06-07 07:22 - 003710976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-06-12 21:44 - 2019-06-07 07:22 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
2019-06-12 21:44 - 2019-06-07 07:21 - 007588864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-06-12 21:44 - 2019-06-07 07:21 - 004866048 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-06-12 21:44 - 2019-06-07 07:21 - 001778688 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-06-12 21:44 - 2019-06-07 07:21 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-06-12 21:44 - 2019-06-07 07:21 - 000473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-06-12 21:44 - 2019-06-07 07:21 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-06-12 21:44 - 2019-06-07 07:20 - 002610688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-06-12 21:44 - 2019-06-07 07:20 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-06-12 21:44 - 2019-06-07 07:20 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-06-12 21:44 - 2019-06-07 07:19 - 003212288 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-06-12 21:44 - 2019-06-07 07:19 - 002175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-06-12 21:44 - 2019-06-07 07:19 - 001560576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-06-12 21:44 - 2019-06-07 07:19 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-06-12 21:44 - 2019-06-07 07:18 - 002166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-06-12 21:44 - 2019-06-07 07:18 - 000686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-06-12 21:44 - 2019-06-07 07:18 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-06-12 21:44 - 2019-06-07 07:17 - 001920000 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-06-12 21:44 - 2019-06-07 07:17 - 000961024 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-06-12 21:44 - 2019-06-07 07:17 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-06-12 21:44 - 2019-06-07 07:16 - 001102336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-06-12 21:44 - 2019-06-07 07:16 - 000900096 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-06-12 21:44 - 2019-06-07 07:16 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-06-12 21:44 - 2019-05-19 00:12 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-06-12 21:44 - 2019-05-17 14:40 - 002394960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2019-06-12 21:44 - 2019-05-17 14:40 - 000280888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2019-06-12 21:44 - 2019-05-17 14:27 - 006586880 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-06-12 21:44 - 2019-05-17 14:26 - 004393984 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-06-12 21:44 - 2019-05-17 14:25 - 004718080 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-06-12 21:44 - 2019-05-17 14:25 - 004491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2019-06-12 21:44 - 2019-05-17 14:21 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2019-06-12 21:44 - 2019-05-17 14:00 - 005658112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-06-12 21:44 - 2019-05-17 13:58 - 003397632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2019-06-12 21:44 - 2019-05-17 10:52 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-06-12 21:44 - 2019-05-17 09:07 - 000105272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2019-06-12 21:44 - 2019-05-17 08:44 - 000550520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2019-06-12 21:44 - 2019-05-17 08:42 - 005625160 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-06-12 21:44 - 2019-05-17 08:42 - 004789944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-06-12 21:44 - 2019-05-17 08:42 - 002256560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-06-12 21:44 - 2019-05-17 08:42 - 001989552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-06-12 21:44 - 2019-05-17 08:42 - 001980256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-06-12 21:44 - 2019-05-17 08:42 - 001620264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-06-12 21:44 - 2019-05-17 08:42 - 001380096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2019-06-12 21:44 - 2019-05-17 08:42 - 000125504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2019-06-12 21:44 - 2019-05-17 08:30 - 013878784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-06-12 21:44 - 2019-05-17 08:26 - 002969600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-06-12 21:44 - 2019-05-17 08:23 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2019-06-12 21:44 - 2019-05-17 08:21 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2019-06-12 21:44 - 2019-05-17 08:19 - 004515840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-06-12 21:44 - 2019-05-17 08:19 - 001630720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-06-12 21:44 - 2019-05-17 08:19 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2019-06-12 21:44 - 2019-05-17 08:18 - 002796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2019-06-12 21:44 - 2019-05-17 08:08 - 000723432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-06-12 21:44 - 2019-05-17 08:08 - 000491200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-06-12 21:44 - 2019-05-17 08:08 - 000401328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2019-06-12 21:44 - 2019-05-17 08:07 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-06-12 21:44 - 2019-05-17 08:07 - 002768960 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-06-12 21:44 - 2019-05-17 08:07 - 002571640 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-06-12 21:44 - 2019-05-17 08:07 - 002467320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-06-12 21:44 - 2019-05-17 08:07 - 001459120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-06-12 21:44 - 2019-05-17 08:07 - 001288712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-06-12 21:44 - 2019-05-17 08:07 - 001260272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-06-12 21:44 - 2019-05-17 08:06 - 001943136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-06-12 21:44 - 2019-05-17 08:06 - 001784696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-06-12 21:44 - 2019-05-17 08:06 - 000151888 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2019-06-12 21:44 - 2019-05-17 08:04 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-06-12 21:44 - 2019-05-17 07:44 - 016597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-06-12 21:44 - 2019-05-17 07:38 - 004709376 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-06-12 21:44 - 2019-05-17 07:37 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-06-12 21:44 - 2019-05-17 07:35 - 000362496 _____ (Microsoft Corporation) C:\WINDOWS\system32\esentutl.exe
2019-06-12 21:44 - 2019-05-17 07:34 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2019-06-12 21:44 - 2019-05-17 07:34 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-06-12 21:44 - 2019-05-17 07:34 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2019-06-12 21:44 - 2019-05-17 07:34 - 000047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll
2019-06-12 21:44 - 2019-05-17 07:33 - 003091456 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-06-12 21:44 - 2019-05-17 07:33 - 002912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-06-12 21:44 - 2019-05-17 07:33 - 002370560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-06-12 21:44 - 2019-05-17 07:33 - 001487360 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2019-06-12 21:44 - 2019-05-17 07:33 - 000787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2019-06-12 21:44 - 2019-05-17 07:31 - 004937216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-06-12 21:44 - 2019-05-17 07:31 - 003376640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2019-06-12 21:44 - 2019-05-17 07:31 - 003293184 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2019-06-12 21:44 - 2019-05-17 07:31 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-06-12 21:44 - 2019-05-17 07:31 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-06-12 21:44 - 2019-05-17 07:31 - 001383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-06-12 21:44 - 2019-05-17 07:31 - 001215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-06-12 21:44 - 2019-05-17 07:31 - 001211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2019-06-12 21:44 - 2019-05-17 07:31 - 001027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2019-06-12 21:44 - 2019-05-17 07:31 - 000620032 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-06-12 21:44 - 2019-05-17 07:30 - 000917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2019-06-12 21:44 - 2019-05-17 07:30 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-06-12 21:44 - 2019-05-17 07:30 - 000276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2019-06-12 21:43 - 2019-06-07 12:41 - 004055552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-06-12 21:43 - 2019-06-07 12:10 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-06-12 21:43 - 2019-06-07 07:58 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-06-12 21:43 - 2019-06-07 07:58 - 000135176 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-06-12 21:43 - 2019-06-07 07:58 - 000076304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-06-12 21:43 - 2019-06-07 07:57 - 000494304 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-06-12 21:43 - 2019-06-07 07:56 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-06-12 21:43 - 2019-06-07 07:47 - 000380432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-06-12 21:43 - 2019-06-07 07:47 - 000097272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2019-06-12 21:43 - 2019-06-07 07:46 - 000581048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-06-12 21:43 - 2019-06-07 07:46 - 000128792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2019-06-12 21:43 - 2019-06-07 07:24 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-06-12 21:43 - 2019-06-07 07:23 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-06-12 21:43 - 2019-06-07 07:23 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-06-12 21:43 - 2019-06-07 07:23 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-06-12 21:43 - 2019-06-07 07:22 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-06-12 21:43 - 2019-06-07 07:22 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2019-06-12 21:43 - 2019-06-07 07:20 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-06-12 21:43 - 2019-06-07 07:19 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-06-12 21:43 - 2019-06-07 07:19 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll
2019-06-12 21:43 - 2019-06-07 07:16 - 000478720 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2019-06-12 21:43 - 2019-06-07 06:00 - 000001308 _____ C:\WINDOWS\system32\tcbres.wim
2019-06-12 21:43 - 2019-05-19 00:12 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-06-12 21:43 - 2019-05-19 00:12 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-06-12 21:43 - 2019-05-19 00:12 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-06-12 21:43 - 2019-05-17 14:44 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-06-12 21:43 - 2019-05-17 14:25 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsUpdateElevatedInstaller.exe
2019-06-12 21:43 - 2019-05-17 14:24 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2019-06-12 21:43 - 2019-05-17 14:23 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2019-06-12 21:43 - 2019-05-17 14:22 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2019-06-12 21:43 - 2019-05-17 14:22 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2019-06-12 21:43 - 2019-05-17 14:21 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2019-06-12 21:43 - 2019-05-17 14:21 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-06-12 21:43 - 2019-05-17 14:21 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3gpui.dll
2019-06-12 21:43 - 2019-05-17 14:21 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2019-06-12 21:43 - 2019-05-17 14:20 - 002084864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-06-12 21:43 - 2019-05-17 14:19 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2019-06-12 21:43 - 2019-05-17 14:07 - 002206424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2019-06-12 21:43 - 2019-05-17 13:56 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2019-06-12 21:43 - 2019-05-17 13:56 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3gpui.dll
2019-06-12 21:43 - 2019-05-17 13:55 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2019-06-12 21:43 - 2019-05-17 13:55 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2019-06-12 21:43 - 2019-05-17 13:55 - 000470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2019-06-12 21:43 - 2019-05-17 13:54 - 002016768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-06-12 21:43 - 2019-05-17 13:54 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2019-06-12 21:43 - 2019-05-17 11:33 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-06-12 21:43 - 2019-05-17 08:44 - 000829960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2019-06-12 21:43 - 2019-05-17 08:43 - 000297688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2019-06-12 21:43 - 2019-05-17 08:42 - 001130568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-06-12 21:43 - 2019-05-17 08:42 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2019-06-12 21:43 - 2019-05-17 08:23 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2019-06-12 21:43 - 2019-05-17 08:23 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-06-12 21:43 - 2019-05-17 08:22 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2019-06-12 21:43 - 2019-05-17 08:22 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2019-06-12 21:43 - 2019-05-17 08:21 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-06-12 21:43 - 2019-05-17 08:21 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esentutl.exe
2019-06-12 21:43 - 2019-05-17 08:20 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2019-06-12 21:43 - 2019-05-17 08:20 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2019-06-12 21:43 - 2019-05-17 08:19 - 001110528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2019-06-12 21:43 - 2019-05-17 08:19 - 001073664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-06-12 21:43 - 2019-05-17 08:19 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2019-06-12 21:43 - 2019-05-17 08:18 - 001006592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2019-06-12 21:43 - 2019-05-17 08:18 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-06-12 21:43 - 2019-05-17 08:08 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-06-12 21:43 - 2019-05-17 08:07 - 000930616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2019-06-12 21:43 - 2019-05-17 08:07 - 000275768 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-06-12 21:43 - 2019-05-17 08:07 - 000260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-06-12 21:43 - 2019-05-17 08:06 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2019-06-12 21:43 - 2019-05-17 08:06 - 001140992 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-06-12 21:43 - 2019-05-17 08:06 - 001098056 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-06-12 21:43 - 2019-05-17 08:06 - 000983424 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-06-12 21:43 - 2019-05-17 08:00 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2019-06-12 21:43 - 2019-05-17 07:37 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2019-06-12 21:43 - 2019-05-17 07:37 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DuCsps.dll
2019-06-12 21:43 - 2019-05-17 07:36 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-06-12 21:43 - 2019-05-17 07:36 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2019-06-12 21:43 - 2019-05-17 07:36 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2019-06-12 21:43 - 2019-05-17 07:36 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2019-06-12 21:43 - 2019-05-17 07:36 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2019-06-12 21:43 - 2019-05-17 07:36 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2019-06-12 21:43 - 2019-05-17 07:36 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-06-12 21:43 - 2019-05-17 07:35 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-06-12 21:43 - 2019-05-17 07:35 - 000322560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-06-12 21:43 - 2019-05-17 07:34 - 000671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2019-06-12 21:43 - 2019-05-17 07:34 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2019-06-12 21:43 - 2019-05-17 07:34 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-06-12 21:43 - 2019-05-17 07:34 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2019-06-12 21:43 - 2019-05-17 07:33 - 001214464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-06-12 21:43 - 2019-05-17 07:33 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2019-06-12 21:43 - 2019-05-17 07:32 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2019-06-12 21:43 - 2019-05-17 07:32 - 000815104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-06-12 21:43 - 2019-05-17 07:31 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-06-12 21:15 - 2019-06-12 21:24 - 168745492 _____ C:\Users\helen\Downloads\Downton.Abbey.S03E04.mkv
2019-06-11 18:35 - 2019-06-11 18:45 - 166568259 _____ C:\Users\helen\Downloads\Downton.Abbey.S03E03.mkv
2019-06-11 17:47 - 2019-06-11 17:47 - 000000000 _____ C:\Users\helen\Downloads\Downton.Abbey.S03E02.mkv
2019-06-11 17:46 - 2019-06-11 17:56 - 168651097 _____ C:\Users\helen\Downloads\Downton.Abbey.S03E02.mkv.part
2019-06-11 06:48 - 2019-06-11 06:59 - 209918902 _____ C:\Users\helen\Downloads\Downton.Abbey.S03E01.mkv.part
2019-06-11 06:48 - 2019-06-11 06:48 - 000000000 _____ C:\Users\helen\Downloads\Downton.Abbey.S03E01.mkv
2019-06-10 07:45 - 2019-06-10 08:05 - 366794237 _____ C:\Users\helen\Downloads\downton.abbey.christmas.special.2011.480p.mkv.part
2019-06-10 07:45 - 2019-06-10 07:45 - 000000000 _____ C:\Users\helen\Downloads\downton.abbey.christmas.special.2011.480p.mkv
2019-06-09 23:43 - 2019-06-09 23:52 - 170651733 _____ C:\Users\helen\Downloads\downton.abbey.s02e08.mkv
2019-06-09 22:57 - 2019-06-09 23:06 - 170709741 _____ C:\Users\helen\Downloads\downton.abbey.s02e07.mkv.part
2019-06-09 22:57 - 2019-06-09 22:57 - 000000000 _____ C:\Users\helen\Downloads\downton.abbey.s02e07.mkv
2019-06-09 21:39 - 2019-06-09 21:48 - 160118122 _____ C:\Users\helen\Downloads\downton.abbey.s02e06.mkv.part
2019-06-09 21:39 - 2019-06-09 21:39 - 000000000 _____ C:\Users\helen\Downloads\downton.abbey.s02e06.mkv
2019-06-09 20:29 - 2019-06-09 20:39 - 170368438 _____ C:\Users\helen\Downloads\downton.abbey.s02e05.mkv
2019-06-09 14:07 - 2019-06-09 14:56 - 295035930 _____ C:\Users\helen\Downloads\Downton.Abbey.S02E04.720p.BluRay.x265.HEVC.TVS.Farda.DL.mkv.part
2019-06-09 14:07 - 2019-06-09 14:07 - 000000000 _____ C:\Users\helen\Downloads\Downton.Abbey.S02E04.720p.BluRay.x265.HEVC.TVS.Farda.DL.mkv
2019-06-09 13:11 - 2019-06-09 13:34 - 405417727 _____ C:\Users\helen\Downloads\Downton.Abbey.S02E03.DVDRip.XviD-0.mkv.part
2019-06-09 13:11 - 2019-06-09 13:11 - 000000000 _____ C:\Users\helen\Downloads\Downton.Abbey.S02E03.DVDRip.XviD-0.mkv
2019-06-08 19:20 - 2019-06-08 19:35 - 160241535 _____ C:\Users\helen\Downloads\downton.abbey.s02e02.mkv.part
2019-06-08 19:20 - 2019-06-08 19:20 - 000000000 _____ C:\Users\helen\Downloads\downton.abbey.s02e02.mkv
2019-06-08 09:56 - 2019-06-08 10:55 - 362546806 _____ C:\Users\helen\Downloads\Downton.Abbey.S02E01.720p.BluRay.x265.HEVC.TVS.Farda.DL.mkv.part
2019-06-07 09:04 - 2019-06-07 09:14 - 181589241 _____ C:\Users\helen\Downloads\downton.abbey.s01e07.Tehmovies.ir.mkv
2019-06-07 00:18 - 2019-06-07 00:27 - 168435076 _____ C:\Users\helen\Downloads\downton.abbey.s01e06.Tehmovies.ir.mkv

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-07 13:15 - 2017-10-16 22:12 - 000000000 ____D C:\FRST
2019-07-07 13:11 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-07-07 13:01 - 2016-11-18 22:12 - 000000000 ____D C:\Users\helen\AppData\LocalLow\Mozilla
2019-07-07 13:01 - 2016-06-24 17:33 - 000001231 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-07-07 13:01 - 2016-06-24 17:33 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-07-07 13:01 - 2016-06-24 17:27 - 000000000 __SHD C:\Users\helen\IntelGraphicsProfiles
2019-07-07 13:00 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-07-07 13:00 - 2017-10-25 20:16 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-07-07 12:59 - 2018-06-16 08:38 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-07-07 12:58 - 2018-06-16 08:12 - 000000000 ____D C:\Users\helen
2019-07-07 12:58 - 2018-04-11 23:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-07-07 12:51 - 2017-10-16 21:44 - 000000000 ____D C:\AdwCleaner
2019-07-07 12:45 - 2018-06-15 02:48 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-07-07 11:08 - 2018-06-16 08:38 - 000004162 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{62D9231A-5F82-4B44-B1D0-93D26DD0F831}
2019-07-05 18:05 - 2018-01-12 17:43 - 000000000 ____D C:\Users\helen\AppData\Local\Packages
2019-07-04 18:58 - 2018-06-16 08:38 - 000003374 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-31940000-418457942-2495688642-1001
2019-07-04 18:58 - 2018-06-16 08:12 - 000002366 _____ C:\Users\helen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-07-04 18:58 - 2016-06-24 17:31 - 000000000 ___RD C:\Users\helen\OneDrive
2019-07-02 16:58 - 2018-06-16 08:38 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-07-01 21:07 - 2018-06-16 08:38 - 000003746 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-07-01 21:07 - 2018-06-16 08:38 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2019-07-01 21:07 - 2018-06-16 08:38 - 000003446 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2019-07-01 21:07 - 2018-06-16 08:38 - 000003400 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-07-01 21:07 - 2018-06-16 08:38 - 000003176 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-07-01 21:07 - 2018-06-16 08:38 - 000002374 _____ C:\WINDOWS\System32\Tasks\{1B2DA86E-7160-40E5-B184-74CCA60EF23E}
2019-07-01 21:07 - 2018-06-16 08:38 - 000002274 _____ C:\WINDOWS\System32\Tasks\DolbySelectorTask
2019-07-01 21:07 - 2018-06-16 08:38 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2019-07-01 20:36 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-07-01 19:25 - 2015-09-02 18:46 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-06-30 13:13 - 2018-08-19 22:04 - 000000000 ____D C:\Users\helen\AppData\Local\CrashDumps
2019-06-30 11:09 - 2019-04-17 19:40 - 000003856 _____ C:\WINDOWS\System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2019-06-30 11:09 - 2019-04-17 19:40 - 000003272 _____ C:\WINDOWS\System32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2019-06-30 11:09 - 2018-04-09 00:17 - 000002505 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2019-06-30 11:09 - 2018-04-09 00:17 - 000002470 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2019-06-30 10:52 - 2018-07-09 20:28 - 000000000 ____D C:\ProgramData\Packages
2019-06-25 06:01 - 2016-06-25 12:26 - 000000000 ____D C:\Users\helen\AppData\Roaming\vlc
2019-06-21 23:54 - 2017-03-19 19:23 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-06-21 23:54 - 2017-03-19 19:23 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-06-21 18:24 - 2017-09-29 16:59 - 000000000 ____D C:\Program Files\rempl
2019-06-20 18:47 - 2016-08-10 10:11 - 000168104 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-06-19 10:15 - 2018-06-16 08:23 - 001692472 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-06-19 10:15 - 2018-06-15 12:28 - 000717298 _____ C:\WINDOWS\system32\perfh005.dat
2019-06-19 10:15 - 2018-06-15 12:28 - 000145074 _____ C:\WINDOWS\system32\perfc005.dat
2019-06-19 10:15 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-06-19 10:10 - 2018-01-12 18:10 - 000000000 ___RD C:\Users\helen\3D Objects
2019-06-19 10:10 - 2016-04-27 08:39 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-06-19 10:08 - 2018-06-15 02:48 - 000434080 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-06-19 10:05 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-06-19 10:05 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-06-19 10:05 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\Provisioning
2019-06-19 10:05 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-06-19 10:01 - 2016-08-23 13:44 - 000000000 ____D C:\Users\helen\.gimp-2.8
2019-06-18 17:43 - 2016-08-23 13:49 - 000000000 ____D C:\Users\helen\AppData\Local\gtk-2.0
2019-06-18 17:08 - 2017-07-08 18:19 - 000000000 ____D C:\Program Files\UNP
2019-06-18 07:33 - 2016-08-10 10:11 - 000225600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-06-14 19:00 - 2016-06-26 08:19 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-06-13 21:24 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-06-12 22:21 - 2016-06-25 08:21 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-06-12 21:40 - 2016-06-25 08:21 - 135349160 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-06-12 07:06 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-06-12 07:06 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed

==================== Files in the root of some directories ================

2019-06-18 17:43 - 2019-06-18 17:43 - 000001521 _____ () C:\Users\helen\AppData\Local\recently-used.xbel

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 3-07-2019
Ran by helen (07-07-2019 13:18:53)
Running from C:\Users\helen\Desktop
Windows 10 Home Version 1803 17134.829 (X64) (2018-06-16 06:40:31)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-31940000-418457942-2495688642-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-31940000-418457942-2495688642-503 - Limited - Disabled)
Guest (S-1-5-21-31940000-418457942-2495688642-501 - Limited - Disabled)
helen (S-1-5-21-31940000-418457942-2495688642-1001 - Administrator - Enabled) => C:\Users\helen
WDAGUtilityAccount (S-1-5-21-31940000-418457942-2495688642-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.207 - Adobe)
Application Verifier x64 External Package (HKLM\...\{62CB44B2-8007-DBB2-1CBA-5CB7309EB3C3}) (Version: 10.1.17134.12 - Microsoft) Hidden
Atom (HKU\S-1-5-21-31940000-418457942-2495688642-1001\...\atom) (Version: 1.32.2 - GitHub Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.5.2378 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 75.0.1447.80 - AVAST Software)
calibre (HKLM-x32\...\{4E5DD3E4-963F-4EDA-8863-A6B691CECC1E}) (Version: 2.76.0 - Kovid Goyal)
Components (HKLM-x32\...\{1720B0E0-C520-43A6-B677-97A1D80F3B99}) (Version: 1.0.023.00 - Lenovo) Hidden
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
EndNote X7 (HKLM-x32\...\{86B3F2D6-AC2B-0017-8AE1-F2F77F781B0C}) (Version: 17.2.1.8311 - Thomson Reuters)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.5.0.4.1001 - Genesys Logic)
GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team)
Git version 2.19.1 (HKLM\...\Git_is1) (Version: 2.19.1 - The Git Development Community)
GOG.com Heroes of Might and Magic 3 (HKLM\...\{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}.sdb) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.100 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
Heroes of Might and Magic 2 GOLD (HKLM-x32\...\Heroes of Might and Magic 2 GOLD_is1) (Version: - GOG.com)
Intel Security True Key (HKLM\...\TrueKey) (Version: 4.4.135.1 - Intel Security)
Intel(R) Chipset Device Software (HKLM-x32\...\{c6cff78a-cccb-49d5-be68-ae0ec5f0d48a}) (Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1153 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4624 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.6.0.1029 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.253.0 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Kits Configuration Installer (HKLM-x32\...\{6F502640-B753-C101-FFA5-B38C3FA5B29A}) (Version: 10.1.17134.12 - Microsoft) Hidden
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.1.690 - Broadcom Corporation)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11103 - Realtek Semiconductor Corp.)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 2.0.9.0 - Lenovo)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.4706 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.4706 - CyberLink Corp.)
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 2.5.5720.01 - CyberLink Corp.)
Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.019.00 - Lenovo)
Lenovo_Wireless_Driver (HKLM-x32\...\{5D642A72-8194-4A22-80DA-11FE610CCA8E}) (Version: 7.35.267 - Lenovo)
LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.9 - Thibaut Lauziere)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.599.11 - McAfee, Inc.)
Metric Collection SDK (HKLM-x32\...\{DDAA788F-52E6-44EA-ADB8-92837B11BF26}) (Version: 1.1.0012.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.11727.20230 - Microsoft Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.11727.20230 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-31940000-418457942-2495688642-1001\...\OneDriveSetup.exe) (Version: 19.103.0527.0003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-31940000-418457942-2495688642-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.30.2 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.17.1298.831 - Microsoft Corporation)
Mozilla Firefox 67.0.4 (x64 cs) (HKLM\...\Mozilla Firefox 67.0.4 (x64 cs)) (Version: 67.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 67.0.4.7109 - Mozilla)
MSI Development Tools (HKLM-x32\...\{1E406B46-65F4-91CE-65DA-DB66D5443B68}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11727.20230 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11727.20230 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11727.20230 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.11727.20230 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.11727.20230 - Microsoft Corporation) Hidden
OpenOffice 4.1.2 (HKLM-x32\...\{69D27D4C-36CE-4CB2-A290-C38B0A990955}) (Version: 4.12.9782 - Apache Software Foundation)
Python 3.6.4 (32-bit) (HKU\S-1-5-21-31940000-418457942-2495688642-1001\...\{9218130b-5ad0-4cf7-82be-6993cfd6cb84}) (Version: 3.6.4150.0 - Python Software Foundation)
Python 3.6.4 Add to Path (32-bit) (HKLM-x32\...\{B7F6071F-CC88-469C-9AC6-BEBA83594819}) (Version: 3.6.4150.0 - Python Software Foundation) Hidden
Python 3.6.4 Core Interpreter (32-bit) (HKLM-x32\...\{D188614B-E656-4EF1-9F5A-23559EBE8F5A}) (Version: 3.6.4150.0 - Python Software Foundation) Hidden
Python 3.6.4 Development Libraries (32-bit) (HKLM-x32\...\{C3797E33-967D-4687-8F1A-9DE771A00125}) (Version: 3.6.4150.0 - Python Software Foundation) Hidden
Python 3.6.4 Documentation (32-bit) (HKLM-x32\...\{E09874D3-E898-4AB6-B043-EE24DF786088}) (Version: 3.6.4150.0 - Python Software Foundation) Hidden
Python 3.6.4 Executables (32-bit) (HKLM-x32\...\{47A75DB9-F3F5-4697-9261-DBA5162DBB9E}) (Version: 3.6.4150.0 - Python Software Foundation) Hidden
Python 3.6.4 pip Bootstrap (32-bit) (HKLM-x32\...\{54142B43-2FA5-4BBA-BF03-27C10EB50C1E}) (Version: 3.6.4150.0 - Python Software Foundation) Hidden
Python 3.6.4 Standard Library (32-bit) (HKLM-x32\...\{2832768E-9BCA-4421-950C-7186B3BDFC45}) (Version: 3.6.4150.0 - Python Software Foundation) Hidden
Python 3.6.4 Tcl/Tk Support (32-bit) (HKLM-x32\...\{20888FA1-8127-42E3-969F-9BF93245AC83}) (Version: 3.6.4150.0 - Python Software Foundation) Hidden
Python 3.6.4 Test Suite (32-bit) (HKLM-x32\...\{D14FB2FA-51B2-415C-93BF-5053102235EE}) (Version: 3.6.4150.0 - Python Software Foundation) Hidden
Python 3.6.4 Utility Scripts (32-bit) (HKLM-x32\...\{D0730E44-E519-4F39-B926-E2FC0449D67C}) (Version: 3.6.4150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{B42FF40A-60D4-4096-AC47-C86153D72797}) (Version: 3.6.6196.0 - Python Software Foundation)
qBittorrent 3.3.11 (HKLM-x32\...\qBittorrent) (Version: 3.3.11 - The qBittorrent project)
REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: 2.5.005.12 - Lenovo)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7606 - Realtek Semiconductor Corp.)
ResearchSoft Direct Export Helper (HKLM-x32\...\ResearchSoft Direct Export Helper) (Version: - Thomson Reuters)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.51.0 - SAMSUNG Electronics Co., Ltd.)
SDK ARM Additions (HKLM-x32\...\{346B2C02-CC0D-6E09-8B9D-CAA2821473CF}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
SDK ARM Redistributables (HKLM-x32\...\{825784BB-114D-ADB3-B65F-E1EB2A63C3BC}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.5.5.0 - Lenovo)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
SnapGene Viewer (HKLM-x32\...\SnapGene Viewer) (Version: 4.3.7 - GSL Biotech LLC)
Universal CRT Extension SDK (HKLM-x32\...\{18ABFDF6-23D9-87E6-015E-FFE3C7F153D5}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{0D6B41AF-D117-8944-A059-3F9346A896C5}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{B6273353-8B54-1F89-1A16-5940925104CE}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{BA6F1D53-C3F2-F9D5-80CE-CEF608E36AD3}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{6E43CA0C-046E-4F38-A0A2-3B1BA139B661}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{775886B8-DEE1-CB20-8A94-FC09FA54ECF6}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo)
vcpp_crt.redist.clickonce (HKLM-x32\...\{D182FB25-9A73-4725-A2C4-2C33900B920E}) (Version: 14.15.26706 - Microsoft Corporation) Hidden
Visual Studio Build Tools 2017 (HKLM-x32\...\5cf44176) (Version: 15.8.28010.2046 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.6 - VideoLAN)
vs_FileTracker_Singleton (HKLM-x32\...\{8EB2C670-04C2-482D-BACD-B4095E27FD39}) (Version: 15.6.27309 - Microsoft Corporation) Hidden
WinAppDeploy (HKLM-x32\...\{5AD4A604-B476-1578-2A20-6B02FC6258BE}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
Windows Driver Package - Pololu Corporation CP2102 USB-to-Serial Bridge Driver (10/05/2012 6.6.0.0) (HKLM\...\CBDC7C39EE7C949A0CE5E2BAFB214055611003A7) (Version: 10/05/2012 6.6.0.0 - Pololu Corporation)
Windows Driver Package - Silicon Laboratories (silabenm) Ports (10/05/2012 6.6.0.0) (HKLM\...\5118100F6945E20FB40C6DEA7D3D348AFD9E43D7) (Version: 10/05/2012 6.6.0.0 - Silicon Laboratories)
Windows Mobile Connectivity Tools 10.0.15254.0 - Desktop x86 (HKLM-x32\...\{833F02C5-2C39-49F6-BD64-91D351081274}) (Version: 10.1.15254.1 - Microsoft Corporation)
Windows SDK AddOn (HKLM-x32\...\{E77C2F78-6089-48F8-89DF-DDF2850DFFD9}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.17134.12 (HKLM-x32\...\{5f83ccda-0498-4b97-a298-16a642bf49f2}) (Version: 10.1.17134.12 - Microsoft Corporation)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{389D182F-0ADA-5C7E-FF32-2573A821592C}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{C3776B36-B34E-00E2-3009-95A6F1870B58}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{965D1746-D94A-49B9-2A48-A14914CA3B57}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{84C6B91B-67DA-DDE3-86F1-87A3E307E8C1}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
WinRT Intellisense Mobile - en-us (HKLM-x32\...\{3755CD99-C62E-3312-DDD3-29A4F259270D}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{729DA966-8590-2C1F-2178-16C1D32FD7FD}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{F1C18506-3168-A9D9-E2D9-D23A512A326E}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{4095D263-6A13-78D3-DEDA-AA3452011F6E}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{C3243E23-2EB6-4419-2692-40944923B112}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden

Packages:
=========
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.142.300.0_x86__kgqvnymyfvs32 [2019-07-01] (king.com)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_100.1.575.0_x64__v10z8vjag6ke6 [2019-06-30] (HP Inc.)
Lenovo Settings -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoSettings_3.177.0.0_x86__4642shxvsv8s2 [2018-01-03] (LENOVO INCORPORATED.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_4.27.32.0_x86__k1h2ywk1493x8 [2019-03-26] (LENOVO INC.)
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe [2019-06-01] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1807.8.0_x64__8wekyb3d8bbwe [2018-08-01] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1807.9.0_x64__8wekyb3d8bbwe [2018-08-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2018-11-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_3.9.4100.0_x64__8wekyb3d8bbwe [2019-04-19] (Microsoft Studios) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.11723.0_x64__8wekyb3d8bbwe [2019-06-30] (Microsoft Corporation) [MS Ad]
Microsoft Phone -> C:\Program Files\WindowsApps\Microsoft.CommsPhone_3.43.20002.1000_x64__8wekyb3d8bbwe [2018-09-09] (Microsoft Corporation)
Microsoft Phone Companion -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1802.311.0_x64__8wekyb3d8bbwe [2018-02-13] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-16] (Microsoft Studios) [MS Ad]
Microsoft Treasure Hunt -> C:\Program Files\WindowsApps\Microsoft.MicrosoftTreasureHunt_1.2.1812.2011_x86__8wekyb3d8bbwe [2019-03-23] (Microsoft Studios) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.29.10701.0_x64__8wekyb3d8bbwe [2019-03-22] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.28.3242.0_x64__8wekyb3d8bbwe [2018-12-15] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-09] (Twitter Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-31940000-418457942-2495688642-1001_Classes\CLSID\{cece6816-6107-4dc7-bdbc-20cd5ae1ffed}\localserver32 -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoAppPromotionPlugin\x64\DesktopToastsHelper.exe => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2015-07-13] (LENOVO -> Lenovo)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2015-07-13] (LENOVO -> Lenovo)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-05-02] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-05-19 18:11 - 2015-05-19 18:11 - 000007680 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
2017-01-30 19:38 - 2016-09-22 08:11 - 000081920 _____ () [File not signed] C:\Program Files (x86)\Lenovo\Lenovo Photo Master\koan\_ctypes.pyd
2017-01-30 19:39 - 2016-09-22 08:06 - 001732608 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\PyImage\ijl20.dll
2015-07-27 20:28 - 2015-07-27 20:28 - 000562688 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2015-07-27 20:28 - 2015-07-27 20:28 - 000285184 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2017-01-30 19:39 - 2016-09-22 08:06 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Lenovo\Lenovo Photo Master\MSVCR71.dll
2018-04-20 04:18 - 2018-04-20 04:18 - 000444416 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\D3DREF9.DLL
2018-06-16 08:15 - 2018-06-16 08:15 - 001105920 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80.DLL
2018-06-16 08:15 - 2018-06-16 08:15 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80U.DLL
2018-06-16 08:15 - 2018-06-16 08:15 - 000057344 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_03ca5532205cb096\MFC80ENU.DLL
2017-01-30 19:39 - 2016-09-22 08:11 - 002113536 _____ (Python Software Foundation) [File not signed] C:\Program Files (x86)\Lenovo\Lenovo Photo Master\koan\python25.dll
2016-08-04 20:46 - 2014-07-08 13:07 - 001148928 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\TrueKey\SQLite.Interop.dll
2019-03-15 09:38 - 2018-08-12 21:29 - 001255424 _____ (Robert Simpson, et al.) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\GenericMessagingPlugin\x86\x86\SQLite.Interop.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 13:04 - 2019-01-08 08:04 - 000000869 _____ C:\WINDOWS\system32\drivers\etc\hosts

0.0.0.1 mssplus.mcafee.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Program Files (x86)\Lenovo\FusionEngine;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Lenovo\Bluetooth Software\;C:\Program Files\Lenovo\Bluetooth Software\syswow64;C:\Program Files (x86)\Calibre2\;C:\Program Files (x86)\Skype\Phone\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Git\cmd
HKU\S-1-5-21-31940000-418457942-2495688642-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
DNS Servers: 176.74.128.10 - 176.74.128.11
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{AF9264E1-F9DE-41EC-AADD-E26B3275FE22}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{5AB112F1-CD08-465B-AF21-A16E26891E90}C:\users\helen\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\helen\appdata\roaming\utorrent\utorrent.exe No File
FirewallRules: [TCP Query User{4AC97270-21FB-4D28-AE69-A7A3941AB86C}C:\users\helen\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\helen\appdata\roaming\utorrent\utorrent.exe No File
FirewallRules: [{ACC83C66-2D6F-4429-9DF6-5BE20798F6BD}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)
FirewallRules: [{AFB8763A-8F81-49E7-89D6-6895D56FBE1E}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)
FirewallRules: [{B9A1AC6B-4AAC-4FC0-902E-2F54BA20DABD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3D92CDE5-FDF2-49D8-B82B-74C59F54F630}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{ED9B406C-7333-4E97-AC30-A7063F3F2965}C:\gog games\heroes of might and magic 3 complete\heroes3.exe] => (Allow) C:\gog games\heroes of might and magic 3 complete\heroes3.exe No File
FirewallRules: [UDP Query User{B9406F95-F881-45C9-94C0-0D63AA05A5C5}C:\gog games\heroes of might and magic 3 complete\heroes3.exe] => (Allow) C:\gog games\heroes of might and magic 3 complete\heroes3.exe No File
FirewallRules: [TCP Query User{AA44ECDE-B654-4C32-807D-74B00D738DF2}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{FF8CC766-3569-4B8C-B472-A8E838325723}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{30B2E0A0-53F4-4007-A512-20E6F8699E84}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{008DEF7C-80EF-48F7-AB4F-024F9019A622}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [TCP Query User{1FBF4027-FA51-4F5C-98C8-B15B513DC32C}C:\program files (x86)\gog.com\heroes of might and magic 2 gold\dosbox\dosbox.exe] => (Allow) C:\program files (x86)\gog.com\heroes of might and magic 2 gold\dosbox\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [UDP Query User{B67908C7-B50F-45DA-B766-37EF36903D22}C:\program files (x86)\gog.com\heroes of might and magic 2 gold\dosbox\dosbox.exe] => (Allow) C:\program files (x86)\gog.com\heroes of might and magic 2 gold\dosbox\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [{83B2740E-3DEA-40BC-9C75-C30FC0B5621D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe No File
FirewallRules: [{574F463C-485D-4CEB-BC0B-063430F14AC2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe No File
FirewallRules: [{8F6B940F-6212-48E0-8972-A414C6A76339}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{4BDD7485-B63E-4427-B358-A4D23CDD2DFE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{2B3D62B9-420D-4A56-8128-A9B0DED9C3E6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\System\witcher.exe No File
FirewallRules: [{C3D7FFA8-3A8C-4775-BB03-9151B788743E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\System\witcher.exe No File
FirewallRules: [{DD6F81BD-34AE-4496-BE6B-8AAF40ECC73C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\System\djinni!.exe No File
FirewallRules: [{89DA6BBF-4FF3-4D6A-A2CC-9F01C9EC2E77}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\System\djinni!.exe No File
FirewallRules: [{E5FDF4D9-2928-4B10-9833-7AC2BA659557}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe No File
FirewallRules: [{07BD2464-28FC-4C75-A311-9E1C0C8F8CAD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe No File
FirewallRules: [TCP Query User{20F131EB-0F61-43B5-BC8F-7739540E3AC2}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{50B78EB7-EBE1-4F8B-AC29-AE5826B7CDA5}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E4F90CC2-5FC8-4F11-9AD3-A1BB35076591}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{69D4F0AF-5B38-44B9-952F-516CD90B43F4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{66D6711F-5EA3-49A6-B858-A471ADD97DE1}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CD0F5CB3-4562-4D02-B3DC-D7A946F4156A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C6D98263-8AED-4CF7-A0DF-72166609F2B9}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CC7CD67B-A833-462D-A4B1-F009524B19EF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{63AB6ACD-8F3E-43BD-855A-79DF38A4959D}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software)

==================== Restore Points =========================

21-06-2019 18:22:37 Windows Update
30-06-2019 17:16:53 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (07/07/2019 01:21:11 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.

Error: (07/07/2019 12:23:23 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.

Error: (07/07/2019 12:07:34 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.

Error: (07/07/2019 11:58:34 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.

Error: (07/07/2019 11:23:50 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.

Error: (07/07/2019 11:09:24 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: Windows cannot load the extensible counter DLL rdyboost. The first four bytes (DWORD) of the Data section contains the Windows error code.

Error: (07/07/2019 11:09:22 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Error: (07/07/2019 11:07:57 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.

System errors:
=============
Error: (07/07/2019 01:17:44 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-S2PCB5HK)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user LAPTOP-S2PCB5HK\helen SID (S-1-5-21-31940000-418457942-2495688642-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (07/07/2019 01:09:54 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-S2PCB5HK)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user LAPTOP-S2PCB5HK\helen SID (S-1-5-21-31940000-418457942-2495688642-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (07/07/2019 01:00:53 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (07/07/2019 01:00:53 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (07/07/2019 01:00:52 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (07/07/2019 12:58:15 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\WINDOWS\System32\bcmihvsrv64.dll

Error: (07/07/2019 12:58:15 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\WINDOWS\System32\bcmihvsrv64.dll

Error: (07/07/2019 12:58:07 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\WINDOWS\System32\bcmihvsrv64.dll

==================== Memory info ===========================

BIOS: Lenovo BDCN71WW 08/03/2016
Motherboard: LENOVO Lenovo U41-70
Processor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Percentage of memory in use: 85%
Total physical RAM: 4001.92 MB
Available physical RAM: 590.87 MB
Total Virtual: 8865.92 MB
Available Virtual: 4278.29 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:419.45 GB) (Free:342.57 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.45 GB) NTFS

\\?\Volume{253911bd-8f26-4382-adc2-a3e87ebe024b}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.52 GB) NTFS
\\?\Volume{3234bc63-a5c0-47f9-bc55-a89935bf2adf}\ (LENOVO_PART) (Fixed) (Total:19.09 GB) (Free:7.05 GB) NTFS
\\?\Volume{a4f53d4c-23d1-4ee8-b7f6-747619b31131}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 3495B3E9)

Partition: GPT.

==================== End of Addition.txt ============================

#6 Příspěvek od **Diallix** » 07 črc 2019 12:33

Odinstalujte : McAfee

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše


HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-31940000-418457942-2495688642-1001\...\Run: [PhotoMasterImportAgent] => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterImportAgent.exe [675608 2016-09-22] (CyberLink Corp. -> CyberLink Corp.)
HKU\S-1-5-21-31940000-418457942-2495688642-1001\...\MountPoints2: {a027a701-095f-11e9-9c70-acd1b8e0ece4} - "E:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-31940000-418457942-2495688642-1001\...\MountPoints2: {db602746-20fd-11e9-9c73-acd1b8e0ece4} - "E:\HiSuiteDownLoader.exe" 
HKLM\Software\...\AppCompatFlags\Custom\Heroes3.exe: [{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}.sdb] -> GOG.com Heroes of Might and Magic 3
HKLM\Software\...\AppCompatFlags\InstalledSDB\{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}: [DatabasePath] -> C:\WINDOWS\AppPatch\Custom\{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}.sdb
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {20EBABF8-D8F1-4EE6-87A5-5E9709401047} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_207_Plugin.exe [1457208 2019-06-12] (Adobe Inc. -> Adobe)
Task: {272873C5-2E6F-41D5-91DC-3593E17A4E16} - System32\Tasks\CyberLink\Photo Master Gadget startup => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe [745240 2016-09-22] (CyberLink Corp. -> CyberLink Corp.)
Task: {274A019A-18D7-4741-B901-F0E24B450513} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe
Task: {2CB43A2A-435A-483D-8A48-95B8F45B1850} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {49843303-D0C0-479A-B483-8D576ADC99B1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {4D71E0A9-DFC1-4998-BA05-BD88CD55AC1A} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [{83B2740E-3DEA-40BC-9C75-C30FC0B5621D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe No File
FirewallRules: [{574F463C-485D-4CEB-BC0B-063430F14AC2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe No File
FirewallRules: [{8F6B940F-6212-48E0-8972-A414C6A76339}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{4BDD7485-B63E-4427-B358-A4D23CDD2DFE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{2B3D62B9-420D-4A56-8128-A9B0DED9C3E6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\System\witcher.exe No File
FirewallRules: [{C3D7FFA8-3A8C-4775-BB03-9151B788743E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\System\witcher.exe No File
FirewallRules: [{DD6F81BD-34AE-4496-BE6B-8AAF40ECC73C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\System\djinni!.exe No File
FirewallRules: [{89DA6BBF-4FF3-4D6A-A2CC-9F01C9EC2E77}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\System\djinni!.exe No File
FirewallRules: [{E5FDF4D9-2928-4B10-9833-7AC2BA659557}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe No File
FirewallRules: [{07BD2464-28FC-4C75-A311-9E1C0C8F8CAD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe No File

EmptyTemp:

Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.

----

Gwenardell · #7 Příspěvek od **Gwenardell** » 07 črc 2019 12:46

Fix result of Farbar Recovery Scan Tool (x64) Version: 3-07-2019
Ran by helen (07-07-2019 13:38:59) Run:1
Running from C:\Users\helen\Desktop
Loaded Profiles: helen (Available Profiles: helen)
Boot Mode: Normal
==============================================

fixlist content:
*****************
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-31940000-418457942-2495688642-1001\...\Run: [PhotoMasterImportAgent] => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterImportAgent.exe [675608 2016-09-22] (CyberLink Corp. -> CyberLink Corp.)
HKU\S-1-5-21-31940000-418457942-2495688642-1001\...\MountPoints2: {a027a701-095f-11e9-9c70-acd1b8e0ece4} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-31940000-418457942-2495688642-1001\...\MountPoints2: {db602746-20fd-11e9-9c73-acd1b8e0ece4} - "E:\HiSuiteDownLoader.exe"
HKLM\Software\...\AppCompatFlags\Custom\Heroes3.exe: [{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}.sdb] -> GOG.com Heroes of Might and Magic 3
HKLM\Software\...\AppCompatFlags\InstalledSDB\{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}: [DatabasePath] -> C:\WINDOWS\AppPatch\Custom\{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}.sdb
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {20EBABF8-D8F1-4EE6-87A5-5E9709401047} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_207_Plugin.exe [1457208 2019-06-12] (Adobe Inc. -> Adobe)
Task: {272873C5-2E6F-41D5-91DC-3593E17A4E16} - System32\Tasks\CyberLink\Photo Master Gadget startup => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe [745240 2016-09-22] (CyberLink Corp. -> CyberLink Corp.)
Task: {274A019A-18D7-4741-B901-F0E24B450513} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe
Task: {2CB43A2A-435A-483D-8A48-95B8F45B1850} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {49843303-D0C0-479A-B483-8D576ADC99B1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {4D71E0A9-DFC1-4998-BA05-BD88CD55AC1A} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [{83B2740E-3DEA-40BC-9C75-C30FC0B5621D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe No File
FirewallRules: [{574F463C-485D-4CEB-BC0B-063430F14AC2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe No File
FirewallRules: [{8F6B940F-6212-48E0-8972-A414C6A76339}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{4BDD7485-B63E-4427-B358-A4D23CDD2DFE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{2B3D62B9-420D-4A56-8128-A9B0DED9C3E6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\System\witcher.exe No File
FirewallRules: [{C3D7FFA8-3A8C-4775-BB03-9151B788743E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\System\witcher.exe No File
FirewallRules: [{DD6F81BD-34AE-4496-BE6B-8AAF40ECC73C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\System\djinni!.exe No File
FirewallRules: [{89DA6BBF-4FF3-4D6A-A2CC-9F01C9EC2E77}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\System\djinni!.exe No File
FirewallRules: [{E5FDF4D9-2928-4B10-9833-7AC2BA659557}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe No File
FirewallRules: [{07BD2464-28FC-4C75-A311-9E1C0C8F8CAD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe No File

EmptyTemp:
*****************

HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
"HKU\S-1-5-21-31940000-418457942-2495688642-1001\Software\Microsoft\Windows\CurrentVersion\Run\\PhotoMasterImportAgent" => removed successfully
HKU\S-1-5-21-31940000-418457942-2495688642-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a027a701-095f-11e9-9c70-acd1b8e0ece4} => removed successfully
HKLM\Software\Classes\CLSID\{a027a701-095f-11e9-9c70-acd1b8e0ece4} => not found
HKU\S-1-5-21-31940000-418457942-2495688642-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{db602746-20fd-11e9-9c73-acd1b8e0ece4} => removed successfully
HKLM\Software\Classes\CLSID\{db602746-20fd-11e9-9c73-acd1b8e0ece4} => not found
HKLM\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Custom\Heroes3.exe => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\InstalledSDB\{1d3c859c-1028-4822-b0a7-da4f7bbc18bc} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{20EBABF8-D8F1-4EE6-87A5-5E9709401047}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{20EBABF8-D8F1-4EE6-87A5-5E9709401047}" => removed successfully
C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player NPAPI Notifier" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{272873C5-2E6F-41D5-91DC-3593E17A4E16}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{272873C5-2E6F-41D5-91DC-3593E17A4E16}" => removed successfully
C:\WINDOWS\System32\Tasks\CyberLink\Photo Master Gadget startup => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CyberLink\Photo Master Gadget startup" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{274A019A-18D7-4741-B901-F0E24B450513}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{274A019A-18D7-4741-B901-F0E24B450513}" => removed successfully
C:\WINDOWS\System32\Tasks\DolbySelectorTask => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DolbySelectorTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2CB43A2A-435A-483D-8A48-95B8F45B1850}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2CB43A2A-435A-483D-8A48-95B8F45B1850}" => removed successfully
C:\WINDOWS\System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{49843303-D0C0-479A-B483-8D576ADC99B1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{49843303-D0C0-479A-B483-8D576ADC99B1}" => removed successfully
C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4D71E0A9-DFC1-4998-BA05-BD88CD55AC1A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4D71E0A9-DFC1-4998-BA05-BD88CD55AC1A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{83B2740E-3DEA-40BC-9C75-C30FC0B5621D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{574F463C-485D-4CEB-BC0B-063430F14AC2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8F6B940F-6212-48E0-8972-A414C6A76339}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4BDD7485-B63E-4427-B358-A4D23CDD2DFE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2B3D62B9-420D-4A56-8128-A9B0DED9C3E6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C3D7FFA8-3A8C-4775-BB03-9151B788743E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DD6F81BD-34AE-4496-BE6B-8AAF40ECC73C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{89DA6BBF-4FF3-4D6A-A2CC-9F01C9EC2E77}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E5FDF4D9-2928-4B10-9833-7AC2BA659557}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{07BD2464-28FC-4C75-A311-9E1C0C8F8CAD}" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 226185453 B
Java, Flash, Steam htmlcache => 132174 B
Windows/system/drivers => 7549815 B
Edge => 940525 B
Chrome => 170801715 B
Firefox => 1111679058 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 3838137 B
LocalService => 33744 B
LocalService => 0 B
NetworkService => 4056 B
NetworkService => 0 B
helen => 63489141 B

RecycleBin => 387221 B
EmptyTemp: => 1.5 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 13:41:43 ====

#8 Příspěvek od **Diallix** » 07 črc 2019 14:21

Ako je na tom Vas pocitac?

Gwenardell · #9 Příspěvek od **Gwenardell** » 07 črc 2019 21:39

Mnohem mnohem lepší, mockrát děkuji!

#10 Příspěvek od **Diallix** » 08 črc 2019 17:15

Za malicko :]]

VIRY.CZ

Zpomalený notebook

Zpomalený notebook

Re: Zpomalený notebook

Re: Zpomalený notebook

Re: Zpomalený notebook

Re: Zpomalený notebook

Re: Zpomalený notebook

Re: Zpomalený notebook

Re: Zpomalený notebook

Re: Zpomalený notebook

Re: Zpomalený notebook