VIRY.CZ

Dobrý den,

Avast po návštěvě důvěryhodných webů (např. google) či e-mailových adres hlásí v krátkých intervalech útok. Hlásí to hlášku "Bezpečně jsme přerušili spojení s... ".

Příkládám log a prosím o kontrolu a pomoc.

Děkuji.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15.09.2018
Ran by Frantisek (administrator) on DESKTOP-BABDDQI (22-09-2018 23:25:46)
Running from C:\Users\Frantisek\Desktop
Loaded Profiles: Frantisek (Available Profiles: Frantisek)
Platform: Windows 10 Home Version 1803 17134.285 (X64) Language: Angličtina (Spojené státy)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Lenovo) C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Lenovo) C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
(Lenovo) C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Lenovo) C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_2.1.18.0_x64__8wekyb3d8bbwe\Microsoft.Notes.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Windows\SysWOW64\UMonit64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\AuthManager\AuthManSvr.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18384352 2018-01-12] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489920 2018-01-12] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489920 2018-01-12] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489920 2018-01-12] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-07-27] (Intel Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-08-25] (AVAST Software)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [297272 2017-12-11] (Apple Inc.)
HKLM\...\Run: [DDPF3] => C:\Program Files\Dolby\DDP_F3\ddpf3.exe [746496 2014-11-03] (Dolby Laboratories Inc.)
HKLM\...\Run: [UMonit] => C:\WINDOWS\SysWOW64\UMonit64.exe [33280 2015-06-12] ()
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3753280 2018-09-11] (Dropbox, Inc.)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [638352 2018-05-17] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [407440 2018-05-17] (Citrix Systems, Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4299968 2016-08-29] (Disc Soft Ltd)
HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-10-19] (Apple Inc.)
HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [68408 2017-10-19] (Apple Inc.)
HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2017-10-19] (Apple Inc.)
HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2017-10-19] (Apple Inc.)
HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-11] (Piriform Ltd)
HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27831240 2018-03-13] (Skype Technologies S.A.)
HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\...\Run: [Spotify Web Helper] => C:\Users\Frantisek\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2018-03-16] (Spotify Ltd)
Startup: C:\Users\Frantisek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Citrix Receiver.lnk [2018-09-05]
ShortcutTarget: Citrix Receiver.lnk -> C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe (Citrix Systems, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.88.1
Tcpip\..\Interfaces\{8271a80e-e246-4eda-8b09-7951cd214f7e}: [DhcpNameServer] 192.168.88.1

Internet Explorer:
==================
HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKU\S-1-5-21-3751077871-1395817455-3427987240-1001 -> DefaultScope {DCEA8CC8-B46B-4292-938C-A16139FC7A3F} URL =
SearchScopes: HKU\S-1-5-21-3751077871-1395817455-3427987240-1001 -> {DCEA8CC8-B46B-4292-938C-A16139FC7A3F} URL =
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc.)

FireFox:
========
FF ProfilePath: C:\Users\Frantisek\AppData\Roaming\Mozilla\Firefox\Profiles\nh8u3o6E.default [2016-05-19]
FF Extension: (Avira Browser Safety) - C:\Users\Frantisek\AppData\Roaming\Mozilla\Firefox\Profiles\nh8u3o6E.default\Extensions\abs@avira.com [2016-05-19] [Legacy]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2018-05-17] (Citrix Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)

Chrome:
=======
CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxp://www.seznam.cz/"
CHR Profile: C:\Users\Frantisek\AppData\Local\Google\Chrome\User Data\Default [2018-09-22]
CHR Extension: (Prezentace) - C:\Users\Frantisek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-15]
CHR Extension: (Dokumenty) - C:\Users\Frantisek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-15]
CHR Extension: (Disk Google) - C:\Users\Frantisek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-19]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Frantisek\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2017-02-11]
CHR Extension: (YouTube) - C:\Users\Frantisek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-19]
CHR Extension: (Tipli do prohlížeče) - C:\Users\Frantisek\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbnfnbehhjknomdbfhcobpgpphnlnikp [2018-03-19]
CHR Extension: (Tabulky) - C:\Users\Frantisek\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-15]
CHR Extension: (Word Online) - C:\Users\Frantisek\AppData\Local\Google\Chrome\User Data\Default\Extensions\fiombgjlkfpdpkbhfioofeeinbehmajg [2017-02-11]
CHR Extension: (Dokumenty Google offline) - C:\Users\Frantisek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-17]
CHR Extension: (AdBlock) - C:\Users\Frantisek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-09-18]
CHR Extension: (Cesta skrz Středozem) - C:\Users\Frantisek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjgkjeheegjnnmheaflhdocglkiegoni [2017-02-11]
CHR Extension: (Avast Online Security) - C:\Users\Frantisek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-04-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Frantisek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Gmail) - C:\Users\Frantisek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-19]
CHR Extension: (Chrome Media Router) - C:\Users\Frantisek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-13]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-11-27] (Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7994520 2018-08-25] (AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-08-25] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [431544 2018-08-25] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2018-08-25] (AVAST Software)
R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [650680 2015-07-29] (Lenovo)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-05-19] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-05-19] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2018-09-11] (Dropbox, Inc.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-08-29] (Disc Soft Ltd)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [134872 2018-01-12] (ELAN Microelectronics Corp.)
R2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1155512 2015-07-30] (Lenovo)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-07-27] (Intel Corporation)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [183448 2018-01-12] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373736 2017-05-02] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223520 2015-07-11] (Intel Corporation)
R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-08-13] ()
S3 ShareItSvc; C:\Program Files (x86)\Lenovo\SHAREit\Shareit.Service.exe [31176 2016-01-20] (SHAREit Technologies Co.Ltd)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [106904 2018-08-03] (Microsoft Corporation)
R2 ymc; C:\ProgramData\LenovoTransition\Server\x64\ymc.exe [38328 2015-12-02] (Lenovo)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831712 2015-08-13] (Intel® Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [199712 2018-08-25] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [229384 2018-08-25] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [201320 2018-08-25] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [346664 2018-08-25] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [59568 2018-08-25] (AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15360 2018-08-04] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46968 2018-08-25] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [163392 2018-09-11] (AVAST Software)
R1 aswNetSec; C:\WINDOWS\System32\drivers\aswNetSec.sys [662056 2018-08-25] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111864 2018-08-25] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [87904 2018-08-28] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1027720 2018-08-25] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [467320 2018-09-04] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215920 2018-09-12] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [381560 2018-08-25] (AVAST Software)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [178840 2018-04-17] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [169864 2018-04-17] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2018-04-17] (Avira Operations GmbH & Co. KG)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-09-10] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-09-10] (Disc Soft Ltd)
R3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [32840 2018-01-12] (ELAN Microelectronic Corp.)
S3 GeneStor; C:\WINDOWS\system32\DRIVERS\GeneStor.sys [115704 2015-06-12] (GenesysLogic)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-01-12] (REALiX(tm))
R3 iaLPSS_GPIO; C:\WINDOWS\System32\drivers\iaLPSS_GPIO.sys [46856 2015-06-15] (Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [232936 2018-01-12] (Intel Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253664 2018-09-22] (Malwarebytes)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [4103920 2015-08-24] (Intel Corporation)
S3 ptun0901; C:\WINDOWS\System32\drivers\ptun0901.sys [27136 2014-08-08] (The OpenVPN Project)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1010648 2018-01-12] (Realtek )
S3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [5707264 2018-04-12] (Realtek Semiconductor Corporation )
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3149832 2018-01-12] (Realtek Semiconductor Corp.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-22 23:25 - 2018-09-22 23:26 - 000027746 _____ C:\Users\Frantisek\Desktop\FRST.txt
2018-09-22 23:25 - 2018-09-22 23:25 - 000000000 ____D C:\FRST
2018-09-22 23:24 - 2018-09-22 23:24 - 002413568 _____ (Farbar) C:\Users\Frantisek\Desktop\FRST64.exe
2018-09-22 23:14 - 2018-09-22 23:14 - 000000000 ____D C:\Users\Frantisek\AppData\Local\CrashDumps
2018-09-22 12:54 - 2018-09-22 12:54 - 000253664 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-09-19 21:26 - 2018-09-19 21:26 - 035182557 _____ C:\Users\Frantisek\Documents\presskit_soudne_sestry_audiokniha_onehotbook.zip
2018-09-15 11:32 - 2018-09-15 11:43 - 000000000 ____D C:\Users\Frantisek\Desktop\Hudba_vecer
2018-09-14 21:46 - 2018-09-15 09:25 - 000000000 ____D C:\Users\Frantisek\Desktop\Hudba_narozeniny
2018-09-13 23:07 - 2018-09-13 23:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-09-11 20:46 - 2018-09-11 21:42 - 960819624 _____ C:\Users\Frantisek\Downloads\vymena.2008.cesky.avi
2018-09-11 19:54 - 2018-08-31 09:43 - 001524152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-09-11 19:54 - 2018-08-31 09:42 - 001636232 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-09-11 19:54 - 2018-08-31 09:23 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-09-11 19:54 - 2018-08-31 09:22 - 001855488 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-09-11 19:54 - 2018-08-31 08:55 - 001455960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-09-11 19:54 - 2018-08-31 08:53 - 001327504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-09-11 19:54 - 2018-08-31 08:37 - 001585664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-09-11 19:54 - 2018-08-31 05:44 - 001222440 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-09-11 19:54 - 2018-08-31 05:44 - 001030952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-09-11 19:54 - 2018-08-31 05:43 - 000722880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-09-11 19:54 - 2018-08-31 05:42 - 009090016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-09-11 19:54 - 2018-08-31 05:42 - 007520064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-09-11 19:54 - 2018-08-31 05:42 - 007436192 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-09-11 19:54 - 2018-08-31 05:42 - 002824672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-09-11 19:54 - 2018-08-31 05:42 - 002461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-09-11 19:54 - 2018-08-31 05:28 - 006570040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-09-11 19:54 - 2018-08-31 05:28 - 006043680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-09-11 19:54 - 2018-08-31 05:28 - 001989496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-09-11 19:54 - 2018-08-31 05:26 - 025847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-09-11 19:54 - 2018-08-31 05:21 - 022008320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-09-11 19:54 - 2018-08-31 05:20 - 022715904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-09-11 19:54 - 2018-08-31 05:18 - 008189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-09-11 19:54 - 2018-08-31 05:17 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-09-11 19:54 - 2018-08-31 05:16 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-09-11 19:54 - 2018-08-31 05:16 - 006661120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-09-11 19:54 - 2018-08-31 05:16 - 004382720 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-09-11 19:54 - 2018-08-31 05:15 - 007577088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-09-11 19:54 - 2018-08-31 05:15 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-09-11 19:54 - 2018-08-31 05:15 - 003392512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-09-11 19:54 - 2018-08-31 05:14 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-09-11 19:54 - 2018-08-31 05:14 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-09-11 19:54 - 2018-08-31 05:13 - 002738688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-09-11 19:54 - 2018-08-31 05:13 - 000402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2018-09-11 19:54 - 2018-08-31 05:11 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-09-11 19:54 - 2018-08-31 05:11 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-09-11 19:54 - 2018-08-31 05:10 - 005777920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-09-11 19:54 - 2018-08-31 05:10 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-09-11 19:54 - 2018-08-31 05:10 - 001375744 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-09-11 19:54 - 2018-08-31 05:09 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2018-09-11 19:54 - 2018-08-31 05:07 - 001627648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-09-11 19:54 - 2018-08-28 09:17 - 023862784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-09-11 19:54 - 2018-08-28 08:49 - 000677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2018-09-11 19:54 - 2018-08-28 08:48 - 001274368 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2018-09-11 19:54 - 2018-08-14 04:14 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2018-09-11 19:54 - 2018-08-09 11:32 - 004527680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-09-11 19:54 - 2018-08-09 11:31 - 001617728 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2018-09-11 19:54 - 2018-08-09 11:31 - 000766872 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2018-09-11 19:54 - 2018-08-09 11:16 - 004491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-09-11 19:54 - 2018-08-09 11:14 - 012709376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-09-11 19:54 - 2018-08-09 11:12 - 001787392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2018-09-11 19:54 - 2018-08-09 11:11 - 003652608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-09-11 19:54 - 2018-08-09 11:11 - 002051584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2018-09-11 19:54 - 2018-08-09 10:36 - 000660896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2018-09-11 19:54 - 2018-08-09 10:24 - 011901952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-09-11 19:54 - 2018-08-09 10:21 - 002894848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-09-11 19:54 - 2018-08-09 07:02 - 001035144 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-09-11 19:54 - 2018-08-09 06:54 - 001019016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-09-11 19:54 - 2018-08-09 06:53 - 002765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-09-11 19:54 - 2018-08-09 06:53 - 001947720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-09-11 19:54 - 2018-08-09 06:53 - 000714792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-09-11 19:54 - 2018-08-09 06:29 - 002253584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-09-11 19:54 - 2018-08-09 06:29 - 001620880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-09-11 19:54 - 2018-08-09 06:29 - 001174552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-09-11 19:54 - 2018-08-09 06:28 - 003395072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-09-11 19:54 - 2018-08-09 06:28 - 001589248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2018-09-11 19:54 - 2018-08-09 06:25 - 003320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-09-11 19:54 - 2018-08-09 06:24 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-09-11 19:54 - 2018-08-09 06:23 - 003148288 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2018-09-11 19:54 - 2018-08-09 06:23 - 002904064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-09-11 19:54 - 2018-08-09 06:23 - 002172928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-09-11 19:54 - 2018-08-09 06:22 - 004615680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-09-11 19:54 - 2018-08-09 06:22 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-09-11 19:54 - 2018-08-09 06:11 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-09-11 19:54 - 2018-08-09 06:10 - 002893824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2018-09-11 19:54 - 2018-08-09 06:09 - 004191232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-09-11 19:54 - 2018-08-09 06:09 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-09-11 19:53 - 2018-08-31 09:46 - 000542504 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-09-11 19:53 - 2018-08-31 09:45 - 000348328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-09-11 19:53 - 2018-08-31 09:27 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-09-11 19:53 - 2018-08-31 09:27 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2018-09-11 19:53 - 2018-08-31 09:26 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2018-09-11 19:53 - 2018-08-31 09:25 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\spp.dll
2018-09-11 19:53 - 2018-08-31 09:25 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2018-09-11 19:53 - 2018-08-31 09:24 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2018-09-11 19:53 - 2018-08-31 09:24 - 000482304 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2018-09-11 19:53 - 2018-08-31 09:24 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-09-11 19:53 - 2018-08-31 09:23 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2018-09-11 19:53 - 2018-08-31 09:22 - 001661440 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2018-09-11 19:53 - 2018-08-31 08:41 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2018-09-11 19:53 - 2018-08-31 08:41 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2018-09-11 19:53 - 2018-08-31 08:40 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spp.dll
2018-09-11 19:53 - 2018-08-31 08:37 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2018-09-11 19:53 - 2018-08-31 08:37 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-09-11 19:53 - 2018-08-31 08:36 - 001469952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2018-09-11 19:53 - 2018-08-31 05:50 - 000273720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-09-11 19:53 - 2018-08-31 05:50 - 000270648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-09-11 19:53 - 2018-08-31 05:44 - 001064744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-09-11 19:53 - 2018-08-31 05:44 - 000568600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-09-11 19:53 - 2018-08-31 05:44 - 000136488 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-09-11 19:53 - 2018-08-31 05:44 - 000076256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-09-11 19:53 - 2018-08-31 05:43 - 002719216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-09-11 19:53 - 2018-08-31 05:42 - 001767064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2018-09-11 19:53 - 2018-08-31 05:42 - 001458552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-09-11 19:53 - 2018-08-31 05:42 - 001258352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-09-11 19:53 - 2018-08-31 05:42 - 001142000 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-09-11 19:53 - 2018-08-31 05:42 - 001097720 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-09-11 19:53 - 2018-08-31 05:42 - 000983080 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-09-11 19:53 - 2018-08-31 05:42 - 000885928 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-09-11 19:53 - 2018-08-31 05:42 - 000632296 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpx.dll
2018-09-11 19:53 - 2018-08-31 05:42 - 000604640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-09-11 19:53 - 2018-08-31 05:42 - 000527328 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-09-11 19:53 - 2018-08-31 05:42 - 000494472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2018-09-11 19:53 - 2018-08-31 05:42 - 000155112 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2018-09-11 19:53 - 2018-08-31 05:28 - 001514352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2018-09-11 19:53 - 2018-08-31 05:28 - 001129728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-09-11 19:53 - 2018-08-31 05:28 - 000568568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-09-11 19:53 - 2018-08-31 05:28 - 000453104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpx.dll
2018-09-11 19:53 - 2018-08-31 05:28 - 000134936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2018-09-11 19:53 - 2018-08-31 05:17 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\netevent.dll
2018-09-11 19:53 - 2018-08-31 05:15 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-09-11 19:53 - 2018-08-31 05:15 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2018-09-11 19:53 - 2018-08-31 05:15 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2018-09-11 19:53 - 2018-08-31 05:14 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-09-11 19:53 - 2018-08-31 05:14 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-09-11 19:53 - 2018-08-31 05:14 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-09-11 19:53 - 2018-08-31 05:13 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-09-11 19:53 - 2018-08-31 05:12 - 000736256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-09-11 19:53 - 2018-08-31 05:12 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netevent.dll
2018-09-11 19:53 - 2018-08-31 05:11 - 002236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-09-11 19:53 - 2018-08-31 05:11 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-09-11 19:53 - 2018-08-31 05:11 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-09-11 19:53 - 2018-08-31 05:11 - 000604160 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-09-11 19:53 - 2018-08-31 05:11 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-09-11 19:53 - 2018-08-31 05:10 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-09-11 19:53 - 2018-08-31 05:10 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-09-11 19:53 - 2018-08-31 05:10 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-09-11 19:53 - 2018-08-31 05:10 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-09-11 19:53 - 2018-08-31 05:10 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-09-11 19:53 - 2018-08-31 05:10 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2018-09-11 19:53 - 2018-08-31 05:09 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-09-11 19:53 - 2018-08-31 05:08 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-09-11 19:53 - 2018-08-31 05:07 - 000856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-09-11 19:53 - 2018-08-31 05:07 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2018-09-11 19:53 - 2018-08-31 05:06 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-09-11 19:53 - 2018-08-31 03:57 - 000001308 _____ C:\WINDOWS\system32\tcbres.wim
2018-09-11 19:53 - 2018-08-28 08:56 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-09-11 19:53 - 2018-08-28 08:45 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2018-09-11 19:53 - 2018-08-28 07:51 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-09-11 19:53 - 2018-08-14 04:14 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2018-09-11 19:53 - 2018-08-09 11:31 - 000253544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2018-09-11 19:53 - 2018-08-09 11:31 - 000236624 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2018-09-11 19:53 - 2018-08-09 11:17 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2018-09-11 19:53 - 2018-08-09 11:14 - 000466944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2018-09-11 19:53 - 2018-08-09 11:14 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollUI.dll
2018-09-11 19:53 - 2018-08-09 11:14 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdeploy.dll
2018-09-11 19:53 - 2018-08-09 11:13 - 000521216 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2018-09-11 19:53 - 2018-08-09 11:13 - 000517120 _____ (Microsoft Corporation) C:\WINDOWS\system32\certreq.exe
2018-09-11 19:53 - 2018-08-09 11:13 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-09-11 19:53 - 2018-08-09 11:13 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\TtlsExt.dll
2018-09-11 19:53 - 2018-08-09 11:12 - 002084864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-09-11 19:53 - 2018-08-09 11:12 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-09-11 19:53 - 2018-08-09 11:11 - 001004032 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2018-09-11 19:53 - 2018-08-09 11:11 - 000615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2018-09-11 19:53 - 2018-08-09 11:11 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2018-09-11 19:53 - 2018-08-09 11:10 - 001557504 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2018-09-11 19:53 - 2018-08-09 11:10 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2018-09-11 19:53 - 2018-08-09 11:10 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-09-11 19:53 - 2018-08-09 11:09 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput8.dll
2018-09-11 19:53 - 2018-08-09 11:09 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput.dll
2018-09-11 19:53 - 2018-08-09 11:09 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2018-09-11 19:53 - 2018-08-09 10:36 - 000221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2018-09-11 19:53 - 2018-08-09 10:24 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdeploy.dll
2018-09-11 19:53 - 2018-08-09 10:23 - 003397632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-09-11 19:53 - 2018-08-09 10:23 - 001308160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2018-09-11 19:53 - 2018-08-09 10:23 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnrollUI.dll
2018-09-11 19:53 - 2018-08-09 10:22 - 001452544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2018-09-11 19:53 - 2018-08-09 10:22 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-09-11 19:53 - 2018-08-09 10:22 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2018-09-11 19:53 - 2018-08-09 10:22 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certreq.exe
2018-09-11 19:53 - 2018-08-09 10:21 - 002016768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-09-11 19:53 - 2018-08-09 10:21 - 001274368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2018-09-11 19:53 - 2018-08-09 10:21 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2018-09-11 19:53 - 2018-08-09 10:20 - 002401792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2018-09-11 19:53 - 2018-08-09 10:20 - 000423424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2018-09-11 19:53 - 2018-08-09 10:20 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput8.dll
2018-09-11 19:53 - 2018-08-09 10:20 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput.dll
2018-09-11 19:53 - 2018-08-09 10:19 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2018-09-11 19:53 - 2018-08-09 07:01 - 000777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2018-09-11 19:53 - 2018-08-09 06:55 - 000230304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2018-09-11 19:53 - 2018-08-09 06:54 - 000709824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-09-11 19:53 - 2018-08-09 06:54 - 000375704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-09-11 19:53 - 2018-08-09 06:54 - 000203568 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2018-09-11 19:53 - 2018-08-09 06:54 - 000170912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-09-11 19:53 - 2018-08-09 06:53 - 001026456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-09-11 19:53 - 2018-08-09 06:53 - 000932136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2018-09-11 19:53 - 2018-08-09 06:53 - 000482480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-09-11 19:53 - 2018-08-09 06:53 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2018-09-11 19:53 - 2018-08-09 06:53 - 000125600 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptxml.dll
2018-09-11 19:53 - 2018-08-09 06:30 - 000829856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2018-09-11 19:53 - 2018-08-09 06:30 - 000183992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2018-09-11 19:53 - 2018-08-09 06:29 - 000581696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-09-11 19:53 - 2018-08-09 06:29 - 000099208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptxml.dll
2018-09-11 19:53 - 2018-08-09 06:27 - 000428032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-09-11 19:53 - 2018-08-09 06:27 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\eShims.dll
2018-09-11 19:53 - 2018-08-09 06:27 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollCtrl.exe
2018-09-11 19:53 - 2018-08-09 06:26 - 000990720 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2018-09-11 19:53 - 2018-08-09 06:26 - 000572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2018-09-11 19:53 - 2018-08-09 06:26 - 000528384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2018-09-11 19:53 - 2018-08-09 06:26 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-09-11 19:53 - 2018-08-09 06:26 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\TtlsAuth.dll
2018-09-11 19:53 - 2018-08-09 06:26 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\TtlsCfg.dll
2018-09-11 19:53 - 2018-08-09 06:26 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-09-11 19:53 - 2018-08-09 06:25 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-09-11 19:53 - 2018-08-09 06:25 - 000797184 _____ (Microsoft Corporation) C:\WINDOWS\system32\certca.dll
2018-09-11 19:53 - 2018-08-09 06:25 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2018-09-11 19:53 - 2018-08-09 06:25 - 000460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2018-09-11 19:53 - 2018-08-09 06:25 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2018-09-11 19:53 - 2018-08-09 06:25 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2018-09-11 19:53 - 2018-08-09 06:24 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-09-11 19:53 - 2018-08-09 06:23 - 000916992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2018-09-11 19:53 - 2018-08-09 06:22 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-09-11 19:53 - 2018-08-09 06:22 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2018-09-11 19:53 - 2018-08-09 06:21 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-09-11 19:53 - 2018-08-09 06:13 - 001189376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2018-09-11 19:53 - 2018-08-09 06:13 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnrollCtrl.exe
2018-09-11 19:53 - 2018-08-09 06:12 - 000652288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certca.dll
2018-09-11 19:53 - 2018-08-09 06:11 - 000471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2018-09-11 19:53 - 2018-08-09 06:11 - 000350208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2018-09-11 19:53 - 2018-08-09 06:11 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-09-11 19:53 - 2018-08-09 06:11 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TtlsAuth.dll
2018-09-11 19:53 - 2018-08-09 06:11 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TtlsCfg.dll
2018-09-11 19:53 - 2018-08-09 06:11 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2018-09-11 19:53 - 2018-08-09 06:10 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2018-09-11 19:53 - 2018-08-09 06:10 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-09-11 19:53 - 2018-08-09 06:08 - 000195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2018-09-11 19:53 - 2018-08-09 05:08 - 000806416 _____ C:\WINDOWS\SysWOW64\locale.nls
2018-09-11 19:53 - 2018-08-09 05:08 - 000806416 _____ C:\WINDOWS\system32\locale.nls
2018-09-11 13:54 - 2018-09-11 13:54 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2018-09-11 13:54 - 2018-09-11 13:54 - 000050232 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2018-09-11 13:54 - 2018-09-11 13:54 - 000050232 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2018-09-11 13:54 - 2018-09-11 13:54 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2018-09-05 21:08 - 2018-09-05 21:08 - 000002645 _____ C:\Users\Frantisek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Disk K.lnk
2018-09-05 21:08 - 2018-09-05 21:08 - 000001250 _____ C:\Users\Frantisek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lotus Notes 9 Citrix.lnk
2018-09-05 21:08 - 2018-09-05 21:08 - 000001174 _____ C:\Users\Frantisek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HEG.lnk
2018-09-05 21:08 - 2018-09-05 21:08 - 000000000 ____D C:\Users\Frantisek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MS Office Citrix
2018-09-05 21:08 - 2018-09-05 21:08 - 000000000 ____D C:\Users\Frantisek\AppData\Roaming\Citrix
2018-09-05 21:05 - 2018-09-17 21:51 - 000000000 ____D C:\ProgramData\Citrix
2018-09-05 21:05 - 2018-09-06 15:05 - 000000000 ____D C:\Users\Frantisek\AppData\Local\Citrix
2018-09-05 21:05 - 2018-09-05 21:05 - 000001507 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix Receiver.lnk
2018-09-05 21:05 - 2018-09-05 21:05 - 000000000 ____D C:\Users\Frantisek\AppData\Roaming\ICAClient
2018-09-05 21:05 - 2018-09-05 21:05 - 000000000 ____D C:\Program Files (x86)\Citrix
2018-09-05 21:05 - 2010-05-26 11:41 - 001998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2018-09-05 21:00 - 2018-09-05 21:00 - 000000625 _____ C:\Users\Frantisek\Downloads\receiverconfig.cr
2018-09-02 15:58 - 2018-09-02 17:33 - 1745575876 _____ C:\Users\Frantisek\Downloads\Ready Player One-Hra zacina-(2018 CZdab)..avi
2018-09-02 13:50 - 2018-09-02 14:19 - 530587698 _____ C:\Users\Frantisek\Downloads\Příběh služebnice S01E04-Nolite Te Bastardes Carborundorum_CZ_dub.avi
2018-09-02 09:16 - 2018-09-02 10:28 - 1313893004 _____ C:\Users\Frantisek\Downloads\Coco _2017.HD.Dolby.CZ-dab_BIGbob.mkv
2018-09-02 08:03 - 2018-09-02 08:40 - 623095874 _____ C:\Users\Frantisek\Downloads\Příběh služebnice S01E03-Pozdě_CZ_dub.avi
2018-09-01 14:21 - 2018-09-01 14:21 - 002175403 _____ C:\Users\Frantisek\Downloads\mesicni-zahrady-auto_preview.mobi
2018-09-01 14:10 - 2018-09-01 15:01 - 914183249 _____ C:\Users\Frantisek\Downloads\Rudá volavka (2018) akční č.dabing.mp4
2018-09-01 13:10 - 2018-09-01 14:02 - 860552174 _____ C:\Users\Frantisek\Downloads\Sněhulák (2017) (Drama,Horor,Krimi,Mysteriózní,Thriller).avi
2018-09-01 12:32 - 2018-09-01 13:06 - 591631250 _____ C:\Users\Frantisek\Downloads\Dej mi sve jmeno 2017 MT.mp4
2018-09-01 11:10 - 2018-09-01 11:51 - 690076024 _____ C:\Users\Frantisek\Downloads\Největší showman 2017 CZ dabing+CZ titulky k písním vložil Ksíkos.avi
2018-09-01 09:35 - 2018-09-01 10:54 - 865539099 _____ C:\Users\Frantisek\Downloads\Wind River-krimi podle skutečnosti (cz dabing) 2017.mp4
2018-09-01 08:30 - 2018-09-01 09:11 - 690940983 _____ C:\Users\Frantisek\Downloads\7 životů (2017) CZ by bery.mkv
2018-08-26 12:58 - 2018-08-25 20:43 - 000034400 _____ C:\Users\Frantisek\Downloads\Stranger.Things.S01E03.720p.WEBRiP.x264.ShAaNiG.srt
2018-08-25 21:20 - 2018-08-25 21:20 - 000002546 _____ C:\Users\Frantisek\Desktop\Avast Secure Browser.lnk
2018-08-25 21:12 - 2018-08-25 21:42 - 471225847 _____ C:\Users\Frantisek\Downloads\Stranger.Things.S01E04.720p.WEBRiP.x264.ShAaNiG.mkv
2018-08-25 20:45 - 2018-08-25 21:12 - 471300704 _____ C:\Users\Frantisek\Downloads\Stranger.Things.S01E03.720p.WEBRiP.x264.ShAaNiG.mkv
2018-08-25 20:19 - 2018-08-25 20:19 - 000379608 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-22 23:20 - 2016-05-20 17:06 - 000000000 ____D C:\Users\Frantisek\Documents\Soubory aplikace Outlook
2018-09-22 23:15 - 2018-05-24 23:40 - 000004220 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{82AB4C5C-D24F-4DEB-98A5-A79C4C674FD3}
2018-09-22 23:13 - 2018-05-24 23:40 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-09-22 23:12 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-09-22 14:53 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-09-22 14:47 - 2017-07-16 21:58 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-09-22 14:47 - 2016-09-10 23:12 - 000000000 ___RD C:\Users\Frantisek\iCloudDrive
2018-09-22 14:47 - 2016-05-19 17:07 - 000000000 __SHD C:\Users\Frantisek\IntelGraphicsProfiles
2018-09-22 12:49 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-09-22 12:48 - 2018-05-25 09:16 - 000717298 _____ C:\WINDOWS\system32\perfh005.dat
2018-09-22 12:48 - 2018-05-25 09:16 - 000145074 _____ C:\WINDOWS\system32\perfc005.dat
2018-09-22 12:48 - 2018-05-24 23:38 - 001692472 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-09-22 12:48 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2018-09-22 12:44 - 2018-05-24 23:40 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-09-22 12:44 - 2018-04-11 23:04 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2018-09-22 12:44 - 2016-05-19 22:27 - 000000946 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2018-09-22 12:44 - 2016-05-19 22:27 - 000000942 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2018-09-22 12:40 - 2018-05-24 23:40 - 000004006 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2018-09-22 12:40 - 2018-05-24 23:40 - 000003774 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2018-09-22 12:39 - 2018-05-24 23:29 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-09-22 07:56 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-09-21 19:31 - 2018-05-24 23:40 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-09-21 19:30 - 2016-06-12 19:46 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-09-20 15:59 - 2016-05-19 22:41 - 000000000 ____D C:\Users\Frantisek\AppData\Roaming\vlc
2018-09-19 19:15 - 2018-04-05 19:41 - 000002505 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2018-09-17 21:50 - 2018-05-24 23:29 - 000412672 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-09-17 21:50 - 2017-01-21 13:54 - 000000000 ____D C:\Program Files\CCleaner
2018-09-17 21:49 - 2018-05-24 23:32 - 000000000 ____D C:\Users\Frantisek
2018-09-17 21:49 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2018-09-17 21:49 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2018-09-17 21:49 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2018-09-17 21:49 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2018-09-17 21:49 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2018-09-17 21:49 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2018-09-17 21:49 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2018-09-17 21:49 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2018-09-17 21:49 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2018-09-17 21:49 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2018-09-17 21:49 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2018-09-17 21:49 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2018-09-17 21:49 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2018-09-17 21:49 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2018-09-17 21:49 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2018-09-17 21:49 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2018-09-17 21:49 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2018-09-17 21:49 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2018-09-17 21:49 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2018-09-17 21:49 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2018-09-17 21:49 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2018-09-17 21:49 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2018-09-17 21:49 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2018-09-17 21:49 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2018-09-17 21:49 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2018-09-17 21:49 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2018-09-17 21:49 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2018-09-17 21:49 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2018-09-17 21:49 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2018-09-17 21:49 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2018-09-17 21:49 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2018-09-17 21:49 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2018-09-17 21:49 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2018-09-17 21:49 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2018-09-17 21:49 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2018-09-17 21:49 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2018-09-17 21:49 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2018-09-17 21:49 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2018-09-17 21:49 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2018-09-17 21:49 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2018-09-17 21:49 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2018-09-17 21:49 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2018-09-17 21:49 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2018-09-17 21:49 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2018-09-17 21:49 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-09-17 21:49 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-09-17 21:49 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-09-17 21:49 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-09-17 21:49 - 2018-04-11 23:04 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-09-17 20:47 - 2016-05-19 17:34 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-09-16 09:58 - 2018-05-24 23:40 - 000003386 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3751077871-1395817455-3427987240-1001
2018-09-16 09:58 - 2018-05-24 23:32 - 000002456 _____ C:\Users\Frantisek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-09-16 09:58 - 2016-05-19 17:10 - 000000000 ___RD C:\Users\Frantisek\OneDrive
2018-09-15 20:31 - 2018-05-24 23:40 - 000004210 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-09-14 21:48 - 2016-05-19 22:39 - 000001150 _____ C:\Users\Public\Desktop\VLC media player.lnk
2018-09-13 23:07 - 2016-05-19 22:27 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-09-12 20:04 - 2017-04-02 10:16 - 000215920 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-09-11 20:20 - 2016-05-21 08:00 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-09-11 20:03 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-09-11 20:03 - 2016-05-21 08:00 - 139184408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-09-11 19:28 - 2017-04-02 10:16 - 000163392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-09-05 01:04 - 2018-04-12 01:41 - 000835144 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-09-05 01:04 - 2018-04-12 01:41 - 000179808 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-09-04 21:12 - 2017-04-02 10:16 - 000467320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-08-28 17:18 - 2017-04-02 10:16 - 000087904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-08-28 07:16 - 2016-05-19 22:32 - 000000000 ___RD C:\Users\Frantisek\Dropbox
2018-08-25 21:02 - 2018-08-18 17:03 - 002390237 _____ C:\Users\Frantisek\Desktop\Dovolena_kviz.pptx
2018-08-25 20:19 - 2018-08-18 11:20 - 000662056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetSec.sys
2018-08-25 20:19 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-08-25 20:19 - 2017-11-16 19:29 - 000199712 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-08-25 20:19 - 2017-04-02 10:16 - 001027720 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-08-25 20:19 - 2017-04-02 10:16 - 000381560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-08-25 20:19 - 2017-04-02 10:16 - 000346664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbloga.sys
2018-08-25 20:19 - 2017-04-02 10:16 - 000229384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2018-08-25 20:19 - 2017-04-02 10:16 - 000201320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2018-08-25 20:19 - 2017-04-02 10:16 - 000111864 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-08-25 20:19 - 2017-04-02 10:16 - 000059568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2018-08-25 20:19 - 2017-04-02 10:16 - 000046968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-24 23:29

==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15.09.2018
Ran by Frantisek (22-09-2018 23:26:48)
Running from C:\Users\Frantisek\Desktop
Windows 10 Home Version 1803 17134.285 (X64) (2018-05-24 21:40:54)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3751077871-1395817455-3427987240-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3751077871-1395817455-3427987240-503 - Limited - Disabled)
Frantisek (S-1-5-21-3751077871-1395817455-3427987240-1001 - Administrator - Enabled) => C:\Users\Frantisek
Guest (S-1-5-21-3751077871-1395817455-3427987240-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3751077871-1395817455-3427987240-1003 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-3751077871-1395817455-3427987240-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.011.20063 - Adobe Systems Incorporated)
Apple Mobile Device Support (HKLM\...\{BD6778C5-6FA5-492A-ADD6-E706339C2A7B}) (Version: 11.0.2.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
Audacity 2.2.1 (HKLM-x32\...\Audacity_is1) (Version: 2.2.1 - Audacity Team)
Avast Internet Security (HKLM-x32\...\Avast Antivirus) (Version: 18.6.2349 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 69.0.792.81 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.136.333 - AVAST Software) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
Citrix Receiver 4.12 (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.12.0.18020 - Citrix Systems, Inc.)
Combined Community Codec Pack 2013-04-20 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2013.04.20.0 - CCCP Project)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0195 - Disc Soft Ltd)
Disk K (HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\...\store-5c0ec3f7@@XA.Disk K) (Version: 1.0 - Delivered by Citrix)
Dolby Digital Plus (HKLM\...\{D2CD7DCF-D129-4A54-8543-38BECC6CFDAE}) (Version: 7.6.7.1 - Dolby Laboratories Inc)
Dropbox (HKLM-x32\...\Dropbox) (Version: 57.4.89 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.141.1 - Dropbox, Inc.) Hidden
Excel (HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\...\store-5c0ec3f7@@XA.Excel5C6B) (Version: 1.0 - Delivered by Citrix)
Flipper Graph Control (HKLM-x32\...\FlpGrfCtrl) (Version: 2.80 - ProWorks Corporation)
FormatFactory 3.9.5.0 (HKLM-x32\...\FormatFactory) (Version: 3.9.5.0 - Free Time)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.5.0.4.1001 - Genesys Logic)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 69.0.3497.100 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
HEG (HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\...\store-5c0ec3f7@@XA.HEG) (Version: 1.0 - Delivered by Citrix)
iCloud (HKLM\...\{FF99A618-BCA5-4658-B9FF-CCF57C177610}) (Version: 7.1.0.34 - Apple Inc.)
Intel(R) Chipset Device Software (HKLM-x32\...\{c6cff78a-cccb-49d5-be68-ae0ec5f0d48a}) (Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4624 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.6.0.1029 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.253.0 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{DC5673D2-228D-45BC-B9BB-9610CE67DFC0}) (Version: 17.1.1524.1353 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{4c8b7360-62a2-4339-b745-41323055d0bb}) (Version: 18.20.0 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
iTunes (HKLM\...\{412595B6-5162-4792-8DEE-2766FBC6C1EC}) (Version: 12.7.2.60 - Apple Inc.)
Lotus Notes 9 Citrix (HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\...\store-5c0ec3f7@@XA.Lotus Notes 9 Citrix) (Version: 1.0 - Delivered by Citrix)
Malwarebytes verze 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Metric Collection SDK (HKLM-x32\...\{DDAA788F-52E6-44EA-ADB8-92837B11BF26}) (Version: 1.1.0012.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\...\OneDriveSetup.exe) (Version: 18.151.0729.0006 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Online Plug-in (HKLM-x32\...\{2E9881CA-E41C-45E5-8055-61A4CC1BF93F}) (Version: 14.12.0.18020 - Citrix Systems, Inc.) Hidden
PhotoFiltre 7 (HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\...\PhotoFiltre 7) (Version: - )
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{BC7C46A4-D7A7-48EC-A98C-32A7762B5EFA}) (Version: 6.2.1 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{F0C4B709-8BF4-4A72-B527-12E7BF5482F8}) (Version: 6.2.1 - Apple Inc.)
PowerPoint (HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\...\store-5c0ec3f7@@XA.PowerPoint1CE6) (Version: 1.0 - Delivered by Citrix)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Self-service Plug-in (HKLM-x32\...\{7A029AB7-8CC4-4FE8-904F-A090248C1BC7}) (Version: 4.12.0.18013 - Citrix Systems, Inc.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Signer 5.2 (HKLM-x32\...\{A3516568-BFF3-43C0-84A6-ABA553D12887}) (Version: 5.2 - Asseco Central Europe, a. s.)
Skype™ 7.41 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.41.101 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\...\Spotify) (Version: 1.0.63.617.g5aca9a2a - Spotify AB)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0 - Ghisler Software GmbH)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Word (HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\...\store-5c0ec3f7@@XA.WordF987) (Version: 1.0 - Delivered by Citrix)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-25] (AVAST Software)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-25] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-25] (AVAST Software)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_103.dll [2013-06-17] (Free Time)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2017-10-19] (Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-25] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_103.dll [2013-06-17] (Free Time)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-05-02] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-25] (AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {09F011FB-1683-43B9-BA2D-9C0F357D78E7} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2017-10-19] (Apple Inc.)
Task: {11E26B49-EBEF-46E9-9906-F1A1481D6433} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-05-19] (Dropbox, Inc.)
Task: {37BA1ABF-303C-4947-AE11-BE3F25E88214} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-08] (Lenovo)
Task: {42C9947B-4A93-451E-A00A-5FA875262790} - System32\Tasks\Driver Booster SkipUAC (Frantisek) => C:\Program Files (x86)\IObit\Driver Booster\5.0.3\DriverBooster.exe
Task: {529DC260-C295-4377-8507-3070F18DB5DE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-11] (Piriform Ltd)
Task: {5A3FF6AA-993C-4A31-93A1-00E2ADAF5414} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-09-11] (Piriform Ltd)
Task: {5E819FC3-54EF-424A-910B-F9B27931A400} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {616C1BEB-89E0-4CFD-B479-36546D86DE80} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-19] (Google Inc.)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {6807B783-A2C5-4306-9F2A-6D286C82E97C} - System32\Tasks\Trigger KMS Activation => C:\Program Files\KMSnano\TriggerKMS.exe [2013-01-26] ()
Task: {69B0C726-7952-4E90-986C-B79476FF8244} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Task: {76C76F06-DB16-4DDB-B8BC-314BFE57A66E} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-05] (AVAST Software)
Task: {77797E88-619B-45ED-AE3A-74E4E78F1A53} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-05] (AVAST Software)
Task: {82F13F17-6E01-4C54-A98A-4C493800FF1D} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {8CF5EB36-CB51-4AF5-AF74-813A2F7D537B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {A9605708-EDC7-4BEE-BCD0-7A6A2B2437FE} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-09-17] (AVAST Software)
Task: {C334F845-BC5B-47CD-B2B3-4DAB17F047F4} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe
Task: {D538E4F9-F0FF-44F3-A5E9-534F6F69BC00} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {E6D8A039-4CE6-458D-9EE0-997761348B80} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-05-19] (Dropbox, Inc.)
Task: {EB88900D-2769-46EA-841C-920A1C0BBC4C} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-08-25] (AVAST Software)
Task: {F1F02536-0C15-44D9-93CC-A9BC82881CD9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-19] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2016-02-15 21:01 - 2016-02-15 21:01 - 000031256 _____ () C:\WINDOWS\System32\us008lm.dll
2017-11-30 19:54 - 2017-11-30 19:54 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-11-30 19:54 - 2017-11-30 19:54 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-02-02 03:28 - 2015-08-19 04:59 - 000058296 _____ () C:\ProgramData\LenovoTransition\Server\x64\dptf.dll
2017-10-07 08:55 - 2018-04-25 13:16 - 002297040 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2016-02-02 03:28 - 2015-12-02 10:24 - 000043960 _____ () C:\ProgramData\LenovoTransition\Server\x64\EnableAutoRotation.dll
2017-05-02 05:03 - 2017-05-02 05:03 - 000401904 _____ () C:\WINDOWS\system32\igfxTray.exe
2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-09-11 19:54 - 2018-08-31 05:12 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-12-12 09:46 - 2017-12-12 09:46 - 000948736 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_2.1.18.0_x64__8wekyb3d8bbwe\e_sqlite3.dll
2018-04-11 17:28 - 2018-04-11 17:28 - 002426040 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_2.1.18.0_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll
2018-04-11 17:28 - 2018-04-11 17:29 - 000381440 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_2.1.18.0_x64__8wekyb3d8bbwe\Microsoft.Notes.Upgrade.dll
2017-11-30 16:38 - 2017-11-30 16:38 - 000843672 _____ () C:\Program Files\WindowsApps\Microsoft.Services.Store.Engagement_10.0.17112.0_x64__8wekyb3d8bbwe\Microsoft.Services.Store.Engagement.dll
2018-03-20 23:59 - 2018-03-21 00:00 - 000631296 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_2.1.18.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 004644864 _____ () C:\Windows\System32\Windows.UI.Input.Inking.Analysis.dll
2017-09-02 18:21 - 2015-06-12 17:05 - 000033280 _____ () C:\Windows\SysWOW64\UMonit64.exe
2018-09-17 20:47 - 2018-09-15 10:26 - 005110616 _____ () C:\Program Files (x86)\Google\Chrome\Application\69.0.3497.100\libglesv2.dll
2018-09-17 20:47 - 2018-09-15 10:26 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\69.0.3497.100\libegl.dll
2018-08-25 20:19 - 2018-08-25 20:19 - 000575704 _____ () c:\program files\avast software\avast\streamback.dll
2016-02-02 03:28 - 2015-02-13 02:02 - 000224696 _____ () C:\Program Files (x86)\Lenovo\CCSDK\SDKClient.dll
2015-07-11 09:37 - 2015-07-11 09:37 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2018-03-04 09:28 - 2018-03-04 09:28 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-11-30 19:55 - 2017-11-30 19:55 - 001042232 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2017-11-30 19:55 - 2017-11-30 19:55 - 000076088 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2017-11-30 19:54 - 2017-11-30 19:54 - 000189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2018-09-13 23:06 - 2018-09-11 13:54 - 001113928 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2018-09-13 23:06 - 2018-09-11 13:54 - 002247496 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2018-06-26 21:03 - 2018-09-11 13:57 - 000023888 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:55 - 000025456 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:54 - 000142824 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:55 - 001958760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:55 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:54 - 000117272 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes35.dll
2018-06-26 21:03 - 2018-09-11 13:54 - 000109024 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:56 - 000083784 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:54 - 000418776 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom35.dll
2018-06-26 21:03 - 2018-09-11 13:54 - 000027616 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:54 - 000049128 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:56 - 000074584 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:54 - 000131552 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:55 - 000026312 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:54 - 000026600 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:54 - 000182752 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:54 - 000027616 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:54 - 000119272 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:57 - 000401608 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:54 - 000028640 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:58 - 000034664 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:54 - 000023520 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:54 - 000053736 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:54 - 000065504 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:58 - 000059744 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:58 - 000068968 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:58 - 000028520 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:55 - 000027488 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:54 - 000032736 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:56 - 000156504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:57 - 000092488 _____ () C:\Program Files (x86)\Dropbox\Client\sip.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:56 - 001779024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:56 - 000519504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:56 - 000052424 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:56 - 001929552 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:56 - 003822784 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:56 - 000044888 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:56 - 000132944 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:56 - 000218456 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:56 - 000205656 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:54 - 000061408 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:58 - 000051552 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:54 - 000027624 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.cp35-win32.pyd
2018-08-02 14:16 - 2018-09-11 13:58 - 000033632 _____ () C:\Program Files (x86)\Dropbox\Client\winreindex.compiled._winreindex.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:58 - 000028008 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:58 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:58 - 000025448 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:58 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:55 - 000031600 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:54 - 000494048 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:56 - 000102736 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:58 - 000029040 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:56 - 000029024 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:54 - 000036312 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2018-09-13 23:06 - 2018-09-11 13:56 - 000036712 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:54 - 000293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2018-06-26 21:03 - 2018-09-11 13:58 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:55 - 000441672 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2018-06-26 21:03 - 2018-09-11 13:58 - 000035680 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:56 - 000025920 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL
2018-09-13 23:06 - 2018-09-11 13:56 - 001592128 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2018-06-26 21:03 - 2018-09-11 13:58 - 000095592 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:58 - 000029544 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:56 - 000531280 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:56 - 000354128 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:56 - 000037200 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.cp35-win32.pyd
2013-09-05 00:14 - 2013-09-05 00:14 - 004300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2015-11-11 02:42 - 2015-11-11 02:42 - 001045672 _____ () C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\desktop.ini:gs5sys [2304]
AlternateDataStreams: C:\Users\Frantisek\Cookies:gs5sys [2560]
AlternateDataStreams: C:\Users\Frantisek\Desktop\desktop.ini:gs5sys [3074]
AlternateDataStreams: C:\Users\Frantisek\AppData\Local\History:gs5sys [3074]
AlternateDataStreams: C:\Users\Frantisek\Documents\desktop.ini:gs5sys [3074]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 09:24 - 2018-09-22 23:24 - 000000825 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Frantisek\AppData\Local\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.88.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "LenovoUtility"
HKLM\...\StartupApproved\Run: => "DDPF3"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "CDAServer"
HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\...\StartupApproved\Run: => "Skype"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{91E7C3BD-0A3C-4278-8077-A6A8A39D99C2}C:\users\frantisek\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\frantisek\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{2D8D9197-F403-428D-A1DE-0ACFF30F2483}C:\users\frantisek\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\frantisek\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{2D3A8490-0911-4065-A504-D7DC23ABC71B}C:\users\frantisek\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\frantisek\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{5F6168A9-C241-4F38-ADAB-3B36950E5699}C:\users\frantisek\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\frantisek\appdata\roaming\spotify\spotify.exe
FirewallRules: [{D320150D-B86E-47AA-876F-694BB4017501}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{D7576151-1CB7-4702-949C-98C57F5BFCB2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AAD93D77-761A-46FB-A0DA-B1B293AEEB3D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5D17B387-F4FE-431A-A813-0B555A43862A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{10F6F913-57DF-41E4-98B3-8D3418213D2D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D18AC9EB-0BA0-4434-AD07-05F286890C53}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{0B22EC86-FBA8-4490-ABC8-B25650826D0C}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{A6AD4048-88CC-403A-8D9F-16C89E98B3E0}] => (Allow) C:\Program Files\KMSnano\qemu-system-i386.exe
FirewallRules: [{BABB41AE-AE03-4A99-99BB-0612FC5BC0C7}] => (Allow) C:\Program Files\KMSnano\qemu-system-i386.exe
FirewallRules: [{741D3FB0-24CA-4679-915D-7D43BCECD095}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{B22E5A59-5A7A-4AAF-BCF6-EF410CD8D32C}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{C46FAA6A-F601-4982-80E6-5359576EBA9B}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{2AA7F6C8-081D-4ED7-B410-F6DC1FE47E69}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{A47E9DCD-A1EE-415B-A929-59C6615B7022}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{61B80FC6-8755-489D-9E0B-7B827C99E460}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{71C0D235-8BC1-437E-87D0-E1A1A8F6D09A}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{ADEBDD25-DC5D-41D6-B9A1-16D449D50AAA}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{8E470ABF-2560-4A12-B96E-544D91114336}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A4CB87D5-601B-4ED5-B813-908164E8E262}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{E0D92CAE-867F-409B-958C-6ED4A4EFDA4D}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{516791DC-15CF-4DB0-88BA-E5332563451C}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{5EA6198D-5903-4BF7-B96E-6EA2A71A0502}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{D8D67D2E-D6FE-415D-91D7-B0DBA1AB28EF}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{C76016AE-1CC6-4E86-BD9E-F3D332D4F181}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{0C210043-F0EB-4ED0-97D1-8E8287EFF19F}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{2093EA1F-3D01-4800-9129-8D92927E3D2E}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{600FF24C-427B-4596-8ED2-5D366C0E24F8}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{2787B4CE-C7A0-4193-BCC1-FAFCFFD4B7CB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{A01CC3B0-29CC-48E4-B999-1B3CE6123D20}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/22/2018 11:24:14 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.285_none_fb4297e330656775.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.285_none_42efceba44e1907b.manifest.

Error: (09/22/2018 11:14:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: dismhost.exe, verze: 10.0.17134.1, časové razítko: 0x7346ec69
Název chybujícího modulu: LogProvider.dll, verze: 0.0.0.0, časové razítko: 0x24b16b36
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000009820
ID chybujícího procesu: 0xc74
Čas spuštění chybující aplikace: 0x01d452b918bdd0ba
Cesta k chybující aplikaci: C:\Users\FRANTI~1\AppData\Local\Temp\51BACA96-6108-4872-AA96-F27B127F1FC3\dismhost.exe
Cesta k chybujícímu modulu: C:\Users\FRANTI~1\AppData\Local\Temp\51BACA96-6108-4872-AA96-F27B127F1FC3\LogProvider.dll
ID zprávy: 6a32fbb5-26ce-4abd-900d-ef060769a5b7
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (09/22/2018 02:48:19 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.285_none_fb4297e330656775.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.285_none_42efceba44e1907b.manifest.

Error: (09/22/2018 02:47:33 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.285_none_fb4297e330656775.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.285_none_42efceba44e1907b.manifest.

Error: (09/22/2018 02:47:27 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.285_none_fb4297e330656775.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.285_none_42efceba44e1907b.manifest.

Error: (09/22/2018 02:47:23 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.285_none_fb4297e330656775.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.285_none_42efceba44e1907b.manifest.

Error: (09/22/2018 12:51:59 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.285_none_fb4297e330656775.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.285_none_42efceba44e1907b.manifest.

Error: (09/22/2018 12:46:14 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.285_none_fb4297e330656775.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.285_none_42efceba44e1907b.manifest.


System errors:
=============
Error: (09/22/2018 02:48:00 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-BABDDQI)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-BABDDQI\Frantisek (SID: S-1-5-21-3751077871-1395817455-3427987240-1001) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Unavailable – SID (Unavailable). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/22/2018 02:47:21 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Unavailable – SID (Unavailable). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/22/2018 02:47:21 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Unavailable – SID (Unavailable). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/22/2018 02:47:20 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Unavailable – SID (Unavailable). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/22/2018 12:45:34 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-BABDDQI)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-BABDDQI\Frantisek (SID: S-1-5-21-3751077871-1395817455-3427987240-1001) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Unavailable – SID (Unavailable). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/22/2018 12:45:06 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\NETWORK SERVICE (SID: S-1-5-20) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Unavailable – SID (Unavailable). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/22/2018 12:44:57 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Unavailable – SID (Unavailable). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/22/2018 12:44:57 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Unavailable – SID (Unavailable). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


CodeIntegrity:
===================================

Date: 2018-05-24 23:41:50.249
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Pentium(R) CPU 3825U @ 1.90GHz
Percentage of memory in use: 84%
Total physical RAM: 4001.92 MB
Available physical RAM: 630.94 MB
Total Virtual: 5985.92 MB
Available Virtual: 2075.98 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:97.81 GB) (Free:5.72 GB) NTFS

\\?\Volume{0a86c24b-e0e1-404f-8713-716d92b20a27}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.48 GB) NTFS
\\?\Volume{6da71df4-5196-46d1-ae34-aeb4990ed7ba}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 034936E0)

Partition: GPT.

==================== End of Addition.txt ============================

Ahoj

S akym presne serverom / domenou / IP adresou hlasi Avast prerusenie spojenia?

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

• Uloz na plochu a ukonci vsetky programy
• Spusti AdwCleaner ako spravca
• Odsuhlas licencne podmienky
• Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
• Nechaj zaskrtnute vsetky nalezy
• Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
• Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
• Otvori sa log, jeho obsah sem skopiruj

Zdravím,

ad 1) přerušené spojení mi to hlásilo například, když jsem se chtěl přihlásit do administrace blogu jedoucím na wordpressu či teď mi to vyskočilo jako "spojení s HTML: Script-inf, kde jsme zjistili infekci ocsp.digicert.com".

ad 2) přikládám log z programu

# -------------------------------
# Malwarebytes AdwCleaner 7.2.3.1
# -------------------------------
# Build: 09-03-2018
# Database: (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 09-23-2018
# Duration: 00:00:32
# OS: Windows 10 Home
# Scanned: 41930
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.


AdwCleaner[S00].txt - [1373 octets] - [17/04/2018 19:59:56]
AdwCleaner[C00].txt - [1460 octets] - [17/04/2018 20:00:17]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########

Poprosim o obidva nove logy z FRST.

Zasílám nové logy.


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-24 23:29

==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23.09.2018
Ran by Frantisek (24-09-2018 19:02:43)
Running from C:\Users\Frantisek\Desktop
Windows 10 Home Version 1803 17134.285 (X64) (2018-05-24 21:40:54)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3751077871-1395817455-3427987240-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3751077871-1395817455-3427987240-503 - Limited - Disabled)
Frantisek (S-1-5-21-3751077871-1395817455-3427987240-1001 - Administrator - Enabled) => C:\Users\Frantisek
Guest (S-1-5-21-3751077871-1395817455-3427987240-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3751077871-1395817455-3427987240-1003 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-3751077871-1395817455-3427987240-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.011.20063 - Adobe Systems Incorporated)
Apple Mobile Device Support (HKLM\...\{BD6778C5-6FA5-492A-ADD6-E706339C2A7B}) (Version: 11.0.2.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
Audacity 2.2.1 (HKLM-x32\...\Audacity_is1) (Version: 2.2.1 - Audacity Team)
Avast Internet Security (HKLM-x32\...\Avast Antivirus) (Version: 18.6.2349 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 69.0.792.81 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.136.333 - AVAST Software) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
Citrix Receiver 4.12 (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.12.0.18020 - Citrix Systems, Inc.)
Combined Community Codec Pack 2013-04-20 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2013.04.20.0 - CCCP Project)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0195 - Disc Soft Ltd)
Disk K (HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\...\store-5c0ec3f7@@XA.Disk K) (Version: 1.0 - Delivered by Citrix)
Dolby Digital Plus (HKLM\...\{D2CD7DCF-D129-4A54-8543-38BECC6CFDAE}) (Version: 7.6.7.1 - Dolby Laboratories Inc)
Dropbox (HKLM-x32\...\Dropbox) (Version: 57.4.89 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.141.1 - Dropbox, Inc.) Hidden
Excel (HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\...\store-5c0ec3f7@@XA.Excel5C6B) (Version: 1.0 - Delivered by Citrix)
Flipper Graph Control (HKLM-x32\...\FlpGrfCtrl) (Version: 2.80 - ProWorks Corporation)
FormatFactory 3.9.5.0 (HKLM-x32\...\FormatFactory) (Version: 3.9.5.0 - Free Time)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.5.0.4.1001 - Genesys Logic)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 69.0.3497.100 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
HEG (HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\...\store-5c0ec3f7@@XA.HEG) (Version: 1.0 - Delivered by Citrix)
iCloud (HKLM\...\{FF99A618-BCA5-4658-B9FF-CCF57C177610}) (Version: 7.1.0.34 - Apple Inc.)
Intel(R) Chipset Device Software (HKLM-x32\...\{c6cff78a-cccb-49d5-be68-ae0ec5f0d48a}) (Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4624 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.6.0.1029 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.253.0 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{DC5673D2-228D-45BC-B9BB-9610CE67DFC0}) (Version: 17.1.1524.1353 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{4c8b7360-62a2-4339-b745-41323055d0bb}) (Version: 18.20.0 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
iTunes (HKLM\...\{412595B6-5162-4792-8DEE-2766FBC6C1EC}) (Version: 12.7.2.60 - Apple Inc.)
Lotus Notes 9 Citrix (HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\...\store-5c0ec3f7@@XA.Lotus Notes 9 Citrix) (Version: 1.0 - Delivered by Citrix)
Malwarebytes verze 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Metric Collection SDK (HKLM-x32\...\{DDAA788F-52E6-44EA-ADB8-92837B11BF26}) (Version: 1.1.0012.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\...\OneDriveSetup.exe) (Version: 18.151.0729.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Online Plug-in (HKLM-x32\...\{2E9881CA-E41C-45E5-8055-61A4CC1BF93F}) (Version: 14.12.0.18020 - Citrix Systems, Inc.) Hidden
PhotoFiltre 7 (HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\...\PhotoFiltre 7) (Version: - )
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{BC7C46A4-D7A7-48EC-A98C-32A7762B5EFA}) (Version: 6.2.1 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{F0C4B709-8BF4-4A72-B527-12E7BF5482F8}) (Version: 6.2.1 - Apple Inc.)
PowerPoint (HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\...\store-5c0ec3f7@@XA.PowerPoint1CE6) (Version: 1.0 - Delivered by Citrix)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Self-service Plug-in (HKLM-x32\...\{7A029AB7-8CC4-4FE8-904F-A090248C1BC7}) (Version: 4.12.0.18013 - Citrix Systems, Inc.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Signer 5.2 (HKLM-x32\...\{A3516568-BFF3-43C0-84A6-ABA553D12887}) (Version: 5.2 - Asseco Central Europe, a. s.)
Skype™ 7.41 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.41.101 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\...\Spotify) (Version: 1.0.63.617.g5aca9a2a - Spotify AB)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0 - Ghisler Software GmbH)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Word (HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\...\store-5c0ec3f7@@XA.WordF987) (Version: 1.0 - Delivered by Citrix)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-25] (AVAST Software)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-25] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-25] (AVAST Software)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_103.dll [2013-06-17] (Free Time)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2017-10-19] (Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-25] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_103.dll [2013-06-17] (Free Time)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-05-02] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-25] (AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {09F011FB-1683-43B9-BA2D-9C0F357D78E7} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2017-10-19] (Apple Inc.)
Task: {11E26B49-EBEF-46E9-9906-F1A1481D6433} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-05-19] (Dropbox, Inc.)
Task: {37BA1ABF-303C-4947-AE11-BE3F25E88214} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-08] (Lenovo)
Task: {42C9947B-4A93-451E-A00A-5FA875262790} - System32\Tasks\Driver Booster SkipUAC (Frantisek) => C:\Program Files (x86)\IObit\Driver Booster\5.0.3\DriverBooster.exe
Task: {529DC260-C295-4377-8507-3070F18DB5DE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-11] (Piriform Ltd)
Task: {5A3FF6AA-993C-4A31-93A1-00E2ADAF5414} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-09-11] (Piriform Ltd)
Task: {5E819FC3-54EF-424A-910B-F9B27931A400} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {616C1BEB-89E0-4CFD-B479-36546D86DE80} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-19] (Google Inc.)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {6807B783-A2C5-4306-9F2A-6D286C82E97C} - System32\Tasks\Trigger KMS Activation => C:\Program Files\KMSnano\TriggerKMS.exe [2013-01-26] ()
Task: {69B0C726-7952-4E90-986C-B79476FF8244} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Task: {76C76F06-DB16-4DDB-B8BC-314BFE57A66E} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-05] (AVAST Software)
Task: {77797E88-619B-45ED-AE3A-74E4E78F1A53} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-05] (AVAST Software)
Task: {82F13F17-6E01-4C54-A98A-4C493800FF1D} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {8CF5EB36-CB51-4AF5-AF74-813A2F7D537B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {A9605708-EDC7-4BEE-BCD0-7A6A2B2437FE} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-09-17] (AVAST Software)
Task: {C334F845-BC5B-47CD-B2B3-4DAB17F047F4} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe
Task: {D538E4F9-F0FF-44F3-A5E9-534F6F69BC00} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {E6D8A039-4CE6-458D-9EE0-997761348B80} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-05-19] (Dropbox, Inc.)
Task: {EB88900D-2769-46EA-841C-920A1C0BBC4C} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-08-25] (AVAST Software)
Task: {F1F02536-0C15-44D9-93CC-A9BC82881CD9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-19] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2016-02-15 21:01 - 2016-02-15 21:01 - 000031256 _____ () C:\WINDOWS\System32\us008lm.dll
2017-11-30 19:54 - 2017-11-30 19:54 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-11-30 19:54 - 2017-11-30 19:54 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-02-02 03:28 - 2015-08-19 04:59 - 000058296 _____ () C:\ProgramData\LenovoTransition\Server\x64\dptf.dll
2016-02-02 03:28 - 2015-12-02 10:24 - 000043960 _____ () C:\ProgramData\LenovoTransition\Server\x64\EnableAutoRotation.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2017-05-02 05:03 - 2017-05-02 05:03 - 000401904 _____ () C:\WINDOWS\system32\igfxTray.exe
2018-09-11 19:54 - 2018-08-31 05:12 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-09-02 18:21 - 2015-06-12 17:05 - 000033280 _____ () C:\Windows\SysWOW64\UMonit64.exe
2018-08-25 20:19 - 2018-08-25 20:19 - 000575704 _____ () c:\program files\avast software\avast\streamback.dll
2018-03-04 09:28 - 2018-03-04 09:28 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-11-30 19:55 - 2017-11-30 19:55 - 001042232 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2017-11-30 19:55 - 2017-11-30 19:55 - 000076088 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2017-11-30 19:54 - 2017-11-30 19:54 - 000189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2018-09-13 23:06 - 2018-09-11 13:54 - 001113928 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2018-09-13 23:06 - 2018-09-11 13:54 - 002247496 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2018-06-26 21:03 - 2018-09-11 13:57 - 000023888 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:55 - 000025456 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:54 - 000142824 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:55 - 001958760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:55 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:54 - 000117272 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes35.dll
2018-06-26 21:03 - 2018-09-11 13:54 - 000109024 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:56 - 000083784 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:54 - 000418776 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom35.dll
2018-06-26 21:03 - 2018-09-11 13:54 - 000027616 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:54 - 000049128 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:56 - 000074584 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:54 - 000131552 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:55 - 000026312 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:54 - 000026600 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:54 - 000182752 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:54 - 000027616 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:54 - 000119272 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:57 - 000401608 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:54 - 000028640 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:58 - 000034664 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:54 - 000023520 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:54 - 000053736 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:54 - 000065504 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:58 - 000059744 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:58 - 000068968 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:58 - 000028520 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:55 - 000027488 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:54 - 000032736 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:56 - 000156504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:57 - 000092488 _____ () C:\Program Files (x86)\Dropbox\Client\sip.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:56 - 001779024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:56 - 000519504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:56 - 000052424 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:56 - 001929552 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:56 - 003822784 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:56 - 000044888 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:56 - 000132944 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:56 - 000218456 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:56 - 000205656 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:54 - 000061408 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:58 - 000051552 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:54 - 000027624 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.cp35-win32.pyd
2018-08-02 14:16 - 2018-09-11 13:58 - 000033632 _____ () C:\Program Files (x86)\Dropbox\Client\winreindex.compiled._winreindex.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:58 - 000028008 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:58 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:58 - 000025448 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:58 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:55 - 000031600 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:54 - 000494048 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:56 - 000102736 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:58 - 000029040 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:56 - 000029024 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:54 - 000036312 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2018-09-13 23:06 - 2018-09-11 13:56 - 000036712 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:54 - 000293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2018-06-26 21:03 - 2018-09-11 13:58 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:55 - 000441672 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2018-06-26 21:03 - 2018-09-11 13:58 - 000035680 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:56 - 000025920 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL
2018-09-13 23:06 - 2018-09-11 13:56 - 001592128 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2018-06-26 21:03 - 2018-09-11 13:58 - 000095592 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:58 - 000029544 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:56 - 000531280 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:56 - 000354128 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:56 - 000037200 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:58 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.shcore.compiled._winffi_shcore.cp35-win32.pyd
2016-02-02 03:28 - 2015-02-13 02:02 - 000224696 _____ () C:\Program Files (x86)\Lenovo\CCSDK\SDKClient.dll
2015-07-11 09:37 - 2015-07-11 09:37 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\desktop.ini:gs5sys [2304]
AlternateDataStreams: C:\Users\Frantisek\Cookies:gs5sys [2560]
AlternateDataStreams: C:\Users\Frantisek\Desktop\desktop.ini:gs5sys [3074]
AlternateDataStreams: C:\Users\Frantisek\AppData\Local\History:gs5sys [3074]
AlternateDataStreams: C:\Users\Frantisek\Documents\desktop.ini:gs5sys [3074]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 09:24 - 2018-09-23 12:59 - 000000826 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Frantisek\AppData\Local\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.88.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run: => "LenovoUtility"
HKLM\...\StartupApproved\Run: => "DDPF3"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "CDAServer"
HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\...\StartupApproved\Run: => "Skype"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{91E7C3BD-0A3C-4278-8077-A6A8A39D99C2}C:\users\frantisek\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\frantisek\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{2D8D9197-F403-428D-A1DE-0ACFF30F2483}C:\users\frantisek\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\frantisek\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{2D3A8490-0911-4065-A504-D7DC23ABC71B}C:\users\frantisek\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\frantisek\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{5F6168A9-C241-4F38-ADAB-3B36950E5699}C:\users\frantisek\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\frantisek\appdata\roaming\spotify\spotify.exe
FirewallRules: [{D320150D-B86E-47AA-876F-694BB4017501}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{D7576151-1CB7-4702-949C-98C57F5BFCB2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AAD93D77-761A-46FB-A0DA-B1B293AEEB3D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5D17B387-F4FE-431A-A813-0B555A43862A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{10F6F913-57DF-41E4-98B3-8D3418213D2D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D18AC9EB-0BA0-4434-AD07-05F286890C53}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{0B22EC86-FBA8-4490-ABC8-B25650826D0C}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{A6AD4048-88CC-403A-8D9F-16C89E98B3E0}] => (Allow) C:\Program Files\KMSnano\qemu-system-i386.exe
FirewallRules: [{BABB41AE-AE03-4A99-99BB-0612FC5BC0C7}] => (Allow) C:\Program Files\KMSnano\qemu-system-i386.exe
FirewallRules: [{741D3FB0-24CA-4679-915D-7D43BCECD095}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{B22E5A59-5A7A-4AAF-BCF6-EF410CD8D32C}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{C46FAA6A-F601-4982-80E6-5359576EBA9B}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{2AA7F6C8-081D-4ED7-B410-F6DC1FE47E69}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{A47E9DCD-A1EE-415B-A929-59C6615B7022}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{61B80FC6-8755-489D-9E0B-7B827C99E460}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{71C0D235-8BC1-437E-87D0-E1A1A8F6D09A}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{ADEBDD25-DC5D-41D6-B9A1-16D449D50AAA}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{8E470ABF-2560-4A12-B96E-544D91114336}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A4CB87D5-601B-4ED5-B813-908164E8E262}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{E0D92CAE-867F-409B-958C-6ED4A4EFDA4D}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{516791DC-15CF-4DB0-88BA-E5332563451C}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{5EA6198D-5903-4BF7-B96E-6EA2A71A0502}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{D8D67D2E-D6FE-415D-91D7-B0DBA1AB28EF}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{C76016AE-1CC6-4E86-BD9E-F3D332D4F181}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{0C210043-F0EB-4ED0-97D1-8E8287EFF19F}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{2093EA1F-3D01-4800-9129-8D92927E3D2E}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{600FF24C-427B-4596-8ED2-5D366C0E24F8}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{2787B4CE-C7A0-4193-BCC1-FAFCFFD4B7CB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{A01CC3B0-29CC-48E4-B999-1B3CE6123D20}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/24/2018 06:58:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3172

Error: (09/24/2018 06:58:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3172

Error: (09/24/2018 06:58:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/23/2018 09:25:34 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.285_none_fb4297e330656775.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.285_none_42efceba44e1907b.manifest.

Error: (09/23/2018 01:06:01 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.285_none_fb4297e330656775.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.285_none_42efceba44e1907b.manifest.

Error: (09/23/2018 01:04:42 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.285_none_fb4297e330656775.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.285_none_42efceba44e1907b.manifest.

Error: (09/23/2018 12:57:11 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.285_none_fb4297e330656775.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.285_none_42efceba44e1907b.manifest.

Error: (09/23/2018 09:49:00 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.285_none_fb4297e330656775.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.285_none_42efceba44e1907b.manifest.


System errors:
=============
Error: (09/24/2018 06:59:56 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-BABDDQI)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-BABDDQI\Frantisek (SID: S-1-5-21-3751077871-1395817455-3427987240-1001) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Unavailable – SID (Unavailable). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/24/2018 06:59:24 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Unavailable – SID (Unavailable). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/24/2018 05:52:17 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-BABDDQI)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-BABDDQI\Frantisek (SID: S-1-5-21-3751077871-1395817455-3427987240-1001) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Unavailable – SID (Unavailable). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/23/2018 10:06:16 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-BABDDQI)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-BABDDQI\Frantisek (SID: S-1-5-21-3751077871-1395817455-3427987240-1001) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Unavailable – SID (Unavailable). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/23/2018 10:00:06 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-BABDDQI)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-BABDDQI\Frantisek (SID: S-1-5-21-3751077871-1395817455-3427987240-1001) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Unavailable – SID (Unavailable). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/23/2018 09:50:02 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-BABDDQI)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-BABDDQI\Frantisek (SID: S-1-5-21-3751077871-1395817455-3427987240-1001) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Unavailable – SID (Unavailable). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/23/2018 09:48:09 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Unavailable – SID (Unavailable). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/23/2018 09:48:09 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Unavailable – SID (Unavailable). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


CodeIntegrity:
===================================

Date: 2018-05-24 23:41:50.249
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Pentium(R) CPU 3825U @ 1.90GHz
Percentage of memory in use: 53%
Total physical RAM: 4001.92 MB
Available physical RAM: 1863.92 MB
Total Virtual: 5985.92 MB
Available Virtual: 3204.17 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:97.81 GB) (Free:5.29 GB) NTFS

\\?\Volume{0a86c24b-e0e1-404f-8713-716d92b20a27}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.48 GB) NTFS
\\?\Volume{6da71df4-5196-46d1-ae34-aeb4990ed7ba}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 034936E0)

Partition: GPT.

==================== End of Addition.txt ============================

Ten hlavny log nie je cely. Stiahni aktualnu verziu FRST z https://www.bleepingcomputer.com/downlo ... scan-tool/ a vytvor logy este raz.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23.09.2018
Ran by Frantisek (administrator) on DESKTOP-BABDDQI (25-09-2018 07:11:52)
Running from C:\Users\Frantisek\Desktop
Loaded Profiles: Frantisek (Available Profiles: Frantisek)
Platform: Windows 10 Home Version 1803 17134.285 (X64) Language: Angličtina (Spojené státy)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Lenovo) C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(Lenovo) C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
(Lenovo) C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17134.281_none_eada712a1d8142be\TiWorker.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Lenovo) C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Windows\SysWOW64\UMonit64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\AuthManager\AuthManSvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18384352 2018-01-12] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489920 2018-01-12] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489920 2018-01-12] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489920 2018-01-12] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-07-27] (Intel Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-08-25] (AVAST Software)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [297272 2017-12-11] (Apple Inc.)
HKLM\...\Run: [DDPF3] => C:\Program Files\Dolby\DDP_F3\ddpf3.exe [746496 2014-11-03] (Dolby Laboratories Inc.)
HKLM\...\Run: [UMonit] => C:\WINDOWS\SysWOW64\UMonit64.exe [33280 2015-06-12] ()
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3753280 2018-09-11] (Dropbox, Inc.)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [638352 2018-05-17] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [407440 2018-05-17] (Citrix Systems, Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4299968 2016-08-29] (Disc Soft Ltd)
HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-10-19] (Apple Inc.)
HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [68408 2017-10-19] (Apple Inc.)
HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2017-10-19] (Apple Inc.)
HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2017-10-19] (Apple Inc.)
HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-11] (Piriform Ltd)
HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27831240 2018-03-13] (Skype Technologies S.A.)
HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\...\Run: [Spotify Web Helper] => C:\Users\Frantisek\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2018-03-16] (Spotify Ltd)
Startup: C:\Users\Frantisek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Citrix Receiver.lnk [2018-09-05]
ShortcutTarget: Citrix Receiver.lnk -> C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe (Citrix Systems, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.88.1
Tcpip\..\Interfaces\{8271a80e-e246-4eda-8b09-7951cd214f7e}: [DhcpNameServer] 192.168.88.1

Internet Explorer:
==================
HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKU\S-1-5-21-3751077871-1395817455-3427987240-1001 -> DefaultScope {DCEA8CC8-B46B-4292-938C-A16139FC7A3F} URL =
SearchScopes: HKU\S-1-5-21-3751077871-1395817455-3427987240-1001 -> {DCEA8CC8-B46B-4292-938C-A16139FC7A3F} URL =
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc.)

FireFox:
========
FF ProfilePath: C:\Users\Frantisek\AppData\Roaming\Mozilla\Firefox\Profiles\nh8u3o6E.default [2016-05-19]
FF Extension: (Avira Browser Safety) - C:\Users\Frantisek\AppData\Roaming\Mozilla\Firefox\Profiles\nh8u3o6E.default\Extensions\abs@avira.com [2016-05-19] [Legacy]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2018-05-17] (Citrix Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)

Chrome:
=======
CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxp://www.seznam.cz/"
CHR Profile: C:\Users\Frantisek\AppData\Local\Google\Chrome\User Data\Default [2018-09-25]
CHR Extension: (Prezentace) - C:\Users\Frantisek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-15]
CHR Extension: (Dokumenty) - C:\Users\Frantisek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-15]
CHR Extension: (Disk Google) - C:\Users\Frantisek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-19]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Frantisek\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2017-02-11]
CHR Extension: (YouTube) - C:\Users\Frantisek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-19]
CHR Extension: (Tipli do prohlížeče) - C:\Users\Frantisek\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbnfnbehhjknomdbfhcobpgpphnlnikp [2018-03-19]
CHR Extension: (Tabulky) - C:\Users\Frantisek\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-15]
CHR Extension: (Word Online) - C:\Users\Frantisek\AppData\Local\Google\Chrome\User Data\Default\Extensions\fiombgjlkfpdpkbhfioofeeinbehmajg [2017-02-11]
CHR Extension: (Dokumenty Google offline) - C:\Users\Frantisek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-17]
CHR Extension: (AdBlock) - C:\Users\Frantisek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-09-18]
CHR Extension: (Cesta skrz Středozem) - C:\Users\Frantisek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjgkjeheegjnnmheaflhdocglkiegoni [2017-02-11]
CHR Extension: (Avast Online Security) - C:\Users\Frantisek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-04-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Frantisek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Gmail) - C:\Users\Frantisek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-19]
CHR Extension: (Chrome Media Router) - C:\Users\Frantisek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-13]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-11-27] (Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7994520 2018-08-25] (AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-08-25] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [431544 2018-08-25] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2018-08-25] (AVAST Software)
R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [650680 2015-07-29] (Lenovo)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-05-19] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-05-19] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2018-09-11] (Dropbox, Inc.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-08-29] (Disc Soft Ltd)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [134872 2018-01-12] (ELAN Microelectronics Corp.)
R2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1155512 2015-07-30] (Lenovo)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-07-27] (Intel Corporation)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [183448 2018-01-12] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373736 2017-05-02] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223520 2015-07-11] (Intel Corporation)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-08-13] ()
S3 ShareItSvc; C:\Program Files (x86)\Lenovo\SHAREit\Shareit.Service.exe [31176 2016-01-20] (SHAREit Technologies Co.Ltd)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [106904 2018-08-03] (Microsoft Corporation)
R2 ymc; C:\ProgramData\LenovoTransition\Server\x64\ymc.exe [38328 2015-12-02] (Lenovo)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831712 2015-08-13] (Intel® Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [199712 2018-08-25] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [229384 2018-08-25] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [201320 2018-08-25] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [346664 2018-08-25] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [59568 2018-08-25] (AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15360 2018-08-04] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46968 2018-08-25] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [163392 2018-09-11] (AVAST Software)
R1 aswNetSec; C:\WINDOWS\System32\drivers\aswNetSec.sys [662056 2018-08-25] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111864 2018-08-25] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [87904 2018-08-28] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1027720 2018-08-25] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [467320 2018-09-04] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215920 2018-09-12] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [381560 2018-08-25] (AVAST Software)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [178840 2018-04-17] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [169864 2018-04-17] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2018-04-17] (Avira Operations GmbH & Co. KG)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-09-10] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-09-10] (Disc Soft Ltd)
R3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [32840 2018-01-12] (ELAN Microelectronic Corp.)
S3 GeneStor; C:\WINDOWS\system32\DRIVERS\GeneStor.sys [115704 2015-06-12] (GenesysLogic)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-01-12] (REALiX(tm))
R3 iaLPSS_GPIO; C:\WINDOWS\System32\drivers\iaLPSS_GPIO.sys [46856 2015-06-15] (Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [232936 2018-01-12] (Intel Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253664 2018-09-22] (Malwarebytes)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [4103920 2015-08-24] (Intel Corporation)
S3 ptun0901; C:\WINDOWS\System32\drivers\ptun0901.sys [27136 2014-08-08] (The OpenVPN Project)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1010648 2018-01-12] (Realtek )
S3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [5707264 2018-04-12] (Realtek Semiconductor Corporation )
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3149832 2018-01-12] (Realtek Semiconductor Corp.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-25 07:11 - 2018-09-25 07:12 - 000027076 _____ C:\Users\Frantisek\Desktop\FRST.txt
2018-09-25 07:10 - 2018-09-25 07:10 - 002414080 _____ (Farbar) C:\Users\Frantisek\Desktop\FRST64.exe
2018-09-22 23:25 - 2018-09-25 07:11 - 000000000 ____D C:\FRST
2018-09-22 23:14 - 2018-09-23 09:47 - 000000000 ____D C:\Users\Frantisek\AppData\Local\CrashDumps
2018-09-22 12:54 - 2018-09-22 12:54 - 000253664 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-09-19 21:26 - 2018-09-19 21:26 - 035182557 _____ C:\Users\Frantisek\Documents\presskit_soudne_sestry_audiokniha_onehotbook.zip
2018-09-15 11:32 - 2018-09-15 11:43 - 000000000 ____D C:\Users\Frantisek\Desktop\Hudba_vecer
2018-09-14 21:46 - 2018-09-15 09:25 - 000000000 ____D C:\Users\Frantisek\Desktop\Hudba_narozeniny
2018-09-13 23:07 - 2018-09-13 23:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-09-11 20:46 - 2018-09-11 21:42 - 960819624 _____ C:\Users\Frantisek\Downloads\vymena.2008.cesky.avi
2018-09-11 19:54 - 2018-08-31 09:43 - 001524152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-09-11 19:54 - 2018-08-31 09:42 - 001636232 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-09-11 19:54 - 2018-08-31 09:23 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-09-11 19:54 - 2018-08-31 09:22 - 001855488 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-09-11 19:54 - 2018-08-31 08:55 - 001455960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-09-11 19:54 - 2018-08-31 08:53 - 001327504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-09-11 19:54 - 2018-08-31 08:37 - 001585664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-09-11 19:54 - 2018-08-31 05:44 - 001222440 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-09-11 19:54 - 2018-08-31 05:44 - 001030952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-09-11 19:54 - 2018-08-31 05:43 - 000722880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-09-11 19:54 - 2018-08-31 05:42 - 009090016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-09-11 19:54 - 2018-08-31 05:42 - 007520064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-09-11 19:54 - 2018-08-31 05:42 - 007436192 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-09-11 19:54 - 2018-08-31 05:42 - 002824672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-09-11 19:54 - 2018-08-31 05:42 - 002461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-09-11 19:54 - 2018-08-31 05:28 - 006570040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-09-11 19:54 - 2018-08-31 05:28 - 006043680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-09-11 19:54 - 2018-08-31 05:28 - 001989496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-09-11 19:54 - 2018-08-31 05:26 - 025847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-09-11 19:54 - 2018-08-31 05:21 - 022008320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-09-11 19:54 - 2018-08-31 05:20 - 022715904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-09-11 19:54 - 2018-08-31 05:18 - 008189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-09-11 19:54 - 2018-08-31 05:17 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-09-11 19:54 - 2018-08-31 05:16 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-09-11 19:54 - 2018-08-31 05:16 - 006661120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-09-11 19:54 - 2018-08-31 05:16 - 004382720 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-09-11 19:54 - 2018-08-31 05:15 - 007577088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-09-11 19:54 - 2018-08-31 05:15 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-09-11 19:54 - 2018-08-31 05:15 - 003392512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-09-11 19:54 - 2018-08-31 05:14 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-09-11 19:54 - 2018-08-31 05:14 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-09-11 19:54 - 2018-08-31 05:13 - 002738688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-09-11 19:54 - 2018-08-31 05:13 - 000402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2018-09-11 19:54 - 2018-08-31 05:11 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-09-11 19:54 - 2018-08-31 05:11 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-09-11 19:54 - 2018-08-31 05:10 - 005777920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-09-11 19:54 - 2018-08-31 05:10 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-09-11 19:54 - 2018-08-31 05:10 - 001375744 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-09-11 19:54 - 2018-08-31 05:09 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2018-09-11 19:54 - 2018-08-31 05:07 - 001627648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-09-11 19:54 - 2018-08-28 09:17 - 023862784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-09-11 19:54 - 2018-08-28 08:49 - 000677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2018-09-11 19:54 - 2018-08-28 08:48 - 001274368 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2018-09-11 19:54 - 2018-08-14 04:14 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2018-09-11 19:54 - 2018-08-09 11:32 - 004527680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-09-11 19:54 - 2018-08-09 11:31 - 001617728 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2018-09-11 19:54 - 2018-08-09 11:31 - 000766872 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2018-09-11 19:54 - 2018-08-09 11:16 - 004491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-09-11 19:54 - 2018-08-09 11:14 - 012709376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-09-11 19:54 - 2018-08-09 11:12 - 001787392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2018-09-11 19:54 - 2018-08-09 11:11 - 003652608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-09-11 19:54 - 2018-08-09 11:11 - 002051584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2018-09-11 19:54 - 2018-08-09 10:36 - 000660896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2018-09-11 19:54 - 2018-08-09 10:24 - 011901952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-09-11 19:54 - 2018-08-09 10:21 - 002894848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-09-11 19:54 - 2018-08-09 07:02 - 001035144 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-09-11 19:54 - 2018-08-09 06:54 - 001019016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-09-11 19:54 - 2018-08-09 06:53 - 002765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-09-11 19:54 - 2018-08-09 06:53 - 001947720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-09-11 19:54 - 2018-08-09 06:53 - 000714792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-09-11 19:54 - 2018-08-09 06:29 - 002253584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-09-11 19:54 - 2018-08-09 06:29 - 001620880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-09-11 19:54 - 2018-08-09 06:29 - 001174552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-09-11 19:54 - 2018-08-09 06:28 - 003395072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-09-11 19:54 - 2018-08-09 06:28 - 001589248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2018-09-11 19:54 - 2018-08-09 06:25 - 003320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-09-11 19:54 - 2018-08-09 06:24 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-09-11 19:54 - 2018-08-09 06:23 - 003148288 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2018-09-11 19:54 - 2018-08-09 06:23 - 002904064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-09-11 19:54 - 2018-08-09 06:23 - 002172928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-09-11 19:54 - 2018-08-09 06:22 - 004615680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-09-11 19:54 - 2018-08-09 06:22 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-09-11 19:54 - 2018-08-09 06:11 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-09-11 19:54 - 2018-08-09 06:10 - 002893824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2018-09-11 19:54 - 2018-08-09 06:09 - 004191232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-09-11 19:54 - 2018-08-09 06:09 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-09-11 19:53 - 2018-08-31 09:46 - 000542504 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-09-11 19:53 - 2018-08-31 09:45 - 000348328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-09-11 19:53 - 2018-08-31 09:27 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-09-11 19:53 - 2018-08-31 09:27 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2018-09-11 19:53 - 2018-08-31 09:26 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2018-09-11 19:53 - 2018-08-31 09:25 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\spp.dll
2018-09-11 19:53 - 2018-08-31 09:25 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2018-09-11 19:53 - 2018-08-31 09:24 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2018-09-11 19:53 - 2018-08-31 09:24 - 000482304 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2018-09-11 19:53 - 2018-08-31 09:24 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-09-11 19:53 - 2018-08-31 09:23 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2018-09-11 19:53 - 2018-08-31 09:22 - 001661440 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2018-09-11 19:53 - 2018-08-31 08:41 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2018-09-11 19:53 - 2018-08-31 08:41 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2018-09-11 19:53 - 2018-08-31 08:40 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spp.dll
2018-09-11 19:53 - 2018-08-31 08:37 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2018-09-11 19:53 - 2018-08-31 08:37 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-09-11 19:53 - 2018-08-31 08:36 - 001469952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2018-09-11 19:53 - 2018-08-31 05:50 - 000273720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-09-11 19:53 - 2018-08-31 05:50 - 000270648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-09-11 19:53 - 2018-08-31 05:44 - 001064744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-09-11 19:53 - 2018-08-31 05:44 - 000568600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-09-11 19:53 - 2018-08-31 05:44 - 000136488 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-09-11 19:53 - 2018-08-31 05:44 - 000076256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-09-11 19:53 - 2018-08-31 05:43 - 002719216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-09-11 19:53 - 2018-08-31 05:42 - 001767064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2018-09-11 19:53 - 2018-08-31 05:42 - 001458552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-09-11 19:53 - 2018-08-31 05:42 - 001258352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-09-11 19:53 - 2018-08-31 05:42 - 001142000 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-09-11 19:53 - 2018-08-31 05:42 - 001097720 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-09-11 19:53 - 2018-08-31 05:42 - 000983080 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-09-11 19:53 - 2018-08-31 05:42 - 000885928 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-09-11 19:53 - 2018-08-31 05:42 - 000632296 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpx.dll
2018-09-11 19:53 - 2018-08-31 05:42 - 000604640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-09-11 19:53 - 2018-08-31 05:42 - 000527328 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-09-11 19:53 - 2018-08-31 05:42 - 000494472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2018-09-11 19:53 - 2018-08-31 05:42 - 000155112 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2018-09-11 19:53 - 2018-08-31 05:28 - 001514352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2018-09-11 19:53 - 2018-08-31 05:28 - 001129728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-09-11 19:53 - 2018-08-31 05:28 - 000568568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-09-11 19:53 - 2018-08-31 05:28 - 000453104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpx.dll
2018-09-11 19:53 - 2018-08-31 05:28 - 000134936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2018-09-11 19:53 - 2018-08-31 05:17 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\netevent.dll
2018-09-11 19:53 - 2018-08-31 05:15 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-09-11 19:53 - 2018-08-31 05:15 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2018-09-11 19:53 - 2018-08-31 05:15 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2018-09-11 19:53 - 2018-08-31 05:14 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-09-11 19:53 - 2018-08-31 05:14 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-09-11 19:53 - 2018-08-31 05:14 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-09-11 19:53 - 2018-08-31 05:13 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-09-11 19:53 - 2018-08-31 05:12 - 000736256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-09-11 19:53 - 2018-08-31 05:12 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netevent.dll
2018-09-11 19:53 - 2018-08-31 05:11 - 002236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-09-11 19:53 - 2018-08-31 05:11 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-09-11 19:53 - 2018-08-31 05:11 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-09-11 19:53 - 2018-08-31 05:11 - 000604160 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-09-11 19:53 - 2018-08-31 05:11 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-09-11 19:53 - 2018-08-31 05:10 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-09-11 19:53 - 2018-08-31 05:10 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-09-11 19:53 - 2018-08-31 05:10 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-09-11 19:53 - 2018-08-31 05:10 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-09-11 19:53 - 2018-08-31 05:10 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-09-11 19:53 - 2018-08-31 05:10 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2018-09-11 19:53 - 2018-08-31 05:09 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-09-11 19:53 - 2018-08-31 05:08 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-09-11 19:53 - 2018-08-31 05:07 - 000856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-09-11 19:53 - 2018-08-31 05:07 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2018-09-11 19:53 - 2018-08-31 05:06 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-09-11 19:53 - 2018-08-31 03:57 - 000001308 _____ C:\WINDOWS\system32\tcbres.wim
2018-09-11 19:53 - 2018-08-28 08:56 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-09-11 19:53 - 2018-08-28 08:45 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2018-09-11 19:53 - 2018-08-28 07:51 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-09-11 19:53 - 2018-08-14 04:14 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2018-09-11 19:53 - 2018-08-09 11:31 - 000253544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2018-09-11 19:53 - 2018-08-09 11:31 - 000236624 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2018-09-11 19:53 - 2018-08-09 11:17 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2018-09-11 19:53 - 2018-08-09 11:14 - 000466944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2018-09-11 19:53 - 2018-08-09 11:14 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollUI.dll
2018-09-11 19:53 - 2018-08-09 11:14 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdeploy.dll
2018-09-11 19:53 - 2018-08-09 11:13 - 000521216 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2018-09-11 19:53 - 2018-08-09 11:13 - 000517120 _____ (Microsoft Corporation) C:\WINDOWS\system32\certreq.exe
2018-09-11 19:53 - 2018-08-09 11:13 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-09-11 19:53 - 2018-08-09 11:13 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\TtlsExt.dll
2018-09-11 19:53 - 2018-08-09 11:12 - 002084864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-09-11 19:53 - 2018-08-09 11:12 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-09-11 19:53 - 2018-08-09 11:11 - 001004032 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2018-09-11 19:53 - 2018-08-09 11:11 - 000615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2018-09-11 19:53 - 2018-08-09 11:11 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2018-09-11 19:53 - 2018-08-09 11:10 - 001557504 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2018-09-11 19:53 - 2018-08-09 11:10 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2018-09-11 19:53 - 2018-08-09 11:10 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-09-11 19:53 - 2018-08-09 11:09 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput8.dll
2018-09-11 19:53 - 2018-08-09 11:09 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput.dll
2018-09-11 19:53 - 2018-08-09 11:09 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2018-09-11 19:53 - 2018-08-09 10:36 - 000221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2018-09-11 19:53 - 2018-08-09 10:24 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdeploy.dll
2018-09-11 19:53 - 2018-08-09 10:23 - 003397632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-09-11 19:53 - 2018-08-09 10:23 - 001308160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2018-09-11 19:53 - 2018-08-09 10:23 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnrollUI.dll
2018-09-11 19:53 - 2018-08-09 10:22 - 001452544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2018-09-11 19:53 - 2018-08-09 10:22 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-09-11 19:53 - 2018-08-09 10:22 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2018-09-11 19:53 - 2018-08-09 10:22 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certreq.exe
2018-09-11 19:53 - 2018-08-09 10:21 - 002016768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-09-11 19:53 - 2018-08-09 10:21 - 001274368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2018-09-11 19:53 - 2018-08-09 10:21 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2018-09-11 19:53 - 2018-08-09 10:20 - 002401792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2018-09-11 19:53 - 2018-08-09 10:20 - 000423424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2018-09-11 19:53 - 2018-08-09 10:20 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput8.dll
2018-09-11 19:53 - 2018-08-09 10:20 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput.dll
2018-09-11 19:53 - 2018-08-09 10:19 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2018-09-11 19:53 - 2018-08-09 07:01 - 000777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2018-09-11 19:53 - 2018-08-09 06:55 - 000230304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2018-09-11 19:53 - 2018-08-09 06:54 - 000709824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-09-11 19:53 - 2018-08-09 06:54 - 000375704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-09-11 19:53 - 2018-08-09 06:54 - 000203568 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2018-09-11 19:53 - 2018-08-09 06:54 - 000170912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-09-11 19:53 - 2018-08-09 06:53 - 001026456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-09-11 19:53 - 2018-08-09 06:53 - 000932136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2018-09-11 19:53 - 2018-08-09 06:53 - 000482480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-09-11 19:53 - 2018-08-09 06:53 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2018-09-11 19:53 - 2018-08-09 06:53 - 000125600 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptxml.dll
2018-09-11 19:53 - 2018-08-09 06:30 - 000829856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2018-09-11 19:53 - 2018-08-09 06:30 - 000183992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2018-09-11 19:53 - 2018-08-09 06:29 - 000581696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-09-11 19:53 - 2018-08-09 06:29 - 000099208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptxml.dll
2018-09-11 19:53 - 2018-08-09 06:27 - 000428032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-09-11 19:53 - 2018-08-09 06:27 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\eShims.dll
2018-09-11 19:53 - 2018-08-09 06:27 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollCtrl.exe
2018-09-11 19:53 - 2018-08-09 06:26 - 000990720 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2018-09-11 19:53 - 2018-08-09 06:26 - 000572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2018-09-11 19:53 - 2018-08-09 06:26 - 000528384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2018-09-11 19:53 - 2018-08-09 06:26 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-09-11 19:53 - 2018-08-09 06:26 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\TtlsAuth.dll
2018-09-11 19:53 - 2018-08-09 06:26 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\TtlsCfg.dll
2018-09-11 19:53 - 2018-08-09 06:26 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-09-11 19:53 - 2018-08-09 06:25 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-09-11 19:53 - 2018-08-09 06:25 - 000797184 _____ (Microsoft Corporation) C:\WINDOWS\system32\certca.dll
2018-09-11 19:53 - 2018-08-09 06:25 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2018-09-11 19:53 - 2018-08-09 06:25 - 000460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2018-09-11 19:53 - 2018-08-09 06:25 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2018-09-11 19:53 - 2018-08-09 06:25 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2018-09-11 19:53 - 2018-08-09 06:24 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-09-11 19:53 - 2018-08-09 06:23 - 000916992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2018-09-11 19:53 - 2018-08-09 06:22 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-09-11 19:53 - 2018-08-09 06:22 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2018-09-11 19:53 - 2018-08-09 06:21 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-09-11 19:53 - 2018-08-09 06:13 - 001189376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2018-09-11 19:53 - 2018-08-09 06:13 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnrollCtrl.exe
2018-09-11 19:53 - 2018-08-09 06:12 - 000652288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certca.dll
2018-09-11 19:53 - 2018-08-09 06:11 - 000471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2018-09-11 19:53 - 2018-08-09 06:11 - 000350208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2018-09-11 19:53 - 2018-08-09 06:11 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-09-11 19:53 - 2018-08-09 06:11 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TtlsAuth.dll
2018-09-11 19:53 - 2018-08-09 06:11 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TtlsCfg.dll
2018-09-11 19:53 - 2018-08-09 06:11 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2018-09-11 19:53 - 2018-08-09 06:10 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2018-09-11 19:53 - 2018-08-09 06:10 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-09-11 19:53 - 2018-08-09 06:08 - 000195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2018-09-11 19:53 - 2018-08-09 05:08 - 000806416 _____ C:\WINDOWS\SysWOW64\locale.nls
2018-09-11 19:53 - 2018-08-09 05:08 - 000806416 _____ C:\WINDOWS\system32\locale.nls
2018-09-11 13:54 - 2018-09-11 13:54 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2018-09-11 13:54 - 2018-09-11 13:54 - 000050232 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2018-09-11 13:54 - 2018-09-11 13:54 - 000050232 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2018-09-11 13:54 - 2018-09-11 13:54 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2018-09-05 21:08 - 2018-09-05 21:08 - 000002645 _____ C:\Users\Frantisek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Disk K.lnk
2018-09-05 21:08 - 2018-09-05 21:08 - 000001250 _____ C:\Users\Frantisek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lotus Notes 9 Citrix.lnk
2018-09-05 21:08 - 2018-09-05 21:08 - 000001174 _____ C:\Users\Frantisek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HEG.lnk
2018-09-05 21:08 - 2018-09-05 21:08 - 000000000 ____D C:\Users\Frantisek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MS Office Citrix
2018-09-05 21:08 - 2018-09-05 21:08 - 000000000 ____D C:\Users\Frantisek\AppData\Roaming\Citrix
2018-09-05 21:05 - 2018-09-17 21:51 - 000000000 ____D C:\ProgramData\Citrix
2018-09-05 21:05 - 2018-09-06 15:05 - 000000000 ____D C:\Users\Frantisek\AppData\Local\Citrix
2018-09-05 21:05 - 2018-09-05 21:05 - 000001507 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix Receiver.lnk
2018-09-05 21:05 - 2018-09-05 21:05 - 000000000 ____D C:\Users\Frantisek\AppData\Roaming\ICAClient
2018-09-05 21:05 - 2018-09-05 21:05 - 000000000 ____D C:\Program Files (x86)\Citrix
2018-09-05 21:05 - 2010-05-26 11:41 - 001998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2018-09-05 21:00 - 2018-09-05 21:00 - 000000625 _____ C:\Users\Frantisek\Downloads\receiverconfig.cr
2018-09-02 15:58 - 2018-09-02 17:33 - 1745575876 _____ C:\Users\Frantisek\Downloads\Ready Player One-Hra zacina-(2018 CZdab)..avi
2018-09-02 13:50 - 2018-09-02 14:19 - 530587698 _____ C:\Users\Frantisek\Downloads\Příběh služebnice S01E04-Nolite Te Bastardes Carborundorum_CZ_dub.avi
2018-09-02 09:16 - 2018-09-02 10:28 - 1313893004 _____ C:\Users\Frantisek\Downloads\Coco _2017.HD.Dolby.CZ-dab_BIGbob.mkv
2018-09-02 08:03 - 2018-09-02 08:40 - 623095874 _____ C:\Users\Frantisek\Downloads\Příběh služebnice S01E03-Pozdě_CZ_dub.avi
2018-09-01 14:21 - 2018-09-01 14:21 - 002175403 _____ C:\Users\Frantisek\Downloads\mesicni-zahrady-auto_preview.mobi
2018-09-01 14:10 - 2018-09-01 15:01 - 914183249 _____ C:\Users\Frantisek\Downloads\Rudá volavka (2018) akční č.dabing.mp4
2018-09-01 13:10 - 2018-09-01 14:02 - 860552174 _____ C:\Users\Frantisek\Downloads\Sněhulák (2017) (Drama,Horor,Krimi,Mysteriózní,Thriller).avi
2018-09-01 12:32 - 2018-09-01 13:06 - 591631250 _____ C:\Users\Frantisek\Downloads\Dej mi sve jmeno 2017 MT.mp4
2018-09-01 11:10 - 2018-09-01 11:51 - 690076024 _____ C:\Users\Frantisek\Downloads\Největší showman 2017 CZ dabing+CZ titulky k písním vložil Ksíkos.avi
2018-09-01 09:35 - 2018-09-01 10:54 - 865539099 _____ C:\Users\Frantisek\Downloads\Wind River-krimi podle skutečnosti (cz dabing) 2017.mp4
2018-09-01 08:30 - 2018-09-01 09:11 - 690940983 _____ C:\Users\Frantisek\Downloads\7 životů (2017) CZ by bery.mkv
2018-08-26 12:58 - 2018-08-25 20:43 - 000034400 _____ C:\Users\Frantisek\Downloads\Stranger.Things.S01E03.720p.WEBRiP.x264.ShAaNiG.srt

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-25 07:08 - 2016-09-10 23:12 - 000000000 ___RD C:\Users\Frantisek\iCloudDrive
2018-09-25 07:07 - 2017-07-16 21:58 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-09-25 07:07 - 2016-05-19 17:07 - 000000000 __SHD C:\Users\Frantisek\IntelGraphicsProfiles
2018-09-24 20:14 - 2018-05-24 23:29 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-09-24 20:02 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-09-24 19:39 - 2018-07-05 14:10 - 000013188 _____ C:\Users\Frantisek\Desktop\vydaje_celkem.xlsx
2018-09-24 19:02 - 2016-05-20 17:06 - 000000000 ____D C:\Users\Frantisek\Documents\Soubory aplikace Outlook
2018-09-23 22:06 - 2018-08-25 21:20 - 000002546 _____ C:\Users\Frantisek\Desktop\Avast Secure Browser.lnk
2018-09-23 22:06 - 2018-04-10 19:53 - 000001142 _____ C:\Users\Frantisek\Desktop\PhotoFiltre 7.lnk
2018-09-23 19:16 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-09-23 17:58 - 2018-05-24 23:40 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-09-23 09:54 - 2018-05-25 09:16 - 000717298 _____ C:\WINDOWS\system32\perfh005.dat
2018-09-23 09:54 - 2018-05-25 09:16 - 000145074 _____ C:\WINDOWS\system32\perfc005.dat
2018-09-23 09:54 - 2018-05-24 23:40 - 000003386 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3751077871-1395817455-3427987240-1001
2018-09-23 09:54 - 2018-05-24 23:38 - 001692472 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-09-23 09:54 - 2018-05-24 23:32 - 000002456 _____ C:\Users\Frantisek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-09-23 09:54 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2018-09-23 09:54 - 2016-05-19 17:10 - 000000000 ___RD C:\Users\Frantisek\OneDrive
2018-09-23 09:47 - 2018-05-24 23:40 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-09-23 09:47 - 2018-04-11 23:04 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2018-09-22 14:53 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-09-22 12:44 - 2016-05-19 22:27 - 000000946 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2018-09-22 12:44 - 2016-05-19 22:27 - 000000942 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2018-09-22 12:40 - 2018-05-24 23:40 - 000004006 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2018-09-22 12:40 - 2018-05-24 23:40 - 000003774 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2018-09-22 07:56 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-09-21 19:31 - 2018-05-24 23:40 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-09-21 19:30 - 2016-06-12 19:46 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-09-20 15:59 - 2016-05-19 22:41 - 000000000 ____D C:\Users\Frantisek\AppData\Roaming\vlc
2018-09-19 19:15 - 2018-04-05 19:41 - 000002505 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2018-09-17 21:50 - 2018-05-24 23:29 - 000412672 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-09-17 21:50 - 2017-01-21 13:54 - 000000000 ____D C:\Program Files\CCleaner
2018-09-17 21:49 - 2018-05-24 23:32 - 000000000 ____D C:\Users\Frantisek
2018-09-17 21:49 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-09-17 21:49 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-09-17 21:49 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-09-17 21:49 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-09-17 21:49 - 2018-04-11 23:04 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-09-17 20:47 - 2016-05-19 17:34 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-09-15 20:31 - 2018-05-24 23:40 - 000004210 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-09-14 21:48 - 2016-05-19 22:39 - 000001150 _____ C:\Users\Public\Desktop\VLC media player.lnk
2018-09-13 23:07 - 2016-05-19 22:27 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-09-12 20:04 - 2017-04-02 10:16 - 000215920 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-09-11 20:20 - 2016-05-21 08:00 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-09-11 20:03 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-09-11 20:03 - 2016-05-21 08:00 - 139184408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-09-11 19:28 - 2017-04-02 10:16 - 000163392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-09-05 01:04 - 2018-04-12 01:41 - 000835144 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-09-05 01:04 - 2018-04-12 01:41 - 000179808 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-09-04 21:12 - 2017-04-02 10:16 - 000467320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-08-28 17:18 - 2017-04-02 10:16 - 000087904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-08-28 07:16 - 2016-05-19 22:32 - 000000000 ___RD C:\Users\Frantisek\Dropbox

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-24 23:29

==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23.09.2018
Ran by Frantisek (25-09-2018 07:13:02)
Running from C:\Users\Frantisek\Desktop
Windows 10 Home Version 1803 17134.285 (X64) (2018-05-24 21:40:54)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3751077871-1395817455-3427987240-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3751077871-1395817455-3427987240-503 - Limited - Disabled)
Frantisek (S-1-5-21-3751077871-1395817455-3427987240-1001 - Administrator - Enabled) => C:\Users\Frantisek
Guest (S-1-5-21-3751077871-1395817455-3427987240-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3751077871-1395817455-3427987240-1003 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-3751077871-1395817455-3427987240-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.011.20063 - Adobe Systems Incorporated)
Apple Mobile Device Support (HKLM\...\{BD6778C5-6FA5-492A-ADD6-E706339C2A7B}) (Version: 11.0.2.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
Audacity 2.2.1 (HKLM-x32\...\Audacity_is1) (Version: 2.2.1 - Audacity Team)
Avast Internet Security (HKLM-x32\...\Avast Antivirus) (Version: 18.6.2349 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 69.0.792.81 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.136.333 - AVAST Software) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
Citrix Receiver 4.12 (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.12.0.18020 - Citrix Systems, Inc.)
Combined Community Codec Pack 2013-04-20 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2013.04.20.0 - CCCP Project)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0195 - Disc Soft Ltd)
Disk K (HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\...\store-5c0ec3f7@@XA.Disk K) (Version: 1.0 - Delivered by Citrix)
Dolby Digital Plus (HKLM\...\{D2CD7DCF-D129-4A54-8543-38BECC6CFDAE}) (Version: 7.6.7.1 - Dolby Laboratories Inc)
Dropbox (HKLM-x32\...\Dropbox) (Version: 57.4.89 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.141.1 - Dropbox, Inc.) Hidden
Excel (HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\...\store-5c0ec3f7@@XA.Excel5C6B) (Version: 1.0 - Delivered by Citrix)
Flipper Graph Control (HKLM-x32\...\FlpGrfCtrl) (Version: 2.80 - ProWorks Corporation)
FormatFactory 3.9.5.0 (HKLM-x32\...\FormatFactory) (Version: 3.9.5.0 - Free Time)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.5.0.4.1001 - Genesys Logic)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 69.0.3497.100 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
HEG (HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\...\store-5c0ec3f7@@XA.HEG) (Version: 1.0 - Delivered by Citrix)
iCloud (HKLM\...\{FF99A618-BCA5-4658-B9FF-CCF57C177610}) (Version: 7.1.0.34 - Apple Inc.)
Intel(R) Chipset Device Software (HKLM-x32\...\{c6cff78a-cccb-49d5-be68-ae0ec5f0d48a}) (Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4624 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.6.0.1029 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.253.0 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{DC5673D2-228D-45BC-B9BB-9610CE67DFC0}) (Version: 17.1.1524.1353 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{4c8b7360-62a2-4339-b745-41323055d0bb}) (Version: 18.20.0 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
iTunes (HKLM\...\{412595B6-5162-4792-8DEE-2766FBC6C1EC}) (Version: 12.7.2.60 - Apple Inc.)
Lotus Notes 9 Citrix (HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\...\store-5c0ec3f7@@XA.Lotus Notes 9 Citrix) (Version: 1.0 - Delivered by Citrix)
Malwarebytes verze 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Metric Collection SDK (HKLM-x32\...\{DDAA788F-52E6-44EA-ADB8-92837B11BF26}) (Version: 1.1.0012.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\...\OneDriveSetup.exe) (Version: 18.151.0729.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Online Plug-in (HKLM-x32\...\{2E9881CA-E41C-45E5-8055-61A4CC1BF93F}) (Version: 14.12.0.18020 - Citrix Systems, Inc.) Hidden
PhotoFiltre 7 (HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\...\PhotoFiltre 7) (Version: - )
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{BC7C46A4-D7A7-48EC-A98C-32A7762B5EFA}) (Version: 6.2.1 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{F0C4B709-8BF4-4A72-B527-12E7BF5482F8}) (Version: 6.2.1 - Apple Inc.)
PowerPoint (HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\...\store-5c0ec3f7@@XA.PowerPoint1CE6) (Version: 1.0 - Delivered by Citrix)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Self-service Plug-in (HKLM-x32\...\{7A029AB7-8CC4-4FE8-904F-A090248C1BC7}) (Version: 4.12.0.18013 - Citrix Systems, Inc.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Signer 5.2 (HKLM-x32\...\{A3516568-BFF3-43C0-84A6-ABA553D12887}) (Version: 5.2 - Asseco Central Europe, a. s.)
Skype™ 7.41 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.41.101 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\...\Spotify) (Version: 1.0.63.617.g5aca9a2a - Spotify AB)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0 - Ghisler Software GmbH)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Word (HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\...\store-5c0ec3f7@@XA.WordF987) (Version: 1.0 - Delivered by Citrix)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-25] (AVAST Software)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-25] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-25] (AVAST Software)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_103.dll [2013-06-17] (Free Time)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2017-10-19] (Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-25] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_103.dll [2013-06-17] (Free Time)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-05-02] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-25] (AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {09F011FB-1683-43B9-BA2D-9C0F357D78E7} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2017-10-19] (Apple Inc.)
Task: {11E26B49-EBEF-46E9-9906-F1A1481D6433} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-05-19] (Dropbox, Inc.)
Task: {37BA1ABF-303C-4947-AE11-BE3F25E88214} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-08] (Lenovo)
Task: {42C9947B-4A93-451E-A00A-5FA875262790} - System32\Tasks\Driver Booster SkipUAC (Frantisek) => C:\Program Files (x86)\IObit\Driver Booster\5.0.3\DriverBooster.exe
Task: {529DC260-C295-4377-8507-3070F18DB5DE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-11] (Piriform Ltd)
Task: {5A3FF6AA-993C-4A31-93A1-00E2ADAF5414} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-09-11] (Piriform Ltd)
Task: {5E819FC3-54EF-424A-910B-F9B27931A400} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {616C1BEB-89E0-4CFD-B479-36546D86DE80} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-19] (Google Inc.)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {6807B783-A2C5-4306-9F2A-6D286C82E97C} - System32\Tasks\Trigger KMS Activation => C:\Program Files\KMSnano\TriggerKMS.exe [2013-01-26] ()
Task: {69B0C726-7952-4E90-986C-B79476FF8244} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Task: {76C76F06-DB16-4DDB-B8BC-314BFE57A66E} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-05] (AVAST Software)
Task: {77797E88-619B-45ED-AE3A-74E4E78F1A53} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-05] (AVAST Software)
Task: {82F13F17-6E01-4C54-A98A-4C493800FF1D} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {8CF5EB36-CB51-4AF5-AF74-813A2F7D537B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {A9605708-EDC7-4BEE-BCD0-7A6A2B2437FE} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-09-17] (AVAST Software)
Task: {C334F845-BC5B-47CD-B2B3-4DAB17F047F4} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe
Task: {D538E4F9-F0FF-44F3-A5E9-534F6F69BC00} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {E6D8A039-4CE6-458D-9EE0-997761348B80} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-05-19] (Dropbox, Inc.)
Task: {EB88900D-2769-46EA-841C-920A1C0BBC4C} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-08-25] (AVAST Software)
Task: {F1F02536-0C15-44D9-93CC-A9BC82881CD9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-19] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2016-02-15 21:01 - 2016-02-15 21:01 - 000031256 _____ () C:\WINDOWS\System32\us008lm.dll
2017-11-30 19:54 - 2017-11-30 19:54 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-11-30 19:54 - 2017-11-30 19:54 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-02-02 03:28 - 2015-08-19 04:59 - 000058296 _____ () C:\ProgramData\LenovoTransition\Server\x64\dptf.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2016-02-02 03:28 - 2015-12-02 10:24 - 000043960 _____ () C:\ProgramData\LenovoTransition\Server\x64\EnableAutoRotation.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2017-05-02 05:03 - 2017-05-02 05:03 - 000401904 _____ () C:\WINDOWS\system32\igfxTray.exe
2018-09-11 19:54 - 2018-08-31 05:12 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-09-17 20:47 - 2018-09-15 10:26 - 005110616 _____ () C:\Program Files (x86)\Google\Chrome\Application\69.0.3497.100\libglesv2.dll
2018-09-17 20:47 - 2018-09-15 10:26 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\69.0.3497.100\libegl.dll
2017-09-02 18:21 - 2015-06-12 17:05 - 000033280 _____ () C:\Windows\SysWOW64\UMonit64.exe
2018-08-25 20:19 - 2018-08-25 20:19 - 000575704 _____ () c:\program files\avast software\avast\streamback.dll
2016-02-02 03:28 - 2015-02-13 02:02 - 000224696 _____ () C:\Program Files (x86)\Lenovo\CCSDK\SDKClient.dll
2015-07-11 09:37 - 2015-07-11 09:37 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-11-30 19:55 - 2017-11-30 19:55 - 001042232 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2017-11-30 19:55 - 2017-11-30 19:55 - 000076088 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2017-11-30 19:54 - 2017-11-30 19:54 - 000189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2018-09-13 23:06 - 2018-09-11 13:54 - 001113928 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2018-09-13 23:06 - 2018-09-11 13:54 - 002247496 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2018-06-26 21:03 - 2018-09-11 13:57 - 000023888 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:55 - 000025456 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:54 - 000142824 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:55 - 001958760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:55 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:54 - 000117272 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes35.dll
2018-06-26 21:03 - 2018-09-11 13:54 - 000109024 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:56 - 000083784 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:54 - 000418776 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom35.dll
2018-06-26 21:03 - 2018-09-11 13:54 - 000027616 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:54 - 000049128 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:56 - 000074584 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:54 - 000131552 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:55 - 000026312 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:54 - 000026600 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:54 - 000182752 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:54 - 000027616 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:54 - 000119272 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:57 - 000401608 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:54 - 000028640 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:58 - 000034664 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:54 - 000023520 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:54 - 000053736 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:54 - 000065504 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:58 - 000059744 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:58 - 000068968 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:58 - 000028520 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:55 - 000027488 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:54 - 000032736 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:56 - 000156504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:57 - 000092488 _____ () C:\Program Files (x86)\Dropbox\Client\sip.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:56 - 001779024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:56 - 000519504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:56 - 000052424 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:56 - 001929552 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:56 - 003822784 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:56 - 000044888 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:56 - 000132944 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:56 - 000218456 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:56 - 000205656 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:54 - 000061408 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:58 - 000051552 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:54 - 000027624 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.cp35-win32.pyd
2018-08-02 14:16 - 2018-09-11 13:58 - 000033632 _____ () C:\Program Files (x86)\Dropbox\Client\winreindex.compiled._winreindex.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:58 - 000028008 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:58 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:58 - 000025448 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:58 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:55 - 000031600 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:54 - 000494048 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:56 - 000102736 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:58 - 000029040 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:56 - 000029024 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:54 - 000036312 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2018-09-13 23:06 - 2018-09-11 13:56 - 000036712 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:54 - 000293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2018-06-26 21:03 - 2018-09-11 13:58 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:55 - 000441672 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2018-06-26 21:03 - 2018-09-11 13:58 - 000035680 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:56 - 000025920 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL
2018-09-13 23:06 - 2018-09-11 13:56 - 001592128 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2018-06-26 21:03 - 2018-09-11 13:58 - 000095592 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.cp35-win32.pyd
2018-06-26 21:03 - 2018-09-11 13:58 - 000029544 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:56 - 000531280 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:56 - 000354128 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.cp35-win32.pyd
2018-09-13 23:06 - 2018-09-11 13:56 - 000037200 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.cp35-win32.pyd
2018-03-04 09:28 - 2018-03-04 09:28 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\desktop.ini:gs5sys [2304]
AlternateDataStreams: C:\Users\Frantisek\Cookies:gs5sys [2560]
AlternateDataStreams: C:\Users\Frantisek\Desktop\desktop.ini:gs5sys [3074]
AlternateDataStreams: C:\Users\Frantisek\AppData\Local\History:gs5sys [3074]
AlternateDataStreams: C:\Users\Frantisek\Documents\desktop.ini:gs5sys [3074]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 09:24 - 2018-09-23 12:59 - 000000826 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Frantisek\AppData\Local\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.88.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run: => "LenovoUtility"
HKLM\...\StartupApproved\Run: => "DDPF3"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "CDAServer"
HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\...\StartupApproved\Run: => "Skype"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{91E7C3BD-0A3C-4278-8077-A6A8A39D99C2}C:\users\frantisek\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\frantisek\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{2D8D9197-F403-428D-A1DE-0ACFF30F2483}C:\users\frantisek\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\frantisek\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{2D3A8490-0911-4065-A504-D7DC23ABC71B}C:\users\frantisek\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\frantisek\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{5F6168A9-C241-4F38-ADAB-3B36950E5699}C:\users\frantisek\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\frantisek\appdata\roaming\spotify\spotify.exe
FirewallRules: [{D320150D-B86E-47AA-876F-694BB4017501}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{D7576151-1CB7-4702-949C-98C57F5BFCB2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AAD93D77-761A-46FB-A0DA-B1B293AEEB3D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5D17B387-F4FE-431A-A813-0B555A43862A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{10F6F913-57DF-41E4-98B3-8D3418213D2D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D18AC9EB-0BA0-4434-AD07-05F286890C53}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{0B22EC86-FBA8-4490-ABC8-B25650826D0C}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{A6AD4048-88CC-403A-8D9F-16C89E98B3E0}] => (Allow) C:\Program Files\KMSnano\qemu-system-i386.exe
FirewallRules: [{BABB41AE-AE03-4A99-99BB-0612FC5BC0C7}] => (Allow) C:\Program Files\KMSnano\qemu-system-i386.exe
FirewallRules: [{741D3FB0-24CA-4679-915D-7D43BCECD095}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{B22E5A59-5A7A-4AAF-BCF6-EF410CD8D32C}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{C46FAA6A-F601-4982-80E6-5359576EBA9B}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{2AA7F6C8-081D-4ED7-B410-F6DC1FE47E69}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{A47E9DCD-A1EE-415B-A929-59C6615B7022}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{61B80FC6-8755-489D-9E0B-7B827C99E460}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{71C0D235-8BC1-437E-87D0-E1A1A8F6D09A}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{ADEBDD25-DC5D-41D6-B9A1-16D449D50AAA}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{8E470ABF-2560-4A12-B96E-544D91114336}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A4CB87D5-601B-4ED5-B813-908164E8E262}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{E0D92CAE-867F-409B-958C-6ED4A4EFDA4D}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{516791DC-15CF-4DB0-88BA-E5332563451C}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{5EA6198D-5903-4BF7-B96E-6EA2A71A0502}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{D8D67D2E-D6FE-415D-91D7-B0DBA1AB28EF}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{C76016AE-1CC6-4E86-BD9E-F3D332D4F181}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{0C210043-F0EB-4ED0-97D1-8E8287EFF19F}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{2093EA1F-3D01-4800-9129-8D92927E3D2E}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{600FF24C-427B-4596-8ED2-5D366C0E24F8}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{2787B4CE-C7A0-4193-BCC1-FAFCFFD4B7CB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{A01CC3B0-29CC-48E4-B999-1B3CE6123D20}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/25/2018 07:10:09 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.285_none_fb4297e330656775.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.285_none_42efceba44e1907b.manifest.

Error: (09/25/2018 07:09:23 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.285_none_fb4297e330656775.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.285_none_42efceba44e1907b.manifest.

Error: (09/25/2018 07:07:36 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.285_none_fb4297e330656775.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.285_none_42efceba44e1907b.manifest.

Error: (09/25/2018 07:07:34 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.285_none_fb4297e330656775.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.285_none_42efceba44e1907b.manifest.

Error: (09/24/2018 07:12:00 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.285_none_fb4297e330656775.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.285_none_42efceba44e1907b.manifest.

Error: (09/24/2018 07:10:52 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.285_none_fb4297e330656775.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.285_none_42efceba44e1907b.manifest.

Error: (09/24/2018 06:58:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3172

Error: (09/24/2018 06:58:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3172


System errors:
=============
Error: (09/25/2018 07:10:27 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Unavailable – SID (Unavailable). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/25/2018 07:07:44 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-BABDDQI)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-BABDDQI\Frantisek (SID: S-1-5-21-3751077871-1395817455-3427987240-1001) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Unavailable – SID (Unavailable). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/25/2018 07:07:31 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Unavailable – SID (Unavailable). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/25/2018 07:07:31 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Unavailable – SID (Unavailable). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/25/2018 07:07:29 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Unavailable – SID (Unavailable). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/24/2018 08:23:09 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-BABDDQI)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-BABDDQI\Frantisek (SID: S-1-5-21-3751077871-1395817455-3427987240-1001) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Unavailable – SID (Unavailable). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/24/2018 07:12:23 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-BABDDQI)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-BABDDQI\Frantisek (SID: S-1-5-21-3751077871-1395817455-3427987240-1001) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Unavailable – SID (Unavailable). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/24/2018 07:03:30 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-BABDDQI)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-BABDDQI\Frantisek (SID: S-1-5-21-3751077871-1395817455-3427987240-1001) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Unavailable – SID (Unavailable). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


CodeIntegrity:
===================================

Date: 2018-05-24 23:41:50.249
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Pentium(R) CPU 3825U @ 1.90GHz
Percentage of memory in use: 77%
Total physical RAM: 4001.92 MB
Available physical RAM: 883.67 MB
Total Virtual: 5985.92 MB
Available Virtual: 2457.95 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:97.81 GB) (Free:10.6 GB) NTFS

\\?\Volume{0a86c24b-e0e1-404f-8713-716d92b20a27}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.48 GB) NTFS
\\?\Volume{6da71df4-5196-46d1-ae34-aeb4990ed7ba}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 034936E0)

Partition: GPT.

==================== End of Addition.txt ============================

Zapni obnovu systemu

• Stlac Win+R, napis "sysdm.cpl" (bez uvodzoviek) a stlac enter
• Klikni na kartu Ochrana systemu a potom na Konfigurovat
• Vyber moznost Zapnut ochranu systemu a klikni na OK

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
  File: C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
  File: C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
  HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE
  HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
  HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
  SearchScopes: HKU\S-1-5-21-3751077871-1395817455-3427987240-1001 -> DefaultScope {DCEA8CC8-B46B-4292-938C-A16139FC7A3F} URL = 
  SearchScopes: HKU\S-1-5-21-3751077871-1395817455-3427987240-1001 -> {DCEA8CC8-B46B-4292-938C-A16139FC7A3F} URL = 
  ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
  Task: {5E819FC3-54EF-424A-910B-F9B27931A400} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
  Task: {6807B783-A2C5-4306-9F2A-6D286C82E97C} - System32\Tasks\Trigger KMS Activation => C:\Program Files\KMSnano\TriggerKMS.exe [2013-01-26] ()
  Task: {82F13F17-6E01-4C54-A98A-4C493800FF1D} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
  AlternateDataStreams: C:\ProgramData\desktop.ini:gs5sys [2304]
  AlternateDataStreams: C:\Users\Frantisek\Cookies:gs5sys [2560]
  AlternateDataStreams: C:\Users\Frantisek\Desktop\desktop.ini:gs5sys [3074]
  AlternateDataStreams: C:\Users\Frantisek\AppData\Local\History:gs5sys [3074]
  AlternateDataStreams: C:\Users\Frantisek\Documents\desktop.ini:gs5sys [3074]
  C:\Windows\AutoKMS
  C:\Program Files\KMSnano
  
  Hosts:
  EmptyTemp:
  End

• Uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
• Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

Fix result of Farbar Recovery Scan Tool (x64) Version: 23.09.2018
Ran by Frantisek (25-09-2018 20:29:06) Run:1
Running from C:\Users\Frantisek\Desktop
Loaded Profiles: Frantisek (Available Profiles: Frantisek)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
File: C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKU\S-1-5-21-3751077871-1395817455-3427987240-1001 -> DefaultScope {DCEA8CC8-B46B-4292-938C-A16139FC7A3F} URL =
SearchScopes: HKU\S-1-5-21-3751077871-1395817455-3427987240-1001 -> {DCEA8CC8-B46B-4292-938C-A16139FC7A3F} URL =
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {5E819FC3-54EF-424A-910B-F9B27931A400} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {6807B783-A2C5-4306-9F2A-6D286C82E97C} - System32\Tasks\Trigger KMS Activation => C:\Program Files\KMSnano\TriggerKMS.exe [2013-01-26] ()
Task: {82F13F17-6E01-4C54-A98A-4C493800FF1D} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\desktop.ini:gs5sys [2304]
AlternateDataStreams: C:\Users\Frantisek\Cookies:gs5sys [2560]
AlternateDataStreams: C:\Users\Frantisek\Desktop\desktop.ini:gs5sys [3074]
AlternateDataStreams: C:\Users\Frantisek\AppData\Local\History:gs5sys [3074]
AlternateDataStreams: C:\Users\Frantisek\Documents\desktop.ini:gs5sys [3074]
C:\Windows\AutoKMS
C:\Program Files\KMSnano

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 194
Average :
Sum : 3720665794
Maximum :
Minimum :
Property : Length




========= End of Powershell: =========


========================= File: C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe ========================

C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
File not signed
MD5: 8213094EA736A9C575AB0E22AD09B0BA
Creation and modification date: 2015-05-19 19:11 - 2015-05-19 19:11
Size: 000335872
Attributes: ----A
Company Name: Intel Corporation
Internal Name: isa.exe
Original Name: isa.exe
Product: Intel(R) Security Assist
Description: Intel(R) Security Assist
File Version: 1.0.0.532
Product Version: 1.0.0.532
Copyright: Copyright © 2014
VirusTotal: https://www.virustotal.com/file/12670a4 ... 537799660/

====== End of File: ======


========================= File: C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe ========================

C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
File not signed
MD5: 1DFC3CCA51785254C5604238BB1A5467
Creation and modification date: 2015-05-19 19:11 - 2015-05-19 19:11
Size: 000007680
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: https://www.virustotal.com/file/31451a9 ... 537639640/

====== End of File: ======

HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
"HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages" => removed successfully
"HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"HKU\S-1-5-21-3751077871-1395817455-3427987240-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DCEA8CC8-B46B-4292-938C-A16139FC7A3F}" => removed successfully
HKLM\Software\Classes\CLSID\{DCEA8CC8-B46B-4292-938C-A16139FC7A3F} => not found
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui" => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{5E819FC3-54EF-424A-910B-F9B27931A400}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5E819FC3-54EF-424A-910B-F9B27931A400}" => removed successfully
C:\WINDOWS\System32\Tasks\AutoKMS => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6807B783-A2C5-4306-9F2A-6D286C82E97C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6807B783-A2C5-4306-9F2A-6D286C82E97C}" => removed successfully
C:\WINDOWS\System32\Tasks\Trigger KMS Activation => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Trigger KMS Activation" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{82F13F17-6E01-4C54-A98A-4C493800FF1D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{82F13F17-6E01-4C54-A98A-4C493800FF1D}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => not found
C:\ProgramData\desktop.ini => ":gs5sys" ADS removed successfully
C:\Users\Frantisek\Cookies => ":gs5sys" ADS removed successfully
C:\Users\Frantisek\Desktop\desktop.ini => ":gs5sys" ADS removed successfully
C:\Users\Frantisek\AppData\Local\History => ":gs5sys" ADS removed successfully
C:\Users\Frantisek\Documents\desktop.ini => ":gs5sys" ADS removed successfully
C:\Windows\AutoKMS => moved successfully
C:\Program Files\KMSnano => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 9199616 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 13746900 B
Java, Flash, Steam htmlcache => 768 B
Windows/system/drivers => 2190845 B
Edge => 1044120 B
Chrome => 514838175 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 19028 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
Frantisek => 49917814 B

RecycleBin => 116067 B
EmptyTemp: => 563.7 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:30:09 ====

Vyzera to OK. Nastala nejaka zmena alebo su este s PC nejake problemy?

Plocha ma cez 3 GB. Presun vsetky subory a zlozky z plochy do dokumentov a na ploche nechaj iba odkazy/zastupcov. Prilis velka velkost plochy moze sposobit spomalenie systemu.

Děkuji moc. Vše vypadá ok.

Tak este upraceme po pouzitych nastrojoch:

• Stiahni DelFix: https://toolslib.net/downloads/finish/2-delfix/
• Uloz na plochu a spusti
• Nechaj oznacenu moznost "Remove disinfection tools"
• Klikni na "Run"