Prosím o konrolu PC v nouzovém režimu

[plch]

Prosím o kontrolu logu.

can result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-07-2019
Ran by Petr (administrator) on Petr-PC (Packard Bell EasyNote TK85) (01-08-2019 19:11:56)
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: UpdatusUser & Petr)
Platform: Windows 10 Home Version 1809 17763.615 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\HelpPane.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [269192 2019-07-17] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10920552 2010-06-22] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-04-13] (ELAN Microelectronics Corporation -> ELAN Microelectronic Corp.)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe [263936 2010-06-29] (NewTech Infosystems, Inc -> NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [975952 2010-08-10] (Dritek System Inc. -> Dritek System Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [REGSHAVE] => C:\Program Files (x86)\REGSHAVE\REGSHAVE.EXE [53248 2002-02-04] (FUJI PHOTO FILM CO., LTD.) [File not signed]
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [3 2016-11-15] () [File not signed]
HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe [1960336 2015-08-13] (Shenzhen Wondershare Information Technology Co., Ltd. -> )
HKLM-x32\...\Run: [TP-LINK USB Printer Controller] => C:\Program Files (x86)\TP-LINK\USB Printer Controller\USB Printer Controller.exe [4265984 2014-06-19] (TP-LINK) [File not signed]
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [331344 2015-07-22] (Hewlett-Packard -> HP Development Company, L.P.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle America, Inc. -> Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-1005467907-3126548956-2189493663-1001\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [721504 2015-09-02] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1005467907-3126548956-2189493663-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [5230784 2017-12-15] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-1005467907-3126548956-2189493663-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22691064 2019-06-04] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1005467907-3126548956-2189493663-1001\...\RunOnce: [Application Restart #0] => C:\Windows\HelpPane.exe [1065472 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1005467907-3126548956-2189493663-1001\...\MountPoints2: {7e7d6603-5c16-11e7-b8f9-9cb70db5a5bb} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1005467907-3126548956-2189493663-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PACKAR~1.SCR [450048 2011-09-13] () [File not signed]
HKLM\...\Drivers32: [vidc.ffds] => C:\WINDOWS\system32\ff_vfw.dll [127488 2012-07-17] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3filter] => C:\WINDOWS\system32\ac3filter64.acm [580096 2009-08-11] () [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.HFYU] => C:\Windows\SysWOW64\huffyuv.dll [39936 2004-05-18] (Disappearing Inc.) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [4102656 2012-07-02] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [151552 2011-12-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.lameacm] => C:\Windows\SysWOW64\lameACM.acm [839680 2008-09-24] (hxxp://www.mp3dev.org/) [File not signed]
HKLM\...\Drivers32: [msacm.ac3filter] => C:\Windows\SysWOW64\ac3filter.acm [497664 2009-08-11] () [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.142\Installer\chrmstp.exe [2019-07-16] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\75.1.1528.100\Installer\chrmstp.exe [2019-07-24] (AVAST Software s.r.o. -> AVAST Software)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
AppInit_DLLs: C:\WINDOWS\system32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvinitx.dll => C:\WINDOWS\system32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvinitx.dll [183144 2017-01-17] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\system32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvinit.dll => C:\WINDOWS\system32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvinit.dll [161016 2017-01-17] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03864325-9EE6-447B-BA23-FB38A476645B} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-20] (AVAST Software s.r.o. -> AVAST Software)
Task: {071A7067-57BF-456A-ACEE-3C25EA8261B6} - System32\Tasks\{11E43C3F-13CC-4742-B8DE-F79EC4DB2F84} => C:\Program Files (x86)\Rebellion\SniperEliteV2\bin\SniperEliteV2.exe
Task: {0751D32A-1CF9-44B9-B44F-6AA170402A33} - System32\Tasks\{D885F3AE-7362-48A2-BEEA-2C2C12BF2507} => "C:\Program Files (x86)\Internet Explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/5.10.0.116/cs/go/help.faq.installer?source=lightinstaller&LastError=1618
Task: {0E640B65-56FC-4830-A1EB-2DB50869C510} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {1397BB19-A04A-4C70-91D6-FF3CEF0B6AF5} - System32\Tasks\{98C42FA6-7F68-40F1-A0F8-6AE9DF7FB9BA} => C:\Program Files (x86)\EDDICA\DUA1\Dua1.exe
Task: {18EA7FB0-5F47-4977-AC34-123953581883} - System32\Tasks\{BA7769C6-D774-4CC6-AFB4-C252DCB66ABC} => C:\Windows\system32\pcalua.exe -a "C:\Users\Petr\Downloads\Lord-of-the-Rings-The-Battle-for-Middle-Earth-2\Lord of the Rings The Battle for Middle-Earth 2\Čeština\BFME2_CZ.exe" -d "C:\Users\Petr\Downloads\Lord-of-the-Rings-The-Battle-for-Middle-Earth-2\Lord of the Rings The Battle for Middle-Earth 2\Čeština"
Task: {1D298873-FCDD-4939-AF56-B3DDF58E5EA5} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-20] (AVAST Software s.r.o. -> AVAST Software)
Task: {1FC64D18-D1CF-4134-84D7-0FBFA0C603C2} - System32\Tasks\{FCED47B8-FC95-4CF4-AFBA-3DCF26344E97} => C:\Program Files (x86)\EDDICA\DUA1\Dua1.exe
Task: {21700E27-21E4-44BB-A322-D075C2619B7E} - System32\Tasks\{EF6AD0C9-AD09-4007-87FF-1743A9EC099A} => msiexec.exe /package "G:\GMGInfrastructure\GMGInfrastructure.msi"
Task: {21AFBCBB-EC1B-418C-A5CE-1E1C161CD5C1} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {23932D40-6FD9-4F01-8DF6-075402A24191} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {28471226-C2C8-4435-8AB6-C1B936028ACB} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1815792 2019-07-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {289C69B9-23BC-4792-8DBC-D14BC54008CC} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {2B480B6E-8144-40C4-8E20-06E0D20811AD} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {2C7353C6-926C-474E-8F88-3FEB40208C8F} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2E2F0451-E6A9-4B48-AEA0-CFBBE32AE191} - System32\Tasks\{CC916649-546E-49C1-922E-19FB295B8F61} => C:\Program Files (x86)\Deep Silver\Secret Files Tunguska\AutoStarter.exe
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION
Task: {34B31FDD-09C8-4557-858A-86E1D9618F02} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3898F253-AF16-425F-AD5F-EC0E0B9AF982} - System32\Tasks\{14DA07A9-33D6-4CFB-AE9E-4978EA3D091F} => msiexec.exe /package "G:\GMEApplication\GMEAPPLICATION.MSI"
Task: {38F5F804-A86E-4F8A-8E79-111CF3407EBD} - System32\Tasks\{F82293CA-128D-42DB-B00B-533D53F27D6F} => C:\Windows\system32\pcalua.exe -a C:\Users\Petr\Downloads\realflight\realflight\update\RealFlight3_50_033.exe -d C:\Users\Petr\Downloads\realflight\realflight\update
Task: {390755D3-7612-48BF-8983-D233055964A3} - System32\Tasks\{84591A08-EE40-4200-B7A0-81A4D34795A7} => C:\Program Files (x86)\EDDICA\DUA2\Dua2.exe
Task: {39CD1A32-0D02-4CCB-81FA-CE4510CE531D} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3940232 2019-07-17] (AVAST Software s.r.o. -> AVAST Software)
Task: {3A8E887F-7A25-4703-BAF0-02A0148C04CB} - System32\Tasks\{2F5BD4FF-321F-488D-8DC4-89202E1E0676} => E:\Vecna cesta-Nová Antlantida\Aktivátor hry.exe
Task: {3EF74DD9-D2DE-492B-8A76-AB4DA32BDC45} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {40E87290-3A66-430E-A4DE-27EC6F75233A} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {446FCC9D-49D3-4261-A4E2-B8E353517C96} - System32\Tasks\{98EB232F-CE74-43A5-A128-9797D5C43D33} => C:\Windows\system32\pcalua.exe -a "C:\Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\22F23W8V\kodysetup.exe" -d C:\Users\Petr\Desktop
Task: {44C9335B-5F11-4696-8A0A-CE95CE78C731} - System32\Tasks\{DD128326-5429-449D-ABA3-9A7FEA95B0D1} => E:\Vecna cesta-NA_CZ_Hidden_Object_game_2012\Vecna cesta-Nová Antlantida\Aktivátor hry.exe
Task: {47F4852D-A754-49EA-AF7C-9F7E8B7070AB} - System32\Tasks\{C57F0C08-F914-42A5-A45F-FD1CA3455942} => C:\Program Files (x86)\EDDICA\DUA1\Dua1.exe
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {49095B9D-079B-469D-845F-526B1EE8C303} - System32\Tasks\{161480A8-6EC3-49C1-980D-0E6167333C76} => C:\Users\Petr\Downloads\7.0_directx7.exe
Task: {53A60A71-C6BA-4C3A-BB0E-D1B5C5B3FD20} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {54EB3FD4-A91B-40B1-8A8B-13C1D2A27D98} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {58011FED-3564-4FE7-885B-02DA913B06B9} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5BE61556-4CA2-47F8-8D90-32E03C8FC06C} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [91728 2015-08-20] (Hewlett-Packard -> HP Development Company, L.P.)
Task: {601C9058-8271-40A4-BBB1-47BCF292473F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16664352 2019-06-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {62570E1A-17F2-4FDA-A57D-B3E9EBCA6CB0} - System32\Tasks\{B17F0F6C-9C80-4EE1-B5FD-6B86A1357E94} => C:\Program Files (x86)\EDDICA\DUA1\Dua1.exe
Task: {645E084C-7141-4B57-9F06-457AD481F5B1} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {64F81E9D-BB06-4366-BBA6-D0F3A96259E6} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6539E22A-FC5F-4D2F-AF3C-DA1D8A6E396D} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {666B2E95-EF54-4E78-AF1B-9A95AF250D04} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6A4F4E7F-240F-44AA-A755-BBB27E75E3CB} - System32\Tasks\{AA46717F-7131-4002-B280-BDEB3BF2673A} => E:\Vecna cesta-Nová Antlantida\Aktivátor hry.exe
Task: {6A98EF72-F36E-403F-8D2B-9BAA2DC73837} - System32\Tasks\{43DDB344-04D5-4F67-AEE2-A4FFF1208F9D} => E:\Vecna cesta-Nová Antlantida\Aktivátor hry.exe
Task: {6D3D1085-C190-4C12-B205-3FF29BD978DB} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {6DF73BC0-7F12-4235-91FE-36F1B69E2448} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {70CF7279-F7A2-47F0-9D59-45A83784E145} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {76715511-E732-4CDC-B9B6-60F959643172} - System32\Tasks\{853102B5-297F-402A-863A-2D8DD895816F} => E:\Vecna cesta-Nová Antlantida\Aktivátor hry.exe
Task: {790C6243-3B45-493D-B840-1E01C529EB72} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {7995A4D4-9B37-4BEF-93FF-2C7A7DA9F525} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2281944 2019-06-05] (AVAST Software s.r.o. -> AVAST Software)
Task: {899FAA3E-1556-488B-B7BB-2E97D2113076} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {8B2E3DAE-F7A7-4A6F-B413-F2DDA696632C} - System32\Tasks\{3D333F83-7EF5-4417-94E4-22D8DED171EE} => C:\Program Files (x86)\ArcSoft\Panorama Maker 6\PMK.exe
Task: {8D9D85C5-326E-4C1A-84F3-444643891296} - System32\Tasks\{1B4E1B63-6A6D-4A20-B1B4-EABD8A5610E7} => C:\Program Files (x86)\ArcSoft\Panorama Maker 6\PMK.exe
Task: {9121CADC-96B3-4306-96B9-F6E039A04F44} - System32\Tasks\{636BB2AB-2242-49C8-8207-B90CE2B7D368} => C:\Program Files\ODEON\JAF\JAF.exe
Task: {920DF399-49AE-4EAD-A7DE-5674896F33D0} - System32\Tasks\{7334F34D-EF0E-4633-8EA4-E1DE02AA7C7E} => E:\Vecna cesta-Nová Antlantida\Aktivátor hry.exe
Task: {9215E9AF-AC49-4703-9A6D-768B94897838} - System32\Tasks\{1B72434F-D574-4B35-96E4-0B4D7DEEE782} => "C:\Program Files (x86)\Internet Explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/5.10.0.116/cs/go/help.faq.installer?source=lightinstaller&LastError=1618
Task: {92F43B49-ECE4-4261-8B95-F0D93C3186B8} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9425E875-CEB7-4FC3-9B64-33818FA2A060} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {96EE6E8B-9952-4A98-969A-00B758CEC61D} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {97D9FDE3-FBDB-4246-A5D4-331990773D2B} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {9832FE00-DF53-4B85-A96C-7079185180BB} - System32\Tasks\{B599DEB6-E92D-43EF-ACD4-81992B7C1C76} => C:\Program Files (x86)\Deep Silver\Secret Files Tunguska\AutoStarter.exe
Task: {998A3541-9D54-4E1E-89D8-2784F752B5A6} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {99A900AC-3405-4A0E-A52C-256B6433ACB8} - no filepath
Task: {9A6B291C-F865-4660-9A4C-52F27628563D} - System32\Tasks\{E0E85B6F-A14C-4D16-82AB-913B53A24DDE} => C:\Program Files (x86)\Rebellion\SniperEliteV2\bin\SniperEliteV2.exe
Task: {9B47E87C-AC89-4D30-ACB5-7589ACB904BC} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {9E99853A-4831-4781-9A5A-A72B00E09975} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {9EDEE81C-B81A-4BEB-9C15-19C2694B7F5A} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> No File <==== ATTENTION
Task: {9F119C97-888E-4D46-8D7E-BB97207B9C47} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {A15645DB-EC52-4683-A15F-2BC2CCC79AEF} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {A76CAD01-F4A7-4F1C-BF62-876B3E059868} - System32\Tasks\{96844001-73E7-445E-B440-863BF1331EE3} => C:\Windows\system32\pcalua.exe -a G:\setup.exe -d G:\
Task: {A7884FED-DD38-419C-BBB6-9E9CC4C5AA2C} - System32\Tasks\{B3AC6726-DE6E-4CE5-B431-E57502CFC30C} => C:\Program Files (x86)\EDDICA\DUA2\Dua2.exe
Task: {A78F9309-B27B-49D6-911B-02ADF5C493B3} - System32\Tasks\{2667097F-06E1-4C39-92EF-68D055A99998} => C:\Program Files (x86)\Deep Silver\Secret Files Tunguska\AutoStarter.exe
Task: {A8EC88BE-465F-40C7-8D32-AF4E5D1AA6C5} - System32\Tasks\{DA336989-AFF5-483F-9186-A1923B81DFC7} => C:\Windows\system32\pcalua.exe -a G:\setup.exe -d G:\
Task: {AC421721-E064-4989-84DE-4BB250715350} - System32\Tasks\{3FF0FFCB-9825-4FCE-B80C-78B1B1E91F7D} => msiexec.exe /package "G:\GMGInfrastructure\GMGInfrastructure.msi"
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {AC739C5C-1F49-4669-9CFB-7E336E0A4FE0} - System32\Tasks\{06148A9C-DB04-45CC-9404-FB4A2E3CE3BC} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\RealFlightG3\RealFlight3_50_033.exe" -d "C:\Program Files (x86)\RealFlightG3"
Task: {AC899E35-A6C0-449A-B1E7-EAD07066A161} - System32\Tasks\{97F9778B-9321-4139-9A1F-6A17E8C0F4EC} => C:\Program Files (x86)\Deep Silver\Secret Files Tunguska\AutoStarter.exe
Task: {AE92132E-D7C5-40B1-B5BA-86C0AF4DCD81} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40b4-8963-D3C761B18371}
Task: {B12B13B4-4E21-48FE-A83C-12381692FE99} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B3430AC1-52DA-4EF3-AA19-74E3515EDEA3} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> No File <==== ATTENTION
Task: {B49DB060-5EDA-4A57-A74C-D0501D6FA68E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {B705D07B-F1B7-491D-8549-55A37C942AA8} - System32\Tasks\{25FA8440-EDB6-47EF-B733-E04A005D3272} => E:\Vecna cesta-Nová Antlantida\Aktivátor hry.exe
Task: {B746D792-33E3-479D-9ADF-2C294AA2092C} - System32\Tasks\{3AE62061-CA7C-4943-BFDD-40D88B8BDF08} => C:\Program Files (x86)\Deep Silver\Secret Files Tunguska\AutoStarter.exe
Task: {BB45F43E-4B34-46A7-95EF-E610D172AECF} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {BB509BB4-E71B-4C2D-868F-237D66B14B7B} - System32\Tasks\{4658EF9A-0798-4D86-B816-03F1DED47E71} => C:\Program Files (x86)\FMS\FMS.exe
Task: {BC58E4CB-C224-4FAC-ABD4-73238DC82963} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {C7C73F64-19D7-431B-8393-479B9DBD8ECB} - System32\Tasks\{1BB8B291-D1F5-4EB4-9B41-07DBCEB29ADF} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\Xilisoft\AVCHD Converter\Uninstall.exe"
Task: {CE813B97-03FB-4E1D-8B29-1FD51B7DAC59} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> No File <==== ATTENTION
Task: {D473C4E2-4397-4FE3-AD76-740D2C494C72} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D7ACC64C-A4A5-48C9-B61D-5C2436451773} - System32\Tasks\{8A21E136-B704-42AB-AD00-1E4F6308903B} => C:\Windows\system32\pcalua.exe -a G:\Pat_Mat.exe -d G:\
Task: {D8C04FEE-9EC4-476E-9AE3-FF3DCF9C0944} - System32\Tasks\{345AF877-1A16-4C65-87D0-E006C20C9B06} => E:\Vecna cesta-NA_CZ_Hidden_Object_game_2012\Vecna cesta-Nová Antlantida\Aktivátor hry.exe
Task: {DB3795F1-2B97-45A2-8105-FD86A055EC5E} - System32\Tasks\{0B20319A-8861-470D-8235-B0A1CC760220} => msiexec.exe /package "G:\GMEApplication\GMEAPPLICATION.MSI"
Task: {DC4E8F1D-E068-4005-946D-00C9191523AF} - System32\Tasks\{CA01BF08-C52A-43C2-8159-5F9D6EA02A6A} => C:\Program Files (x86)\Rebellion\SniperEliteV2\bin\SniperEliteV2.exe
Task: {DFB8E912-8828-4620-9511-A6558DB5138A} - System32\Tasks\{5E90DDB7-9079-4DAE-A952-80F6D603AA82} => E:\Vecna cesta-Nová Antlantida\Aktivátor hry.exe
Task: {DFD601C4-F216-457F-83B7-07BB54DAFCCF} - System32\Tasks\{2A7B961D-0EC4-4DF1-8E21-9A0CC4F8991A} => C:\Windows\system32\pcalua.exe -a "C:\Users\Petr\Downloads\fms2alpha85 (2).exe" -d C:\Users\Petr\Downloads
Task: {DFEA1B5A-35D0-4F4B-AEBE-6B1FA302D712} - System32\Tasks\{12770373-F2AD-4EC0-A0AA-C62CE5BC2748} => E:\Vecna cesta-Nová Antlantida\Aktivátor hry.exe
Task: {E0955DC9-A335-4827-9623-DD23094C5235} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1815792 2019-07-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {E4E1CED1-E7C3-449A-90D6-8F16D81BEC77} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {E5875A94-0AC6-4176-9342-5BFE378C716E} - System32\Tasks\{F10AF8AC-1B90-411E-8AF4-3124619ADED3} => C:\Program Files (x86)\EDDICA\DUA1\Dua1.exe
Task: {E9D97C17-D62E-4060-B425-00F9951A1E52} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-06-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {EAB0E910-4191-4876-ABFF-73D89150A60D} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {EEBAD590-B041-4F7C-807D-AF083EDC60AA} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {F46A303F-5B17-4AB6-8B16-758FD184F27E} - System32\Tasks\{FD39C632-5F5A-4975-83C5-CBBEBDE6D1F6} => C:\Program Files (x86)\Deep Silver\Secret Files Tunguska\AutoStarter.exe
Task: {F8DEF293-7A0A-4754-91BD-352ADEFD11BB} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> No File <==== ATTENTION
Task: {FCC3F6C0-964D-4221-970C-20BB047E855A} - System32\Tasks\{3EFD22A8-4419-478E-8B94-5856A9E8912D} => C:\Program Files (x86)\EDDICA\DUA1\Dua1.exe
Task: {FDD56C73-F0D5-41B6-B767-6EFFD7966428} - \Microsoft\Windows\Customer Experience Improvement Program\KernelCeipTask -> No File <==== ATTENTION
Task: {FF128A69-F697-4C91-BC2A-105ACED2E21C} - System32\Tasks\{D3AEE15B-8D40-49BF-9E0F-8914786153AA} => "C:\Program Files (x86)\Internet Explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/5.10.0.116/cs/go/help.faq.installer?LastError=1618
Task: {FFFD188D-205C-4B3B-92C1-C15C182D5B65} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [270016 2016-07-15] (Adobe Systems Incorporated -> Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{05fe075e-2175-4d59-9f30-08d1e03ab528}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1bcc94c9-eebd-494e-80dd-cc19504c3339}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{ba009c66-b8b1-415f-941f-9821d2072f97}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{cbf255eb-1cac-49a9-aa43-f20bd6f2da5f}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-1005467907-3126548956-2189493663-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.centrum.cz/
HKU\S-1-5-21-1005467907-3126548956-2189493663-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com
HKU\S-1-5-21-1005467907-3126548956-2189493663-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com/search?q={searchTerms}&r ... d=ie7&rlz=
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1005467907-3126548956-2189493663-1001 -> {B02738C4-FAED-426A-9158-A70C69E3896F} URL = hxxp://uloz.to/hledej?q={searchTerms}&utm_source=browsersearch&utm_medium=browser&utm_campaign=tools-search
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-11-02] (Oracle America, Inc. -> Oracle Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-24] (Google Inc -> Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-11-02] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: No Name -> {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} -> No File
BHO-x32: Wondershare Video Converter Ultimate 7.1.0 -> {451C804F-C205-4F03-B48E-537EC94937BF} -> C:\ProgramData\Wondershare\Video Converter Ultimate\WSBrowserAppMgr.dll [2015-08-13] (Shenzhen Wondershare Information Technology Co., Ltd. -> Wondershare)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-02-24] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-24] (Google Inc -> Google Inc.)
BHO-x32: Adobe Acrobat Create PDF Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-02-24] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-24] (Google Inc -> Google Inc.)
Toolbar: HKLM-x32 - No Name - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - No File
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-24] (Google Inc -> Google Inc.)
Toolbar: HKU\S-1-5-21-1005467907-3126548956-2189493663-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKU\S-1-5-21-1005467907-3126548956-2189493663-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-24] (Google Inc -> Google Inc.)
Toolbar: HKU\S-1-5-21-1005467907-3126548956-2189493663-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/CZ/Core/Player/2020PlayerAX_IKEA_Win32.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-07-18] (Skype Software Sarl -> Skype Technologies)
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 - No File

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-1005467907-3126548956-2189493663-1001 -> hxxp://www.centrum.cz/
Edge Extension: (Translator pro Microsoft Edge) -> MicrosoftTranslate_MicrosoftTranslatorforMicrosoftEdge_8wekyb3d8bbwe => C:\Program Files\WindowsApps\Microsoft.TranslatorforMicrosoftEdge_0.91.51.0_neutral__8wekyb3d8bbwe [2019-08-01]

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2013-04-13] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [WSVCU@Wondershare.com] - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com
FF Extension: (Wondershare Video Converter Ultimate) - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com [2016-11-15] [Legacy] [not signed]
FF Plugin: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-11-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-11-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google Inc -> Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-02-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-02-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-16] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-16] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-15] (WildTangent Inc -> )
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2013-02-16] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [No File]
FF Plugin HKU\S-1-5-21-1005467907-3126548956-2189493663-1001: OvisLink.com/CBCamV -> C:\Windows\Downloaded Program Files\npOvisLinkCamV.dll [2012-09-20] (OvisLink Corp. -> OvisLink)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.centrum.cz/
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxp://www.centrum.cz/"
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default [2019-08-01]
CHR Extension: (GC little helper) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aimnideehoepfoiniigacdpefnlngnob [2016-07-01]
CHR Extension: (CacheList) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\amhhdbdhoghppijbjfdkiaconkmfbbpa [2018-09-10]
CHR Extension: (Dokumenty) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-23]
CHR Extension: (Disk Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Vyhledávání Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29]
CHR Extension: (Adobe Acrobat) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-07-12]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-08-01]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-21]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-08-09]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-05]
CHR Extension: (Gmail) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-08-01]
CHR Extension: (Geoseznam) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkejgpgaflkeonkliblcplomemekogop [2018-09-18]
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-06-24]
CHR HKU\S-1-5-21-1005467907-3126548956-2189493663-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2012-09-23]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2012-11-29] (Adobe Systems) [File not signed]
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6797008 2019-07-17] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-20] (AVAST Software s.r.o. -> AVAST Software)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [414976 2019-07-17] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-20] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\75.1.1528.100\elevation_service.exe [978720 2019-07-18] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-07-17] (AVAST Software s.r.o. -> AVAST Software)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3128000 2017-12-15] (Disc Soft Ltd -> Disc Soft Ltd)
S2 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [867712 2011-01-06] (Acer Incorporated -> Acer Incorporated)
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [347200 2014-12-17] (WildTangent Inc -> WildTangent)
S2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [176128 2014-06-25] (HP) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S2 Live Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [244624 2011-04-22] (Acer Incorporated -> Acer Incorporated)
S2 NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [255744 2010-06-29] (NewTech Infosystems, Inc -> NewTech Infosystems, Inc.)
S2 SNMP; C:\WINDOWS\System32\snmp.exe [53248 2019-01-17] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3880120 2019-01-18] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MsMpEng.exe [114208 2019-01-18] (Microsoft Corporation -> Microsoft Corporation)
S2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe [57344 2011-08-10] (Atheros) [File not signed]
S2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37320 2019-07-17] (AVAST Software s.r.o. -> AVAST Software)
S1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [209256 2019-07-17] (AVAST Software s.r.o. -> AVAST Software)
S1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [263224 2019-07-17] (AVAST Software s.r.o. -> AVAST Software)
S0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [206056 2019-07-17] (AVAST Software s.r.o. -> AVAST Software)
S0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [61688 2019-07-17] (AVAST Software s.r.o. -> AVAST Software)
S0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-07] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
S1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [279336 2019-07-17] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42504 2019-07-17] (AVAST Software s.r.o. -> AVAST Software)
S2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [169112 2019-07-17] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112520 2019-07-17] (AVAST Software s.r.o. -> AVAST Software)
S0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [88160 2019-07-17] (AVAST Software s.r.o. -> AVAST Software)
S1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1030992 2019-07-17] (AVAST Software s.r.o. -> AVAST Software)
S1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [477288 2019-07-17] (AVAST Software s.r.o. -> AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [225816 2019-07-17] (AVAST Software s.r.o. -> AVAST Software)
S0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [387896 2019-07-25] (AVAST Software s.r.o. -> AVAST Software)
S2 DgiVecp; C:\WINDOWS\system32\Drivers\DgiVecp.sys [53816 2009-03-02] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-12-23] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-12-23] (Disc Soft Ltd -> Disc Soft Ltd)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [16776 2011-07-29] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9096 2011-07-29] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed]
S3 HWHandSet; C:\WINDOWS\system32\DRIVERS\hw_quusbmdm.sys [223232 2016-05-25] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [42696 2012-11-20] (Tages SA -> )
S3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation -> NVIDIA Corporation)
S3 PPJoyBus; C:\WINDOWS\System32\DRIVERS\PPJoyBus64.sys [20032 2009-11-04] (Deon van der Westhuysen Test Certificate -> Deon van der Westhuysen) [File not signed]
S3 PPortJoystick; C:\WINDOWS\System32\DRIVERS\PPortJoy64.sys [39488 2009-11-04] (Deon van der Westhuysen Test Certificate -> Deon van der Westhuysen) [File not signed]
R3 RtlWlanu_OldIC; C:\WINDOWS\System32\drivers\rtwlanu_oldIC.sys [3814400 2018-09-15] (Microsoft Windows -> Realtek Semiconductor Corporation )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tplinkUDSMBus; C:\WINDOWS\system32\drivers\TplinkUDSMBus.sys [116936 2014-05-22] (KCODES CORPORATION -> Windows (R) Codename Longhorn DDK provider)
R3 TS_AR5416; C:\WINDOWS\system32\DRIVERS\ts_athwx.sys [2156968 2012-04-03] (TamoSoft Ltd -> TamoSoft)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46680 2019-01-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [330936 2019-01-18] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62136 2019-01-18] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-01 19:11 - 2019-08-01 19:14 - 000050127 _____ C:\Users\Petr\Desktop\FRST.txt
2019-08-01 19:11 - 2019-08-01 19:11 - 002096128 _____ (Farbar) C:\Users\Petr\Desktop\FRST64.exe
2019-08-01 19:11 - 2019-08-01 19:11 - 000000000 ____D C:\FRST
2019-08-01 13:11 - 2019-08-01 15:17 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2019-08-01 13:10 - 2019-08-01 19:11 - 000338546 _____ C:\WINDOWS\ntbtlog.txt
2019-07-17 11:03 - 2019-07-17 11:03 - 000363400 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-07-17 11:03 - 2019-07-17 11:03 - 000225816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-07-17 11:03 - 2019-07-17 11:03 - 000169112 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-07-10 21:32 - 2019-07-10 21:32 - 020816384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-07-10 21:32 - 2019-07-10 21:32 - 019012096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-07-10 21:32 - 2019-07-10 21:32 - 012938752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-07-10 21:32 - 2019-07-10 21:32 - 012243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-07-10 21:32 - 2019-07-10 21:32 - 008900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-07-10 21:32 - 2019-07-10 21:32 - 007921664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-07-10 21:32 - 2019-07-10 21:32 - 007727336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2019-07-10 21:32 - 2019-07-10 21:32 - 006068224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-07-10 21:32 - 2019-07-10 21:32 - 005436696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-07-10 21:32 - 2019-07-10 21:32 - 005115384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2019-07-10 21:32 - 2019-07-10 21:32 - 004880896 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-07-10 21:32 - 2019-07-10 21:32 - 003738624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-07-10 21:32 - 2019-07-10 21:32 - 003550384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-07-10 21:32 - 2019-07-10 21:32 - 002942464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2019-07-10 21:32 - 2019-07-10 21:32 - 002469432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-07-10 21:32 - 2019-07-10 21:32 - 002393088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-07-10 21:32 - 2019-07-10 21:32 - 002323688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-07-10 21:32 - 2019-07-10 21:32 - 002096128 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-07-10 21:32 - 2019-07-10 21:32 - 002017280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-07-10 21:32 - 2019-07-10 21:32 - 002013696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2019-07-10 21:32 - 2019-07-10 21:32 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2019-07-10 21:32 - 2019-07-10 21:32 - 001266192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-07-10 21:32 - 2019-07-10 21:32 - 001254400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2019-07-10 21:32 - 2019-07-10 21:32 - 001132032 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2019-07-10 21:32 - 2019-07-10 21:32 - 000898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-07-10 21:32 - 2019-07-10 21:32 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-07-10 21:32 - 2019-07-10 21:32 - 000798736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2019-07-10 21:32 - 2019-07-10 21:32 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2019-07-10 21:32 - 2019-07-10 21:32 - 000747568 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
2019-07-10 21:32 - 2019-07-10 21:32 - 000743216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2019-07-10 21:32 - 2019-07-10 21:32 - 000742912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2019-07-10 21:32 - 2019-07-10 21:32 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-07-10 21:32 - 2019-07-10 21:32 - 000687896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL
2019-07-10 21:32 - 2019-07-10 21:32 - 000673520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2019-07-10 21:32 - 2019-07-10 21:32 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2019-07-10 21:32 - 2019-07-10 21:32 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-07-10 21:32 - 2019-07-10 21:32 - 000642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2019-07-10 21:32 - 2019-07-10 21:32 - 000573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfh264enc.dll
2019-07-10 21:32 - 2019-07-10 21:32 - 000560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfh264enc.dll
2019-07-10 21:32 - 2019-07-10 21:32 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-07-10 21:32 - 2019-07-10 21:32 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2019-07-10 21:32 - 2019-07-10 21:32 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-07-10 21:32 - 2019-07-10 21:32 - 000362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2019-07-10 21:32 - 2019-07-10 21:32 - 000349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-07-10 21:32 - 2019-07-10 21:32 - 000311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2019-07-10 21:32 - 2019-07-10 21:32 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\CXHProvisioningServer.dll
2019-07-10 21:32 - 2019-07-10 21:32 - 000290304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MbbCx.sys
2019-07-10 21:32 - 2019-07-10 21:32 - 000263360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-07-10 21:32 - 2019-07-10 21:32 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2019-07-10 21:32 - 2019-07-10 21:32 - 000148480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fsutil.exe
2019-07-10 21:32 - 2019-07-10 21:32 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2019-07-10 21:32 - 2019-07-10 21:32 - 000092592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2019-07-10 21:32 - 2019-07-10 21:32 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2019-07-10 21:32 - 2019-07-10 21:32 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 026808320 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 023454208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 015221248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 007876096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 006545304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 006441472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 006308232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 005764608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 005587976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 003818416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-07-10 21:31 - 2019-07-10 21:31 - 003656192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 003427328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 002778760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 002714624 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 002693120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 002278784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 001863168 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 001763328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 001701888 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 001668752 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 001484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 001477648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 001465464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 001427592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 001223168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 001162320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 001159168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 001125416 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 001075712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 000988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 000964608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 000833536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 000828728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2019-07-10 21:31 - 2019-07-10 21:31 - 000804744 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
2019-07-10 21:31 - 2019-07-10 21:31 - 000791040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 000682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 000664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 000660032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-07-10 21:31 - 2019-07-10 21:31 - 000652528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 000617784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 000553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 000449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2019-07-10 21:31 - 2019-07-10 21:31 - 000414208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 000359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-07-10 21:31 - 2019-07-10 21:31 - 000333128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 000309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 000279920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmd.exe
2019-07-10 21:31 - 2019-07-10 21:31 - 000219448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 000188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMPushRouterCore.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\fsutil.exe
2019-07-10 21:31 - 2019-07-10 21:31 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\NcaSvc.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 000156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmvdsitf.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 000137864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompMgmtLauncher.exe
2019-07-10 21:31 - 2019-07-10 21:31 - 000054272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-07-10 21:31 - 2019-07-10 21:31 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2019-07-10 21:30 - 2019-07-10 21:30 - 022115472 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-07-10 21:30 - 2019-07-10 21:30 - 009683472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-07-10 21:30 - 2019-07-10 21:30 - 006925312 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-07-10 21:30 - 2019-07-10 21:30 - 005566464 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-07-10 21:30 - 2019-07-10 21:30 - 005528064 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2019-07-10 21:30 - 2019-07-10 21:30 - 005297664 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-07-10 21:30 - 2019-07-10 21:30 - 004588752 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-07-10 21:30 - 2019-07-10 21:30 - 004303872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-07-10 21:30 - 2019-07-10 21:30 - 004056576 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-07-10 21:30 - 2019-07-10 21:30 - 003636224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-07-10 21:30 - 2019-07-10 21:30 - 003630592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2019-07-10 21:30 - 2019-07-10 21:30 - 003363640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-07-10 21:30 - 2019-07-10 21:30 - 003081728 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-07-10 21:30 - 2019-07-10 21:30 - 002982400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2019-07-10 21:30 - 2019-07-10 21:30 - 002871816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-07-10 21:30 - 2019-07-10 21:30 - 002701000 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-07-10 21:30 - 2019-07-10 21:30 - 002626872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-07-10 21:30 - 2019-07-10 21:30 - 002421760 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-07-10 21:30 - 2019-07-10 21:30 - 002073472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-07-10 21:30 - 2019-07-10 21:30 - 002050048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-07-10 21:30 - 2019-07-10 21:30 - 001994760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-07-10 21:30 - 2019-07-10 21:30 - 001966904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-07-10 21:30 - 2019-07-10 21:30 - 001903616 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-07-10 21:30 - 2019-07-10 21:30 - 001837136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2019-07-10 21:30 - 2019-07-10 21:30 - 001794048 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2019-07-10 21:30 - 2019-07-10 21:30 - 001721352 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-07-10 21:30 - 2019-07-10 21:30 - 001702088 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-07-10 21:30 - 2019-07-10 21:30 - 001622016 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2019-07-10 21:30 - 2019-07-10 21:30 - 001516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2019-07-10 21:30 - 2019-07-10 21:30 - 001472808 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-07-10 21:30 - 2019-07-10 21:30 - 001345168 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-07-10 21:30 - 2019-07-10 21:30 - 001316352 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-07-10 21:30 - 2019-07-10 21:30 - 001259520 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-07-10 21:30 - 2019-07-10 21:30 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-07-10 21:30 - 2019-07-10 21:30 - 001160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2019-07-10 21:30 - 2019-07-10 21:30 - 001145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2019-07-10 21:30 - 2019-07-10 21:30 - 001052672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-07-10 21:30 - 2019-07-10 21:30 - 001010688 _____ (Microsoft Corporation) C:\WINDOWS\system32\refsutil.exe
2019-07-10 21:30 - 2019-07-10 21:30 - 000998928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2019-07-10 21:30 - 2019-07-10 21:30 - 000863544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-07-10 21:30 - 2019-07-10 21:30 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2019-07-10 21:30 - 2019-07-10 21:30 - 000810504 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-07-10 21:30 - 2019-07-10 21:30 - 000807480 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-07-10 21:30 - 2019-07-10 21:30 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2019-07-10 21:30 - 2019-07-10 21:30 - 000771584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-07-10 21:30 - 2019-07-10 21:30 - 000740664 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-07-10 21:30 - 2019-07-10 21:30 - 000730936 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2019-07-10 21:30 - 2019-07-10 21:30 - 000637968 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-07-10 21:30 - 2019-07-10 21:30 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-07-10 21:30 - 2019-07-10 21:30 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-07-10 21:30 - 2019-07-10 21:30 - 000579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2019-07-10 21:30 - 2019-07-10 21:30 - 000553992 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-07-10 21:30 - 2019-07-10 21:30 - 000547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2019-07-10 21:30 - 2019-07-10 21:30 - 000519168 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-07-10 21:30 - 2019-07-10 21:30 - 000514136 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-07-10 21:30 - 2019-07-10 21:30 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-07-10 21:30 - 2019-07-10 21:30 - 000487936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2019-07-10 21:30 - 2019-07-10 21:30 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2019-07-10 21:30 - 2019-07-10 21:30 - 000464912 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-07-10 21:30 - 2019-07-10 21:30 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2019-07-10 21:30 - 2019-07-10 21:30 - 000439096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-07-10 21:30 - 2019-07-10 21:30 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2019-07-10 21:30 - 2019-07-10 21:30 - 000431416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2019-07-10 21:30 - 2019-07-10 21:30 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2019-07-10 21:30 - 2019-07-10 21:30 - 000397688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2019-07-10 21:30 - 2019-07-10 21:30 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-07-10 21:30 - 2019-07-10 21:30 - 000351432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2019-07-10 21:30 - 2019-07-10 21:30 - 000324624 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-07-10 21:30 - 2019-07-10 21:30 - 000323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2019-07-10 21:30 - 2019-07-10 21:30 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2019-07-10 21:30 - 2019-07-10 21:30 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2019-07-10 21:30 - 2019-07-10 21:30 - 000291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2019-07-10 21:30 - 2019-07-10 21:30 - 000278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmd.exe
2019-07-10 21:30 - 2019-07-10 21:30 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\DesktopSwitcherDataModel.dll
2019-07-10 21:30 - 2019-07-10 21:30 - 000239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2019-07-10 21:30 - 2019-07-10 21:30 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2019-07-10 21:30 - 2019-07-10 21:30 - 000201528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-07-10 21:30 - 2019-07-10 21:30 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll
2019-07-10 21:30 - 2019-07-10 21:30 - 000164368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-07-10 21:30 - 2019-07-10 21:30 - 000157024 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2019-07-10 21:30 - 2019-07-10 21:30 - 000149232 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
2019-07-10 21:30 - 2019-07-10 21:30 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2019-07-10 21:30 - 2019-07-10 21:30 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-07-10 21:30 - 2019-07-10 21:30 - 000121896 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-07-10 21:30 - 2019-07-10 21:30 - 000115120 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2019-07-10 21:30 - 2019-07-10 21:30 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2019-07-10 21:30 - 2019-07-10 21:30 - 000071696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-07-10 21:30 - 2019-07-10 21:30 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2019-07-10 21:30 - 2019-07-10 21:30 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-07-10 21:30 - 2019-07-10 21:30 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
2019-07-10 21:29 - 2019-07-10 21:30 - 000645120 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 017484800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 007884288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 007687784 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 007645600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 005561312 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 004351448 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-07-10 21:29 - 2019-07-10 21:29 - 003385856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 003335216 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 002766136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 002706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-07-10 21:29 - 2019-07-10 21:29 - 002645504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 002633216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 002593336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 002189312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 002085376 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 001929728 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 001893376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 001676288 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 001674752 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 001662480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 001321784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 001308672 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 001253688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-07-10 21:29 - 2019-07-10 21:29 - 001208320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 001199616 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 001054928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-07-10 21:29 - 2019-07-10 21:29 - 001052984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2019-07-10 21:29 - 2019-07-10 21:29 - 001048592 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-07-10 21:29 - 2019-07-10 21:29 - 001043968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2019-07-10 21:29 - 2019-07-10 21:29 - 001038336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 001007616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 000987736 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 000971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 000895552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 000871784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 000865272 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 000850992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 000816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2019-07-10 21:29 - 2019-07-10 21:29 - 000799776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 000774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2019-07-10 21:29 - 2019-07-10 21:29 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 000770096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 000768224 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 000758896 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-07-10 21:29 - 2019-07-10 21:29 - 000756224 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 000731104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-07-10 21:29 - 2019-07-10 21:29 - 000680176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 000651792 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-07-10 21:29 - 2019-07-10 21:29 - 000607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 000580024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 000541184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2019-07-10 21:29 - 2019-07-10 21:29 - 000527872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-07-10 21:29 - 2019-07-10 21:29 - 000521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 000514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 000513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 000511504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 000506408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 000482104 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-07-10 21:29 - 2019-07-10 21:29 - 000470528 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 000425472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 000423480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 000415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-07-10 21:29 - 2019-07-10 21:29 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 000347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.internal.shellcommon.shareexperience.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 000310288 _____ (Microsoft Corporation) C:\WINDOWS\system32\computestorage.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 000305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 000294000 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 000263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiCloudStore.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 000241944 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPHLPAPI.DLL
2019-07-10 21:29 - 2019-07-10 21:29 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-07-10 21:29 - 2019-07-10 21:29 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 000212792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-07-10 21:29 - 2019-07-10 21:29 - 000203272 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 000197832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IPHLPAPI.DLL
2019-07-10 21:29 - 2019-07-10 21:29 - 000192824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-07-10 21:29 - 2019-07-10 21:29 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 000141216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2019-07-10 21:29 - 2019-07-10 21:29 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 000117720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 000111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2019-07-10 21:29 - 2019-07-10 21:29 - 000095544 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2019-07-10 21:29 - 2019-07-10 21:29 - 000036360 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-07-10 21:29 - 2019-07-10 21:29 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-07-10 21:29 - 2019-07-10 21:29 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-07-10 21:29 - 2019-07-10 21:29 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-07-10 21:29 - 2019-07-10 21:29 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-07-10 21:29 - 2019-07-10 21:29 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-07-10 21:29 - 2019-07-10 21:29 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-07-10 21:29 - 2019-07-10 21:29 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-07-10 21:29 - 2019-07-10 21:29 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-07-10 21:28 - 2019-07-10 21:28 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-07-10 21:28 - 2019-07-10 21:28 - 000652296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-07-10 21:28 - 2019-07-10 21:28 - 000467984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2019-07-10 21:28 - 2019-07-10 21:28 - 000298296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2019-07-10 21:28 - 2019-07-10 21:28 - 000292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2019-07-10 21:28 - 2019-07-10 21:28 - 000198456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-07-10 21:28 - 2019-07-10 21:28 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2019-07-10 21:28 - 2019-07-10 21:28 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-01 19:04 - 2019-01-17 16:57 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-08-01 18:18 - 2012-10-07 17:16 - 000000000 ____D C:\Users\Petr\AppData\Local\CrashDumps
2019-08-01 15:17 - 2019-01-17 17:07 - 000000000 ____D C:\Users\Petr
2019-08-01 15:13 - 2019-01-17 17:37 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-08-01 14:14 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-08-01 13:41 - 2016-09-29 04:49 - 000000000 ____D C:\ProgramData\NVIDIA
2019-08-01 13:40 - 2018-09-15 09:33 - 000000000 ___HD C:\Program Files\WindowsApps.tmp
2019-08-01 13:39 - 2018-09-15 08:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-08-01 13:36 - 2018-09-15 09:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-08-01 13:24 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\registration
2019-08-01 11:36 - 2019-01-17 17:37 - 000004210 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-07-30 19:50 - 2019-01-17 17:07 - 000000000 ____D C:\Users\UpdatusUser
2019-07-29 12:32 - 2019-01-17 17:37 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-07-29 12:22 - 2018-09-15 09:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-07-29 11:42 - 2012-09-28 22:49 - 000000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2019-07-27 22:27 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-07-25 19:04 - 2016-07-02 01:53 - 000387896 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-07-24 19:09 - 2019-04-18 19:23 - 000003856 _____ C:\WINDOWS\System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2019-07-24 19:09 - 2019-04-18 19:23 - 000003272 _____ C:\WINDOWS\System32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2019-07-24 19:09 - 2018-04-20 13:03 - 000002510 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2019-07-17 11:03 - 2019-02-13 09:47 - 000279336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-07-17 11:03 - 2019-01-14 17:10 - 000263224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-07-17 11:03 - 2019-01-07 09:05 - 000206056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-07-17 11:03 - 2019-01-07 09:05 - 000061688 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-07-17 11:03 - 2019-01-07 09:05 - 000037320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-07-17 11:03 - 2018-10-29 20:25 - 000042504 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-07-17 11:03 - 2018-09-15 09:33 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-07-17 11:03 - 2017-11-17 11:33 - 000209256 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-07-17 11:03 - 2016-07-02 01:53 - 001030992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-07-17 11:03 - 2016-07-02 01:53 - 000477288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-07-17 11:03 - 2016-07-02 01:53 - 000112520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-07-17 11:03 - 2016-07-02 01:53 - 000088160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-07-16 15:09 - 2016-08-29 10:42 - 000002272 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-07-16 15:09 - 2013-03-14 17:04 - 000002313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-07-14 22:37 - 2019-01-17 17:37 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2019-07-14 22:37 - 2019-01-17 17:37 - 000003400 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-07-14 22:37 - 2019-01-17 17:37 - 000003194 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2019-07-14 22:37 - 2019-01-17 17:37 - 000003176 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-07-14 22:37 - 2019-01-17 17:37 - 000002862 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1005467907-3126548956-2189493663-1001
2019-07-14 22:37 - 2019-01-17 17:37 - 000002512 _____ C:\WINDOWS\System32\Tasks\HPLJCustParticipation
2019-07-14 22:37 - 2019-01-17 17:37 - 000002270 _____ C:\WINDOWS\System32\Tasks\{1BB8B291-D1F5-4EB4-9B41-07DBCEB29ADF}
2019-07-14 22:37 - 2019-01-17 17:37 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2019-07-13 20:28 - 2018-09-15 09:31 - 000000000 ____D C:\WINDOWS\INF
2019-07-12 20:27 - 2019-01-17 17:23 - 001920526 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-07-12 20:27 - 2018-09-15 19:32 - 000783062 _____ C:\WINDOWS\system32\perfh005.dat
2019-07-12 20:27 - 2018-09-15 19:32 - 000172644 _____ C:\WINDOWS\system32\perfc005.dat
2019-07-12 20:24 - 2016-08-01 02:03 - 000000000 ___RD C:\Users\Petr\3D Objects
2019-07-12 20:24 - 2016-04-27 08:56 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-07-12 20:21 - 2019-01-17 16:57 - 005106048 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-07-12 20:15 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-07-12 20:15 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-07-12 20:15 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-07-12 20:15 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-07-12 20:15 - 2018-09-15 08:09 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-07-12 20:14 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-07-12 20:14 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-07-12 20:14 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\Provisioning
2019-07-12 20:14 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-07-11 10:08 - 2019-01-17 17:07 - 000002411 _____ C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-07-11 10:08 - 2016-07-30 07:53 - 000000000 ___RD C:\Users\Petr\OneDrive
2019-07-10 21:56 - 2018-09-15 09:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-07-10 21:51 - 2013-07-15 19:36 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-07-10 21:39 - 2012-09-27 15:16 - 136618864 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-07-09 17:57 - 2009-07-14 04:34 - 000000493 _____ C:\WINDOWS\win.ini
2019-07-07 16:50 - 2017-11-18 20:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google

==================== Files in the root of some directories ================

2017-08-01 23:16 - 2017-08-02 14:20 - 000000067 _____ () C:\Users\Petr\AppData\Roaming\.tmp
2013-02-15 18:49 - 2014-07-12 11:44 - 000000000 _____ () C:\Users\Petr\AppData\Roaming\Devices
2013-02-15 18:49 - 2014-07-12 11:44 - 000000000 _____ () C:\Users\Petr\AppData\Roaming\Dialogs
2016-09-02 21:26 - 2016-09-02 21:34 - 000003157 _____ () C:\Users\Petr\AppData\Roaming\droid4xinstaller.log
2013-02-15 18:49 - 2013-02-15 18:49 - 000000268 ___RH () C:\Users\Petr\AppData\Roaming\Dynamic Library
2015-01-13 11:27 - 2015-03-10 11:26 - 000099384 _____ () C:\Users\Petr\AppData\Roaming\inst.exe
2013-09-24 19:33 - 2013-09-24 19:33 - 000077824 _____ () C:\Users\Petr\AppData\Roaming\Microsoft Office 2010 Activator - All Versions.exe
2012-11-24 11:32 - 2012-11-24 11:32 - 015823872 _____ () C:\Users\Petr\AppData\Roaming\Office 2010 Toolkit.exe
2015-01-13 11:27 - 2015-03-10 11:26 - 000007859 _____ () C:\Users\Petr\AppData\Roaming\pcouffin.cat
2015-01-13 11:27 - 2015-03-10 11:26 - 000001167 _____ () C:\Users\Petr\AppData\Roaming\pcouffin.inf
2015-01-13 11:27 - 2015-03-10 11:26 - 000000055 _____ () C:\Users\Petr\AppData\Roaming\pcouffin.log
2015-01-13 11:27 - 2015-03-10 11:26 - 000082816 _____ (VSO Software) C:\Users\Petr\AppData\Roaming\pcouffin.sys
2017-08-01 23:17 - 2017-08-01 23:17 - 000000487 _____ () C:\Users\Petr\AppData\Roaming\Settings.ini
2015-03-25 14:04 - 2016-08-29 12:00 - 000002160 _____ () C:\Users\Petr\AppData\Local\Ciferace.ini
2015-03-27 14:17 - 2015-03-27 14:18 - 000000130 _____ () C:\Users\Petr\AppData\Local\Ciferace0.213b.ini
2018-08-05 20:47 - 2019-01-31 20:07 - 000000186 _____ () C:\Users\Petr\AppData\Local\Ciferace0.314n.ini
2015-01-13 11:14 - 2015-01-13 11:22 - 000004608 _____ () C:\Users\Petr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-12-18 10:30 - 2019-02-11 12:00 - 000020946 _____ () C:\Users\Petr\AppData\Local\HWVendorDetection.log
2014-03-06 19:39 - 2017-02-19 20:30 - 000017601 _____ () C:\Users\Petr\AppData\Local\MRDownloader.err
2014-03-03 20:19 - 2017-02-19 20:31 - 000001064 _____ () C:\Users\Petr\AppData\Local\MRDownloader.nast
2017-04-23 17:38 - 2017-04-23 17:38 - 000000017 _____ () C:\Users\Petr\AppData\Local\resmon.resmoncfg
2012-09-27 02:58 - 2014-03-03 20:20 - 000054551 _____ () C:\Users\Petr\AppData\Local\SRDownloader.err
2012-09-26 23:23 - 2014-03-03 20:21 - 000001088 _____ () C:\Users\Petr\AppData\Local\SRDownloader.nast

==================== FCheck ================================

(If an entry is included in the fixlist, the file/folder will be moved.)

FCheck: C:\WINDOWS\system32\licence.dll [2015-11-25] <==== ATTENTION (zero byte File/Folder)

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

[Rudy]

V safe mode toho moc nezjistíme. PC v normálním režimu nefunguje? Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi