VIRY.CZ

Dobrý den

prosím o pomoc. PC se mi uplně zasekalo připadá mi že mi nejede ani antivir.

děkuji za pomoc


Logfile of random's system information tool 1.10 (written by random/random)
Run by Uzivatel at 2019-07-15 23:37:32
Microsoft Windows 10 Home
System drive C: has 240 GB (50%) free of 476 GB
Total RAM: 3959 MB (45% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:37:58, on 15.7.2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_142_pepper.exe
C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_Plugin.exe
C:\Users\Uzivatel\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\Uzivatel\AppData\Roaming\Spotify\Spotify.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files (x86)\Brother\BrUtilities\BrLogRx.exe
C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe
C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
C:\Program Files (x86)\Nuance\PDF Professional 7\PdfPro7Hook.exe
C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
C:\Users\Uzivatel\AppData\Roaming\Spotify\Spotify.exe
C:\Users\Uzivatel\AppData\Roaming\Spotify\Spotify.exe
C:\Users\Uzivatel\AppData\Roaming\Spotify\Spotify.exe
C:\Users\Uzivatel\AppData\Local\Google\Update\Install\{AB9B3EE3-3E05-4832-968D-22E61C4613C7}\GoogleUpdateSetup.exe
C:\Users\Uzivatel\AppData\Local\Temp\GUMF918.tmp\GoogleUpdate.exe
C:\Program Files\trend micro\Uzivatel.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O2 - BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\PlusIEContextMenu.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKLM\..\Run: [M17A] C:\WINDOWS\twain_32\Brimm17a\Common\TwDsUiLaunch.exe
O4 - HKLM\..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKLM\..\Run: [BrotherSoftwareUpdateNotification] C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe /Autorun
O4 - HKLM\..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe -scheduler
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PDFProHook] "C:\Program Files (x86)\Nuance\PDF Professional 7\pdfpro7hook.exe"
O4 - HKCU\..\Run: [Google Update] C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.34.7\GoogleUpdateCore.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Uzivatel\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Spotify] C:\Users\Uzivatel\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized
O4 - HKCU\..\RunOnce: [Application Restart #3] C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe /Autorun /RestartByRestartManager:8B3438E7-343A-4483-A33F-794A3FA0666A /RestartByRestartManager:26FFEC74-8C1A-4cd4-8262-0CC45ABF30AF /RestartByRestartManager:D5523B71-4FF7-44aa-B6A8-804433DBA0AA
O4 - HKCU\..\RunOnce: [Application Restart #1] C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe /Autorun /RestartByRestartManager:83ECA5BE-DD43-4727-9D25-3BF7CF1A8055 /RestartByRestartManager:7BE72627-CB5B-4cdc-AAAD-F448D5E08DA9 /RestartByRestartManager:6671D18C-225B-4cdb-92F3-32171A43DA13
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'NETWORK SERVICE')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\elevation_service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PDFProFiltSrvPP - Nuance Communications, Inc. - C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wondershare Application Framework Service (WsAppService) - Wondershare - C:\Program Files (x86)\Wondershare\WAF\2.1.6.0\WsAppService.exe
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)

--
End of file - 15621 bytes

======Listing Processes======








winlogon.exe

C:\WINDOWS\system32\lsass.exe
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
"fontdrvhost.exe"
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
"dwm.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s DsmSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s gpsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s lmhosts
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc

C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s NcdAutoSetup
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
C:\WINDOWS\system32\wermgr.exe -upload
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
"C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
"C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"C:\Program Files (x86)\Wondershare\WAF\2.1.6.0\WsAppService.exe"
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS

c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer

c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
c:\windows\system32\svchost.exe -k netsvcs -p -s Browser
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -p -s PolicyAgent
"C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe" SignatureUpdate -ScheduleJob -RestrictPrivileges -Reinvoke
"C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe" SignaturesUpdateService -ScheduleJob -UnmanagedUpdate
\??\C:\WINDOWS\system32\conhost.exe 0x4
c:\windows\system32\svchost.exe -k netsvcs -p

"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\Updates\16.0.11328.20368\OfficeClickToRun.exe" /update

c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s wlidsvc
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s WdiSystemHost
sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe" scan upload
"ctfmon.exe"
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker

"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
dashost.exe {df818b86-b646-4871-af62009b8d69d252}
"C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe"
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
C:\WINDOWS\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXggkaqzf6p31g37n0m8phzeswb0rt9m7e.mca
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXemn3t55segp7q92mwd35v2a5rk5mvwyz.mca
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11425.20190.0_x64__8wekyb3d8bbwe\HxTsr.exe" -ServerName:Hx.IPC.Server
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe" -ServerName:App.AppXffn3yxqvgawq9fpmnhy90fr3y01d1t5b.mca
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe" -ServerName:SkypeBackgroundHost
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXe9cvj1thv1hmcw0cs98xm3r97tyzy2xs.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe" -ServerName:Microsoft.ZuneVideo.AppX758ya5sqdjd98rx6z7g95nw6jy7bqx9y.mca
"C:\Program Files (x86)\TeamViewer\TeamViewer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\WINDOWS\system32\msfeedssync.exe sync
C:\WINDOWS\System32\UNP\UpdateNotificationMgr.exe
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe" -task
C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_142_pepper.exe -check pepperplugin
C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_Plugin.exe -check plugin
C:\WINDOWS\System32\svchost.exe -k NetworkService -p
C:\Windows\System32\smartscreen.exe -Embedding
C:\WINDOWS\system32\AUDIODG.EXE 0x404
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXmtcan0h2tfbfy7k9kn8hbxb6dmzz1zh0.mca
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
"C:\Program Files\iTunes\iTunesHelper.exe"
c:\windows\system32\svchost.exe -k unistacksvcgroup
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s NgcCtnrSvc
"C:\Users\Uzivatel\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Users\Uzivatel\AppData\Roaming\Spotify\Spotify.exe" --autostart --minimized
C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\svchost.exe -k netsvcs -p -s BITS
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files (x86)\TeamViewer\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer10_Logfile.log
"C:\Program Files (x86)\TeamViewer\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer10_Logfile.log
"C:\Program Files (x86)\Winamp\winampa.exe"
"C:\Program Files (x86)\Brother\BrUtilities\BrLogRx.exe" /function=CC4BT /path="C:\Program Files (x86)\Brother\BrUtilities\BrDbgOut.INI"
-BootProc
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-36abb1ed-cd9d-4630-8869-c550b256df8a -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-0d1ede11-ce30-422f-a0a8-c202c66ca42f -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-3851f2b6-1de9-4e51-a5d5-a582074e4e56 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-c576b91e-ee03-419b-8e2d-ee6114d0c663 -LifetimeId:a979a118-1e3c-44b9-b021-a2713b8c8f41 -DeviceGroupId:WpdFsGroup
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe" /AUTORUN
"C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe" /Autorun
"C:\Program Files (x86)\Browny02\BrYNSvc.exe"
"C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe"
"C:\Program Files (x86)\Nuance\PDF Professional 7\PdfPro7Hook.exe"
-BootProc
C:\Users\Uzivatel\AppData\Roaming\Spotify\Spotify.exe --type=crashpad-handler /prefetch:7 --max-uploads=5 --max-db-size=20 --max-db-age=5 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Uzivatel\AppData\Local\Spotify\User Data\Crashpad" "--metrics-dir=C:\Users\Uzivatel\AppData\Local\Spotify\User Data" --url=https://crashdump.spotify.com:443/ --annotation=platform=win32 --annotation=product=spotify --annotation=version=1.1.4.197 --initial-client-data=0x540,0x5c8,0x5cc,0x558,0x5d0,0x61cfbf60,0x61cfbf70,0x61cfbf7c
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /ua /installsource core
"C:\Users\Uzivatel\AppData\Roaming\Spotify\Spotify.exe" --type=gpu-process --field-trial-handle=280,3774016122768074908,12900879742998066172,131072 --disable-features=ExtendedMouseButtons --disable-d3d11 --log-file="C:\Users\Uzivatel\AppData\Roaming\Spotify\debug.log" --log-severity=disable --product-version=Spotify/1.1.4.197 --lang=en-US --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAAAAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --log-file="C:\Users\Uzivatel\AppData\Roaming\Spotify\debug.log" --log-severity=disable --product-version=Spotify/1.1.4.197 --lang=en-US --service-request-channel-token=14105899054705014595 --mojo-platform-channel-handle=2000 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files\rempl\sedsvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" -startup
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"

"C:\Users\Uzivatel\AppData\Roaming\Spotify\Spotify.exe" --type=renderer --field-trial-handle=280,3774016122768074908,12900879742998066172,131072 --disable-features=ExtendedMouseButtons --service-pipe-token=17446323380829619547 --lang=en-US --log-file="C:\Users\Uzivatel\AppData\Roaming\Spotify\debug.log" --log-severity=disable --product-version=Spotify/1.1.4.197 --disable-spell-checking --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=17446323380829619547 --renderer-client-id=4 --mojo-platform-channel-handle=3900 /prefetch:1
C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe" /frequentupdate SCHEDULEDTASK displaylevel=False
"C:\Program Files (x86)\Google\Update\Install\{DAE20C62-2A89-4189-83AF-FA568F0492DF}\GoogleUpdateSetup.exe" /update /sessionid "{F870AB48-6FEE-4908-B8E4-E6C943609D8B}"
"C:\Program Files (x86)\GUMB95F.tmp\GoogleUpdate.exe" /update /sessionid "{F870AB48-6FEE-4908-B8E4-E6C943609D8B}"
"C:\Users\Uzivatel\Desktop\RSITx64.exe"
"C:\Users\Uzivatel\AppData\Local\Google\Update\Install\{AB9B3EE3-3E05-4832-968D-22E61C4613C7}\GoogleUpdateSetup.exe" /update /sessionid "{CDC95CCA-29FD-40E7-B6F2-3A88D155CFB7}"
C:\Users\Uzivatel\AppData\Local\Temp\GUMF918.tmp\GoogleUpdate.exe /update /sessionid "{CDC95CCA-29FD-40E7-B6F2-3A88D155CFB7}"

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1332348435-3952591356-909228679-1000Core.job - C:\Users\Uzivatel\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1332348435-3952591356-909228679-1000UA.job - C:\Users\Uzivatel\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-01-20 204880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21 6723984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2019-04-27 3249952]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-01-20 152104]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{551A852F-39A6-44A7-9C13-AFBEC9185A9D}]
PlusIEEventHelper Class - C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\PlusIEContextMenu.dll [2011-06-30 245016]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-12 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-12 172968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2018-04-12 638872]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-07-28 11101800]
"Autodesk Sync"=C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2012-02-05 415680]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2016-07-26 176952]
"Malwarebytes TrayApp"=C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2016-12-14 2776528]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.34.7\GoogleUpdateCore.exe [2019-04-27 752424]
"OneDrive"=C:\Users\Uzivatel\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2019-07-15 1589368]
"Spotify"=C:\Users\Uzivatel\AppData\Roaming\Spotify\Spotify.exe [2019-04-27 25901288]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Application Restart #3"=C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe [2017-04-05 3581952]
"Application Restart #1"=C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe [2017-04-05 3581952]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IMSS"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2010-07-01 112152]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-01-21 91520]
"WinampAgent"=C:\Program Files (x86)\Winamp\winampa.exe [2013-12-13 85600]
"M17A"=C:\WINDOWS\twain_32\Brimm17a\Common\TwDsUiLaunch.exe [2017-05-10 77312]
"ControlCenter4"=C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [2017-11-07 146584]
"BrStsMon00"=C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2018-01-19 2976256]
"BrotherSoftwareUpdateNotification"=C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe [2017-04-05 3581952]
"ISUSPM"=C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2013-06-24 2075480]
"PaperPort PTD"=C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [2015-01-19 35648]
"IndexSearch"=C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [2015-01-19 17600]
"PDFProHook"=C:\Program Files (x86)\Nuance\PDF Professional 7\pdfpro7hook.exe [2013-03-20 641864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21 6723984]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21 4222864]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2019-07-15 23:37:33 ----D---- C:\Program Files\trend micro
2019-07-15 23:37:31 ----DC---- C:\rsit
2019-07-15 23:37:18 ----D---- C:\Program Files (x86)\GUMB95F.tmp
2019-07-15 23:37:18 ----A---- C:\Program Files (x86)\GUTB970.tmp

======List of files/folders modified in the last 1 month======

2019-07-15 23:37:46 ----D---- C:\WINDOWS\Prefetch
2019-07-15 23:37:42 ----D---- C:\WINDOWS\Temp
2019-07-15 23:37:33 ----RD---- C:\Program Files
2019-07-15 23:37:18 ----RD---- C:\Program Files (x86)
2019-07-15 23:36:10 ----DC---- C:\Users\Uzivatel\AppData\Roaming\Spotify
2019-07-15 23:35:44 ----AD---- C:\Program Files\UNP
2019-07-15 23:34:59 ----D---- C:\Windows
2019-07-15 23:33:43 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2019-07-15 23:32:37 ----D---- C:\WINDOWS\AppReadiness
2019-07-15 23:32:36 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2019-07-15 23:30:40 ----D---- C:\ProgramData\NVIDIA
2019-07-15 23:30:38 ----D---- C:\WINDOWS\system32\SleepStudy
2019-07-15 23:22:42 ----D---- C:\WINDOWS\system32\sru
2019-07-15 23:20:13 ----D---- C:\WINDOWS\system32\Tasks
2019-07-15 23:18:16 ----D---- C:\WINDOWS\SysWOW64
2019-07-15 23:17:22 ----D---- C:\WINDOWS\system32\catroot2
2019-07-15 23:17:03 ----D---- C:\WINDOWS\system32\Macromed
2019-07-15 23:16:45 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2019-07-15 23:15:21 ----D---- C:\WINDOWS\system32\config

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2018-12-08 58168]
R0 SgrmAgent;@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001; C:\WINDOWS\system32\drivers\SgrmAgent.sys [2018-04-12 63896]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2018-04-12 39424]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-04-12 60320]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\WINDOWS\system32\drivers\mbae64.sys [2017-04-27 77440]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2018-04-12 55808]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-04-12 8192]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2019-03-14 414720]
R2 MBAMChameleon;MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [2016-12-28 176064]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2018-12-08 43008]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2019-03-14 82432]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-10-03 33240]
R3 HECIx64;@oem29.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface; C:\WINDOWS\System32\drivers\HECIx64.sys [2009-09-17 56344]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2010-07-28 2445672]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [2019-07-15 251832]
R3 NVHDA;@oem21.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2017-11-09 233904]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_2e7fa54192fe16d0\nvlddmkm.sys [2017-11-09 16936048]
R3 rt640x64;@rt640x64.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2018-04-12 604160]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2018-04-12 38304]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-04-12 321432]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-04-12 885144]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-04-12 145816]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-04-12 124312]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-04-12 128408]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-04-12 75160]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2018-04-12 82328]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2018-04-12 58776]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2018-04-12 61848]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2018-04-12 39840]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2018-08-03 128920]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-04-12 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2018-04-12 18432]
S3 athur;@oem25.inf,%ATHR.Service.DispName%;Atheros AR9271 Wireless Network Adapter Service; C:\WINDOWS\System32\drivers\athurx.sys [2010-01-05 1847296]
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2019-01-09 92704]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-04-12 39936]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2018-04-12 60320]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2018-04-12 123392]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2015-12-08 122160]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-04-12 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-04-12 50592]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2019-04-02 76088]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2018-04-12 27136]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-04-12 1836952]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2018-04-12 36864]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2018-04-12 91648]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-04-12 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-04-12 88576]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-04-12 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-04-12 174592]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2018-04-12 526232]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-04-12 38912]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2018-04-12 32256]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2018-04-12 119808]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2018-04-12 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2018-04-12 56736]
S3 MBAMFarflt;MBAMFarflt; \??\C:\WINDOWS\system32\drivers\farflt.sys [2016-12-29 102856]
S3 MBAMProtection;MBAMProtection; \??\C:\WINDOWS\system32\drivers\mbam.sys [2016-12-29 43968]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-04-12 842648]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2018-04-12 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2018-04-12 175104]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2018-04-12 104448]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2018-04-12 105984]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2018-04-12 16896]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2019-03-06 945464]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2018-04-12 104448]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2018-04-12 33176]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2018-04-12 57752]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2015-12-08 214832]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2018-04-12 33184]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2016-03-02 83768]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-01-31 19232]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 462096]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 CDPUserSvc_5b3dc;Uživatelská služba platformy připojených zařízení_5b3dc; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2019-03-29 9677904]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-07-01 325656]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2016-12-14 4317648]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-10-27 462968]
R2 OneSyncSvc_5b3dc;Hostitel synchronizace_5b3dc; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 PDFProFiltSrvPP;PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [2015-01-19 77336]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2018-07-14 760888]
R2 sedsvc;Windows Remediation Service; C:\Program Files\rempl\sedsvc.exe [2019-03-30 338744]
R2 SgrmBroker;@%SystemRoot%\System32\SgrmBroker.exe,-100; C:\WINDOWS\system32\SgrmBroker.exe [2018-04-12 163336]
R3 BrYNSvc;BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [2018-01-18 314368]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2016-07-26 651576]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-26 1260320]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-07-15 335416]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BcastDVRUserService_5b3dc;Uživatelská služba pro GameDVR a vysílání her_5b3dc; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BluetoothUserService_5b3dc;Služba pro podporu uživatelů Bluetooth_5b3dc; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevicePickerUserSvc_5b3dc;DevicePicker_5b3dc; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevicesFlowUserSvc_5b3dc;Tok zařízení_5b3dc; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-08-03 90624]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-09-26 1432400]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2018-05-20 43648]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\elevation_service.exe [2019-04-04 1268720]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-10 136120]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 MessagingService_5b3dc;Služba zasílání zpráv_5b3dc; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 30963576]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2019-03-18 215120]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2014-09-12 5132888]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PimIndexMaintenanceSvc_5b3dc;Data kontaktů_5b3dc; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PrintWorkflowUserSvc_5b3dc;PrintWorkflow_5b3dc; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2018-04-12 1273344]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2018-06-08 976384]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S4 ssh-agent;OpenSSH Authentication Agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [2018-03-10 495616]

-----------------EOF-----------------

Ahoj

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

• Uloz na plochu a ukonci vsetky programy
• Spusti AdwCleaner ako spravca
• Odsuhlas licencne podmienky
• Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
• Nechaj zaskrtnute vsetky nalezy
• Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
• Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
• Otvori sa log, jeho obsah sem skopiruj

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-06-28.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-16-2019
# Duration: 00:02:17
# OS: Windows 10 Home
# Cleaned: 827
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Seznam.cz
Deleted C:\Users\Uzivatel\AppData\Roaming\Seznam.cz

***** [ Files ] *****

Deleted C:\Users\Uzivatel\AppData\Roaming\..\LocalLow\Microsoft\Internet Explorer\Services\search_{EEE6C360-6118-11DC-9C72-001320C79847}.ico
Deleted C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\9slcp39g.default\SEARCHPLUGINS\MAILRU.XML

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{100669E-8921-4EA4-94B7-1F8CB95D103B}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{103F967-56F5-4711-B1EE-1548FAFEFBB6}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{10DBF74F-EAFB-4829-9BFB-B44CC1EA5AE}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{112AC69C-BADE-48B3-8F63-9366A54BC34}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{112EFB44-3839-4265-8557-F997D41448A5}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11917C44-2FA0-4403-BDC2-FEA9BE6349E}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11F5FDED-EC5C-4B00-8A1E-CDADB3AC2E8B}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{121695B1-6F1E-4314-95A2-665290B84A}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{121D031B-DFCB-47C6-A124-BE312F52785}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{12365AA3-45FD-4EDB-8694-1B8061C8DC3}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{123D2BEC-C0CC-411E-AA6-77989953CB}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{129B580F-4AD0-41F1-ABD-C081577B9E3}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{12E9304D-D33C-45A8-BE2-C959F3DB3BEA}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{12F30F4-4A18-4373-A7A9-895244C4EE2}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1374260C-60C3-4022-818E-D7B20D4108}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{13990D43-9454-46C5-8EFE-58759B2D1F9}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{139B005A-E73C-408E-8956-92C4265FAE12}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{139BE7CC-575B-4DC6-A175-441A67267126}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{13A5DD39-E156-4985-A39A-B84F2923235}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{13BCDC2B-7D19-4927-8595-82C04358E77B}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{13F065BF-C05C-429C-A8E-61902434928A}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{13F1961F-2428-42CA-8929-C46454BDB37B}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1429E39B-E0D6-420F-B06F-9948B6FE59}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1479885-B470-4EF6-84DD-2DAEE19910E3}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{14E9FE33-CFEA-4EB3-A06D-8F9E1DBDDB71}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1540BE2B-E378-427D-88A-686E7E15674}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{155D1A90-CE02-46C3-A226-CE1E431027E0}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{15624D98-E006-4CD8-B0E-ABE1FCA5158F}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{156B59AC-1E5E-4AFC-9092-E17FC7DE29F}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{15F32294-5F39-48E2-A516-D1999F6431}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{163D2A2B-787-429F-86F3-E1D554CB7633}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{164AAF-B56-44DD-941-74DFD28BEB6}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{164C925A-D469-401D-98DC-588BC88DC3E3}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{16A25506-72FB-4C7A-BEB2-1BD9644B778E}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{17052322-BB16-4AFE-9E52-65A18E3AF068}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{170E8568-6AC1-4564-88C2-343F7B97A636}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{17EFEB-EF9F-4332-A5BC-FCD2DFAFD864}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{185D3CA5-1316-43D0-BBA3-74B6DE52193}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{186C2AFC-3F5B-44FC-9789-7244961C377}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{18DA2A1B-BA8B-4E5E-A730-7595E966D4D9}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1922275-FF4E-4883-A319-4E996F236FD}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{193DFF7F-BA71-42EE-AF21-D4A77A358C1}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{195984A5-CF48-45DA-ADEE-895D953806A}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{198689B3-AF99-42DB-94EA-A3BA39D823}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1993BB94-99C-42F2-9437-175AA7419261}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1A06F0C7-FDBE-4E55-A677-24E9BF9C14B5}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1A95A87-362C-413C-B896-34418EE86F88}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1AB36244-14C6-4982-9B9F-35613CE2584}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1B02AFD1-4E5E-45CC-811A-159621669577}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1B528679-F191-4B41-BB1-4CD467481E84}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1B8252-D1EF-46AE-A829-6B38EFB235C2}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1B8A9F48-2D58-4FAF-91C-48CE43F52DF}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1BCE8F6A-9810-4BCF-9615-21B44370D36C}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1C35D496-BB-4B0D-8F41-EECF44D1D376}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1C8A73F3-1ED9-4357-8581-AAFA50A9394}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1C95BC91-23BA-49FC-8F60-2F8B26477C92}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1CB95E6F-6A2E-4855-8A24-8B767D568457}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1D1F5D4D-2B19-4640-97F2-587EEC2B6E6}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1DD57181-A722-4441-8A6C-AAB0C96D4FFC}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1E12D5D1-CEEC-4E11-8236-9CAC83E5FCC4}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1E6DBC0F-E5D8-4495-9816-B4967F407CB9}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1EAA09C5-2BE5-4BC9-AC7D-A88BB6A96D}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1ECCFC16-26E-4C90-B01B-CB3C3E7F7EA3}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1ED52AF-72B-4ED4-AB6B-3AE44BE737D2}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F0001C8-53DB-47BA-97D0-52929C6D5C8}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F0126FD-E4C1-4D40-8EB4-25B2BDDB0D1}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F713F6B-C6B2-4EC1-9C4D-971D54EF3A5}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1FF1B8D5-FF1-4161-BC3F-6F7E322AABFD}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{20686006-17B1-4343-A846-F21CAA7A2FC2}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2078001-E022-48CE-87EB-4A64A04417EC}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{20BECC8F-4F2F-4FE1-83FE-3873BE6164A8}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21C30348-849E-45A2-B4B6-70429FC35A47}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{222A80A6-ACC5-4027-99BE-C6690AB5130}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{222AA44F-DD9F-44AA-967D-E8BDADF7571}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{222FC178-2A73-460F-A245-2257562A7B9}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{223AC80B-84FD-40FB-BAAE-6B57C8FBB19}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{22A8EAE5-CDB7-4400-98FB-FA653732023}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{22ABD1DC-3AFB-4EA3-A568-25CD5E179AF2}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{22EBC8AD-6865-429D-8C23-AB0FB3ACCF9}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2325E5AA-C736-4812-9BF-FD338A7DD327}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{23ACE727-67FA-4562-8FD1-2B94B8B37799}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{23EFCE92-A834-400C-8FAF-535378CE933}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{25881B1F-D824-458E-AD1C-849B991B8B2F}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{25BC5DCA-69F-4623-92D7-C4C66B57BF3E}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{25F7326-F928-40C2-B6D7-D72715F371C1}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{262B3404-116-46A0-95EA-DABE80C44FA2}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2654A4CE-150B-4389-95C2-7F37CFA8D33}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2664293-C13A-4C41-84BA-9F756942D4D3}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2727FEBD-F8C0-4124-A817-AD2A2D45AB3}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{27609E85-F7BF-4329-A09-AC92D0E4CEB7}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{277D5F17-3A21-4574-9BE4-E9CE628C0C8}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{27C9591C-E6B8-4367-B53E-21EE8BFDE7C}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{282EDBFC-7AE3-4F82-B77-189B34B5981}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{283D0873-C368-44A7-BA98-798BD54BA4DD}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2879EB64-376C-427D-872-21E74FD536C8}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{288D27A5-CF1C-4AFA-8F46-9C296B3E199C}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{291D235B-A5BB-40C3-B0BB-FEB71061E95A}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{29D7568C-257E-4F41-A564-A936A06FAA43}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2AE7A330-A034-4BA8-8A87-165C14C3E7B1}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2AF90697-8D2B-43BD-81CD-1912D25BB8}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2B3441A8-8A0C-497F-8FAE-184B32D151EB}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2B864FEF-E3F-4D1A-AC8A-931324D8DC6}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2C1C7B98-98F4-410F-ADD5-E223EF4766C}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2C3CEA08-EE97-4FFD-8428-4733A1D1C15}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2C66AA29-FA2B-4AEC-871-EB9FCC2E099}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2CAD7AD-FD8B-43F9-94CE-4AB0B0F5E9E}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D131698-FCD8-428D-A36F-7B68275EB176}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2E1493A4-76F0-4D8C-8EE-B941AEA7654}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2F773763-18C8-4769-A36A-34A77A94AFB6}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2FC3E816-5EB4-4D7D-AFD1-166DE2879CBC}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{301EA707-3931-49EA-A697-FAB07737E9D4}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{302DEDB3-D6A7-4C86-8B54-6FABE7AC5FD}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{309C6A8D-456E-42FF-9E55-B6EA84E147B4}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{30F9A1A5-470B-4A78-86F4-B0D94EB79637}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{314B2179-3AFD-4405-B74A-A21B91BD13C4}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{315F382D-5F3D-4135-9378-A5F54C983A92}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{322CE256-D45B-4BF5-AEBF-2B8F12DDE9}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3243C0E8-4BE4-4D29-92AD-84AC6D22E969}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{32816BAA-BDD4-49B4-A7A8-F33153751B51}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{32D1D394-A8A-491F-AEA6-3FEE436A83F9}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{32D91359-B535-4FD0-B281-9D962AE9D0EA}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{33297C6B-5E11-4BFA-BB91-A5263033A0E}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{33EB86BA-3882-4C50-B51-1E13D78DDB8}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3424BCC0-D556-461A-A3B3-13B47F9B45}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{34373D62-D6F3-4D6E-9134-27CFB72E4E19}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{347EC25D-ED9B-4B11-8D3C-B21BFC37C31}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3490C757-BB4D-4732-83EF-EC63E288F387}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3497B4ED-18F7-4AF3-8F28-ED27EC3A333C}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{34A3915-5E12-413E-B6B2-43CBADFAA59}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{34D790C1-E59B-4DD8-A718-4628BC56F1E}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{35205156-F565-4C98-B7D-5E3499DE8B7F}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{353D85C0-A298-4C5C-9E39-CFD5A7B316C}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3566BB84-8631-4CA6-8978-1A1F143F5891}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{35FEF277-5388-40F8-BB47-D9EFA14CC1E}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{36161975-E186-4313-82B8-A6E78B1C30BB}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{367C251-682F-473E-8B53-941D64416AD3}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{36A74566-FC4D-43E6-B164-9CCAF6B25445}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{371DC4D9-8F35-4294-9C1A-E3E38C6F3461}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3769813B-E935-46A1-958-80E32A7D65E3}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{380EC6D0-162-4E73-8A20-DDE932998610}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{38379684-53EF-488C-9348-7A34B0DDE39B}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{38B17018-AC77-44CE-B1E7-98C7063B055}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{38D84E82-ABCE-4539-AE1F-3DB1786B961}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{38D8977D-8698-4C3D-89F4-E40BFDF32D4}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3989029-FFBE-4DBB-A6E4-F164DDE8757F}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{39EA461B-41F9-4EC7-842A-9E85EEA76B2}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3A3B04-730F-4F0D-92C2-124716FA4B}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3A858FD7-3478-43B1-85DD-BA17433433E2}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3A9805C4-1698-4FBC-9A8D-3F7DCC162A9}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3B4ADBF9-ECBB-4C39-BFA4-A5695A4341}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3B5B5145-E9B7-468F-BA69-9787A3FEAB75}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3BBB98F6-61EF-4430-BC60-B38155465FC}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3C0F6229-19A4-496F-8BF5-A621FBC5F7C3}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3C5C4327-F732-4F2E-8F3A-399FBC28F837}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3C6C61D5-33E-4A45-80CD-72C927F9D028}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3C75038-EB54-4C27-AC2-B2214FC454C9}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3C9F0AAA-7954-4716-B737-238F86A6EB7D}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3CBB4343-1443-4C36-85DF-9DFE4A3651A6}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3E3167FA-181A-46C0-A474-33F6DC686A}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3E5B333A-DE4A-414A-AC3A-B0318F889D5E}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3E8CBC08-9C83-4346-AC80-F9EABB8457A}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3EBEFF41-F525-4BC6-B7EB-2149BC6BB77F}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3EEB3A98-8D36-4431-A1DD-86E4639D3F10}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3F41B260-4861-4EF5-AC1D-24F0C02E324A}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3F4CCC9E-9880-4761-B20-E27A9B55022}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3FC4111C-FAC0-443A-9B90-EAD7939518DA}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3FC67D9E-AA4B-4AA0-9C32-71DACE2FE522}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3FC85555-7E8B-4C0B-B7A4-ED5A0ABC0B7}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{401F45DF-8EF3-42A0-92FF-55194FB76E84}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4024D73F-563F-4CD0-8C6-86267D3C3340}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{403D64BE-68AE-46B9-B61-FB5ED584F417}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{40A2EDEA-A18C-428E-A1C1-963AF3A8F0FC}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4139D5F5-D4A8-4974-A1AA-3CE21FAE253}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4180E3EC-E313-4916-BF9F-13A9A5FCC95C}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{418A04E7-8B88-471F-915A-7E896B918F}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{41B7EA3A-DC36-4F9B-A4CA-4BA0DE4CAF9}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{42136DE3-2C05-4E50-AB82-DBB6F1F6D9E3}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4246A531-79CE-4261-AC31-E0D1B2656E9A}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{426DC109-2565-43B3-8EC7-2E12ED1CB35}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{428CC5C1-1DCB-4293-A47E-F130A282D518}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{42F9B56C-65C2-440A-AD27-77A49826BEA}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{43DF9EFE-5B4B-4FAD-81D8-6DCD3522D652}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{43EE1DF3-B8CF-435E-AA61-82D94D28DD58}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{440053AB-D35F-4554-A7FA-4136B685DD1}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{442F6FE4-835F-44F0-B896-BCE02F556AEA}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{443C2F4A-2DEE-4D1B-87C2-E13997E2969}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44D43F9E-DA-4575-9CD0-3F30EF3D2755}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4537ED6F-38C-4A29-B558-32765D74F2D}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{464DD1CE-37CC-443E-AFA6-2B461AAE5D6A}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{466F6EDA-2190-441E-B814-5B414B6ABC13}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{46861AE7-2A5A-412F-8BC5-5CD098D77B1}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{472AB1EE-DF7B-43C8-8ED2-76D5413FFA47}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{47403470-7944-4BB8-833A-CA7D4F639486}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{47B8A22E-2E5A-4936-9E55-C73A84DE5BF}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{47C98573-277D-4B7F-8A79-1788316C73F}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{48A37019-979F-4D29-A7B2-AEEF0A6CFF}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{48EAAF67-C868-4610-9FC8-F6568E8B131}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{48EFF385-F66B-43A9-8812-A41FDF41B69F}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4921A06-37A6-48B2-A79A-E57DCC2F66BF}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49A5B831-FA54-4F49-9DDE-AEBB63B3DAC}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49C6E82C-C4D0-460A-A8B7-B533CD294A3}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49E3C440-D194-4F80-B57B-FD18B37625B}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49F044F5-E766-41ED-96F8-9A8B800B2A1}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49F25CFF-9BE8-4C25-85B1-66E01B2B122}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49F74F69-F2AD-482E-BE66-F91AA0FB7121}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4A151453-9FEC-406F-A45-50486F3B8E62}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4A91320-7B4D-4790-84BE-A2958FA235B}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4AB37247-1EC6-4869-AA6D-9FCD41A8165}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4AE1CE6A-EE0-41BF-9C2A-4020C338A78}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4B086D3E-134B-46C2-872F-2A9FFD2C3C4}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4B2937FC-FF27-47E9-A573-663A7749ADC}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4BC3FDC2-FD40-4317-B4F3-5A3F2CBE8C3}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4BF29129-5E89-4255-96EE-5B559DFEB6AE}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4BF2F713-78B-4BB7-AA6C-69128BD961D}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4D87749B-4194-4A55-8FC7-17A2BA5BB76E}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4DF1F485-16F8-4D56-A123-E96574737BC}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4EA3DAC0-E89A-44F8-BD97-103CC352BC9}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4EC10D0C-60B3-4A78-963B-F0ABF27DAF73}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4EC9E3A2-9172-4106-98D1-8B2B1F2FC070}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4F32C871-8808-4D7B-84F0-E92089BEF562}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4FA36253-6539-4A03-AD1A-E48499FAC0F3}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4FF6CD51-5610-494B-8E8F-CDC8C21F469}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{502CFAE-4F8D-444A-8CF7-284C48D4F91D}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5052DC7E-2E95-4473-9EA-82CBBFF28C}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{50BCE18A-CEA2-41E3-9373-5A3E941F4CF}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{50EB9C0D-7CD-42D4-8FB1-EC7D54D3D758}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{511052C6-C7A6-4512-A1BE-97AF471EB726}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5115AAA1-DBBE-4373-94E3-66BD75C58FE0}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{51468D42-CE5-4201-BB28-C45D74544450}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{51946E81-9518-4A9F-80E3-324646EC566}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{51E36344-A01A-4A4D-B2BD-BCD9BF54511}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{523B9F78-954-4587-81F5-54D858C4C8B}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{52458E92-6BE5-4659-AE6D-FFB33154A3DB}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{525049A-FEFD-4243-B2D3-57A821EAB74F}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{526A9306-7D33-4585-AD9E-8E54BB398DC7}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{52FD4479-9F3E-433C-81F-D43E86F6E06F}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{543A31B2-9858-43C5-BC8A-53DE75938CC}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{54BA2A01-90E0-4A38-B852-ED41C009E18}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{54F1D011-274D-4908-9863-5998FB702FE0}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{54F4CDD2-B905-4920-94ED-6E1B6EEB47A}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{553DDDB5-DE6E-45F9-A09F-7FF5CF7EC43D}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{559AA41C-EC70-4655-9C60-522F4655206D}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{55D441F1-534-4AD7-87DD-C21FCBEC487}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{563D25DF-F7C-475C-9F5A-6E82D9F1D7B}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5657BAAD-BAED-45EC-9FCE-72D4CDDBBD67}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{56937361-2F76-47E4-9381-9BCE1D97CB92}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{56C4B5FD-7BA8-4894-BEE3-7E29422C5B56}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5731CA0B-4FCF-4E9B-9C4B-3E49FD2AE4E}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{577D3F2C-2BB4-4B14-8536-FD686C72676}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{57A3BE93-35D1-4F2C-A8F3-BF71EDF073BE}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{57E4010F-D2CB-4A69-8E0-9B64FF2B10ED}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{58CDDF6E-9F23-45CD-845-89E52539D6E4}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{592B3DF1-449-46DC-B692-7397E84BA741}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5956CA8-7D44-4E41-8BD2-168CD7910CE}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5957C74B-21B4-4683-8F7C-4BCEE2A6D73}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{595C336A-32D9-456B-9F71-DFEAA7F68EB4}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{596BA40E-6352-44E2-8420-BF4B74B63B19}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{599BDC96-A6BE-4E90-9EC-D1E4D2F743}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59DF9911-BCF4-48CB-B5D2-37C692C69291}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59F0BF4F-9519-483A-BB33-83288D8EB1}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5A22F515-3090-4C1F-9876-6F2A847D11C}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5A2EF8BA-8767-48B9-B03E-48FB43F2C17}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5A4E4A5D-EB2D-42B6-9416-B486BB512CD}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5A74EBC4-CFFC-4451-8335-CB2C3377C31}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5A8C353A-7589-4E31-AC63-211AD2B31542}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5A8D1E-E36C-4C18-9DAC-A9E1DCA1B1AF}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5B1E93AE-323D-478F-A623-3287A62A7A}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5B1FED43-AE4-4F0C-98D2-71BFA703D7F}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5B34F10C-6035-4927-93C8-26F64A4B7CC}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5B643500-ECE1-4C1C-B960-E075B8AAD4E3}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5B852DA3-61C4-4317-A39E-DEEE8E7F13FD}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5BB84CE-970E-4CC8-832B-B65ACB271EE}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5BBC8920-505A-40E2-A9DD-C34BD618868F}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5BC99D59-49B3-4688-9FEA-48437BF1F42D}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5BDEF0B3-1808-4770-8FB5-1F255E1823DF}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5C505044-33DE-46EE-8C50-6FEAAAA8D752}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5D32A28-C8C7-4932-878F-CF4EF791759}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5DC7E0AC-8002-4FAA-ACB0-2FF8FC95F4E}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E8F3053-EA63-4773-8422-584EF2A320BC}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5EDF8C9E-D881-409C-A5A6-96DAD2A9882}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5FA36C01-E9FB-42F2-BB31-99B2FB1A579}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5FB98BB7-C96A-4604-9D95-781B2D43C6D}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5FE3AE82-E58-4409-A6A8-288F53522F74}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{614566AC-DFF7-4532-98C3-B9DB62254C9B}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{617E8D1F-3F98-41D0-9F3C-341DEF377066}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62238C8-C733-4950-89AE-EFEF52883AC}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62348E6F-DD3D-45F1-95E-6861B6EDB4F}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{627B28A-75E6-42A5-9CA4-5DAA4EC42EA}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6283B2BE-1D74-4695-8773-CC89B8EA3D0}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62866D2A-14D3-46A6-99F6-CA95C7809D2}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62A03504-10B6-4EE3-943B-6FBAFCECEA7B}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62BE4B63-BB12-43FF-B757-1C6F87E08E13}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62CBEDAC-DB67-421A-9EE-602ED4FBE438}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6313B6FF-5AD5-4649-BF73-2A206DA980C1}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{638E25F2-8EE1-415E-A52E-471F65B1DF31}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{63C93125-96A-4419-8BF-D025AF2F9980}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{63CDE135-CEBF-4D8B-A8B5-E6083B7D6F4}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{63EC778A-297-4A5D-B7CB-684B19B2B289}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{63EDF330-DD16-4445-9D5E-CCAE215AADC7}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6421F786-D3D4-42BA-9750-D1ABB85D7FAF}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{643E3FE0-826-4CEA-8D67-99401894A86B}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6472CE8A-4172-4F95-98F8-28EE634C5062}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{648D68FE-E41A-4900-8235-7245CDBA1F5}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{64EE60D5-F96D-4D77-AD33-ACCC4473B64}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{650D2AAC-9207-4681-8D5F-FF13F91B963}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{650FABBF-DA8-4403-B33-175872B9F0C3}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{656A2C17-46FD-4D08-B34-CAD5DA969DA1}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{656AAFA7-CE86-49A4-A67-7E11F811322}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65CB1CF0-86B1-440A-A41-6B3D13FC8964}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65EA102-6D84-434B-B715-8A72878F37DD}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6632CEB5-372D-4D12-A943-8AA82494C721}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{665B2D7-D522-4B47-AC7A-D97BE825FBB1}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{66883EE7-FF3C-4158-B757-3578343EB68}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{66BBA6A9-B9EB-449B-A38D-7F1A9B174932}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{66DABFAC-6164-4784-8C7C-AF3336132F31}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{66F2E42B-6993-45A0-AF7A-8640CB825E74}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{670BC35C-8AAE-4422-85CB-598D37924C}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{67364E94-B554-4907-B3FC-34487FA94CF}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6737C379-DFD1-4F87-8A44-4E865CFC674A}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{67B1CF-BC3B-4DC4-86C8-42557232A7D3}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68128746-895-4AF9-8893-FB97C7BA9223}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{689FB3CE-8F36-42DB-B729-A23069F0F9D}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68A3ABC9-3E79-42DC-A5F-B124EC19F68}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68A3B392-6094-47D3-8D6E-32ECD337E0BF}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6915FA8D-FA83-46B1-B2B8-BCB4D098E82}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6924BD79-27-4676-857E-4B9ADC59BB1}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6937405C-1B56-4ADE-A9D6-2FD925AC179E}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6B1CE036-6007-4170-916C-3E7F892BAC3}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6B268327-10FA-490A-9F72-C15069661E7}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6B7DEAAD-755F-4A1D-AF3-A9675FC13CAD}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6BB4C53D-4421-4BE4-AC3-4B5479A3758}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6C777AAE-E94-4D8F-8D4C-147422E205D}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6C91BFC5-94DE-4450-B18E-8ADC91C14CED}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6CA7BD46-765B-4DD7-9A41-70FCF15ED3F7}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6CAD2593-DAB-4ED8-9FE2-D7758037543}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6D43B9E3-CF51-402F-AFB5-EBB775BCD1FC}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6E3270F0-B17C-4DDB-A441-17E245BFC26}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6E9BA4A2-C477-429A-BF16-505C73B0F19C}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6F50D932-13EA-4236-AC4C-38E70A1B52C}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{702EA8AB-B556-415A-A56F-BC88332428E5}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70663C1-5F83-4E8C-AA93-56E81B0822A}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70B725D5-CEE6-4872-8FF2-B8233CBCA48}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70F1EA41-27FF-4382-AF4-CE1E4481CBCB}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70F98587-32FF-468B-8E5-4CF8D5934F3B}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{71B643E6-161E-4360-9966-993881A5356B}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{72741A98-D107-4CD2-8A91-18F9AAE3578D}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{72A43FC9-2222-4463-870-20ED941853E5}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{72AFAAE2-5160-4517-87E4-543EF777886}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{72BFE81D-BCCA-4396-A59C-26863745EAE}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{72E4F198-9341-42C1-923B-742F38435E3}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{73E58F2E-DDCE-45BB-B4D1-CC33D94E648}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74AF64FF-465E-461E-BBB2-0F0436E696C}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{753D618D-EF9E-4557-AAC6-566C585BCBAB}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{758D392B-4267-4253-A8E3-DC1CF43EFFE7}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{75C0DEC5-7817-46DE-90F5-63730193A61}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{75E9CBD3-4A1-4350-A863-B6EB453AC550}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{767C3338-3783-4201-A1AC-9D3B9370C52D}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{76A023CB-E838-440C-A8F5-4E747287B86}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{76BFDE1A-EEA-4958-A16C-B4CCB3BA8468}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{76D2C525-A5CE-422B-9AC9-BC43916F43F}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{779AEFAD-DE0D-4883-A0B2-36F63BE8263D}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{77CC9BC9-3DE7-4D76-82B0-4013D9C8491B}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{77CEB9A5-F735-4A0B-A5D1-AF66D8FD618}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7843F3DB-D313-4519-B41B-874FFBFBFBA}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{784DD1B5-B5F0-4104-9B58-C453DB66D8F9}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7893CFA9-D552-4244-B3AC-5B8C7F56FA5F}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78AF4F64-52D4-4767-93AD-264199F2E}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7925AE10-15B-41B1-B37F-45708CE26522}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{79605150-A246-413A-AB11-CF569B33FE9}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{796B9EA3-EA73-4363-BFE0-5BA2F56EE67}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{79B4C6C8-4B91-4840-8076-B8DCE636886B}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{79B79EFB-2BFF-4B0E-9E87-A773ABCD74A}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A256703-CBE0-4ACB-AA27-8A8B363FE4C1}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A296AC8-1BE1-4FD7-BA7D-C0D846D4BA3}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A947E2-3253-4288-BE59-57A08B606473}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7B8CBFE6-6019-4EF2-9FE5-DF4655651EE}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7B9A0A9C-2592-432E-9350-651D34E41EC}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7C4FB4C-90EB-4CCE-8455-9D4DB6645E8}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7C74361-135F-4D45-8845-6EB69B2B1768}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7CAE52EC-F2E1-4EC5-AB76-6BB8B96C228}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7CF01482-1FBC-40E8-B5CD-1A56129D72C}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7CFF7AC3-307F-4FBE-8AFF-DFEE6F791AC}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7D17C41C-AD57-4BE6-A569-E91848B15E}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7DA228E2-3EB-493B-8275-4A1858CBEE8D}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7DB6E7DF-66F-414D-86F3-ECF110AFC}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7DCBF1CE-1D55-42AF-8D57-B74E3CBBB2F}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7DD6106E-9F8F-4080-B71C-59AC8C7D6}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7E1F410E-CBAD-4780-AEE1-AB7851DC81F}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7E254828-3264-4BB1-8B48-84ECE322B39}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7E8079F6-6659-43ED-AB8A-E2AFE3BF237}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7E9A5846-861-4803-99CA-1220EC3AE5EE}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7EAD4F40-A47D-49F1-A0D0-F8489B49B099}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7EB2781-D9F3-4B32-8254-996AB8919F16}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F2B2D14-802C-4E7B-A3DC-57F9DDBCDD9C}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7FF764BC-4B59-41CB-8B99-BB5A9185DCD}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{80DD0491-F407-42F1-A56A-588091F0C4}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{811C302A-340-4F27-A62C-EE7F12BD8344}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{811FB955-41A6-46F1-9195-A39974384AA}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{813917D4-8531-485D-9822-6677D9A54247}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{818D6916-EB50-493F-81A5-D7D6738542}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{822C3BA5-5131-46CB-92F0-6293B038AC9F}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8237DFA1-9D7A-4C31-8CB1-96B7737D516}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{831914DE-E011-400D-B397-73996F67DAF1}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8322F12E-48EE-44AC-9AEC-8DA161F1DB15}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8344BBC9-9617-4CDE-B766-6E7B63D0395}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8359CB65-50D7-4568-801-101F115FFFD4}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83DA612D-89BB-4989-B23D-538E9C492C51}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83E4E181-2D80-46B4-A9EC-573D75133311}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{843AE7AC-9D64-4040-B01-7BADACA0D3AF}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{84D4BFEA-EA44-4504-9B60-242D68E8AF5C}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{850E2E2-2F4B-4460-AF8D-CADCB6E1800}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{85B449B3-BCEA-4149-9A5D-92E925530AD}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{863D7682-79E9-4155-9194-1CE8699C6085}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8641792F-A9D-4E55-B29B-577BEA874EC}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{865D8028-6CAB-468E-AA46-DBBF8B13384F}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{868CB706-8580-4D44-957D-C88C1718C29}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{86AA13D7-2F34-4C75-90B4-C3D8B3E65343}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{86B494DE-EBA-4E3C-BD7A-32E2E036592C}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{86BA9AEC-DC2A-4EAC-906-52AA464C863F}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{870F2230-A74E-44FB-93D6-B3855D89B1}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8773B0F9-4B9B-4841-8BA6-6214E340F015}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{87B1459C-FF46-4B6C-BADB-726B3B0C777}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{87BAC687-EF-4233-8DE9-3B24363FEAC}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{87F3663D-7345-4B59-A77C-2CE0CF7A35DD}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{885450B6-F323-4D35-AC52-3BFFE06292D0}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{88909401-D954-439C-BB4-7AFE143E176}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{889D8509-5F0E-4B7D-B272-7A8CB7DA77E}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{88ED2E4B-9E9D-404A-AFC5-D8D2BF17BC1E}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8941D252-7EE7-42DA-A5C7-CD6EF061F52}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{89FF5AB4-405-4627-9E5F-423B1C8B1889}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8AB56B50-4882-4348-88C5-1396501841E0}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8B850F6E-D676-4C7C-B9B3-CA4F105B7E}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8B882188-BBC1-422D-9CF0-BF59CCED537}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8B9E533D-9281-4476-9ADE-79E6DCC1454}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8BFF193F-982F-46DF-B3C1-23071D0F631}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C189F2-FB4D-4397-977A-BEC4BAFC79A5}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C2DBD12-FB54-45D6-B264-B3BA16CC3383}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8CBAC185-D4B7-45D3-8A85-BDB4D8E1D14}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8D20CE23-C26C-4F3F-BCDC-8FA44BD5B7FC}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8D55C28F-745F-4B32-BC91-E07DE69D5F69}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8E1E8E53-CAAE-41E1-952-FCE59748EC4}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8E5AB3F8-E2E-4093-82F3-51679B75CAE}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8E8008B9-D44A-45EE-AA67-A731C65DC3}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8EA3112E-295D-4178-9DD2-1B1B45A63C8F}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8EE85148-343A-4691-AC1E-9A5C52319B4F}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8F10F695-2F78-4766-AA7F-A15BE8B21715}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8F515081-DB93-4F83-B944-15ADFC11611B}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{90E1079F-D11D-490E-905F-D2FBBDC71B56}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{91B702DA-1F15-4D4F-A6BD-73C9F6EB908D}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{91EF5D86-5B33-4CDB-AF73-22119D5978A7}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{91F8BACC-8BAC-4F51-B2E2-C65518BE6A73}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{91FCDE5A-16D5-4C40-B197-9C11E8D3389}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{921613E7-D36-44DF-B28A-D5ABB0375F9}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{92348B1C-20C-47E8-B3B-C7772DEDF427}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{92BE67FF-74E3-46D4-BDB2-C086B8D047A}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{92C4402E-FCC9-45EF-BF5C-30957B5BAA54}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{92E5A46-B8FF-406F-B72-E03CC2CC7952}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{937099FC-8355-4E2C-81FE-D0354A3CC1D1}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{93DC8568-ACD9-4833-96DE-1A9C82A2E836}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{94356E02-F3F5-4349-B450-BFACC00E834}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{944210A0-93E4-4DC3-8C61-49F45550E6A2}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{94A30963-1FF7-45EF-B6FB-C74B8CCAFD5A}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{94C567D6-5B40-42B3-92BA-766E309776F8}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{94CA117E-CD2D-4E2F-A57-3F42E56D7F9D}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9566DC8-F2CE-45FD-9845-8B7C67F5487A}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95721B8A-3669-4D0E-A667-EA7BE6142E10}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95761883-B404-46B1-A085-D41F3A13B39}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{96287C7F-5504-45DA-AE5-9FD50D7AD83}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{963EC9F-52E5-438A-96E6-32A5B7FF2D1A}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{964D65C1-FFD1-442C-B7C9-36414BDAAF6}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{965073C9-1C96-4B8A-A1EF-DAB687F2A15F}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{967D1B01-79EB-475D-8469-40EA690D5D1}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9694CEDB-88CA-41B4-A5F4-DCDFB040A1E7}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{96B1253B-78A0-4587-AAA2-33646A29BB47}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9749EF96-1FE1-4BF1-92FF-FB8B1D5B487}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{978B8CFC-BF90-4306-BBBC-BC53E63EF92}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{97946DDD-986F-4F2F-8CC2-9057F0C6B1F}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{97BF25FA-958B-49B0-8833-BFD7F12B61DB}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{983EDC4-7EA1-406C-9974-A0A28FD5CBB1}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{985D2A0A-D38B-430E-A0D7-47A4D4E2E154}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9903BDB3-DC25-41D9-9D29-3D746F7F7887}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9947121D-3A19-477E-984-F3577B99A1A}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{995DFBA3-94A0-4B93-8D4-7056B1D11CBC}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99884686-5D1B-4270-951F-218E4659F7}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99A74FB-2D7E-4B85-8310-FB45A26A5216}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99EC19E0-B06E-488F-8C69-B2F3DDB2969B}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9A5CFE49-D25F-47DE-8A5E-C41BA44B60A7}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9AA2DC68-CFE1-4C00-ADD1-5038F8683F6A}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9B7D4E37-6273-429D-A9DE-52D56D55A15E}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9B8E5D49-D7F0-48C4-B850-6F9163673F89}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9B934212-187D-4ECC-AF62-A3E53890F941}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9BB1999-9F34-43DB-B3EA-E1F6E3FC3F3E}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C047B6E-2FAA-46B5-8C89-4DDFDA7F6A6}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9CC74CF1-670-4D05-84E5-ED2A688DACBB}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9D3D30A-51F0-42C2-B4CE-1B2387C4F16F}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9E0096CC-6786-4657-987A-FDD53BFF7949}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9E33C5A7-35ED-4589-94DC-247668E5371C}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9EBDFB41-2F04-4760-8CB5-33F5A6EF5A3E}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9F4DF572-BF1E-4840-967-F2C95D4CFE6}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9FC0D605-BF88-4779-BEEE-863D8F6D437B}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A0260684-2832-4D28-88E8-1DC3CFB3D44}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A02DE1-91B8-48CD-8EA2-42E7F4747CCF}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A0788FC2-F3F3-4278-8015-AEC834C32A3}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A07BEFA6-9F25-48C7-8A37-6E1EF71F16FF}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A08E2F43-1BC3-4359-ABDA-7865D8F71D20}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A0FBAC3D-9782-490E-AEBB-E23A1FC8297}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A11528ED-A381-4A73-AEC9-2261B8F03B26}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A1AD3DA3-13E0-46BC-B493-E4B980E5883}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A1B2C6B9-5BB1-4318-8CC-3ED2DD1E75C6}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A1C74B46-458E-4A4B-B628-64AE7AF9413}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A2BBC8CB-47A-4C57-8B7C-B3851F952B7}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A2FDC3BF-8BC0-439B-A5A1-43B380F4BB43}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A3A98BFC-62CF-4DC5-A4F1-396672914794}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A3D9475A-174A-4025-AE71-16C705DE186}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A418ED8D-8AC-4D45-AD16-70E60A394AD}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A465907B-11DC-47F8-8469-B1236701EE4}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A47B4BBB-1121-43F8-972F-83FEC7C1242F}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A4F6971A-C4A6-47B8-8D4F-8491ECA36FE}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5484B5F-8886-4DD5-B93F-224A9766E85}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A549D787-2178-436B-BB6-3EFBBFE1D69C}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A555E50-2E7-44F5-90B2-841E264476E}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5990181-45-4FD6-BE59-34756D7B01C}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5F0EEB7-AA03-491E-B8A-6AF8BA795335}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A6EE6C5C-E381-42D6-952B-DBF1ACB87B1}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A7020C9D-A0E6-41AA-B721-1A4BDDF725E}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A72C9684-DAF8-4D17-9854-7F6F7366BF}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A7AF9517-4D24-4778-8DF9-D531384C4ECA}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A7CBA9F7-89C1-4B75-988-7E1FDA16A22}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A7FFAE78-EE66-4C33-899E-DF116AE9CD3}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A820B598-B6DA-4999-8890-5BD5FF1FEE9B}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A8282D69-9EC9-4DBC-B21B-DD35CB48D040}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A82D47C5-BBBB-46D4-BB49-41A21E3EA3}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A83423A2-844-4C94-9068-95B51FEE8150}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A8CF896F-AFDD-4785-A4AE-E315BF83AD31}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A8D94917-6A70-4E27-991C-D3BE7EADBCAE}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A8DDD965-24C5-4A02-AE42-ADB5ECE9E9E}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A90A05E4-858-47B1-8B7F-EDD2DE0055}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A97233EE-5733-4654-AB21-2C1381F2B02}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AA70DEF1-271C-4FDD-8430-F719286B3B83}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AA719565-782-4B0D-BFC2-12D031425697}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AA7F06C5-F629-474D-90C6-9ABFF56B398}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AB291AF-3764-4EB1-A344-EF953CED51A3}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AB2CF2C9-5E18-46C7-944C-9E539D9B8870}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AB33326B-9A65-46E1-970-54126AB166D}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ABD39B8C-652D-450C-989F-B1C93AE1A27C}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC2D34BF-5D99-438A-89D8-8BE1D9DE874}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC3EC18E-5E9C-480D-BCC6-D7C4972246E4}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC6ED4FD-3087-4F5C-ABFD-E5117D97524}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC83A146-D30E-4C72-92BB-3C879CD865E}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ACBD6C74-60D1-448A-8679-AA413140BD7B}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ACFBBC63-4710-4390-8BDE-FF02586333E}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AD1F5355-D82E-49D4-AB92-6CE678598ED}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AD4BCF26-AF41-437A-BDA4-7F4C4CDF3AC1}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ADBC2D69-594A-43A5-A31-EB691218D58C}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ADF60A11-7833-42C4-893B-B6BD4EB189}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AE910B7A-2F7B-49D8-BA5B-59A2CA113F1A}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AE922EE-E9E1-4836-9C6F-91EBF11A8D8A}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AEADA1D0-69FE-49DB-878-C962A77293B8}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AECF00AD-4026-48F8-8372-E8D3CBCB657}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFB03687-C90A-4E81-8BF3-E1BF6C8CBBCC}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B03DA6BC-B6CC-4C1F-AE9-C4B198C7F6A}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B09C1FB6-E86-445C-9631-3E90FCF447DC}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B0AAE18F-E70A-4630-8163-5E7715AE6158}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B0BA1AA9-A0A7-4051-B6A4-267807E1956}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B129B846-56F5-4771-AB80-AD26EC936911}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B1BB5450-6A79-42C8-BCCF-53095DC4E38}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B26D3B3E-DA1A-462F-AEA1-495D87D687A3}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2D64762-AB29-4850-9EC2-B528B134EB}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B3997A5E-1D7B-46AA-9FD6-40FAEEFBC678}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B3A32DB1-C8F2-462A-9A6C-85ED51638040}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B3A4D444-DF2F-4717-8F71-2D30508A68B9}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B3C3753A-2C8B-44BB-9894-ADC9C9D19C6}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B4A790AF-FD8F-4221-B013-31919859FF}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B4FE4D2-8EEC-455A-BB8B-FC66B68394BF}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B513058E-75CB-4009-BC44-80AA5D2465BB}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B52B07F4-9800-4133-A4CD-EABD1F73A55B}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B5341D0C-591D-4B85-95E4-D6A9C2794252}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B53D68DC-72AB-4FEF-8F12-AC398A74427}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B599C9F6-CA2-404E-A315-F6425563C375}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B7700AD0-81D3-4B79-B4AE-8DFF7168E66F}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B7BEE85-6C33-459A-84E2-7BF51E20F342}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B8676382-DED8-422F-BEA9-A6C71ECB3EC}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B8B8605A-8CE5-4431-B3A5-15D7819758A2}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B8EF7C7-E1F5-47ED-A092-28F5268499B4}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B902433E-7893-43C8-813A-75E01C91B7A5}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B909F285-A354-4A47-B5B4-F120A99E59BC}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B90E05D1-2697-415A-8679-7DE8AAF77627}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B9100351-2740-418B-8E74-11CACB96E9A2}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B9826E9-6B9B-46BE-9D7B-9A459F4EE6B3}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B9E778D0-E9F1-4F14-AB18-387598F45EE1}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BA693925-F89-4A0E-9C9B-702445A97D6C}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BA753791-4B5B-4662-8E4B-3C487A823AA}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BA9C6513-3A94-4DC1-80D6-6A2426A13E9}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BAACEA7E-9810-45B7-A5DB-89890F5B1F3}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BAEA7CD7-7081-4CF5-B8CD-C15AF28C28F}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BB37A930-FADD-4674-A6D8-1DED1098494E}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BB6A51A8-F6C6-4A68-BEAE-4D77616D5515}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BB6B0CAC-BE92-447F-B030-B5931EE9CBEF}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BC084006-BC9E-444B-B79D-22DA5CBFFE36}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BCBBA1A-2A6-4605-B222-25795372403A}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BCE7D931-59A1-4FA6-B47E-B5A87746D13}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BD2ADE31-8EBD-4AB7-80BB-FCE1CA785D6}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BDD3BE7B-C453-4719-A173-BE414F28F1}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BDF2A6E-DDA2-457E-B0D8-589A661333A5}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BE3AE8FA-F3F8-42B7-8088-5943F6DAA8}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BEE220F-38BD-44EA-8126-DA4857FCD9B}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BF158341-436E-4CDD-8764-85AFB35681BC}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BF1FE3D6-AFA3-478C-9289-B327566F01D}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BF97F74F-59BC-4C35-8B74-AC6DFB2782A}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BFB22FBE-8809-41A7-801C-CDA656C6DF52}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BFFFFBFB-2E11-4227-804C-C0B7A2C265DA}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C02EA02D-DBA4-49A9-8632-FC8A0ADC081}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C0C3C3-12F6-4FD5-9014-E083954E84EA}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C0DE914D-5182-46F6-AC24-297E90ED7CC8}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C11123E1-9A3-47C4-868D-DCD441124447}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C16BB2F5-A3B6-424F-A28A-9A92AAB94C}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C18FA7FE-391A-43F9-98C3-87EA044C0EF}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C2274C92-60E7-434D-B5D6-D5824BAE068}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C33CF2BB-326D-4D3B-B22C-91A2A33C5C73}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C3DAC024-EA4D-4A2C-85E6-D64FF8F42FCA}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C3E5BE87-96A6-4E91-8344-A9819BC8BCA}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C4B39B6C-C20C-4E10-86C7-684D138BE257}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C4DE8A91-DD45-45B7-8617-6AD33C4C4D9F}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C4EBC8C8-CFAC-4598-817C-F4C9F4B56528}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C518BB2-DF76-4314-BCDC-1F4B338BCA32}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C537D8F-DB76-49C4-BD5F-682FE5D7DAA}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C597C4D8-B37D-4412-83B7-59DE52FA58A8}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C5C06A33-22F7-45D9-B7A6-8C8568AC473}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C6467FBD-5CE1-4EE3-A3C-C21276F323B2}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C70D01A7-E6FE-409C-9265-EC2DDA181B4}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C75925E9-DA4C-4024-9EAB-8C35ED2223D}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7A197F6-88F9-4DA0-AD22-33B186673B89}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C905D145-94B2-40D1-B423-79808BF99AA}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C92235B9-2C3F-4A31-BBD2-6FA3B4C74EE6}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C98696D2-1F12-4126-9D7-6CB43962CFE4}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CA846D88-21ED-46BE-8EBA-4731EEB83AC}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CAA68CF-E131-4D8F-8F3B-9E3C227B8E38}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CAD98F8E-1553-4E63-B72C-92D730FCE4}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CBE5E9D2-AB55-43C0-A2C0-165742D1920}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CC2C2A90-FD2-4058-B9EF-E71FABB353}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CC4C37D2-E36B-4A3B-93D1-53BB554FAE50}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CC7A7DD5-654E-4DB6-9EE4-DD454A51707A}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCA9E57E-DA19-4650-97A4-EFCA282BCD}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCEB7CE-867E-4DA5-A890-227D467B333}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CDF03BA9-BF78-4424-9A44-5E31C4DCE160}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CE519332-38D0-40D1-BFEB-AE104F1A5D8}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CE6B5B2A-971E-4B50-B070-E85F16B9A638}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CEBAD54B-220E-4378-A26D-E57F9C41C6BD}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CF252B1A-4F20-4EC7-98CA-B2D6C97AFBA}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CF7DD207-34DA-45D1-A9BC-123D16367828}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D014B405-7033-4FB8-B982-60C42C61DFC}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D0281378-3719-4C3C-949A-595AD8F8E16}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D04096C9-DC19-42D0-92F3-50E629D7ED7}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D08ECFD4-230E-427D-8CD9-EC6A833DBB91}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D10D8B72-A08A-415C-863D-59F46C2734F}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1687D25-4ADF-4FB9-871D-76C67BD8AD21}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A21E3A-B909-43B1-9A36-22FE14D699E}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1DA218A-B748-4D78-A761-5FCD8F5A79F1}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D2248BED-14CB-4E74-8EE1-A289C732CB98}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D28B29F1-9985-4997-B866-17C98D59A4}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D30ECD1B-54F4-43EE-949A-A3DF657C4F36}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D35DC5B9-411A-40DF-A767-7872228D5EE}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D3A92D6C-E56F-4D1F-ADB9-ACF843EAADC2}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D3F475A-79C0-4D3C-B8F8-4C551D5D14EB}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D4F8CFDB-3A-409C-BBA4-A3D68CB3DCFA}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D57CEE08-4A85-44A0-B82C-668228C9A8C6}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D59DE0C5-9F06-4A0F-9DEB-F02EA5EDB85}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D5A8C32C-D555-4594-90A4-A71FBB3C68A}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D603504A-F426-4C35-920-80B3FB2D519B}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D6B82FA1-D60D-4618-95BD-914691C1D34B}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D6B8CB5B-7E03-43C8-B668-7611DB1DD87}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D70705BA-4CC5-4678-8381-2A65FF38542}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D788319F-8CE-4928-A849-17AECE933CA}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7996802-D307-4DE2-B6CF-9822085D22F}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7B27265-589-46E0-9752-3E18629786C6}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D833575D-9932-4EAE-8826-8A34954C6A68}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D8C52F41-CD2-43FC-8FB6-B4E37CCF5399}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D8CCF6B7-68EF-405E-BFC-89A1F4E2289F}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D906A0F-4D92-4B51-A47-7D3DDC390A3}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D91BD66-4259-4399-A3B7-2472FCF45D5D}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D93737B5-F29E-4659-BA85-FE10186FD68A}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D967BC27-934-459C-8F52-BD98BAD1856F}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D971D4D-C2D8-4C38-B827-B235552F78E1}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D986832B-A723-4317-84A-5C24B648CCD2}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D9879671-6099-4D61-8061-2F355456585}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DA71C039-A0FD-434E-A564-8DF669EA4716}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DAEFF0D7-902E-4482-B3C5-D46C690D934}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DAF6FCA1-EC-4563-B6ED-CB1381B3DFF6}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DB307ABF-D157-4D5E-8E47-17719D237F12}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DB6005A2-54A0-406C-85A1-6559813DD0A5}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DB627857-3549-4041-AB68-286AECF03D75}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DB7C4DF5-1593-4280-A966-1712FE473F10}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DBA6D94B-4C9F-4649-882C-C56795FC57DD}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DC0F37B1-5C76-4C35-91D5-CD3C3AFDA81}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DC1D1CAC-94B2-4D98-BCAB-636D1DFB14F}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DC4741B6-4953-4FB8-ACC9-8147E06B25FB}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DC483DC4-A645-438D-A73-437984A68A70}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DCE542F1-5630-4882-BDCD-37E620E3A65}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DD11C260-4066-49B9-B4DD-BA5DDFE44BE}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDE2296F-BFE4-4302-8C66-DE2A095C38A}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDE72BC-164E-49F6-9C8F-354DABEAF864}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDFB640C-CE0C-4CF3-A36E-318C3D295940}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DE1A9487-3D64-4433-8952-26ABB174E12}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DE2B4E40-4545-4450-A1DD-9FD1BBD8614}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DE673B87-CB2B-48E8-B62-C572ECF0FBE9}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DE877BF7-4E9-4710-BDC9-5B496E2CEF32}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DEC5C943-9C2F-448B-BAD2-5EC63525E9E}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DF3345AE-21C3-4169-9768-AF33E8CA84A}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DF99266C-AB1E-4CB4-AAF1-D27C88EA426}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0812AC8-E7C-41DA-9090-E83A181C7E48}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E117EAC8-ABB5-4978-81A8-96BB6D357DF}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E179235A-30DD-4E65-A877-A69C71CFC0F2}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E1D5C299-E1CC-48C8-88DB-D4F9ADC8C7B}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E20F2F01-99DF-4F53-B2C-C4CE252FDFB9}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E26BF7F3-3F31-4F19-B7E4-8F916A3A1676}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E26CBC16-9C66-4EAC-96B5-71A67C93270}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E2BE8C7E-39EA-40B3-B38-C8F39F96ADFC}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E2F98EE8-EA1E-412C-9B8-757ACFFD46B7}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E310E6CD-3105-48E6-8594-E2B1D61C9ABA}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E319D8DD-B23A-4F0A-BD55-9C3DF7F79282}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E3330FD7-34D1-4C67-B0F1-5B7479FF21F3}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E3CB95A4-2412-4BEA-9F60-CE9CF8B6C29}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E40382AA-4C7D-429A-B94E-65261ED34A2}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E403CB93-82DB-41C2-9B22-607A6A04FB3}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E462A49-B3AA-4F80-91F5-F48D36AB0C5}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E4B3857D-1CFD-4750-9BBC-56B18A63EC7E}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E4BCE3AB-73FA-43F5-903B-C129D25EDAE}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E4F3A2F5-6522-4A6D-B965-BFB1C2DFD2A}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E611F3E7-8744-4D21-B817-EA3A7FAA3AA}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E61E0BDF-5D01-494D-AAF9-51A02B86FA1}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E627958-BAD4-49F9-9CAB-7166E6C43955}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6AB71E1-7606-4FF1-B01A-B1A525ECF49}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6CD5EDA-F1B9-4749-8270-1FF486C99F29}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E83AB256-8860-46FE-8A87-984CD88A2FF}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E869F20D-415-48CA-8839-1EF96C61950}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E982981-E528-4871-BF77-86DAB9C5254}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E99A5A02-6B5-4813-B682-CFDEC212644}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E9BD90F7-1C-4658-851F-398C7484D70}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EA5017C0-B1F8-4E9A-B955-50AA14239A0}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EAC9DF8D-E7-4F4F-9212-3E382217D4B4}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EB1A575B-328D-4436-A259-344795A589D9}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EB5D19DE-C0F0-44F1-9C17-F59DF329A5B2}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EB6E0DA4-C17E-4D9D-BC8-97C8543CBED4}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EC0E230C-DF3C-4ECB-AE93-1439F59945B}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EC13E565-203C-4989-A244-8A0D8CBE75}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EC4E5D4A-418-4AD4-AF72-98ECD848F74C}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EC54FEA7-575-490F-B253-C1792A68BDA2}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EC63FBB2-2DF9-43D5-BC76-C33252AE7C28}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EC9AE6C2-22EC-4CE1-943-BCC71920432}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ED2B08BF-813-4DC8-A6CD-A2273BAE7A1A}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ED46B474-766B-4E0F-8D3-5F6DEBB15B6C}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EED29755-52B3-4FFB-9526-43465F877E3B}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEF48FDE-60C5-41E4-9515-3184CCF8EE6}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EF04816F-A3D8-4304-A2DE-9625F2991442}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EF0BA95C-A667-49B8-957-9C9D795A5F9F}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EF318C71-D5CC-4473-8D7B-A7FC522FA9B1}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EF59A5DB-E9A2-425F-84BD-EA2BEE1EFCD}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EF9D1D0E-A5C2-49B5-B9C5-60C2884997B}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EFA8B469-2BDB-48F0-BD64-7AD6F8A7C4A}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EFBE4DC7-478-40FB-B7C2-2EF5639188AB}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F032EF93-5EFE-46F9-9EB1-92147E6FE7FC}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F085299F-508-41EF-A5B3-6E7229175E81}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F103ED5E-D70E-4E3C-A783-BCF4E614CC3C}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F197B801-2946-4D7E-81DE-AE2E2082FC4}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F1997F6-86F7-4309-A3FC-C27F63C676FF}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F265895F-6A8C-467F-8BEE-FAD3D46F8FC5}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F26CE3B6-2FBD-4CEC-8EF7-8371B339B62}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F2B17239-1DD9-40D0-ABA7-5EAAE582984D}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F307AB8B-3B32-4FC3-81F6-748972A48F3E}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F382AFB5-DF15-4C4B-8BCC-72409D33EFF9}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F3D26039-9566-43CC-96A0-6696A20B5DD}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F479395A-4050-4F74-B668-69F57F1E3037}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F4E4D0F5-60E7-40F1-99C-345750D5DF4C}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F4F115DE-F3F9-4B9F-8759-C0850A5E69A}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F53F59DB-CD47-4314-A4D-E398C9D37BD1}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F56C3AA5-957D-4AC2-95D4-070B2DFDAE}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F5D34689-1D22-4FC1-80C3-971CE179DE4}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F66DCBE7-BE62-4BF8-916E-284D1D296D}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F6A480CC-F995-4380-A8B-E8BDDDB0D796}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F6E96AA8-985E-4781-8427-32A41F889F55}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F7E4FC5B-2E1D-41E7-B04F-79C083A9293E}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F801559A-193B-4F4D-A569-D3602F19F05A}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F840D85-AAD2-4BF3-9152-5517D2B84EDD}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F8F46CE5-F3D1-4F3C-94E9-2419432A6EDA}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F90D0380-929A-4E21-AF1D-F366948F811}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F93A4BD6-C0D6-4C4F-92E9-558DD3F6C713}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F99D05DB-DD40-4FFC-ABB5-974FCEC8E368}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9A7692A-5B4-4005-9D2F-9F533F7A5CA6}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAB7DC3B-103A-457B-A3B2-E515E3E3EC4}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAB8FA88-F27B-4D05-B198-8F277F8121C6}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FADAEC2F-AA9C-46DD-A1C0-42B66A5A3EC}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FB449C-8029-4614-9B81-645FC04F3B16}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FB6528A5-1E88-4C1C-943C-FDB136AFE03C}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FBB8A9A5-20AE-447E-A714-2E4659F0B54C}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FBC87718-BF75-440E-ADF7-6F6CBD7D115F}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FBEE8091-8C61-4E81-91CA-D6E2FF49C20}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FCAFB244-1FD6-447D-8D77-2CDD7B93A64}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FD109CBA-5BBA-4C3F-ACF5-DCBB2666876E}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FD15B603-C06-4940-B13C-E4B4F7CC6AF}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FD252701-ACEC-4E09-903F-AA51BCB7E60}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FD30490F-4495-42CB-8569-6060B574BD43}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FD306F25-E189-4410-A663-35A8E475BA2}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FD571F33-6373-431A-8DA-1924A6F1A85}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FD6D1527-DCD-4E64-86BF-752492AEFFF2}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FE24E015-7BF8-41EB-B4E3-FF871157A0A0}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FE3C92AB-FC58-41D6-9CE6-1422F0A74B1A}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FE840B2C-E74-4DFF-8942-B6B358FE4CF7}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FEC2F178-28D3-436A-89B1-F6ED0728C21}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FED389C4-B73A-438E-8135-978A1E05B95}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FF65BF64-1405-4156-AAF-67B9F54C7877}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FFF4EFB7-8858-480E-B5B8-A189D77E841E}
Deleted HKCU\Software\AppDataLow\Software\Smartbar
Deleted HKCU\Software\Conduit
Deleted HKCU\Software\GotClip Downloader
Deleted HKCU\Software\Microsoft\Gosearch
Deleted HKCU\Software\Microsoft\Gosearchq
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall
Deleted HKCU\Software\Seznam.cz
Deleted HKCU\Software\Xpom
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{0134DB22-E08E-4900-828A-D82E23CF5EDD}
Deleted HKLM\Software\Wow6432Node\\MICROSOFT\MEDIAPLAYER\SHIMINCLUSIONLIST\amigo.exe
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AE298D-7E8A-4F53-BE55-15D2B065F6C0}
Deleted HKLM\Software\Wow6432Node\{DAF8B7E5-449D-4180-8281-10E536E597F2}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [116359 octets] - [16/07/2019 00:05:04]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Poprosim o obidva logy z FRST (FRST.txt a Addition.txt) podla tohto navodu: https://forum.viry.cz/viewtopic.php?f=13&t=154679

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-07-2019 01
Ran by Uzivatel (16-07-2019 09:10:59)
Running from C:\Users\Uzivatel\Desktop
Windows 10 Home Version 1803 17134.885 (X64) (2018-05-21 05:08:23)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1332348435-3952591356-909228679-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1332348435-3952591356-909228679-503 - Limited - Disabled)
Guest (S-1-5-21-1332348435-3952591356-909228679-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1332348435-3952591356-909228679-1002 - Limited - Enabled)
UpdatusUser (S-1-5-21-1332348435-3952591356-909228679-1003 - Limited - Enabled) => C:\Users\UpdatusUser
Uzivatel (S-1-5-21-1332348435-3952591356-909228679-1000 - Administrator - Enabled) => C:\Users\Uzivatel
WDAGUtilityAccount (S-1-5-21-1332348435-3952591356-909228679-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.223 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.142 - Adobe Systems Incorporated)
AIMP2 (HKLM-x32\...\AIMP2) (Version: - AIMP DevTeam)
Akamai NetSession Interface (HKU\S-1-5-21-1332348435-3952591356-909228679-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Aktualizace NVIDIA 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ASUS nVidia Driver (HKLM-x32\...\{1A1FA4C1-2701-401C-8CE1-FDDE45304FF5}) (Version: 1.00.0000 - ASUSTek) Hidden
aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 2.9.1347 - DsNET Corp)
Autodesk Content Service (HKLM-x32\...\{62F029AB-85F2-0000-866A-9FC0DD99DDBC}) (Version: 3.0.84.0 - Autodesk) Hidden
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.0.84.0 - Autodesk)
Autodesk Content Service Language Pack (HKLM-x32\...\{62F029AB-85F2-0001-866A-9FC0DD99DDBC}) (Version: 3.0.84.0 - Autodesk) Hidden
Autodesk Inventor Fusion 2013 (HKLM\...\{FFF5619F-2013-0064-A85E-9994F70A9E5D}) (Version: 2.0.0.206 - Autodesk, Inc.) Hidden
Autodesk Inventor Fusion 2013 (HKLM\...\Autodesk Inventor Fusion 2013) (Version: 2.0.0.206 - Autodesk, Inc.)
Autodesk Material Library 2013 (HKLM-x32\...\{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2013 (HKLM-x32\...\{606E12B9-641F-4644-A22A-FF38AE980AFD}) (Version: 3.0.13 - Autodesk)
Autodesk Sync (HKLM\...\{EE5F74BC-5CD5-4EF2-86BA-81E6CF46A18F}) (Version: 3.5.24.0 - Autodesk, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BrLauncher (HKLM-x32\...\{EF7AC07F-8DC8-4446-918B-3FD544496894}) (Version: 2.0.10.0 - Brother Industries Ltd.) Hidden
BrLogRx (HKLM-x32\...\{190861E7-09C5-42D8-BB4B-0AFB234BCFC1}) (Version: 1.0.3.1 - Brother Industries Ltd.) Hidden
Brother iPrint&Scan (HKLM-x32\...\{0BAF6C40-0B74-4331-8EAA-06ECF6445182}) (Version: 3.0.0.10 - Brother Industries, Ltd.) Hidden
Brother iPrint&Scan (HKLM-x32\...\{80e3f154-59fa-491e-911b-98caf1c71120}) (Version: 3.0.0.10 - Brother Industries, Ltd.)
Brother Port Driver (HKLM-x32\...\{76627C3B-4CE9-498A-B587-02063E190005}) (Version: 1.0.1.1 - Brother Industries Ltd.) Hidden
Brother Printer Driver (HKLM-x32\...\{00B68BA3-39B0-47CF-850C-BD92253C3D1A}) (Version: 1.3.0.0 - Brother Industries Ltd.) Hidden
Brother Scanner Driver (HKLM-x32\...\{BECAE854-AD40-4351-87F8-998C34EFE54A}) (Version: 1.0.13.1 - Brother Industries Ltd.) Hidden
BrSupportTools (HKLM-x32\...\{85B3C0BD-7326-4860-9471-A5D97A1F7D59}) (Version: 1.0.19.0 - Brother Industries Ltd.) Hidden
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.62.1068 - AB Team, d.o.o.)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.4.1.3099 - CDBurnerXP)
ControlCenter4 (HKLM-x32\...\{9091B952-8719-49C3-9CC7-6E20EC61081F}) (Version: 4.6.6.1 - Brother Industries, Ltd.) Hidden
ControlCenter4 CSDK (HKLM-x32\...\{FD8A9511-BFC9-43B5-BB75-9CEC0EA03CF0}) (Version: 4.6.1.1 - Brother Industries, Ltd.) Hidden
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DWG TrueView 2013 (HKLM\...\{5783F2D7-B028-0409-0100-0060B0CE6BBA}) (Version: 19.0.55.0 - Autodesk) Hidden
DWG TrueView 2013 (HKLM\...\DWG TrueView 2013) (Version: 19.0.55.0 - Autodesk)
ESET NOD32 Antivirus (HKLM\...\{8D6D29ED-01AC-4A00-8F30-69E1246E4EC3}) (Version: 5.2.9.12 - ESET, spol. s r.o.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
Fotogalerie (HKLM-x32\...\{A1FBD2B3-6768-472D-BA46-C00EACBCE16C}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
GeoGebra 4.2 (HKLM-x32\...\GeoGebra 4.2) (Version: 4.2.47.0 - International GeoGebra Institute)
GIMP 2.8.4 (HKLM\...\GIMP-2_is1) (Version: 2.8.4 - The GIMP Team)
Google Earth Pro (HKLM\...\{70A0F34E-564B-4F93-ADD6-3BAEC6E44075}) (Version: 7.3.2.5776 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.103 - Google Inc.)
Google Photos Backup (HKU\S-1-5-21-1332348435-3952591356-909228679-1000\...\Google Photos Backup) (Version: 1.1.4.11 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games)
HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2189 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
iTunes (HKLM\...\{955524E7-79EB-4CA9-BA4D-FD2DF587651B}) (Version: 12.4.3.1 - Apple Inc.)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{400C31E4-796F-4E86-8FDC-C3C4FACC6847}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
K-Lite Codec Pack 8.8.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 8.8.0 - )
Malwarebytes verze 3.0.5.1299 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.5.1299 - Malwarebytes)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{59E4543A-D49D-4489-B445-473D763C79AF}) (Version: 2.0.672.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.10730.20334 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0405-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1332348435-3952591356-909228679-1000\...\OneDriveSetup.exe) (Version: 19.103.0527.0003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 (HKLM\...\{91415F19-4C22-3609-A105-92ED3522D83C}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Movie Maker (HKLM-x32\...\{A035950F-15BA-41C0-9D8F-165FC0536012}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{ED6C77F9-4D7E-447C-9EC0-9A212D075535}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Nástroj k rychlé odinstalaci produktu Autodesk Inventor 2013 (HKLM\...\{D25FF5C1-1764-469A-9794-69309387C193}) (Version: 17.0.13800.0000 - Autodesk)
NetworkRepairTool (HKLM-x32\...\{86E68F57-FAFE-4052-BDD4-3B90C38236AE}) (Version: 1.2.16.0 - Brother Industries, Ltd.) Hidden
Nuance PaperPort 14 (HKLM-x32\...\{24510774-4424-46C2-8FB7-5DE0C945ED2B}) (Version: 14.5.0006 - Nuance Communications, Inc.)
Nuance PDF Viewer SE (HKLM-x32\...\{D8151965-282B-4EB6-A3F1-68AB555D8423}) (Version: 7.20.3230 - Nuance Communications, Inc.)
NVIDIA 3D Vision Controller Driver 267.85 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 267.85 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.10730.20334 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.10730.20334 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.10730.20334 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.10730.20334 - Microsoft Corporation) Hidden
OpenOffice.org 3.3 (HKLM-x32\...\{D5B94160-4A07-4956-9C73-8C5EEFEF180F}) (Version: 3.3.9567 - OpenOffice.org)
Ovládací panel NVIDIA 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.13 - NVIDIA Corporation) Hidden
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0002 - Nuance Communications, Inc.)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{D4B07658-F443-4445-A261-E643996E139D}) (Version: 4.3.2 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{A6B0442B-E159-444B-B49D-6B9AC531EAE3}) (Version: 4.3.2 - Apple Inc.)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.23.623.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6167 - Realtek Semiconductor Corp.)
ScannerUtilityInstaller (HKLM-x32\...\{5B645FE2-19E9-4B15-B5B2-3D8766F6FA27}) (Version: 1.0.0.0 - Brother) Hidden
Scansoft PDF Professional (HKLM-x32\...\{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}) (Version: - ) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SoftwareUpdateNotification (HKLM-x32\...\{C2430580-570A-48D4-BF61-FA55E35BD052}) (Version: 1.0.8.0 - Brother Insutries Ltd.) Hidden
Spotify (HKU\S-1-5-21-1332348435-3952591356-909228679-1000\...\Spotify) (Version: 1.1.10.540.gfcf0430f - Spotify AB)
StatusMonitor (HKLM-x32\...\{40578A7A-6E36-457F-A4F0-45BC37EB61FD}) (Version: 1.20.1.0 - Brother Insutries Ltd.) Hidden
System Requirements Lab CYRI (HKLM-x32\...\{943A8D28-80D6-41DC-AE94-81FEB42041BF}) (Version: 4.5.1.0 - Husdawg, LLC)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.93450 - TeamViewer)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.0.632 - Electronic Arts)
TL-WN721N/TL-WN722N Driver (HKLM-x32\...\{38A1E3ED-D913-41D2-9953-A93D5ACE3ADF}) (Version: 1.0.0 - TP-LINK)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
UsbRepairTool (HKLM-x32\...\{F8762A81-32B5-4144-9F3C-9274F515A651}) (Version: 1.4.0.0 - Brother Industries, Ltd.) Hidden
VBA (2627.01) (HKLM-x32\...\{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}) (Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VLC media player 2.0.1 (HKLM-x32\...\VLC media player) (Version: 2.0.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-1332348435-3952591356-909228679-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Wondershare Dr.Fone for iOS(Build 6.7.2.2) (HKLM-x32\...\{A26F8BBD-EC10-4bdc-8AD8-F146825A8A63}_is1) (Version: 6.7.2.2 - Wondershare Software Co.,Ltd.)
Zoner Callisto 5 (HKLM-x32\...\{4F62B1AE-E778-49E2-9C57-C1C65A122098}) (Version: 5.0.5000.15 - ZONER software)

Packages:
=========
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.137.700.0_x86__kgqvnymyfvs32 [2019-04-27] (king.com)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Průvodce pro telefon -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1802.311.0_x64__8wekyb3d8bbwe [2018-03-09] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-07-15] (Microsoft Studios) [MS Ad]
Microsoft Telefon -> C:\Program Files\WindowsApps\Microsoft.CommsPhone_3.43.20002.1000_x64__8wekyb3d8bbwe [2018-09-09] (Microsoft Corporation)
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.30.10924.0_x64__8wekyb3d8bbwe [2019-04-27] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.29.10701.0_x64__8wekyb3d8bbwe [2019-04-27] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe [2019-02-15] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.28.3242.0_x64__8wekyb3d8bbwe [2018-12-23] (Microsoft Corporation) [MS Ad]
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11425.20190.0_x64__8wekyb3d8bbwe [2019-04-27] (Microsoft Corporation) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-09] (Twitter Inc.)
WindowsDVDPlayer -> C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe [2015-11-27] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2013\en-US\dwgviewrficn.dll (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => No File
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6723984 2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4222864 2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2012-02-07] (Autodesk, Inc -> Autodesk, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2012-02-07] (Autodesk, Inc -> Autodesk)
ContextMenuHandlers1-x32: [AIMPClassic] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP2\System\aimp_shell.dll [2009-03-06] (AIMP DevTeam) [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2016-12-14] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4-x32: [AIMPClassic] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP2\System\aimp_shell.dll [2009-03-06] (AIMP DevTeam) [File not signed]
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2016-12-14] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

ShortcutWithArgument: C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Spouštěč aplikací Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list

==================== Loaded Modules (Whitelisted) ==============

2016-07-29 17:06 - 2017-12-22 12:53 - 000122880 _____ ( ) [File not signed] C:\Program Files (x86)\Browny02\brlmw03a.dll
2016-11-25 10:18 - 2016-11-25 10:18 - 000139264 _____ () [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2016-07-29 17:06 - 2017-12-22 12:53 - 000025299 _____ () [File not signed] C:\Program Files (x86)\Browny02\brlm03a.dll
2017-03-22 17:21 - 2018-01-18 15:39 - 000519168 _____ () [File not signed] C:\Program Files (x86)\Browny02\BrMonitor.dll
2016-10-04 14:25 - 2018-01-18 15:39 - 001720832 _____ () [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonWRes.dll
2017-04-05 09:53 - 2017-11-07 19:55 - 000137728 _____ () [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcAssoc.dll
2017-01-27 15:39 - 2017-08-18 11:23 - 000087552 _____ () [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcDlgRc.dll
2017-01-27 15:39 - 2017-08-18 11:23 - 017974784 _____ () [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcGrImg.dll
2017-01-27 15:33 - 2017-11-07 20:04 - 000090112 _____ () [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcLCze.dll
2017-04-05 09:53 - 2017-11-07 19:55 - 000440832 _____ () [File not signed] C:\Program Files (x86)\ControlCenter4\Track.dll
2012-05-24 13:48 - 2010-05-06 06:15 - 001892352 ____R (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll
2012-12-05 12:29 - 2012-12-05 12:29 - 004883456 _____ (BCGSoft Ltd) [File not signed] C:\Program Files (x86)\Nuance\PaperPort\BCGCBPRO1100u100.dll
2012-12-05 12:29 - 2012-12-05 12:29 - 000036864 _____ (Black Ice Software, Inc.) [File not signed] C:\Program Files (x86)\Nuance\PaperPort\blicectr.dll
2016-11-25 10:18 - 2016-11-25 10:18 - 000225280 _____ (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogRx.exe
2017-04-05 13:35 - 2017-04-05 13:35 - 003581952 _____ (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe
2017-03-30 16:39 - 2018-01-19 11:26 - 002976256 _____ (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
2017-03-22 17:21 - 2018-01-18 15:39 - 000314368 _____ (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrYNSvc.exe
2016-12-28 23:58 - 2016-12-14 14:14 - 001606656 _____ (Igor Pavlov) [File not signed] C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\7z.dll
2012-05-24 13:48 - 2010-05-06 07:30 - 000014336 ____R (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\AMT_COM_InterfaceLib.dll
2012-05-24 13:48 - 2010-05-06 06:15 - 000454656 ____R (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\AMT_SW_GUI.dll
2012-05-24 13:48 - 2010-05-06 07:31 - 000229376 ____R (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\cs-CZ\PrivacyIconClient.resources.dll
2012-05-24 13:48 - 2010-05-06 06:11 - 000069632 ____R (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll
2017-02-09 18:58 - 2016-12-29 14:43 - 000339072 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\_nvstapisvr64.dll
2016-12-28 23:57 - 2016-12-08 11:15 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\iconengines\qsvgicon.dll
2016-12-28 23:57 - 2016-12-08 11:15 - 000038912 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qdds.dll
2016-12-28 23:57 - 2016-12-08 11:15 - 000024576 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qgif.dll
2016-12-28 23:57 - 2016-12-08 11:15 - 000030720 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qicns.dll
2016-12-28 23:57 - 2016-12-08 11:15 - 000025600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
2016-12-28 23:57 - 2016-12-08 11:15 - 000243200 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qjpeg.dll
2016-12-28 23:57 - 2016-12-08 11:15 - 000019456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
2016-12-28 23:57 - 2016-12-08 11:15 - 000018432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qtga.dll
2016-12-28 23:57 - 2016-12-08 11:15 - 000313344 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qtiff.dll
2016-12-28 23:57 - 2016-12-08 11:15 - 000017920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qwbmp.dll
2016-12-28 23:57 - 2016-12-08 11:16 - 000324608 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qwebp.dll
2016-12-28 23:57 - 2016-12-08 11:15 - 000966656 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
2016-12-28 23:57 - 2016-12-12 11:15 - 004679168 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
2016-12-28 23:57 - 2016-12-08 11:11 - 005017600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
2016-12-28 23:57 - 2016-12-08 11:10 - 000669184 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
2016-12-28 23:57 - 2016-12-08 11:18 - 002497536 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
2016-12-28 23:57 - 2016-12-08 11:20 - 002572800 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
2016-12-28 23:57 - 2016-12-08 11:15 - 000251904 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
2016-12-28 23:57 - 2016-12-08 11:14 - 004480512 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
2016-12-28 23:57 - 2016-12-08 11:21 - 000013312 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
2016-12-28 23:57 - 2016-12-08 11:27 - 000697856 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-12-28 23:57 - 2016-12-08 11:25 - 000070144 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-12-28 23:57 - 2016-12-08 11:21 - 000013312 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
2016-12-28 23:57 - 2016-12-08 11:27 - 000095744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\scenegraph\softwarecontext.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1332348435-3952591356-909228679-1000\...\sharepoint.com -> hxxps://vse-files.sharepoint.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2015-08-19 11:09 - 000000035 ____C C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1332348435-3952591356-909228679-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Uzivatel\Desktop\thumb-1920-118821.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{FB91BA9D-EC09-4702-8E25-48258AD74F8F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{7D6972A2-A184-4D56-B1BA-7D033898F866}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{F394631B-C2D2-43A6-BB8A-8E29F22283B3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{9AC93D66-3A39-4021-A435-6D9D60312574}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [UDP Query User{0DA83B48-4B9B-41B7-A037-00BE032B4868}C:\users\uzivatel\desktop\hello neighbor alpha 1\helloneighbor\helloneighborreborn\binaries\win64\helloneighborreborn-win64-shipping.exe] => (Allow) C:\users\uzivatel\desktop\hello neighbor alpha 1\helloneighbor\helloneighborreborn\binaries\win64\helloneighborreborn-win64-shipping.exe No File
FirewallRules: [TCP Query User{5B5FE18E-3A8E-4A2C-80D7-2EF385CC5C0D}C:\users\uzivatel\desktop\hello neighbor alpha 1\helloneighbor\helloneighborreborn\binaries\win64\helloneighborreborn-win64-shipping.exe] => (Allow) C:\users\uzivatel\desktop\hello neighbor alpha 1\helloneighbor\helloneighborreborn\binaries\win64\helloneighborreborn-win64-shipping.exe No File
FirewallRules: [UDP Query User{EE2DB245-E2F4-47F1-B8F0-6C8BA8B9E032}C:\users\uzivatel\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\uzivatel\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{E6493083-55FF-465D-BCD4-6F9BE97B7342}C:\users\uzivatel\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\uzivatel\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{06B07967-9853-4DD6-BF95-25E53018236D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe No File
FirewallRules: [UDP Query User{B950E3B6-07A0-45C4-BA93-BCBE7DC329D5}C:\users\uzivatel\desktop\quake3\quake3.exe] => (Block) C:\users\uzivatel\desktop\quake3\quake3.exe No File
FirewallRules: [TCP Query User{83C59B22-B728-4B10-BB58-52B5FE37B48C}C:\users\uzivatel\desktop\quake3\quake3.exe] => (Block) C:\users\uzivatel\desktop\quake3\quake3.exe No File
FirewallRules: [UDP Query User{A69D545F-201A-4F3B-A402-AC4C71F50FF0}C:\users\uzivatel\desktop\quake3\quake3.exe] => (Block) C:\users\uzivatel\desktop\quake3\quake3.exe No File
FirewallRules: [TCP Query User{019D3F60-AE5E-4463-912C-7AA3ED55CC82}C:\users\uzivatel\desktop\quake3\quake3.exe] => (Block) C:\users\uzivatel\desktop\quake3\quake3.exe No File
FirewallRules: [{CD5185CF-59F4-44BB-AA13-E2054F6E862E}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe No File
FirewallRules: [{41CDF881-1447-4E61-A8C7-C6ECD587642F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{7244830C-1318-4ABC-839D-87CF9A68E915}C:\users\uzivatel\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\uzivatel\appdata\local\akamai\netsession_win.exe (Akamai NetSession Client, Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
FirewallRules: [TCP Query User{34517093-3691-497E-915E-E1B1D733AFF8}C:\users\uzivatel\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\uzivatel\appdata\local\akamai\netsession_win.exe (Akamai NetSession Client, Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
FirewallRules: [{E7A6DE1B-07B3-40C7-8319-3CAF27CB6A05}] => (Allow) LPort=50248
FirewallRules: [UDP Query User{9E84F529-1487-4685-803E-1E29D09C19A1}C:\users\uzivatel\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\uzivatel\appdata\local\akamai\netsession_win.exe (Akamai NetSession Client, Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
FirewallRules: [TCP Query User{02F79BC6-EDC9-4246-AF5F-9313ED710C74}C:\users\uzivatel\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\uzivatel\appdata\local\akamai\netsession_win.exe (Akamai NetSession Client, Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
FirewallRules: [{ADD77967-81B9-415C-A020-8E2019FE329B}] => (Allow) C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe (Sony DADC Austria AG) [File not signed]
FirewallRules: [{3ED7FA36-FC56-4323-87BF-3A45E180A377}] => (Allow) C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe (Sony DADC Austria AG) [File not signed]
FirewallRules: [{AB791A3E-5DFE-45CA-B7DE-0E21C2D41B31}] => (Allow) C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe No File
FirewallRules: [{091CE895-1009-4DED-AFFF-3BCAD5050F9E}] => (Allow) C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe No File
FirewallRules: [{1AF31285-EF33-4B0C-AF0B-725C9818D950}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{34228315-E3C4-4181-B297-ABD5E6051BD5}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DD13C6C2-CD06-4818-8FEB-D588E1BB15FB}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{02023711-1716-4A96-A11D-E4A19728DFDA}] => (Allow) LPort=1900
FirewallRules: [{DE22AF4E-1B78-41EC-8300-19620F1CCBD1}] => (Allow) LPort=2869
FirewallRules: [{FF1778A3-5DB2-4ADB-BC5A-A7FC1A8A9A7D}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A30CD7E5-A587-44E9-A800-31E1C108C68E}] => (Allow) C:\Users\Uzivatel\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe No File
FirewallRules: [{21D9262F-A544-46D3-A024-91302260E9F2}] => (Allow) C:\Windows\SysWOW64\msiexec.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{8E32E599-6366-4B22-8FF7-74005C1EB03B}] => (Allow) C:\Windows\SysWOW64\msiexec.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{404A4AE2-3B2C-4384-ABCC-A78FD887E797}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [TCP Query User{49F945EC-76AF-4A4A-A2A3-8C4F28F0D1C8}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{3EBB6B03-9EE4-4FCE-949B-8D0D2967C42C}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{A2C75049-3EB3-41A6-835D-B2102A45E1A4}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{1C8AEB5F-E315-4252-8C1C-924011277A3E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CE0C2603-9803-4B72-AA9D-F1766079244D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F8431CDD-34A7-4FD4-BCAD-37CC5EFDEBE1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{37546475-17F8-4DF7-B145-102418D90A61}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{701F91A6-461A-410D-BC5F-CEB5598E7EC6}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{82C2260E-F492-460A-A5D8-27CF64173B5D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{ADCE049B-E43F-49B6-94FF-2F8C927132AE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{1F4A7F24-81D3-41C7-AA8C-37A51B641E44}C:\users\uzivatel\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\uzivatel\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{3F0AC7F5-F94D-4116-9E7D-97A56670E292}C:\users\uzivatel\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\uzivatel\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{90749591-E1C0-4757-BEC0-D72EFDD22CB2}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{763BBF14-63A3-4F49-8E69-93537F01F13C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{714949F0-FE3C-4307-93A1-4C9702BB7427}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EF01B94B-DB41-4075-A944-1ABB7F89D736}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

==================== Restore Points =========================

27-04-2019 13:35:46 Windows Update
27-05-2019 20:12:13 Naplánovaný kontrolní bod
16-07-2019 00:32:58 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/16/2019 01:06:31 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů W3SVC. První čtyři bajty (DWORD) datové sekce obsahují kód chyby systému Windows.

Error: (07/16/2019 01:06:27 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu aspnet_state v knihovně DLL C:\Windows\System32\aspnet_counters.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (07/16/2019 01:06:26 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu ASP.NET_4.0.30319 v knihovně DLL C:\Windows\System32\aspnet_counters.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (07/16/2019 01:06:26 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu ASP.NET v knihovně DLL C:\Windows\System32\aspnet_counters.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (07/15/2019 11:13:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNS_Execute: mDNSPlatformRawTime went backwards by 738262296 ticks; setting correction factor to 922931386

Error: (05/27/2019 07:06:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 21 1.4.D.D.7.F.D.E.1.D.B.5.1.E.4.A.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR Uzivatel-PC-2.local.

Error: (05/27/2019 07:06:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 10.0.0.42:5353 19 1.4.D.D.7.F.D.E.1.D.B.5.1.E.4.A.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR Uzivatel-PC.local.

Error: (05/27/2019 07:06:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 21 42.0.0.10.in-addr.arpa. PTR Uzivatel-PC-2.local.


System errors:
=============
Error: (07/16/2019 08:54:31 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscBrokerManager
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/16/2019 08:53:57 AM) (Source: DCOM) (EventID: 10016) (User: Uzivatel-PC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli Uzivatel-PC\Uzivatel (SID: S-1-5-21-1332348435-3952591356-909228679-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/16/2019 08:52:10 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku následující chyby:
Služba nebyla zahájena, protože se nepodařilo přihlásit.

Error: (07/16/2019 08:52:10 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s aktuálně konfigurovaným heslem z důvodu následující chyby:
Platnost hesla tohoto účtu vypršela.


Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (07/16/2019 08:52:10 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Správce stažených map přestala během spouštění reagovat.

Error: (07/16/2019 08:47:43 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba PDFProFiltSrvPP neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (07/16/2019 08:47:43 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby PDFProFiltSrvPP bylo dosaženo časového limitu (30000 ms).

Error: (07/16/2019 08:47:43 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Autodesk Content Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.


Windows Defender:
===================================
Date: 2019-07-16 00:17:44.642
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {5798CA7E-2D48-4C5C-B212-C4DE0EFA7325}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\NETWORK SERVICE

Date: 2019-05-27 19:47:20.499
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {19953126-7643-471B-B679-B10CA9688BA0}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-05-27 19:04:01.265
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {7D71B6E1-292F-498A-AF0B-6E719FA5C26C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-05-27 18:31:07.439
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {9921232B-5A82-4E41-998B-63EA0A5FD903}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\NETWORK SERVICE

Date: 2019-05-27 18:28:45.126
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {EA1DFCE5-0AD6-4AAA-B254-9768FA643728}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-07-16 08:58:05.652
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.297.1128.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16100.4
Kód chyby: 0x8024402c
Popis chyby ři zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2019-06-04 19:10:00.562
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.293.317.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15900.4
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2019-06-04 19:10:00.561
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.293.317.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15900.4
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2019-06-04 19:10:00.560
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.293.317.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15900.4
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2019-06-04 19:10:00.546
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.293.317.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15900.4
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

CodeIntegrity:
===================================

Date: 2019-05-27 18:53:39.022
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2019-05-27 18:53:38.967
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2019-05-27 18:53:38.871
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2019-05-27 18:53:38.573
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2019-05-27 18:53:38.398
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2019-05-27 18:53:38.306
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2019-05-27 18:53:33.485
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

Date: 2019-05-27 18:53:32.263
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. V17.1 09/02/2010
Motherboard: MSI H55M-E23(MS-7636)
Processor: Intel(R) Core(TM) i3 CPU 550 @ 3.20GHz
Percentage of memory in use: 62%
Total physical RAM: 3959.11 MB
Available physical RAM: 1482.66 MB
Total Virtual: 7927.11 MB
Available Virtual: 5332.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:464.83 GB) (Free:231.07 GB) NTFS
Drive e: (ADATA UFD) (Removable) (Total:28.89 GB) (Free:25.46 GB) FAT32

\\?\Volume{9db374e3-a5c7-11e1-8a02-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{4bac49f2-0000-0000-0000-803b74000000}\ () (Fixed) (Total:0.83 GB) (Free:0.45 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 4BAC49F2)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=464.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=851 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 28.9 GB) (Disk ID: 60AA76AA)
Partition 1: (Active) - (Size=28.9 GB) - (Type=0C)

==================== End of Addition.txt ============================

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-07-2019 01
Ran by Uzivatel (administrator) on UZIVATEL-PC (MSI MS-7636) (16-07-2019 09:03:47)
Running from C:\Users\Uzivatel\Desktop
Loaded Profiles: Uzivatel (Available Profiles: Uzivatel & UpdatusUser)
Platform: Windows 10 Home Version 1803 17134.885 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19021.18010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Brother Industries, Ltd. -> Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Brother Industries, Ltd. -> Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogRx.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Uzivatel\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mcbuilder.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17134.881_none_eada7c8e1d8131a8\TiWorker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1906.3-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1906.3-0\NisSrv.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Professional 7\PdfPro7Hook.exe
(Nullsoft Inc. -> Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Spotify AB -> Spotify Ltd) C:\Users\Uzivatel\AppData\Roaming\Spotify\Spotify.exe
(Spotify AB -> Spotify Ltd) C:\Users\Uzivatel\AppData\Roaming\Spotify\Spotify.exe
(Spotify AB -> Spotify Ltd) C:\Users\Uzivatel\AppData\Roaming\Spotify\Spotify.exe
(Spotify AB -> Spotify Ltd) C:\Users\Uzivatel\AppData\Roaming\Spotify\Spotify.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11101800 2010-07-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [415680 2012-02-05] (Autodesk, Inc -> Autodesk, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-07-26] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2776528 2016-12-14] (Malwarebytes Corporation -> Malwarebytes)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [112152 2010-07-01] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [85600 2013-12-13] (Nullsoft Inc. -> Nullsoft, Inc.)
HKLM-x32\...\Run: [M17A] => C:\WINDOWS\twain_32\Brimm17a\Common\TwDsUiLaunch.exe [77312 2017-05-10] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [146584 2017-11-07] (Brother Industries, Ltd. -> Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2976256 2018-01-19] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrotherSoftwareUpdateNotification] => C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe [3581952 2017-04-05] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2075480 2013-06-24] (Flexera Software LLC -> Flexera Software LLC.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [35648 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [17600 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFProHook] => C:\Program Files (x86)\Nuance\PDF Professional 7\pdfpro7hook.exe [641864 2013-03-20] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1332348435-3952591356-909228679-1000\...\Run: [Google Update] => C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.34.11\GoogleUpdateCore.exe [410920 2019-07-15] (Google Inc -> Google LLC)
HKU\S-1-5-21-1332348435-3952591356-909228679-1000\...\Run: [Spotify] => C:\Users\Uzivatel\AppData\Roaming\Spotify\Spotify.exe [25591712 2019-07-16] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-1332348435-3952591356-909228679-1000\...\RunOnce: [Application Restart #3] => C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe [3581952 2017-04-05] (Brother Industries, Ltd.) [File not signed]
HKU\S-1-5-21-1332348435-3952591356-909228679-1000\...\Policies\Explorer: []
HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2008-09-04] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2008-09-04] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-19] (Fox Magic Software) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\Installer\chrmstp.exe [2019-04-27] (Google LLC -> Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00EEC67F-7769-454F-95FC-4C2FB3493957} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {00FE8F93-0764-44A7-9687-EC33ED8A799C} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {0A7CA73B-CE09-43B1-8646-50241A28CCF4} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {0E762DD3-5712-4DC1-BA6F-00C32E65DFE9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MpCmdRun.exe [470176 2019-07-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {118B69D2-33C5-4094-A75D-281166F567E5} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1706F5AA-0BCA-4E59-AFB3-2CFCE23E13C4} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {1908DE61-0C6C-4B48-947E-657FED499F33} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {1A7C9D86-E208-4D8A-8DBB-2E08C5E84801} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23965776 2019-03-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {26E437CF-EF1D-49DD-B5E2-715FAF6BE585} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {28E2D337-D3E9-4DD1-AE8C-4F233B6D1C4A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1332348435-3952591356-909228679-1000UA1d25949cceec550 => C:\Users\Uzivatel\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {28F79DF2-66E9-471C-9598-2569BBFF5387} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23965776 2019-03-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {2AFAAB0F-C222-4826-9BAC-1D90D3B418C8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MpCmdRun.exe [470176 2019-07-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2B1EB950-A2DD-4E3E-B7D3-9BE755B76E99} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {2C88F607-8D75-4BDE-824E-627DD668E296} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2E37611B-90CB-4273-BAEA-3907BD099984} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_Plugin.exe [1457208 2019-07-15] (Adobe Inc. -> Adobe)
Task: {3D502813-D1D2-41CB-ACCC-1FE28968EF83} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1527080 2019-04-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {3F620358-0C8F-4A4B-819C-687986B8563C} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1527080 2019-04-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {4075AA6F-B619-4F0E-B79E-695792318898} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {453E4444-5521-4C7C-ACFD-7CA3E5A0D928} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {49584494-56EB-423B-A8EC-11421CEDD3F1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-07-15] (Adobe Inc. -> Adobe)
Task: {5392DF1D-6BC9-4F35-AB03-951A63B496C2} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_142_pepper.exe [1452544 2019-02-15] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {5529084B-8B44-4F37-8618-5D9AA35D13FC} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {56921D99-D5EB-4500-A4E0-339ED10C7D71} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MpCmdRun.exe [470176 2019-07-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {6087E5E2-7BF4-47D6-AAD5-490CCA2B6810} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1332348435-3952591356-909228679-1000UA => C:\Users\Uzivatel\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {69007947-8C1A-40DE-87CA-1F47C8333B99} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1332348435-3952591356-909228679-1000Core => C:\Users\Uzivatel\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {6AE80B7B-B9FA-4685-8D6E-D0E64D5096EE} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {73CB3203-4EFE-47A1-98CA-827398911A91} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {764C755F-E027-4C99-AB84-558965911830} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.)
Task: {766FBC1F-4D8C-41B9-971D-00CB352D9284} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7BAC6774-B906-40AE-908E-DD5AC4DB94AA} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {850CB7A0-5388-4B3C-8283-A35BFA7B0AF5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2417232 2019-04-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {87DB5543-9A65-4B3B-9886-2D718FB7FB68} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8E239226-BB74-4231-9A53-66F9B54E4AE7} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [753240 2019-04-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {8F0D39D5-DCC6-481B-BEEB-B3E812D47E15} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {921024A5-7579-4DCD-8309-C25CDAE9FB0F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.)
Task: {9625759F-C769-4BEA-902F-0AE6F05B1016} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {99F7AF79-FA42-477A-B2F8-13E7B97AF806} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9CCC0D1B-01BF-4B5E-9E01-C304DC4F284D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A2218FDE-1D9E-4D54-8BF7-2982815F9249} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A5D2CD9B-7BDF-43C1-8AF6-42B9FABE8F5C} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B559D76E-4742-4ED0-91DB-C336C3D1A8EA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MpCmdRun.exe [470176 2019-07-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BA70EFCE-926B-4BCA-BEBB-80F43ADB4A8F} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {BD0CEA1E-E769-4D69-A16F-CCAF532F18CE} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\osfinstaller.exe [87336 2019-04-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {C0B50F6A-1FC6-4C27-979F-4D500E712D58} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C4B26656-2B6C-4E8F-9A5A-5852D9CABCEE} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {C5C77708-CF62-456E-ACDC-2ACC2A9CC723} - \Rest Comp -> No File <==== ATTENTION
Task: {C6FA6607-A47C-4216-B187-161EE92ACF84} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {C87E6963-DB12-42F6-8A51-45E2675D8C69} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {CC7C1E1A-EED2-4C43-8834-D68DB288062E} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {CDE69B64-8CCC-4DD4-9510-FE4AA39E580A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {D5BABA95-95CC-498C-A0CE-EF0351426CDD} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {D622D7A3-C2CD-44E8-8B2D-3A9A1974511F} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {D831B67F-3165-4861-B72E-84903D1F8431} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DB670137-AE23-4535-BD71-EC3AF03201D2} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {DF71C223-E759-4CE8-9F33-E38DFAFE14AF} - System32\Tasks\{5F6BDC3E-C1FD-4139-8332-059B7896CA87} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\The KMPlayer\KMPSetup.exe" -d "C:\Program Files (x86)\The KMPlayer"
Task: {E036C546-4AAC-4A69-8C23-C00DE671CD87} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [569416 2016-02-23] (Apple Inc. -> Apple Inc.)
Task: {E1881366-DF93-4AAB-A5E0-A513ECDFCE63} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {E98121B3-A5FA-4F06-9EA6-A022AB174569} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {EAF32249-F2EB-4ECE-A205-09D3A57BFEF1} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {EC14783D-33F9-43C6-871D-A9191347EA7D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {ED3225A3-C50E-4AB0-BDA9-AEB25B96801A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2417232 2019-04-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {F336FEF6-EC22-4237-9A77-43A928C19EDF} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F55A0650-BC6A-44F6-88B8-AB3B779245DC} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {FBDF21E1-B6B4-4E3B-BDC5-34B86975616D} - System32\Tasks\{5C7FCAF9-2EF2-4464-AF3A-B7717FFEC645} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\setup.exe" -c -runfromtemp -l0x0005 -removeonly
Task: {FD04F33A-1616-4DBD-9A86-ED95B1980FAC} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {FD989352-26AB-42A4-9479-5F4B307CF9C8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1332348435-3952591356-909228679-1000Core1d25949cccf9d30 => C:\Users\Uzivatel\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {FECC2726-8910-4D8F-8FC2-B31BDC4F7CCE} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1332348435-3952591356-909228679-1000Core.job => C:\Users\Uzivatel\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1332348435-3952591356-909228679-1000UA.job => C:\Users\Uzivatel\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{493e21de-14ec-4508-834b-adbd8b09ae84}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{6a1e98de-2bf5-44e2-9cc9-0b402406e9a8}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\S-1-5-21-1332348435-3952591356-909228679-1000\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKU\S-1-5-21-1332348435-3952591356-909228679-1000 -> DefaultScope {A06ED961-D98F-4CF9-A89B-80AB11DB149C} URL =
SearchScopes: HKU\S-1-5-21-1332348435-3952591356-909228679-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1332348435-3952591356-909228679-1000 -> {105B0D51-56A0-4EE7-A41E-5175BC0BD94D} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1332348435-3952591356-909228679-1000 -> {127EE9EC-779D-40E5-9243-A2A97FD46BD1} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1332348435-3952591356-909228679-1000 -> {214D043C-D6C5-48BE-AE84-444B597BEE5F} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-1332348435-3952591356-909228679-1000 -> {2EF7F36D-EC80-4036-82B7-F48301FC70A6} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1332348435-3952591356-909228679-1000 -> {61911BF0-6A88-4B48-B28C-1992FABEACFE} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1332348435-3952591356-909228679-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-1332348435-3952591356-909228679-1000 -> {8BC8057A-E3DC-40AB-9E01-A7632B10B382} URL = hxxp://www.firmy.cz/phr/{searchTerms}?sourceid ... arch_12454
SearchScopes: HKU\S-1-5-21-1332348435-3952591356-909228679-1000 -> {A67FA295-C3E3-41A1-9985-8CFA850B874D} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-01-20] (Microsoft Corporation -> Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2019-04-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-01-20] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\PlusIEContextMenu.dll [2011-06-30] (Zeon Corporation -> Zeon Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-12] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-12] (Oracle America, Inc. -> Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-20] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\9slcp39g.default [2016-12-28]
FF Homepage: Mozilla\Firefox\Profiles\9slcp39g.default -> hxxp://mail.ru/cnt/10445?gp=818407
FF Extension: (Firefox Hotfix) - C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\9slcp39g.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-17] [Legacy]
FF Extension: (Домашняя страница Mail.Ru) - C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\9slcp39g.default\Extensions\homepage@mail.ru [2016-12-28] [Legacy]
FF Extension: (Поиск@Mail.Ru) - C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\9slcp39g.default\Extensions\search@mail.ru [2016-12-28] [Legacy]
FF Extension: (Визуальные закладки @Mail.Ru) - C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\9slcp39g.default\Extensions\{a38384b3-2d1d-4f36-bc22-0f7ae402bcd7} [2016-12-28] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_223.dll [2019-07-15] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_223.dll [2019-07-15] (Adobe Inc. -> )
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] (Apple Inc. -> )
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google Inc -> Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Windows\SysWOW64\npdeployJava1.dll [2015-03-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-01-20] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-01-20] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-07-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-07-15] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-03-17] (VideoLAN) [File not signed]
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Professional 7\bin\nppdf.dll [2011-07-15] (Zeon Corporation -> Zeon Corporation)
FF Plugin HKU\S-1-5-21-1332348435-3952591356-909228679-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-07-15] (Google Inc -> Google LLC)
FF Plugin HKU\S-1-5-21-1332348435-3952591356-909228679-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-07-15] (Google Inc -> Google LLC)

Chrome:
=======
CHR DefaultProfile: Default
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default [2019-07-15]
CHR Extension: (Prezentace) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-29]
CHR Extension: (Dokumenty Google) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-18]
CHR Extension: (Disk Google) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-21]
CHR Extension: (YouTube) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-20]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-04-27]
CHR Extension: (Vyhledávání Google) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-21]
CHR Extension: (Tabulky) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-29]
CHR Extension: (Dokumenty Google offline) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-07]
CHR Extension: (AdBlock) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-02-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-06]
CHR Extension: (Gmail) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-18]
CHR Extension: (Chrome Media Router) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-27]

Opera:
=======
OPR Extension: (Adblock Plus) - C:\Users\Uzivatel\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2016-11-04]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc. -> Apple Inc.)
S2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc. -> Autodesk, Inc.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [314368 2018-01-18] (Brother Industries, Ltd.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9677904 2019-03-29] (Microsoft Corporation -> Microsoft Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-12-14] (Malwarebytes Corporation -> Malwarebytes)
S2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [77336 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6634224 2018-02-02] (TeamViewer GmbH -> TeamViewer GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\NisSrv.exe [2455544 2019-07-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MsMpEng.exe [110104 2019-07-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.1.6.0\WsAppService.exe [388608 2016-01-28] (Wondershare) [File not signed]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 athur; C:\WINDOWS\System32\drivers\athurx.sys [1847296 2010-01-05] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-04-27] (Malwarebytes Corporation -> )
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [176064 2016-12-28] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [102856 2016-12-29] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2016-12-29] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [251832 2019-07-16] (Malwarebytes Corporation -> Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_2e7fa54192fe16d0\nvlddmkm.sys [16936048 2017-11-09] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-12] (Microsoft Windows -> Realtek )
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
U5 vwifimp; C:\Windows\System32\Drivers\vwifimp.sys [44544 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [47704 2019-07-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [367032 2019-07-16] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54200 2019-07-16] (Microsoft Windows -> Microsoft Corporation)
U3 aspnet_state; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-16 09:03 - 2019-07-16 09:07 - 000038964 ____C C:\Users\Uzivatel\Desktop\FRST.txt
2019-07-16 09:02 - 2019-07-16 08:57 - 002095104 ____C (Farbar) C:\Users\Uzivatel\Desktop\FRST64.exe
2019-07-16 08:48 - 2019-05-31 03:57 - 000835688 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-07-16 08:48 - 2019-05-31 03:57 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-07-16 00:37 - 2019-07-04 11:40 - 021390504 ____C (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-07-16 00:37 - 2019-07-04 11:40 - 001616840 ____C (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-07-16 00:37 - 2019-07-04 11:18 - 003614208 ____C (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-07-16 00:37 - 2019-07-04 10:37 - 002882048 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-07-16 00:37 - 2019-07-04 06:57 - 003292152 ____C (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-07-16 00:37 - 2019-07-04 06:56 - 009084216 ____C (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-07-16 00:37 - 2019-07-04 06:56 - 007519896 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-07-16 00:37 - 2019-07-04 06:56 - 007436536 ____C (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-07-16 00:37 - 2019-07-04 06:42 - 006570368 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-07-16 00:37 - 2019-07-04 06:42 - 006044008 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-07-16 00:37 - 2019-07-04 06:37 - 025857536 ____C (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-07-16 00:37 - 2019-07-04 06:33 - 022017536 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-07-16 00:37 - 2019-07-04 06:29 - 022717440 ____C (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-07-16 00:37 - 2019-07-04 06:26 - 004385280 ____C (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-07-16 00:37 - 2019-07-04 06:25 - 019372544 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-07-16 00:37 - 2019-07-04 06:25 - 007589888 ____C (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-07-16 00:37 - 2019-07-04 06:25 - 004861440 ____C (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-07-16 00:37 - 2019-07-04 06:21 - 005784064 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-07-16 00:37 - 2019-06-13 14:04 - 001721144 ____C (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-07-16 00:37 - 2019-06-13 13:42 - 004038688 ____C (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-07-16 00:37 - 2019-06-13 13:18 - 006586880 ____C (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-07-16 00:37 - 2019-06-13 13:18 - 004847104 ____C (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-07-16 00:37 - 2019-06-13 13:17 - 012756992 ____C (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-07-16 00:37 - 2019-06-13 13:15 - 004718080 ____C (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-07-16 00:37 - 2019-06-13 13:13 - 002920448 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2019-07-16 00:37 - 2019-06-13 11:54 - 011942912 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-07-16 00:37 - 2019-06-13 08:47 - 005625160 ____C (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-07-16 00:37 - 2019-05-17 08:30 - 013878784 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-07-16 00:37 - 2019-05-17 08:19 - 004515840 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-07-16 00:37 - 2019-05-17 07:44 - 016597504 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-07-16 00:37 - 2019-05-17 07:38 - 004709376 ____C (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-07-16 00:37 - 2019-05-17 07:31 - 004937216 ____C (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-07-16 00:37 - 2019-05-03 08:01 - 008189440 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-07-16 00:36 - 2019-07-04 11:40 - 001631808 ____C (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-07-16 00:36 - 2019-07-04 11:40 - 000790416 ____C (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-07-16 00:36 - 2019-07-04 11:21 - 008627200 ____C (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-07-16 00:36 - 2019-07-04 11:20 - 001609216 ____C (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-07-16 00:36 - 2019-07-04 11:19 - 000420864 ____C (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2019-07-16 00:36 - 2019-07-04 11:18 - 001663488 ____C (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-07-16 00:36 - 2019-07-04 10:56 - 001453416 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-07-16 00:36 - 2019-07-04 10:54 - 000662352 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-07-16 00:36 - 2019-07-04 10:51 - 020384128 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-07-16 00:36 - 2019-07-04 10:41 - 007990784 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-07-16 00:36 - 2019-07-04 10:36 - 001471488 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-07-16 00:36 - 2019-07-04 07:00 - 001035040 ____C (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-07-16 00:36 - 2019-07-04 06:58 - 001328440 ____C (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2019-07-16 00:36 - 2019-07-04 06:58 - 001219896 ____C (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-07-16 00:36 - 2019-07-04 06:57 - 001027384 ____C (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-07-16 00:36 - 2019-07-04 06:57 - 000986128 ____C (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2019-07-16 00:36 - 2019-07-04 06:57 - 000776784 ____C (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-07-16 00:36 - 2019-07-04 06:57 - 000723728 ____C (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-07-16 00:36 - 2019-07-04 06:57 - 000708696 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-07-16 00:36 - 2019-07-04 06:57 - 000568104 ____C (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-07-16 00:36 - 2019-07-04 06:57 - 000362264 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2019-07-16 00:36 - 2019-07-04 06:56 - 002810680 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-07-16 00:36 - 2019-07-04 06:56 - 002571640 ____C (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-07-16 00:36 - 2019-07-04 06:56 - 001566520 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2019-07-16 00:36 - 2019-07-04 06:56 - 001459120 ____C (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-07-16 00:36 - 2019-07-04 06:56 - 001260776 ____C (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-07-16 00:36 - 2019-07-04 06:56 - 001141496 ____C (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-07-16 00:36 - 2019-07-04 06:56 - 000983936 ____C (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-07-16 00:36 - 2019-07-04 06:56 - 000767536 ____C (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-07-16 00:36 - 2019-07-04 06:56 - 000734952 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-07-16 00:36 - 2019-07-04 06:56 - 000713272 ____C (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-07-16 00:36 - 2019-07-04 06:56 - 000604984 ____C (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-07-16 00:36 - 2019-07-04 06:56 - 000493752 ____C (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-07-16 00:36 - 2019-07-04 06:43 - 000832016 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2019-07-16 00:36 - 2019-07-04 06:43 - 000665440 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-07-16 00:36 - 2019-07-04 06:43 - 000287376 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2019-07-16 00:36 - 2019-07-04 06:42 - 002479176 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-07-16 00:36 - 2019-07-04 06:42 - 001980984 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-07-16 00:36 - 2019-07-04 06:42 - 001427768 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2019-07-16 00:36 - 2019-07-04 06:42 - 000573808 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2019-07-16 00:36 - 2019-07-04 06:42 - 000356312 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2019-07-16 00:36 - 2019-07-04 06:41 - 000559328 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-07-16 00:36 - 2019-07-04 06:26 - 000310272 ____C (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-07-16 00:36 - 2019-07-04 06:25 - 003401216 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-07-16 00:36 - 2019-07-04 06:25 - 000295424 ____C (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2019-07-16 00:36 - 2019-07-04 06:24 - 000567808 ____C (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-07-16 00:36 - 2019-07-04 06:24 - 000153600 ____C (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-07-16 00:36 - 2019-07-04 06:23 - 001765888 ____C (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-07-16 00:36 - 2019-07-04 06:23 - 001217536 ____C (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-07-16 00:36 - 2019-07-04 06:22 - 003707904 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-07-16 00:36 - 2019-07-04 06:22 - 002587648 ____C (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2019-07-16 00:36 - 2019-07-04 06:22 - 002176000 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-07-16 00:36 - 2019-07-04 06:22 - 001561088 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-07-16 00:36 - 2019-07-04 06:22 - 001549824 ____C (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-07-16 00:36 - 2019-07-04 06:22 - 001175552 ____C (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2019-07-16 00:36 - 2019-07-04 06:21 - 005307392 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-07-16 00:36 - 2019-07-04 06:21 - 003202560 ____C (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-07-16 00:36 - 2019-07-04 06:21 - 002166784 ____C (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-07-16 00:36 - 2019-07-04 06:21 - 001920000 ____C (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-07-16 00:36 - 2019-07-04 06:21 - 001220608 ____C (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2019-07-16 00:36 - 2019-07-04 06:20 - 001156608 ____C (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-07-16 00:36 - 2019-07-04 06:20 - 000544256 ____C (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-07-16 00:36 - 2019-07-04 06:20 - 000392704 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-07-16 00:36 - 2019-07-04 06:19 - 000886272 ____C (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-07-16 00:36 - 2019-07-04 06:18 - 002602496 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-07-16 00:36 - 2019-07-04 06:18 - 000953344 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2019-07-16 00:36 - 2019-07-04 06:17 - 000531968 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-07-16 00:36 - 2019-06-13 14:15 - 000324408 ____C (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-07-16 00:36 - 2019-06-13 14:12 - 002871848 ____C (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-07-16 00:36 - 2019-06-13 14:05 - 000810296 ____C (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-07-16 00:36 - 2019-06-13 14:00 - 000464696 ____C (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-07-16 00:36 - 2019-06-13 13:59 - 000740664 ____C (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-07-16 00:36 - 2019-06-13 13:58 - 000637752 ____C (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-07-16 00:36 - 2019-06-13 13:58 - 000071480 ____C (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-07-16 00:36 - 2019-06-13 13:56 - 000164152 ____C (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-07-16 00:36 - 2019-06-13 13:43 - 001048480 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2019-07-16 00:36 - 2019-06-13 13:42 - 000566536 ____C (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2019-07-16 00:36 - 2019-06-13 13:40 - 000540984 ____C (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-07-16 00:36 - 2019-06-13 13:38 - 000766264 ____C (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2019-07-16 00:36 - 2019-06-13 13:36 - 000251000 ____C (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2019-07-16 00:36 - 2019-06-13 13:35 - 001376688 ____C (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-07-16 00:36 - 2019-06-13 13:16 - 000767488 ____C (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2019-07-16 00:36 - 2019-06-13 13:14 - 001127936 ____C (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2019-07-16 00:36 - 2019-06-13 13:14 - 000900096 ____C (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2019-07-16 00:36 - 2019-06-13 13:14 - 000346624 ____C (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-07-16 00:36 - 2019-06-13 13:13 - 001339392 ____C (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2019-07-16 00:36 - 2019-06-13 13:13 - 000951808 ____C (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-07-16 00:36 - 2019-06-13 13:13 - 000765440 ____C (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2019-07-16 00:36 - 2019-06-13 12:07 - 001027008 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-07-16 00:36 - 2019-06-13 12:07 - 000660496 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2019-07-16 00:36 - 2019-06-13 12:05 - 003700160 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-07-16 00:36 - 2019-06-13 11:55 - 005657088 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-07-16 00:36 - 2019-06-13 11:51 - 000622080 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2019-07-16 00:36 - 2019-06-13 11:50 - 000896512 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2019-07-16 00:36 - 2019-06-13 11:49 - 002406400 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-07-16 00:36 - 2019-06-13 09:46 - 000713216 ____C (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2019-07-16 00:36 - 2019-06-13 09:01 - 000513336 ____C (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-07-16 00:36 - 2019-06-13 09:01 - 000511288 ____C (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-07-16 00:36 - 2019-06-13 08:59 - 000785264 ____C (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-07-16 00:36 - 2019-06-13 08:47 - 001063224 ____C (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-07-16 00:36 - 2019-06-13 08:46 - 001076536 ____C (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2019-07-16 00:36 - 2019-06-13 08:46 - 000510296 ____C (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-07-16 00:36 - 2019-06-13 08:46 - 000093984 ____C (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-07-16 00:36 - 2019-06-13 08:45 - 002421560 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-07-16 00:36 - 2019-06-13 08:44 - 002769688 ____C (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-07-16 00:36 - 2019-06-13 08:44 - 002546704 ____C (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2019-07-16 00:36 - 2019-06-13 08:44 - 001098272 ____C (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-07-16 00:36 - 2019-06-13 08:44 - 001033696 ____C (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2019-07-16 00:36 - 2019-06-13 08:44 - 000607112 ____C (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2019-07-16 00:36 - 2019-06-13 08:44 - 000545808 ____C (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-07-16 00:36 - 2019-06-13 08:44 - 000130624 ____C (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-07-16 00:36 - 2019-06-13 08:16 - 001626112 ____C (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-07-16 00:36 - 2019-06-13 08:15 - 000433152 ____C (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-07-16 00:36 - 2019-06-13 08:14 - 003318784 ____C (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-07-16 00:36 - 2019-06-13 08:14 - 000361472 ____C (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-07-16 00:36 - 2019-06-13 08:14 - 000302080 ____C (Microsoft Corporation) C:\WINDOWS\system32\CXHProvisioningServer.dll
2019-07-16 00:36 - 2019-06-13 08:13 - 004771840 ____C (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2019-07-16 00:36 - 2019-06-13 08:13 - 002370048 ____C (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-07-16 00:36 - 2019-06-13 08:13 - 000322560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-07-16 00:36 - 2019-06-13 08:13 - 000110592 ____C (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2019-07-16 00:36 - 2019-06-13 08:12 - 000916480 ____C (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-07-16 00:36 - 2019-06-13 08:12 - 000894464 ____C (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-07-16 00:36 - 2019-06-13 08:12 - 000808448 ____C (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-07-16 00:36 - 2019-06-13 08:12 - 000624640 ____C (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-07-16 00:36 - 2019-06-13 08:12 - 000532992 ____C (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2019-07-16 00:36 - 2019-06-13 08:10 - 002912256 ____C (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-07-16 00:36 - 2019-06-13 08:10 - 001400832 ____C (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-07-16 00:36 - 2019-06-13 08:10 - 001215488 ____C (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-07-16 00:36 - 2019-06-13 08:10 - 000871424 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2019-07-16 00:36 - 2019-06-13 08:10 - 000869376 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-07-16 00:36 - 2019-06-13 08:10 - 000849408 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2019-07-16 00:36 - 2019-06-13 08:10 - 000523776 ____C (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-07-16 00:36 - 2019-06-13 08:09 - 001854976 ____C (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-07-16 00:36 - 2019-06-13 08:09 - 000922112 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-07-16 00:36 - 2019-06-13 08:08 - 000506368 ____C (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-07-16 00:36 - 2019-06-13 07:14 - 000415544 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-07-16 00:36 - 2019-06-13 07:08 - 000443632 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-07-16 00:36 - 2019-06-13 07:07 - 000080744 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-07-16 00:36 - 2019-06-13 07:06 - 002256768 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-07-16 00:36 - 2019-06-13 07:06 - 001130776 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-07-16 00:36 - 2019-06-13 07:06 - 000581600 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-07-16 00:36 - 2019-06-13 06:47 - 003554304 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2019-07-16 00:36 - 2019-06-13 06:47 - 002899456 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2019-07-16 00:36 - 2019-06-13 06:46 - 000608768 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-07-16 00:36 - 2019-06-13 06:46 - 000331776 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-07-16 00:36 - 2019-06-13 06:44 - 001003008 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-07-16 00:36 - 2019-06-13 06:44 - 000648192 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2019-07-16 00:36 - 2019-06-13 06:44 - 000630784 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2019-07-16 00:36 - 2019-06-13 06:43 - 000681472 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-07-16 00:36 - 2019-06-13 06:43 - 000646656 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-07-16 00:36 - 2019-06-07 12:41 - 004055552 ____C (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-07-16 00:36 - 2019-06-07 12:40 - 001364992 ____C (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-07-16 00:36 - 2019-06-07 12:04 - 004056064 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-07-16 00:36 - 2019-06-07 08:07 - 000707384 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-07-16 00:36 - 2019-06-07 07:57 - 002719032 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-07-16 00:36 - 2019-06-07 07:57 - 001934808 ____C (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-07-16 00:36 - 2019-06-07 07:57 - 001209696 ____C (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-07-16 00:36 - 2019-06-07 07:57 - 000792888 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-07-16 00:36 - 2019-06-07 07:57 - 000594024 ____C (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-07-16 00:36 - 2019-06-07 07:57 - 000435000 ____C (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-07-16 00:36 - 2019-06-07 07:57 - 000383504 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-07-16 00:36 - 2019-06-07 07:47 - 000380432 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-07-16 00:36 - 2019-06-07 07:46 - 001805656 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-07-16 00:36 - 2019-06-07 07:46 - 001011872 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-07-16 00:36 - 2019-06-07 07:23 - 000561152 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-07-16 00:36 - 2019-06-07 07:21 - 000473600 ____C (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-07-16 00:36 - 2019-06-07 07:19 - 000778240 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-07-16 00:36 - 2019-06-07 07:18 - 000686592 ____C (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-07-16 00:36 - 2019-06-07 07:17 - 000961024 ____C (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-07-16 00:36 - 2019-06-07 07:17 - 000889344 ____C (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-07-16 00:36 - 2019-06-07 07:16 - 000900096 ____C (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-07-16 00:36 - 2019-06-07 07:16 - 000478720 ____C (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2019-07-16 00:36 - 2019-05-19 00:12 - 000353280 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-07-16 00:36 - 2019-05-17 14:40 - 002394960 ____C (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2019-07-16 00:36 - 2019-05-17 14:25 - 004491264 ____C (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2019-07-16 00:36 - 2019-05-17 14:21 - 001180672 ____C (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2019-07-16 00:36 - 2019-05-17 14:21 - 000878592 ____C (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-07-16 00:36 - 2019-05-17 14:19 - 000757248 ____C (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2019-07-16 00:36 - 2019-05-17 13:58 - 003397632 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2019-07-16 00:36 - 2019-05-17 13:55 - 000704000 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2019-07-16 00:36 - 2019-05-17 08:44 - 000829960 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2019-07-16 00:36 - 2019-05-17 08:44 - 000550520 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2019-07-16 00:36 - 2019-05-17 08:42 - 004789944 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-07-16 00:36 - 2019-05-17 08:42 - 001989552 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-07-16 00:36 - 2019-05-17 08:42 - 001620264 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-07-16 00:36 - 2019-05-17 08:42 - 001380096 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2019-07-16 00:36 - 2019-05-17 08:26 - 002969600 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-07-16 00:36 - 2019-05-17 08:19 - 001630720 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-07-16 00:36 - 2019-05-17 08:19 - 001110528 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2019-07-16 00:36 - 2019-05-17 08:19 - 000835584 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2019-07-16 00:36 - 2019-05-17 08:18 - 002796032 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2019-07-16 00:36 - 2019-05-17 08:18 - 001006592 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2019-07-16 00:36 - 2019-05-17 08:08 - 000491200 ____C (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-07-16 00:36 - 2019-05-17 08:07 - 004404720 ____C (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-07-16 00:36 - 2019-05-17 08:07 - 002467320 ____C (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-07-16 00:36 - 2019-05-17 08:07 - 001288712 ____C (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-07-16 00:36 - 2019-05-17 08:07 - 000930616 ____C (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2019-07-16 00:36 - 2019-05-17 08:07 - 000275768 ____C (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-07-16 00:36 - 2019-05-17 08:07 - 000260800 ____C (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-07-16 00:36 - 2019-05-17 08:06 - 001943136 ____C (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-07-16 00:36 - 2019-05-17 08:06 - 001784696 ____C (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-07-16 00:36 - 2019-05-17 08:04 - 001826816 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-07-16 00:36 - 2019-05-17 07:34 - 001804288 ____C (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2019-07-16 00:36 - 2019-05-17 07:34 - 000671744 ____C (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2019-07-16 00:36 - 2019-05-17 07:33 - 003091456 ____C (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-07-16 00:36 - 2019-05-17 07:33 - 001487360 ____C (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2019-07-16 00:36 - 2019-05-17 07:33 - 000787968 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2019-07-16 00:36 - 2019-05-17 07:32 - 001070080 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2019-07-16 00:36 - 2019-05-17 07:32 - 000815104 ____C (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-07-16 00:36 - 2019-05-17 07:31 - 003376640 ____C (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2019-07-16 00:36 - 2019-05-17 07:31 - 003293184 ____C (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2019-07-16 00:36 - 2019-05-17 07:31 - 001805312 ____C (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-07-16 00:36 - 2019-05-17 07:31 - 001383424 ____C (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-07-16 00:36 - 2019-05-17 07:31 - 001211904 ____C (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2019-07-16 00:36 - 2019-05-17 07:31 - 001027584 ____C (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2019-07-16 00:36 - 2019-05-17 07:31 - 000620032 ____C (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-07-16 00:36 - 2019-05-17 07:30 - 000917504 ____C (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2019-07-16 00:36 - 2019-05-17 07:30 - 000276992 ____C (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2019-07-16 00:36 - 2019-05-03 13:49 - 001288704 ____C (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-07-16 00:36 - 2019-05-03 08:32 - 000493880 ____C (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-07-16 00:36 - 2019-05-03 08:00 - 006661632 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-07-16 00:36 - 2019-05-03 07:54 - 000845824 ____C (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-07-16 00:36 - 2019-05-03 07:54 - 000776192 ____C (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-07-16 00:36 - 2019-05-03 07:54 - 000669184 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-07-16 00:36 - 2019-05-03 07:53 - 000204800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2019-07-16 00:36 - 2019-05-03 07:53 - 000186880 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2019-07-16 00:36 - 2019-05-03 07:53 - 000184320 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2019-07-16 00:36 - 2019-05-03 07:53 - 000181760 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2019-07-16 00:36 - 2019-04-19 12:54 - 000720200 ____C (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-07-16 00:36 - 2019-04-19 12:34 - 000522240 ____C (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2019-07-16 00:36 - 2019-04-19 11:37 - 000607960 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-07-16 00:36 - 2019-04-19 11:25 - 000423936 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2019-07-16 00:36 - 2019-04-19 07:06 - 000798520 ____C (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2019-07-16 00:36 - 2019-04-19 07:01 - 000576016 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2019-07-16 00:36 - 2019-04-19 06:43 - 000150016 ____C (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-07-16 00:36 - 2019-04-19 06:40 - 000243712 ____C (Microsoft Corporation) C:\WINDOWS\system32\JpnServiceDS.dll
2019-07-16 00:36 - 2019-04-19 06:38 - 000593408 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-07-16 00:36 - 2019-04-19 06:38 - 000304128 ____C (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2019-07-16 00:36 - 2019-04-19 06:37 - 000397312 ____C (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2019-07-16 00:36 - 2019-04-19 06:37 - 000381952 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2019-07-16 00:36 - 2019-04-19 06:36 - 000827392 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-07-16 00:36 - 2019-04-19 06:36 - 000546816 ____C (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2019-07-16 00:36 - 2019-04-19 06:35 - 001458688 ____C (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2019-07-16 00:36 - 2019-04-19 06:35 - 000784896 ____C (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2019-07-16 00:36 - 2019-04-19 06:34 - 000935936 ____C (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-07-16 00:36 - 2019-04-19 06:34 - 000653312 ____C (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2019-07-16 00:36 - 2019-04-19 05:18 - 000806360 ____C C:\WINDOWS\SysWOW64\locale.nls
2019-07-16 00:36 - 2019-04-19 05:18 - 000806360 ____C C:\WINDOWS\system32\locale.nls
2019-07-16 00:35 - 2019-07-04 11:43 - 000094008 ____C (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-07-16 00:35 - 2019-07-04 11:22 - 000131072 ____C (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2019-07-16 00:35 - 2019-07-04 11:22 - 000128000 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-07-16 00:35 - 2019-07-04 06:58 - 000416312 ____C (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2019-07-16 00:35 - 2019-07-04 06:58 - 000192824 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-07-16 00:35 - 2019-07-04 06:57 - 000209424 ____C (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-07-16 00:35 - 2019-07-04 06:57 - 000194360 ____C (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-07-16 00:35 - 2019-07-04 06:57 - 000137656 ____C (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2019-07-16 00:35 - 2019-07-04 06:57 - 000134968 ____C (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-07-16 00:35 - 2019-07-04 06:57 - 000091776 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2019-07-16 00:35 - 2019-07-04 06:56 - 000115512 ____C (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-07-16 00:35 - 2019-07-04 06:43 - 000328696 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2019-07-16 00:35 - 2019-07-04 06:43 - 000191800 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-07-16 00:35 - 2019-07-04 06:42 - 000097272 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2019-07-16 00:35 - 2019-07-04 06:26 - 000051200 ____C (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-07-16 00:35 - 2019-07-04 06:25 - 000079872 ____C (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2019-07-16 00:35 - 2019-07-04 06:24 - 000726528 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2019-07-16 00:35 - 2019-07-04 06:24 - 000462336 ____C (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-07-16 00:35 - 2019-07-04 06:23 - 000786432 ____C (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2019-07-16 00:35 - 2019-07-04 06:22 - 000300544 ____C (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2019-07-16 00:35 - 2019-07-04 06:22 - 000110592 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2019-07-16 00:35 - 2019-07-04 06:22 - 000032768 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2019-07-16 00:35 - 2019-07-04 06:21 - 000324096 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-07-16 00:35 - 2019-07-04 06:21 - 000124416 ____C (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2019-07-16 00:35 - 2019-07-04 06:21 - 000059392 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2019-07-16 00:35 - 2019-07-04 06:20 - 000330752 ____C (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2019-07-16 00:35 - 2019-07-04 06:19 - 000230912 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-07-16 00:35 - 2019-07-04 06:18 - 001076224 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-07-16 00:35 - 2019-07-04 06:18 - 000965632 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2019-07-16 00:35 - 2019-07-04 06:18 - 000275968 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2019-07-16 00:35 - 2019-07-04 05:01 - 000001312 ____C C:\WINDOWS\system32\tcbres.wim
2019-07-16 00:35 - 2019-06-21 10:50 - 000280584 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2019-07-16 00:35 - 2019-06-13 13:37 - 000101192 ____C (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe
2019-07-16 00:35 - 2019-06-13 13:36 - 000236520 ____C (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2019-07-16 00:35 - 2019-06-13 13:34 - 000146888 ____C (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
2019-07-16 00:35 - 2019-06-13 13:17 - 000178176 ____C (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll
2019-07-16 00:35 - 2019-06-13 13:17 - 000115200 ____C (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2019-07-16 00:35 - 2019-06-13 13:17 - 000109056 ____C (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2019-07-16 00:35 - 2019-06-13 13:17 - 000093184 ____C (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2019-07-16 00:35 - 2019-06-13 13:15 - 000041984 ____C (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
2019-07-16 00:35 - 2019-06-13 13:14 - 000246272 ____C (Microsoft Corporation) C:\WINDOWS\system32\DesktopSwitcherDataModel.dll
2019-07-16 00:35 - 2019-06-13 13:13 - 000181248 ____C (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2019-07-16 00:35 - 2019-06-13 13:12 - 000394240 ____C (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2019-07-16 00:35 - 2019-06-13 13:10 - 000239104 ____C (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2019-07-16 00:35 - 2019-06-13 12:07 - 000221232 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2019-07-16 00:35 - 2019-06-13 11:54 - 000151552 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmvdsitf.dll
2019-07-16 00:35 - 2019-06-13 11:53 - 000089600 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2019-07-16 00:35 - 2019-06-13 11:49 - 000371200 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2019-07-16 00:35 - 2019-06-13 09:48 - 000677376 ____C (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2019-07-16 00:35 - 2019-06-13 09:01 - 000036152 ____C (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-07-16 00:35 - 2019-06-13 08:17 - 000106496 ____C (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-07-16 00:35 - 2019-06-13 08:16 - 000140288 ____C (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2019-07-16 00:35 - 2019-06-13 08:15 - 000514560 ____C (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-07-16 00:35 - 2019-06-13 08:15 - 000204288 ____C (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2019-07-16 00:35 - 2019-06-13 08:15 - 000137728 ____C (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2019-07-16 00:35 - 2019-06-13 08:15 - 000083456 ____C (Microsoft Corporation) C:\WINDOWS\system32\KdsCli.dll
2019-07-16 00:35 - 2019-06-13 08:14 - 000409088 ____C (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2019-07-16 00:35 - 2019-06-13 08:13 - 000761344 ____C (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2019-07-16 00:35 - 2019-06-13 08:12 - 000501248 ____C (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2019-07-16 00:35 - 2019-06-13 08:11 - 000508416 ____C (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-07-16 00:35 - 2019-06-13 08:11 - 000271872 ____C (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2019-07-16 00:35 - 2019-06-13 08:11 - 000048128 ____C (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2019-07-16 00:35 - 2019-06-13 08:09 - 000755712 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2019-07-16 00:35 - 2019-06-13 07:07 - 000101192 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2019-07-16 00:35 - 2019-06-13 06:49 - 000172544 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2019-07-16 00:35 - 2019-06-13 06:47 - 000450048 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2019-07-16 00:35 - 2019-06-13 06:46 - 000038400 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2019-07-16 00:35 - 2019-06-13 06:45 - 000602112 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2019-07-16 00:35 - 2019-06-13 06:45 - 000578560 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-07-16 00:35 - 2019-06-13 06:44 - 000582144 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2019-07-16 00:35 - 2019-06-13 06:44 - 000251904 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-07-16 00:35 - 2019-06-13 06:43 - 000445952 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2019-07-16 00:35 - 2019-06-07 12:48 - 000064000 ____C (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-07-16 00:35 - 2019-06-07 12:47 - 000059904 ____C (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-07-16 00:35 - 2019-06-07 12:10 - 000046080 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-07-16 00:35 - 2019-06-07 07:58 - 000422416 ____C (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll
2019-07-16 00:35 - 2019-06-07 07:58 - 000076304 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-07-16 00:35 - 2019-06-07 07:57 - 000413720 ____C (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2019-07-16 00:35 - 2019-06-07 07:57 - 000412984 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-07-16 00:35 - 2019-06-07 07:57 - 000170296 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-07-16 00:35 - 2019-06-07 07:57 - 000148280 ____C (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2019-07-16 00:35 - 2019-06-07 07:46 - 000128792 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2019-07-16 00:35 - 2019-06-07 07:24 - 001361408 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-07-16 00:35 - 2019-06-07 07:23 - 000209408 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-07-16 00:35 - 2019-06-07 07:22 - 000233984 ____C (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2019-07-16 00:35 - 2019-06-07 07:22 - 000216064 ____C (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
2019-07-16 00:35 - 2019-06-07 07:21 - 000154112 ____C (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-07-16 00:35 - 2019-06-07 07:20 - 001708544 ____C (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-07-16 00:35 - 2019-06-07 07:20 - 000726528 ____C (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-07-16 00:35 - 2019-06-07 07:19 - 000369664 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll
2019-07-16 00:35 - 2019-05-19 00:12 - 001311744 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-07-16 00:35 - 2019-05-19 00:12 - 000341504 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-07-16 00:35 - 2019-05-19 00:12 - 000241152 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-07-16 00:35 - 2019-05-17 14:44 - 000348160 ____C (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-07-16 00:35 - 2019-05-17 14:25 - 000039424 ____C (Microsoft Corporation) C:\WINDOWS\system32\WindowsUpdateElevatedInstaller.exe
2019-07-16 00:35 - 2019-05-17 14:24 - 000122368 ____C (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2019-07-16 00:35 - 2019-05-17 14:23 - 000110080 ____C (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2019-07-16 00:35 - 2019-05-17 14:22 - 000392192 ____C (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2019-07-16 00:35 - 2019-05-17 14:22 - 000182784 ____C (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2019-07-16 00:35 - 2019-05-17 14:21 - 001121792 ____C (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2019-07-16 00:35 - 2019-05-17 14:21 - 000274944 ____C (Microsoft Corporation) C:\WINDOWS\system32\dot3gpui.dll
2019-07-16 00:35 - 2019-05-17 14:21 - 000221184 ____C (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2019-07-16 00:35 - 2019-05-17 14:20 - 002084864 ____C (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-07-16 00:35 - 2019-05-17 14:07 - 002206424 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2019-07-16 00:35 - 2019-05-17 13:56 - 000344576 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2019-07-16 00:35 - 2019-05-17 13:56 - 000240640 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3gpui.dll
2019-07-16 00:35 - 2019-05-17 13:55 - 000668160 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2019-07-16 00:35 - 2019-05-17 13:55 - 000470528 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2019-07-16 00:35 - 2019-05-17 13:54 - 002016768 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-07-16 00:35 - 2019-05-17 13:54 - 000908288 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2019-07-16 00:35 - 2019-05-17 11:33 - 001008640 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-07-16 00:35 - 2019-05-17 10:52 - 000868864 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-07-16 00:35 - 2019-05-17 09:07 - 000105272 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2019-07-16 00:35 - 2019-05-17 08:43 - 000297688 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2019-07-16 00:35 - 2019-05-17 08:42 - 000129088 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2019-07-16 00:35 - 2019-05-17 08:42 - 000125504 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2019-07-16 00:35 - 2019-05-17 08:23 - 000074240 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2019-07-16 00:35 - 2019-05-17 08:23 - 000068096 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2019-07-16 00:35 - 2019-05-17 08:23 - 000002560 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-07-16 00:35 - 2019-05-17 08:22 - 000142848 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2019-07-16 00:35 - 2019-05-17 08:22 - 000031232 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2019-07-16 00:35 - 2019-05-17 08:21 - 000326144 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\esentutl.exe
2019-07-16 00:35 - 2019-05-17 08:21 - 000224768 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2019-07-16 00:35 - 2019-05-17 08:20 - 000366080 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2019-07-16 00:35 - 2019-05-17 08:20 - 000118272 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2019-07-16 00:35 - 2019-05-17 08:19 - 000873472 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2019-07-16 00:35 - 2019-05-17 08:08 - 000401328 ____C (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2019-07-16 00:35 - 2019-05-17 08:06 - 001307648 ____C (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2019-07-16 00:35 - 2019-05-17 08:06 - 000151888 ____C (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2019-07-16 00:35 - 2019-05-17 08:00 - 001295360 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2019-07-16 00:35 - 2019-05-17 07:37 - 000185344 ____C (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2019-07-16 00:35 - 2019-05-17 07:37 - 000108544 ____C (Microsoft Corporation) C:\WINDOWS\system32\DuCsps.dll
2019-07-16 00:35 - 2019-05-17 07:36 - 000228864 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-07-16 00:35 - 2019-05-17 07:36 - 000115200 ____C (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2019-07-16 00:35 - 2019-05-17 07:36 - 000096768 ____C (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2019-07-16 00:35 - 2019-05-17 07:36 - 000067584 ____C (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2019-07-16 00:35 - 2019-05-17 07:36 - 000040960 ____C (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2019-07-16 00:35 - 2019-05-17 07:36 - 000034816 ____C (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2019-07-16 00:35 - 2019-05-17 07:36 - 000002560 ____C (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-07-16 00:35 - 2019-05-17 07:35 - 000362496 ____C (Microsoft Corporation) C:\WINDOWS\system32\esentutl.exe
2019-07-16 00:35 - 2019-05-17 07:34 - 000275456 ____C (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2019-07-16 00:35 - 2019-05-17 07:34 - 000270336 ____C (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2019-07-16 00:35 - 2019-05-17 07:34 - 000175104 ____C (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-07-16 00:35 - 2019-05-17 07:34 - 000141312 ____C (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2019-07-16 00:35 - 2019-05-17 07:34 - 000047616 ____C (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll
2019-07-16 00:35 - 2019-05-17 07:33 - 000270336 ____C (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2019-07-16 00:35 - 2019-05-17 07:31 - 000466432 ____C (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-07-16 00:35 - 2019-05-03 14:13 - 000396088 ____C (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2019-07-16 00:35 - 2019-05-03 13:55 - 000123392 ____C (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-07-16 00:35 - 2019-05-03 13:54 - 000177664 ____C (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-07-16 00:35 - 2019-05-03 13:52 - 000119808 ____C (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-07-16 00:35 - 2019-05-03 13:49 - 000488448 ____C (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-07-16 00:35 - 2019-05-03 13:49 - 000210944 ____C (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-07-16 00:35 - 2019-05-03 13:30 - 000138752 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-07-16 00:35 - 2019-05-03 13:30 - 000098304 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-07-16 00:35 - 2019-05-03 13:27 - 000176640 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2019-07-16 00:35 - 2019-05-03 13:26 - 000425472 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-07-16 00:35 - 2019-05-03 08:43 - 000177128 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2019-07-16 00:35 - 2019-05-03 08:34 - 000159864 ____C (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2019-07-16 00:35 - 2019-05-03 08:33 - 000063072 ____C (Microsoft Corporation) C:\WINDOWS\system32\cryptdll.dll
2019-07-16 00:35 - 2019-05-03 08:32 - 000438984 ____C (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-07-16 00:35 - 2019-05-03 08:32 - 000164664 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2019-07-16 00:35 - 2019-05-03 08:20 - 000434704 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-07-16 00:35 - 2019-05-03 08:20 - 000384976 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-07-16 00:35 - 2019-05-03 08:20 - 000146920 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2019-07-16 00:35 - 2019-05-03 08:19 - 000056288 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptdll.dll
2019-07-16 00:35 - 2019-05-03 08:00 - 000120832 ____C (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-processor-power-events.dll
2019-07-16 00:35 - 2019-05-03 08:00 - 000099328 ____C (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2019-07-16 00:35 - 2019-05-03 07:59 - 000204288 ____C (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-07-16 00:35 - 2019-05-03 07:56 - 000773632 ____C (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2019-07-16 00:35 - 2019-05-03 07:55 - 000659968 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2019-07-16 00:35 - 2019-05-03 07:54 - 000778752 ____C (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2019-07-16 00:35 - 2019-05-03 07:54 - 000667136 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2019-07-16 00:35 - 2019-04-19 12:38 - 000058368 ____C (Microsoft Corporation) C:\WINDOWS\system32\RDSPnf.exe
2019-07-16 00:35 - 2019-04-19 12:38 - 000040960 ____C (Microsoft Corporation) C:\WINDOWS\system32\perfproc.dll
2019-07-16 00:35 - 2019-04-19 11:30 - 000036864 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfproc.dll
2019-07-16 00:35 - 2019-04-19 06:41 - 000095232 ____C (Microsoft Corporation) C:\WINDOWS\system32\EduPrintProv.exe
2019-07-16 00:35 - 2019-04-19 06:40 - 000342528 ____C (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-07-16 00:35 - 2019-04-19 06:40 - 000167936 ____C (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2019-07-16 00:35 - 2019-04-19 06:40 - 000081408 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetDriverInstall.dll
2019-07-16 00:35 - 2019-04-19 06:39 - 000425472 ____C (Microsoft Corporation) C:\WINDOWS\system32\SDDS.dll
2019-07-16 00:35 - 2019-04-19 06:39 - 000374784 ____C (Microsoft Corporation) C:\WINDOWS\system32\BingASDS.dll
2019-07-16 00:35 - 2019-04-19 06:38 - 000300544 ____C (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2019-07-16 00:35 - 2019-04-19 06:37 - 000221184 ____C (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2019-07-16 00:35 - 2019-04-19 06:36 - 001300992 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2019-07-16 00:35 - 2019-04-19 06:36 - 000357888 ____C (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-07-16 00:35 - 2019-04-19 06:36 - 000186368 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2019-07-16 00:35 - 2019-04-19 06:35 - 001938944 ____C (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2019-07-16 00:35 - 2019-04-19 06:35 - 000535040 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2019-07-16 00:35 - 2019-04-19 06:35 - 000312320 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2019-07-16 00:35 - 2019-04-09 03:48 - 000376320 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2019-07-16 00:01 - 2019-07-15 23:57 - 007025360 ____C (Malwarebytes) C:\Users\Uzivatel\Desktop\adwcleaner_7.3.exe
2019-07-15 23:37 - 2019-07-15 23:38 - 000000000 ___DC C:\rsit
2019-07-15 23:37 - 2019-07-15 23:37 - 000000000 ____D C:\Program Files\trend micro
2019-07-15 23:37 - 2019-07-15 23:33 - 001222144 ____C C:\Users\Uzivatel\Desktop\RSITx64.exe

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-16 09:03 - 2015-08-19 10:45 - 000000000 ___DC C:\FRST
2019-07-16 08:58 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-07-16 08:58 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-07-16 08:55 - 2018-05-21 06:44 - 001776048 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-07-16 08:55 - 2018-04-12 17:50 - 000743502 _____ C:\WINDOWS\system32\perfh005.dat
2019-07-16 08:55 - 2018-04-12 17:50 - 000159208 _____ C:\WINDOWS\system32\perfc005.dat
2019-07-16 08:55 - 2013-12-11 22:09 - 000000000 ___DC C:\Program Files (x86)\TeamViewer
2019-07-16 08:53 - 2015-10-13 20:15 - 000000000 ___DC C:\Users\Uzivatel\AppData\Local\Spotify
2019-07-16 08:53 - 2015-10-13 20:11 - 000000000 ___DC C:\Users\Uzivatel\AppData\Roaming\Spotify
2019-07-16 08:50 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-07-16 08:50 - 2018-01-06 22:04 - 000000000 ___RD C:\Users\Uzivatel\3D Objects
2019-07-16 08:50 - 2015-11-26 17:27 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-07-16 08:49 - 2018-05-21 06:39 - 000619864 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-07-16 08:49 - 2017-10-29 17:37 - 000000000 ____D C:\ProgramData\NVIDIA
2019-07-16 08:47 - 2018-05-21 07:07 - 000000006 ___HC C:\WINDOWS\Tasks\SA.DAT
2019-07-16 08:47 - 2018-05-20 19:33 - 000251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2019-07-16 01:28 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-07-16 01:25 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-07-16 01:25 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-07-16 01:25 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-07-16 01:25 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-07-16 01:25 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-07-16 01:25 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-07-16 01:25 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-07-16 01:25 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-07-16 01:25 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\Provisioning
2019-07-16 01:25 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-07-16 01:25 - 2018-04-11 23:04 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-07-16 01:24 - 2018-05-21 06:39 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-07-16 01:15 - 2018-05-21 07:07 - 000004208 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{530343BF-965E-4F46-B704-C25D7D73F7E4}
2019-07-16 01:08 - 2017-09-30 10:44 - 000000000 ____D C:\Program Files\rempl
2019-07-16 01:07 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-07-16 01:06 - 2013-07-28 08:54 - 000000000 ___DC C:\WINDOWS\system32\MRT
2019-07-16 00:59 - 2012-05-24 16:11 - 136618864 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-07-16 00:29 - 2018-03-09 20:06 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-07-16 00:25 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-07-16 00:17 - 2018-05-21 06:45 - 000000000 ____D C:\Users\Uzivatel
2019-07-16 00:05 - 2017-01-12 16:26 - 000000000 ___DC C:\AdwCleaner
2019-07-15 23:40 - 2018-05-21 07:07 - 000003768 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1332348435-3952591356-909228679-1000UA1d25949cceec550
2019-07-15 23:40 - 2018-05-21 07:07 - 000003500 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1332348435-3952591356-909228679-1000Core1d25949cccf9d30
2019-07-15 23:40 - 2018-05-21 07:07 - 000003472 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-07-15 23:40 - 2018-05-21 07:07 - 000003348 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-07-15 23:38 - 2010-11-21 05:27 - 000741432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2019-07-15 23:35 - 2017-07-11 22:57 - 000000000 ____D C:\Program Files\UNP
2019-07-15 23:20 - 2018-05-21 07:07 - 000003376 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1332348435-3952591356-909228679-1000
2019-07-15 23:19 - 2018-05-21 06:45 - 000002411 _____ C:\Users\Uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-07-15 23:19 - 2015-11-26 17:35 - 000000000 ___RD C:\Users\Uzivatel\OneDrive
2019-07-15 23:18 - 2018-05-21 07:07 - 000004652 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-07-15 23:17 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-07-15 23:16 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed

==================== Files in the root of some directories ================

2013-04-07 21:35 - 2013-04-07 21:35 - 000003492 ____C () C:\Users\Uzivatel\AppData\Local\recently-used.xbel

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
  
  HKU\S-1-5-21-1332348435-3952591356-909228679-1000\...\Policies\Explorer: [] 
  Task: {1908DE61-0C6C-4B48-947E-657FED499F33} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
  Task: {2B1EB950-A2DD-4E3E-B7D3-9BE755B76E99} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
  Task: {5529084B-8B44-4F37-8618-5D9AA35D13FC} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
  Task: {6AE80B7B-B9FA-4685-8D6E-D0E64D5096EE} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
  Task: {73CB3203-4EFE-47A1-98CA-827398911A91} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
  Task: {8F0D39D5-DCC6-481B-BEEB-B3E812D47E15} - \CCleanerSkipUAC -> No File <==== ATTENTION
  Task: {BA70EFCE-926B-4BCA-BEBB-80F43ADB4A8F} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
  Task: {C5C77708-CF62-456E-ACDC-2ACC2A9CC723} - \Rest Comp -> No File <==== ATTENTION
  Task: {CC7C1E1A-EED2-4C43-8834-D68DB288062E} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
  Task: {CDE69B64-8CCC-4DD4-9510-FE4AA39E580A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
  Task: {E1881366-DF93-4AAB-A5E0-A513ECDFCE63} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
  Task: {EC14783D-33F9-43C6-871D-A9191347EA7D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
  Task: {F55A0650-BC6A-44F6-88B8-AB3B779245DC} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
  Task: {FBDF21E1-B6B4-4E3B-BDC5-34B86975616D} - System32\Tasks\{5C7FCAF9-2EF2-4464-AF3A-B7717FFEC645} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\setup.exe" -c -runfromtemp -l0x0005 -removeonly
  Task: {FECC2726-8910-4D8F-8FC2-B31BDC4F7CCE} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
  HKU\S-1-5-21-1332348435-3952591356-909228679-1000\Software\Microsoft\Internet Explorer\Main,Start Page = 
  SearchScopes: HKU\S-1-5-21-1332348435-3952591356-909228679-1000 -> DefaultScope {A06ED961-D98F-4CF9-A89B-80AB11DB149C} URL = 
  BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
  U3 aspnet_state; no ImagePath
  2019-07-15 23:37 - 2019-07-15 23:38 - 000000000 ___DC C:\rsit
  2019-07-15 23:37 - 2019-07-15 23:37 - 000000000 ____D C:\Program Files\trend micro
  2019-07-15 23:37 - 2019-07-15 23:33 - 001222144 ____C C:\Users\Uzivatel\Desktop\RSITx64.exe
  
  CustomCLSID: HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
  CustomCLSID: HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
  CustomCLSID: HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
  CustomCLSID: HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
  CustomCLSID: HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File
  CustomCLSID: HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
  CustomCLSID: HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
  CustomCLSID: HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
  CustomCLSID: HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File
  CustomCLSID: HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File
  CustomCLSID: HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
  CustomCLSID: HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
  CustomCLSID: HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
  CustomCLSID: HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => No File
  ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
  ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> No File
  ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
  ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
  
  Hosts:
  EmptyTemp:
  End

• Uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
• Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum

HKU\S-1-5-21-1332348435-3952591356-909228679-1000\...\Policies\Explorer: []
Task: {1908DE61-0C6C-4B48-947E-657FED499F33} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {2B1EB950-A2DD-4E3E-B7D3-9BE755B76E99} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {5529084B-8B44-4F37-8618-5D9AA35D13FC} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {6AE80B7B-B9FA-4685-8D6E-D0E64D5096EE} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {73CB3203-4EFE-47A1-98CA-827398911A91} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {8F0D39D5-DCC6-481B-BEEB-B3E812D47E15} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {BA70EFCE-926B-4BCA-BEBB-80F43ADB4A8F} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {C5C77708-CF62-456E-ACDC-2ACC2A9CC723} - \Rest Comp -> No File <==== ATTENTION
Task: {CC7C1E1A-EED2-4C43-8834-D68DB288062E} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {CDE69B64-8CCC-4DD4-9510-FE4AA39E580A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {E1881366-DF93-4AAB-A5E0-A513ECDFCE63} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {EC14783D-33F9-43C6-871D-A9191347EA7D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {F55A0650-BC6A-44F6-88B8-AB3B779245DC} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {FBDF21E1-B6B4-4E3B-BDC5-34B86975616D} - System32\Tasks\{5C7FCAF9-2EF2-4464-AF3A-B7717FFEC645} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\setup.exe" -c -runfromtemp -l0x0005 -removeonly
Task: {FECC2726-8910-4D8F-8FC2-B31BDC4F7CCE} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
HKU\S-1-5-21-1332348435-3952591356-909228679-1000\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKU\S-1-5-21-1332348435-3952591356-909228679-1000 -> DefaultScope {A06ED961-D98F-4CF9-A89B-80AB11DB149C} URL =
BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
U3 aspnet_state; no ImagePath
2019-07-15 23:37 - 2019-07-15 23:38 - 000000000 ___DC C:\rsit
2019-07-15 23:37 - 2019-07-15 23:37 - 000000000 ____D C:\Program Files\trend micro
2019-07-15 23:37 - 2019-07-15 23:33 - 001222144 ____C C:\Users\Uzivatel\Desktop\RSITx64.exe

CustomCLSID: HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File

Hosts:
EmptyTemp:
End

To je iba fixlist, ktory som poslal ja. Potrebujem vidiet Fixlog.txt.

omlouvam se

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-07-2019 01
Ran by Uzivatel (administrator) on UZIVATEL-PC (MSI MS-7636) (16-07-2019 09:03:47)
Running from C:\Users\Uzivatel\Desktop
Loaded Profiles: Uzivatel (Available Profiles: Uzivatel & UpdatusUser)
Platform: Windows 10 Home Version 1803 17134.885 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19021.18010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Brother Industries, Ltd. -> Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Brother Industries, Ltd. -> Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogRx.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Uzivatel\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mcbuilder.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17134.881_none_eada7c8e1d8131a8\TiWorker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1906.3-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1906.3-0\NisSrv.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Professional 7\PdfPro7Hook.exe
(Nullsoft Inc. -> Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Spotify AB -> Spotify Ltd) C:\Users\Uzivatel\AppData\Roaming\Spotify\Spotify.exe
(Spotify AB -> Spotify Ltd) C:\Users\Uzivatel\AppData\Roaming\Spotify\Spotify.exe
(Spotify AB -> Spotify Ltd) C:\Users\Uzivatel\AppData\Roaming\Spotify\Spotify.exe
(Spotify AB -> Spotify Ltd) C:\Users\Uzivatel\AppData\Roaming\Spotify\Spotify.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11101800 2010-07-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [415680 2012-02-05] (Autodesk, Inc -> Autodesk, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-07-26] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2776528 2016-12-14] (Malwarebytes Corporation -> Malwarebytes)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [112152 2010-07-01] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [85600 2013-12-13] (Nullsoft Inc. -> Nullsoft, Inc.)
HKLM-x32\...\Run: [M17A] => C:\WINDOWS\twain_32\Brimm17a\Common\TwDsUiLaunch.exe [77312 2017-05-10] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [146584 2017-11-07] (Brother Industries, Ltd. -> Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2976256 2018-01-19] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrotherSoftwareUpdateNotification] => C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe [3581952 2017-04-05] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2075480 2013-06-24] (Flexera Software LLC -> Flexera Software LLC.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [35648 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [17600 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFProHook] => C:\Program Files (x86)\Nuance\PDF Professional 7\pdfpro7hook.exe [641864 2013-03-20] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1332348435-3952591356-909228679-1000\...\Run: [Google Update] => C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.34.11\GoogleUpdateCore.exe [410920 2019-07-15] (Google Inc -> Google LLC)
HKU\S-1-5-21-1332348435-3952591356-909228679-1000\...\Run: [Spotify] => C:\Users\Uzivatel\AppData\Roaming\Spotify\Spotify.exe [25591712 2019-07-16] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-1332348435-3952591356-909228679-1000\...\RunOnce: [Application Restart #3] => C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe [3581952 2017-04-05] (Brother Industries, Ltd.) [File not signed]
HKU\S-1-5-21-1332348435-3952591356-909228679-1000\...\Policies\Explorer: []
HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2008-09-04] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2008-09-04] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-19] (Fox Magic Software) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\Installer\chrmstp.exe [2019-04-27] (Google LLC -> Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00EEC67F-7769-454F-95FC-4C2FB3493957} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {00FE8F93-0764-44A7-9687-EC33ED8A799C} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {0A7CA73B-CE09-43B1-8646-50241A28CCF4} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {0E762DD3-5712-4DC1-BA6F-00C32E65DFE9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MpCmdRun.exe [470176 2019-07-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {118B69D2-33C5-4094-A75D-281166F567E5} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1706F5AA-0BCA-4E59-AFB3-2CFCE23E13C4} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {1908DE61-0C6C-4B48-947E-657FED499F33} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {1A7C9D86-E208-4D8A-8DBB-2E08C5E84801} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23965776 2019-03-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {26E437CF-EF1D-49DD-B5E2-715FAF6BE585} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {28E2D337-D3E9-4DD1-AE8C-4F233B6D1C4A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1332348435-3952591356-909228679-1000UA1d25949cceec550 => C:\Users\Uzivatel\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {28F79DF2-66E9-471C-9598-2569BBFF5387} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23965776 2019-03-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {2AFAAB0F-C222-4826-9BAC-1D90D3B418C8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MpCmdRun.exe [470176 2019-07-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2B1EB950-A2DD-4E3E-B7D3-9BE755B76E99} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {2C88F607-8D75-4BDE-824E-627DD668E296} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2E37611B-90CB-4273-BAEA-3907BD099984} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_Plugin.exe [1457208 2019-07-15] (Adobe Inc. -> Adobe)
Task: {3D502813-D1D2-41CB-ACCC-1FE28968EF83} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1527080 2019-04-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {3F620358-0C8F-4A4B-819C-687986B8563C} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1527080 2019-04-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {4075AA6F-B619-4F0E-B79E-695792318898} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {453E4444-5521-4C7C-ACFD-7CA3E5A0D928} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {49584494-56EB-423B-A8EC-11421CEDD3F1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-07-15] (Adobe Inc. -> Adobe)
Task: {5392DF1D-6BC9-4F35-AB03-951A63B496C2} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_142_pepper.exe [1452544 2019-02-15] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {5529084B-8B44-4F37-8618-5D9AA35D13FC} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {56921D99-D5EB-4500-A4E0-339ED10C7D71} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MpCmdRun.exe [470176 2019-07-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {6087E5E2-7BF4-47D6-AAD5-490CCA2B6810} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1332348435-3952591356-909228679-1000UA => C:\Users\Uzivatel\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {69007947-8C1A-40DE-87CA-1F47C8333B99} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1332348435-3952591356-909228679-1000Core => C:\Users\Uzivatel\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {6AE80B7B-B9FA-4685-8D6E-D0E64D5096EE} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {73CB3203-4EFE-47A1-98CA-827398911A91} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {764C755F-E027-4C99-AB84-558965911830} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.)
Task: {766FBC1F-4D8C-41B9-971D-00CB352D9284} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7BAC6774-B906-40AE-908E-DD5AC4DB94AA} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {850CB7A0-5388-4B3C-8283-A35BFA7B0AF5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2417232 2019-04-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {87DB5543-9A65-4B3B-9886-2D718FB7FB68} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8E239226-BB74-4231-9A53-66F9B54E4AE7} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [753240 2019-04-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {8F0D39D5-DCC6-481B-BEEB-B3E812D47E15} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {921024A5-7579-4DCD-8309-C25CDAE9FB0F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.)
Task: {9625759F-C769-4BEA-902F-0AE6F05B1016} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {99F7AF79-FA42-477A-B2F8-13E7B97AF806} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9CCC0D1B-01BF-4B5E-9E01-C304DC4F284D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A2218FDE-1D9E-4D54-8BF7-2982815F9249} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A5D2CD9B-7BDF-43C1-8AF6-42B9FABE8F5C} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B559D76E-4742-4ED0-91DB-C336C3D1A8EA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MpCmdRun.exe [470176 2019-07-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BA70EFCE-926B-4BCA-BEBB-80F43ADB4A8F} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {BD0CEA1E-E769-4D69-A16F-CCAF532F18CE} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\osfinstaller.exe [87336 2019-04-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {C0B50F6A-1FC6-4C27-979F-4D500E712D58} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C4B26656-2B6C-4E8F-9A5A-5852D9CABCEE} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {C5C77708-CF62-456E-ACDC-2ACC2A9CC723} - \Rest Comp -> No File <==== ATTENTION
Task: {C6FA6607-A47C-4216-B187-161EE92ACF84} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {C87E6963-DB12-42F6-8A51-45E2675D8C69} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {CC7C1E1A-EED2-4C43-8834-D68DB288062E} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {CDE69B64-8CCC-4DD4-9510-FE4AA39E580A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {D5BABA95-95CC-498C-A0CE-EF0351426CDD} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {D622D7A3-C2CD-44E8-8B2D-3A9A1974511F} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {D831B67F-3165-4861-B72E-84903D1F8431} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DB670137-AE23-4535-BD71-EC3AF03201D2} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {DF71C223-E759-4CE8-9F33-E38DFAFE14AF} - System32\Tasks\{5F6BDC3E-C1FD-4139-8332-059B7896CA87} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\The KMPlayer\KMPSetup.exe" -d "C:\Program Files (x86)\The KMPlayer"
Task: {E036C546-4AAC-4A69-8C23-C00DE671CD87} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [569416 2016-02-23] (Apple Inc. -> Apple Inc.)
Task: {E1881366-DF93-4AAB-A5E0-A513ECDFCE63} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {E98121B3-A5FA-4F06-9EA6-A022AB174569} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {EAF32249-F2EB-4ECE-A205-09D3A57BFEF1} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {EC14783D-33F9-43C6-871D-A9191347EA7D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {ED3225A3-C50E-4AB0-BDA9-AEB25B96801A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2417232 2019-04-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {F336FEF6-EC22-4237-9A77-43A928C19EDF} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F55A0650-BC6A-44F6-88B8-AB3B779245DC} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {FBDF21E1-B6B4-4E3B-BDC5-34B86975616D} - System32\Tasks\{5C7FCAF9-2EF2-4464-AF3A-B7717FFEC645} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\setup.exe" -c -runfromtemp -l0x0005 -removeonly
Task: {FD04F33A-1616-4DBD-9A86-ED95B1980FAC} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {FD989352-26AB-42A4-9479-5F4B307CF9C8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1332348435-3952591356-909228679-1000Core1d25949cccf9d30 => C:\Users\Uzivatel\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {FECC2726-8910-4D8F-8FC2-B31BDC4F7CCE} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1332348435-3952591356-909228679-1000Core.job => C:\Users\Uzivatel\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1332348435-3952591356-909228679-1000UA.job => C:\Users\Uzivatel\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{493e21de-14ec-4508-834b-adbd8b09ae84}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{6a1e98de-2bf5-44e2-9cc9-0b402406e9a8}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\S-1-5-21-1332348435-3952591356-909228679-1000\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKU\S-1-5-21-1332348435-3952591356-909228679-1000 -> DefaultScope {A06ED961-D98F-4CF9-A89B-80AB11DB149C} URL =
SearchScopes: HKU\S-1-5-21-1332348435-3952591356-909228679-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1332348435-3952591356-909228679-1000 -> {105B0D51-56A0-4EE7-A41E-5175BC0BD94D} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1332348435-3952591356-909228679-1000 -> {127EE9EC-779D-40E5-9243-A2A97FD46BD1} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1332348435-3952591356-909228679-1000 -> {214D043C-D6C5-48BE-AE84-444B597BEE5F} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-1332348435-3952591356-909228679-1000 -> {2EF7F36D-EC80-4036-82B7-F48301FC70A6} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1332348435-3952591356-909228679-1000 -> {61911BF0-6A88-4B48-B28C-1992FABEACFE} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1332348435-3952591356-909228679-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-1332348435-3952591356-909228679-1000 -> {8BC8057A-E3DC-40AB-9E01-A7632B10B382} URL = hxxp://www.firmy.cz/phr/{searchTerms}?sourceid ... arch_12454
SearchScopes: HKU\S-1-5-21-1332348435-3952591356-909228679-1000 -> {A67FA295-C3E3-41A1-9985-8CFA850B874D} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-01-20] (Microsoft Corporation -> Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2019-04-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-01-20] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\PlusIEContextMenu.dll [2011-06-30] (Zeon Corporation -> Zeon Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-12] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-12] (Oracle America, Inc. -> Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-20] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\9slcp39g.default [2016-12-28]
FF Homepage: Mozilla\Firefox\Profiles\9slcp39g.default -> hxxp://mail.ru/cnt/10445?gp=818407
FF Extension: (Firefox Hotfix) - C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\9slcp39g.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-17] [Legacy]
FF Extension: (Домашняя страница Mail.Ru) - C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\9slcp39g.default\Extensions\homepage@mail.ru [2016-12-28] [Legacy]
FF Extension: (Поиск@Mail.Ru) - C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\9slcp39g.default\Extensions\search@mail.ru [2016-12-28] [Legacy]
FF Extension: (Визуальные закладки @Mail.Ru) - C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\9slcp39g.default\Extensions\{a38384b3-2d1d-4f36-bc22-0f7ae402bcd7} [2016-12-28] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_223.dll [2019-07-15] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_223.dll [2019-07-15] (Adobe Inc. -> )
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] (Apple Inc. -> )
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google Inc -> Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Windows\SysWOW64\npdeployJava1.dll [2015-03-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-01-20] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-01-20] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-07-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-07-15] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-03-17] (VideoLAN) [File not signed]
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Professional 7\bin\nppdf.dll [2011-07-15] (Zeon Corporation -> Zeon Corporation)
FF Plugin HKU\S-1-5-21-1332348435-3952591356-909228679-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-07-15] (Google Inc -> Google LLC)
FF Plugin HKU\S-1-5-21-1332348435-3952591356-909228679-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-07-15] (Google Inc -> Google LLC)

Chrome:
=======
CHR DefaultProfile: Default
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default [2019-07-15]
CHR Extension: (Prezentace) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-29]
CHR Extension: (Dokumenty Google) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-18]
CHR Extension: (Disk Google) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-21]
CHR Extension: (YouTube) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-20]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-04-27]
CHR Extension: (Vyhledávání Google) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-21]
CHR Extension: (Tabulky) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-29]
CHR Extension: (Dokumenty Google offline) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-07]
CHR Extension: (AdBlock) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-02-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-06]
CHR Extension: (Gmail) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-18]
CHR Extension: (Chrome Media Router) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-27]

Opera:
=======
OPR Extension: (Adblock Plus) - C:\Users\Uzivatel\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2016-11-04]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc. -> Apple Inc.)
S2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc. -> Autodesk, Inc.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [314368 2018-01-18] (Brother Industries, Ltd.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9677904 2019-03-29] (Microsoft Corporation -> Microsoft Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-12-14] (Malwarebytes Corporation -> Malwarebytes)
S2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [77336 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6634224 2018-02-02] (TeamViewer GmbH -> TeamViewer GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\NisSrv.exe [2455544 2019-07-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MsMpEng.exe [110104 2019-07-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.1.6.0\WsAppService.exe [388608 2016-01-28] (Wondershare) [File not signed]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 athur; C:\WINDOWS\System32\drivers\athurx.sys [1847296 2010-01-05] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-04-27] (Malwarebytes Corporation -> )
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [176064 2016-12-28] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [102856 2016-12-29] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2016-12-29] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [251832 2019-07-16] (Malwarebytes Corporation -> Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_2e7fa54192fe16d0\nvlddmkm.sys [16936048 2017-11-09] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-12] (Microsoft Windows -> Realtek )
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
U5 vwifimp; C:\Windows\System32\Drivers\vwifimp.sys [44544 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [47704 2019-07-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [367032 2019-07-16] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54200 2019-07-16] (Microsoft Windows -> Microsoft Corporation)
U3 aspnet_state; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-16 09:03 - 2019-07-16 09:07 - 000038964 ____C C:\Users\Uzivatel\Desktop\FRST.txt
2019-07-16 09:02 - 2019-07-16 08:57 - 002095104 ____C (Farbar) C:\Users\Uzivatel\Desktop\FRST64.exe
2019-07-16 08:48 - 2019-05-31 03:57 - 000835688 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-07-16 08:48 - 2019-05-31 03:57 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-07-16 00:37 - 2019-07-04 11:40 - 021390504 ____C (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-07-16 00:37 - 2019-07-04 11:40 - 001616840 ____C (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-07-16 00:37 - 2019-07-04 11:18 - 003614208 ____C (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-07-16 00:37 - 2019-07-04 10:37 - 002882048 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-07-16 00:37 - 2019-07-04 06:57 - 003292152 ____C (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-07-16 00:37 - 2019-07-04 06:56 - 009084216 ____C (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-07-16 00:37 - 2019-07-04 06:56 - 007519896 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-07-16 00:37 - 2019-07-04 06:56 - 007436536 ____C (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-07-16 00:37 - 2019-07-04 06:42 - 006570368 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-07-16 00:37 - 2019-07-04 06:42 - 006044008 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-07-16 00:37 - 2019-07-04 06:37 - 025857536 ____C (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-07-16 00:37 - 2019-07-04 06:33 - 022017536 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-07-16 00:37 - 2019-07-04 06:29 - 022717440 ____C (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-07-16 00:37 - 2019-07-04 06:26 - 004385280 ____C (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-07-16 00:37 - 2019-07-04 06:25 - 019372544 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-07-16 00:37 - 2019-07-04 06:25 - 007589888 ____C (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-07-16 00:37 - 2019-07-04 06:25 - 004861440 ____C (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-07-16 00:37 - 2019-07-04 06:21 - 005784064 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-07-16 00:37 - 2019-06-13 14:04 - 001721144 ____C (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-07-16 00:37 - 2019-06-13 13:42 - 004038688 ____C (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-07-16 00:37 - 2019-06-13 13:18 - 006586880 ____C (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-07-16 00:37 - 2019-06-13 13:18 - 004847104 ____C (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-07-16 00:37 - 2019-06-13 13:17 - 012756992 ____C (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-07-16 00:37 - 2019-06-13 13:15 - 004718080 ____C (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-07-16 00:37 - 2019-06-13 13:13 - 002920448 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2019-07-16 00:37 - 2019-06-13 11:54 - 011942912 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-07-16 00:37 - 2019-06-13 08:47 - 005625160 ____C (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-07-16 00:37 - 2019-05-17 08:30 - 013878784 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-07-16 00:37 - 2019-05-17 08:19 - 004515840 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-07-16 00:37 - 2019-05-17 07:44 - 016597504 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-07-16 00:37 - 2019-05-17 07:38 - 004709376 ____C (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-07-16 00:37 - 2019-05-17 07:31 - 004937216 ____C (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-07-16 00:37 - 2019-05-03 08:01 - 008189440 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-07-16 00:36 - 2019-07-04 11:40 - 001631808 ____C (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-07-16 00:36 - 2019-07-04 11:40 - 000790416 ____C (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-07-16 00:36 - 2019-07-04 11:21 - 008627200 ____C (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-07-16 00:36 - 2019-07-04 11:20 - 001609216 ____C (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-07-16 00:36 - 2019-07-04 11:19 - 000420864 ____C (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2019-07-16 00:36 - 2019-07-04 11:18 - 001663488 ____C (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-07-16 00:36 - 2019-07-04 10:56 - 001453416 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-07-16 00:36 - 2019-07-04 10:54 - 000662352 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-07-16 00:36 - 2019-07-04 10:51 - 020384128 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-07-16 00:36 - 2019-07-04 10:41 - 007990784 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-07-16 00:36 - 2019-07-04 10:36 - 001471488 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-07-16 00:36 - 2019-07-04 07:00 - 001035040 ____C (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-07-16 00:36 - 2019-07-04 06:58 - 001328440 ____C (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2019-07-16 00:36 - 2019-07-04 06:58 - 001219896 ____C (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-07-16 00:36 - 2019-07-04 06:57 - 001027384 ____C (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-07-16 00:36 - 2019-07-04 06:57 - 000986128 ____C (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2019-07-16 00:36 - 2019-07-04 06:57 - 000776784 ____C (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-07-16 00:36 - 2019-07-04 06:57 - 000723728 ____C (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-07-16 00:36 - 2019-07-04 06:57 - 000708696 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-07-16 00:36 - 2019-07-04 06:57 - 000568104 ____C (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-07-16 00:36 - 2019-07-04 06:57 - 000362264 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2019-07-16 00:36 - 2019-07-04 06:56 - 002810680 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-07-16 00:36 - 2019-07-04 06:56 - 002571640 ____C (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-07-16 00:36 - 2019-07-04 06:56 - 001566520 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2019-07-16 00:36 - 2019-07-04 06:56 - 001459120 ____C (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-07-16 00:36 - 2019-07-04 06:56 - 001260776 ____C (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-07-16 00:36 - 2019-07-04 06:56 - 001141496 ____C (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-07-16 00:36 - 2019-07-04 06:56 - 000983936 ____C (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-07-16 00:36 - 2019-07-04 06:56 - 000767536 ____C (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-07-16 00:36 - 2019-07-04 06:56 - 000734952 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-07-16 00:36 - 2019-07-04 06:56 - 000713272 ____C (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-07-16 00:36 - 2019-07-04 06:56 - 000604984 ____C (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-07-16 00:36 - 2019-07-04 06:56 - 000493752 ____C (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-07-16 00:36 - 2019-07-04 06:43 - 000832016 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2019-07-16 00:36 - 2019-07-04 06:43 - 000665440 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-07-16 00:36 - 2019-07-04 06:43 - 000287376 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2019-07-16 00:36 - 2019-07-04 06:42 - 002479176 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-07-16 00:36 - 2019-07-04 06:42 - 001980984 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-07-16 00:36 - 2019-07-04 06:42 - 001427768 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2019-07-16 00:36 - 2019-07-04 06:42 - 000573808 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2019-07-16 00:36 - 2019-07-04 06:42 - 000356312 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2019-07-16 00:36 - 2019-07-04 06:41 - 000559328 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-07-16 00:36 - 2019-07-04 06:26 - 000310272 ____C (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-07-16 00:36 - 2019-07-04 06:25 - 003401216 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-07-16 00:36 - 2019-07-04 06:25 - 000295424 ____C (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2019-07-16 00:36 - 2019-07-04 06:24 - 000567808 ____C (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-07-16 00:36 - 2019-07-04 06:24 - 000153600 ____C (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-07-16 00:36 - 2019-07-04 06:23 - 001765888 ____C (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-07-16 00:36 - 2019-07-04 06:23 - 001217536 ____C (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-07-16 00:36 - 2019-07-04 06:22 - 003707904 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-07-16 00:36 - 2019-07-04 06:22 - 002587648 ____C (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2019-07-16 00:36 - 2019-07-04 06:22 - 002176000 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-07-16 00:36 - 2019-07-04 06:22 - 001561088 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-07-16 00:36 - 2019-07-04 06:22 - 001549824 ____C (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-07-16 00:36 - 2019-07-04 06:22 - 001175552 ____C (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2019-07-16 00:36 - 2019-07-04 06:21 - 005307392 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-07-16 00:36 - 2019-07-04 06:21 - 003202560 ____C (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-07-16 00:36 - 2019-07-04 06:21 - 002166784 ____C (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-07-16 00:36 - 2019-07-04 06:21 - 001920000 ____C (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-07-16 00:36 - 2019-07-04 06:21 - 001220608 ____C (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2019-07-16 00:36 - 2019-07-04 06:20 - 001156608 ____C (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-07-16 00:36 - 2019-07-04 06:20 - 000544256 ____C (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-07-16 00:36 - 2019-07-04 06:20 - 000392704 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-07-16 00:36 - 2019-07-04 06:19 - 000886272 ____C (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-07-16 00:36 - 2019-07-04 06:18 - 002602496 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-07-16 00:36 - 2019-07-04 06:18 - 000953344 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2019-07-16 00:36 - 2019-07-04 06:17 - 000531968 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-07-16 00:36 - 2019-06-13 14:15 - 000324408 ____C (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-07-16 00:36 - 2019-06-13 14:12 - 002871848 ____C (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-07-16 00:36 - 2019-06-13 14:05 - 000810296 ____C (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-07-16 00:36 - 2019-06-13 14:00 - 000464696 ____C (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-07-16 00:36 - 2019-06-13 13:59 - 000740664 ____C (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-07-16 00:36 - 2019-06-13 13:58 - 000637752 ____C (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-07-16 00:36 - 2019-06-13 13:58 - 000071480 ____C (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-07-16 00:36 - 2019-06-13 13:56 - 000164152 ____C (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-07-16 00:36 - 2019-06-13 13:43 - 001048480 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2019-07-16 00:36 - 2019-06-13 13:42 - 000566536 ____C (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2019-07-16 00:36 - 2019-06-13 13:40 - 000540984 ____C (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-07-16 00:36 - 2019-06-13 13:38 - 000766264 ____C (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2019-07-16 00:36 - 2019-06-13 13:36 - 000251000 ____C (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2019-07-16 00:36 - 2019-06-13 13:35 - 001376688 ____C (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-07-16 00:36 - 2019-06-13 13:16 - 000767488 ____C (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2019-07-16 00:36 - 2019-06-13 13:14 - 001127936 ____C (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2019-07-16 00:36 - 2019-06-13 13:14 - 000900096 ____C (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2019-07-16 00:36 - 2019-06-13 13:14 - 000346624 ____C (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-07-16 00:36 - 2019-06-13 13:13 - 001339392 ____C (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2019-07-16 00:36 - 2019-06-13 13:13 - 000951808 ____C (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-07-16 00:36 - 2019-06-13 13:13 - 000765440 ____C (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2019-07-16 00:36 - 2019-06-13 12:07 - 001027008 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-07-16 00:36 - 2019-06-13 12:07 - 000660496 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2019-07-16 00:36 - 2019-06-13 12:05 - 003700160 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-07-16 00:36 - 2019-06-13 11:55 - 005657088 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-07-16 00:36 - 2019-06-13 11:51 - 000622080 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2019-07-16 00:36 - 2019-06-13 11:50 - 000896512 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2019-07-16 00:36 - 2019-06-13 11:49 - 002406400 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-07-16 00:36 - 2019-06-13 09:46 - 000713216 ____C (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2019-07-16 00:36 - 2019-06-13 09:01 - 000513336 ____C (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-07-16 00:36 - 2019-06-13 09:01 - 000511288 ____C (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-07-16 00:36 - 2019-06-13 08:59 - 000785264 ____C (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-07-16 00:36 - 2019-06-13 08:47 - 001063224 ____C (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-07-16 00:36 - 2019-06-13 08:46 - 001076536 ____C (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2019-07-16 00:36 - 2019-06-13 08:46 - 000510296 ____C (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-07-16 00:36 - 2019-06-13 08:46 - 000093984 ____C (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-07-16 00:36 - 2019-06-13 08:45 - 002421560 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-07-16 00:36 - 2019-06-13 08:44 - 002769688 ____C (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-07-16 00:36 - 2019-06-13 08:44 - 002546704 ____C (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2019-07-16 00:36 - 2019-06-13 08:44 - 001098272 ____C (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-07-16 00:36 - 2019-06-13 08:44 - 001033696 ____C (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2019-07-16 00:36 - 2019-06-13 08:44 - 000607112 ____C (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2019-07-16 00:36 - 2019-06-13 08:44 - 000545808 ____C (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-07-16 00:36 - 2019-06-13 08:44 - 000130624 ____C (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-07-16 00:36 - 2019-06-13 08:16 - 001626112 ____C (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-07-16 00:36 - 2019-06-13 08:15 - 000433152 ____C (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-07-16 00:36 - 2019-06-13 08:14 - 003318784 ____C (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-07-16 00:36 - 2019-06-13 08:14 - 000361472 ____C (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-07-16 00:36 - 2019-06-13 08:14 - 000302080 ____C (Microsoft Corporation) C:\WINDOWS\system32\CXHProvisioningServer.dll
2019-07-16 00:36 - 2019-06-13 08:13 - 004771840 ____C (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2019-07-16 00:36 - 2019-06-13 08:13 - 002370048 ____C (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-07-16 00:36 - 2019-06-13 08:13 - 000322560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-07-16 00:36 - 2019-06-13 08:13 - 000110592 ____C (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2019-07-16 00:36 - 2019-06-13 08:12 - 000916480 ____C (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-07-16 00:36 - 2019-06-13 08:12 - 000894464 ____C (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-07-16 00:36 - 2019-06-13 08:12 - 000808448 ____C (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-07-16 00:36 - 2019-06-13 08:12 - 000624640 ____C (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-07-16 00:36 - 2019-06-13 08:12 - 000532992 ____C (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2019-07-16 00:36 - 2019-06-13 08:10 - 002912256 ____C (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-07-16 00:36 - 2019-06-13 08:10 - 001400832 ____C (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-07-16 00:36 - 2019-06-13 08:10 - 001215488 ____C (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-07-16 00:36 - 2019-06-13 08:10 - 000871424 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2019-07-16 00:36 - 2019-06-13 08:10 - 000869376 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-07-16 00:36 - 2019-06-13 08:10 - 000849408 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2019-07-16 00:36 - 2019-06-13 08:10 - 000523776 ____C (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-07-16 00:36 - 2019-06-13 08:09 - 001854976 ____C (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-07-16 00:36 - 2019-06-13 08:09 - 000922112 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-07-16 00:36 - 2019-06-13 08:08 - 000506368 ____C (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-07-16 00:36 - 2019-06-13 07:14 - 000415544 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-07-16 00:36 - 2019-06-13 07:08 - 000443632 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-07-16 00:36 - 2019-06-13 07:07 - 000080744 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-07-16 00:36 - 2019-06-13 07:06 - 002256768 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-07-16 00:36 - 2019-06-13 07:06 - 001130776 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-07-16 00:36 - 2019-06-13 07:06 - 000581600 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-07-16 00:36 - 2019-06-13 06:47 - 003554304 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2019-07-16 00:36 - 2019-06-13 06:47 - 002899456 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2019-07-16 00:36 - 2019-06-13 06:46 - 000608768 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-07-16 00:36 - 2019-06-13 06:46 - 000331776 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-07-16 00:36 - 2019-06-13 06:44 - 001003008 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-07-16 00:36 - 2019-06-13 06:44 - 000648192 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2019-07-16 00:36 - 2019-06-13 06:44 - 000630784 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2019-07-16 00:36 - 2019-06-13 06:43 - 000681472 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-07-16 00:36 - 2019-06-13 06:43 - 000646656 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-07-16 00:36 - 2019-06-07 12:41 - 004055552 ____C (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-07-16 00:36 - 2019-06-07 12:40 - 001364992 ____C (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-07-16 00:36 - 2019-06-07 12:04 - 004056064 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-07-16 00:36 - 2019-06-07 08:07 - 000707384 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-07-16 00:36 - 2019-06-07 07:57 - 002719032 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-07-16 00:36 - 2019-06-07 07:57 - 001934808 ____C (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-07-16 00:36 - 2019-06-07 07:57 - 001209696 ____C (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-07-16 00:36 - 2019-06-07 07:57 - 000792888 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-07-16 00:36 - 2019-06-07 07:57 - 000594024 ____C (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-07-16 00:36 - 2019-06-07 07:57 - 000435000 ____C (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-07-16 00:36 - 2019-06-07 07:57 - 000383504 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-07-16 00:36 - 2019-06-07 07:47 - 000380432 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-07-16 00:36 - 2019-06-07 07:46 - 001805656 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-07-16 00:36 - 2019-06-07 07:46 - 001011872 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-07-16 00:36 - 2019-06-07 07:23 - 000561152 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-07-16 00:36 - 2019-06-07 07:21 - 000473600 ____C (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-07-16 00:36 - 2019-06-07 07:19 - 000778240 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-07-16 00:36 - 2019-06-07 07:18 - 000686592 ____C (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-07-16 00:36 - 2019-06-07 07:17 - 000961024 ____C (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-07-16 00:36 - 2019-06-07 07:17 - 000889344 ____C (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-07-16 00:36 - 2019-06-07 07:16 - 000900096 ____C (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-07-16 00:36 - 2019-06-07 07:16 - 000478720 ____C (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2019-07-16 00:36 - 2019-05-19 00:12 - 000353280 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-07-16 00:36 - 2019-05-17 14:40 - 002394960 ____C (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2019-07-16 00:36 - 2019-05-17 14:25 - 004491264 ____C (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2019-07-16 00:36 - 2019-05-17 14:21 - 001180672 ____C (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2019-07-16 00:36 - 2019-05-17 14:21 - 000878592 ____C (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-07-16 00:36 - 2019-05-17 14:19 - 000757248 ____C (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2019-07-16 00:36 - 2019-05-17 13:58 - 003397632 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2019-07-16 00:36 - 2019-05-17 13:55 - 000704000 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2019-07-16 00:36 - 2019-05-17 08:44 - 000829960 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2019-07-16 00:36 - 2019-05-17 08:44 - 000550520 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2019-07-16 00:36 - 2019-05-17 08:42 - 004789944 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-07-16 00:36 - 2019-05-17 08:42 - 001989552 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-07-16 00:36 - 2019-05-17 08:42 - 001620264 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-07-16 00:36 - 2019-05-17 08:42 - 001380096 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2019-07-16 00:36 - 2019-05-17 08:26 - 002969600 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-07-16 00:36 - 2019-05-17 08:19 - 001630720 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-07-16 00:36 - 2019-05-17 08:19 - 001110528 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2019-07-16 00:36 - 2019-05-17 08:19 - 000835584 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2019-07-16 00:36 - 2019-05-17 08:18 - 002796032 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2019-07-16 00:36 - 2019-05-17 08:18 - 001006592 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2019-07-16 00:36 - 2019-05-17 08:08 - 000491200 ____C (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-07-16 00:36 - 2019-05-17 08:07 - 004404720 ____C (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-07-16 00:36 - 2019-05-17 08:07 - 002467320 ____C (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-07-16 00:36 - 2019-05-17 08:07 - 001288712 ____C (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-07-16 00:36 - 2019-05-17 08:07 - 000930616 ____C (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2019-07-16 00:36 - 2019-05-17 08:07 - 000275768 ____C (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-07-16 00:36 - 2019-05-17 08:07 - 000260800 ____C (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-07-16 00:36 - 2019-05-17 08:06 - 001943136 ____C (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-07-16 00:36 - 2019-05-17 08:06 - 001784696 ____C (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-07-16 00:36 - 2019-05-17 08:04 - 001826816 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-07-16 00:36 - 2019-05-17 07:34 - 001804288 ____C (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2019-07-16 00:36 - 2019-05-17 07:34 - 000671744 ____C (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2019-07-16 00:36 - 2019-05-17 07:33 - 003091456 ____C (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-07-16 00:36 - 2019-05-17 07:33 - 001487360 ____C (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2019-07-16 00:36 - 2019-05-17 07:33 - 000787968 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2019-07-16 00:36 - 2019-05-17 07:32 - 001070080 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2019-07-16 00:36 - 2019-05-17 07:32 - 000815104 ____C (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-07-16 00:36 - 2019-05-17 07:31 - 003376640 ____C (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2019-07-16 00:36 - 2019-05-17 07:31 - 003293184 ____C (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2019-07-16 00:36 - 2019-05-17 07:31 - 001805312 ____C (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-07-16 00:36 - 2019-05-17 07:31 - 001383424 ____C (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-07-16 00:36 - 2019-05-17 07:31 - 001211904 ____C (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2019-07-16 00:36 - 2019-05-17 07:31 - 001027584 ____C (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2019-07-16 00:36 - 2019-05-17 07:31 - 000620032 ____C (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-07-16 00:36 - 2019-05-17 07:30 - 000917504 ____C (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2019-07-16 00:36 - 2019-05-17 07:30 - 000276992 ____C (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2019-07-16 00:36 - 2019-05-03 13:49 - 001288704 ____C (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-07-16 00:36 - 2019-05-03 08:32 - 000493880 ____C (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-07-16 00:36 - 2019-05-03 08:00 - 006661632 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-07-16 00:36 - 2019-05-03 07:54 - 000845824 ____C (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-07-16 00:36 - 2019-05-03 07:54 - 000776192 ____C (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-07-16 00:36 - 2019-05-03 07:54 - 000669184 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-07-16 00:36 - 2019-05-03 07:53 - 000204800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2019-07-16 00:36 - 2019-05-03 07:53 - 000186880 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2019-07-16 00:36 - 2019-05-03 07:53 - 000184320 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2019-07-16 00:36 - 2019-05-03 07:53 - 000181760 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2019-07-16 00:36 - 2019-04-19 12:54 - 000720200 ____C (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-07-16 00:36 - 2019-04-19 12:34 - 000522240 ____C (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2019-07-16 00:36 - 2019-04-19 11:37 - 000607960 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-07-16 00:36 - 2019-04-19 11:25 - 000423936 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2019-07-16 00:36 - 2019-04-19 07:06 - 000798520 ____C (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2019-07-16 00:36 - 2019-04-19 07:01 - 000576016 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2019-07-16 00:36 - 2019-04-19 06:43 - 000150016 ____C (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-07-16 00:36 - 2019-04-19 06:40 - 000243712 ____C (Microsoft Corporation) C:\WINDOWS\system32\JpnServiceDS.dll
2019-07-16 00:36 - 2019-04-19 06:38 - 000593408 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-07-16 00:36 - 2019-04-19 06:38 - 000304128 ____C (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2019-07-16 00:36 - 2019-04-19 06:37 - 000397312 ____C (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2019-07-16 00:36 - 2019-04-19 06:37 - 000381952 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2019-07-16 00:36 - 2019-04-19 06:36 - 000827392 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-07-16 00:36 - 2019-04-19 06:36 - 000546816 ____C (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2019-07-16 00:36 - 2019-04-19 06:35 - 001458688 ____C (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2019-07-16 00:36 - 2019-04-19 06:35 - 000784896 ____C (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2019-07-16 00:36 - 2019-04-19 06:34 - 000935936 ____C (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-07-16 00:36 - 2019-04-19 06:34 - 000653312 ____C (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2019-07-16 00:36 - 2019-04-19 05:18 - 000806360 ____C C:\WINDOWS\SysWOW64\locale.nls
2019-07-16 00:36 - 2019-04-19 05:18 - 000806360 ____C C:\WINDOWS\system32\locale.nls
2019-07-16 00:35 - 2019-07-04 11:43 - 000094008 ____C (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-07-16 00:35 - 2019-07-04 11:22 - 000131072 ____C (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2019-07-16 00:35 - 2019-07-04 11:22 - 000128000 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-07-16 00:35 - 2019-07-04 06:58 - 000416312 ____C (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2019-07-16 00:35 - 2019-07-04 06:58 - 000192824 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-07-16 00:35 - 2019-07-04 06:57 - 000209424 ____C (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-07-16 00:35 - 2019-07-04 06:57 - 000194360 ____C (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-07-16 00:35 - 2019-07-04 06:57 - 000137656 ____C (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2019-07-16 00:35 - 2019-07-04 06:57 - 000134968 ____C (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-07-16 00:35 - 2019-07-04 06:57 - 000091776 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2019-07-16 00:35 - 2019-07-04 06:56 - 000115512 ____C (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-07-16 00:35 - 2019-07-04 06:43 - 000328696 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2019-07-16 00:35 - 2019-07-04 06:43 - 000191800 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-07-16 00:35 - 2019-07-04 06:42 - 000097272 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2019-07-16 00:35 - 2019-07-04 06:26 - 000051200 ____C (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-07-16 00:35 - 2019-07-04 06:25 - 000079872 ____C (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2019-07-16 00:35 - 2019-07-04 06:24 - 000726528 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2019-07-16 00:35 - 2019-07-04 06:24 - 000462336 ____C (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-07-16 00:35 - 2019-07-04 06:23 - 000786432 ____C (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2019-07-16 00:35 - 2019-07-04 06:22 - 000300544 ____C (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2019-07-16 00:35 - 2019-07-04 06:22 - 000110592 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2019-07-16 00:35 - 2019-07-04 06:22 - 000032768 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2019-07-16 00:35 - 2019-07-04 06:21 - 000324096 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-07-16 00:35 - 2019-07-04 06:21 - 000124416 ____C (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2019-07-16 00:35 - 2019-07-04 06:21 - 000059392 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2019-07-16 00:35 - 2019-07-04 06:20 - 000330752 ____C (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2019-07-16 00:35 - 2019-07-04 06:19 - 000230912 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-07-16 00:35 - 2019-07-04 06:18 - 001076224 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-07-16 00:35 - 2019-07-04 06:18 - 000965632 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2019-07-16 00:35 - 2019-07-04 06:18 - 000275968 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2019-07-16 00:35 - 2019-07-04 05:01 - 000001312 ____C C:\WINDOWS\system32\tcbres.wim
2019-07-16 00:35 - 2019-06-21 10:50 - 000280584 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2019-07-16 00:35 - 2019-06-13 13:37 - 000101192 ____C (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe
2019-07-16 00:35 - 2019-06-13 13:36 - 000236520 ____C (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2019-07-16 00:35 - 2019-06-13 13:34 - 000146888 ____C (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
2019-07-16 00:35 - 2019-06-13 13:17 - 000178176 ____C (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll
2019-07-16 00:35 - 2019-06-13 13:17 - 000115200 ____C (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2019-07-16 00:35 - 2019-06-13 13:17 - 000109056 ____C (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2019-07-16 00:35 - 2019-06-13 13:17 - 000093184 ____C (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2019-07-16 00:35 - 2019-06-13 13:15 - 000041984 ____C (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
2019-07-16 00:35 - 2019-06-13 13:14 - 000246272 ____C (Microsoft Corporation) C:\WINDOWS\system32\DesktopSwitcherDataModel.dll
2019-07-16 00:35 - 2019-06-13 13:13 - 000181248 ____C (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2019-07-16 00:35 - 2019-06-13 13:12 - 000394240 ____C (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2019-07-16 00:35 - 2019-06-13 13:10 - 000239104 ____C (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2019-07-16 00:35 - 2019-06-13 12:07 - 000221232 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2019-07-16 00:35 - 2019-06-13 11:54 - 000151552 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmvdsitf.dll
2019-07-16 00:35 - 2019-06-13 11:53 - 000089600 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2019-07-16 00:35 - 2019-06-13 11:49 - 000371200 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2019-07-16 00:35 - 2019-06-13 09:48 - 000677376 ____C (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2019-07-16 00:35 - 2019-06-13 09:01 - 000036152 ____C (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-07-16 00:35 - 2019-06-13 08:17 - 000106496 ____C (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-07-16 00:35 - 2019-06-13 08:16 - 000140288 ____C (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2019-07-16 00:35 - 2019-06-13 08:15 - 000514560 ____C (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-07-16 00:35 - 2019-06-13 08:15 - 000204288 ____C (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2019-07-16 00:35 - 2019-06-13 08:15 - 000137728 ____C (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2019-07-16 00:35 - 2019-06-13 08:15 - 000083456 ____C (Microsoft Corporation) C:\WINDOWS\system32\KdsCli.dll
2019-07-16 00:35 - 2019-06-13 08:14 - 000409088 ____C (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2019-07-16 00:35 - 2019-06-13 08:13 - 000761344 ____C (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2019-07-16 00:35 - 2019-06-13 08:12 - 000501248 ____C (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2019-07-16 00:35 - 2019-06-13 08:11 - 000508416 ____C (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-07-16 00:35 - 2019-06-13 08:11 - 000271872 ____C (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2019-07-16 00:35 - 2019-06-13 08:11 - 000048128 ____C (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2019-07-16 00:35 - 2019-06-13 08:09 - 000755712 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2019-07-16 00:35 - 2019-06-13 07:07 - 000101192 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2019-07-16 00:35 - 2019-06-13 06:49 - 000172544 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2019-07-16 00:35 - 2019-06-13 06:47 - 000450048 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2019-07-16 00:35 - 2019-06-13 06:46 - 000038400 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2019-07-16 00:35 - 2019-06-13 06:45 - 000602112 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2019-07-16 00:35 - 2019-06-13 06:45 - 000578560 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-07-16 00:35 - 2019-06-13 06:44 - 000582144 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2019-07-16 00:35 - 2019-06-13 06:44 - 000251904 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-07-16 00:35 - 2019-06-13 06:43 - 000445952 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2019-07-16 00:35 - 2019-06-07 12:48 - 000064000 ____C (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-07-16 00:35 - 2019-06-07 12:47 - 000059904 ____C (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-07-16 00:35 - 2019-06-07 12:10 - 000046080 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-07-16 00:35 - 2019-06-07 07:58 - 000422416 ____C (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll
2019-07-16 00:35 - 2019-06-07 07:58 - 000076304 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-07-16 00:35 - 2019-06-07 07:57 - 000413720 ____C (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2019-07-16 00:35 - 2019-06-07 07:57 - 000412984 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-07-16 00:35 - 2019-06-07 07:57 - 000170296 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-07-16 00:35 - 2019-06-07 07:57 - 000148280 ____C (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2019-07-16 00:35 - 2019-06-07 07:46 - 000128792 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2019-07-16 00:35 - 2019-06-07 07:24 - 001361408 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-07-16 00:35 - 2019-06-07 07:23 - 000209408 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-07-16 00:35 - 2019-06-07 07:22 - 000233984 ____C (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2019-07-16 00:35 - 2019-06-07 07:22 - 000216064 ____C (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
2019-07-16 00:35 - 2019-06-07 07:21 - 000154112 ____C (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-07-16 00:35 - 2019-06-07 07:20 - 001708544 ____C (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-07-16 00:35 - 2019-06-07 07:20 - 000726528 ____C (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-07-16 00:35 - 2019-06-07 07:19 - 000369664 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll
2019-07-16 00:35 - 2019-05-19 00:12 - 001311744 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-07-16 00:35 - 2019-05-19 00:12 - 000341504 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-07-16 00:35 - 2019-05-19 00:12 - 000241152 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-07-16 00:35 - 2019-05-17 14:44 - 000348160 ____C (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-07-16 00:35 - 2019-05-17 14:25 - 000039424 ____C (Microsoft Corporation) C:\WINDOWS\system32\WindowsUpdateElevatedInstaller.exe
2019-07-16 00:35 - 2019-05-17 14:24 - 000122368 ____C (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2019-07-16 00:35 - 2019-05-17 14:23 - 000110080 ____C (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2019-07-16 00:35 - 2019-05-17 14:22 - 000392192 ____C (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2019-07-16 00:35 - 2019-05-17 14:22 - 000182784 ____C (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2019-07-16 00:35 - 2019-05-17 14:21 - 001121792 ____C (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2019-07-16 00:35 - 2019-05-17 14:21 - 000274944 ____C (Microsoft Corporation) C:\WINDOWS\system32\dot3gpui.dll
2019-07-16 00:35 - 2019-05-17 14:21 - 000221184 ____C (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2019-07-16 00:35 - 2019-05-17 14:20 - 002084864 ____C (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-07-16 00:35 - 2019-05-17 14:07 - 002206424 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2019-07-16 00:35 - 2019-05-17 13:56 - 000344576 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2019-07-16 00:35 - 2019-05-17 13:56 - 000240640 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3gpui.dll
2019-07-16 00:35 - 2019-05-17 13:55 - 000668160 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2019-07-16 00:35 - 2019-05-17 13:55 - 000470528 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2019-07-16 00:35 - 2019-05-17 13:54 - 002016768 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-07-16 00:35 - 2019-05-17 13:54 - 000908288 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2019-07-16 00:35 - 2019-05-17 11:33 - 001008640 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-07-16 00:35 - 2019-05-17 10:52 - 000868864 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-07-16 00:35 - 2019-05-17 09:07 - 000105272 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2019-07-16 00:35 - 2019-05-17 08:43 - 000297688 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2019-07-16 00:35 - 2019-05-17 08:42 - 000129088 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2019-07-16 00:35 - 2019-05-17 08:42 - 000125504 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2019-07-16 00:35 - 2019-05-17 08:23 - 000074240 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2019-07-16 00:35 - 2019-05-17 08:23 - 000068096 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2019-07-16 00:35 - 2019-05-17 08:23 - 000002560 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-07-16 00:35 - 2019-05-17 08:22 - 000142848 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2019-07-16 00:35 - 2019-05-17 08:22 - 000031232 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2019-07-16 00:35 - 2019-05-17 08:21 - 000326144 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\esentutl.exe
2019-07-16 00:35 - 2019-05-17 08:21 - 000224768 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2019-07-16 00:35 - 2019-05-17 08:20 - 000366080 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2019-07-16 00:35 - 2019-05-17 08:20 - 000118272 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2019-07-16 00:35 - 2019-05-17 08:19 - 000873472 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2019-07-16 00:35 - 2019-05-17 08:08 - 000401328 ____C (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2019-07-16 00:35 - 2019-05-17 08:06 - 001307648 ____C (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2019-07-16 00:35 - 2019-05-17 08:06 - 000151888 ____C (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2019-07-16 00:35 - 2019-05-17 08:00 - 001295360 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2019-07-16 00:35 - 2019-05-17 07:37 - 000185344 ____C (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2019-07-16 00:35 - 2019-05-17 07:37 - 000108544 ____C (Microsoft Corporation) C:\WINDOWS\system32\DuCsps.dll
2019-07-16 00:35 - 2019-05-17 07:36 - 000228864 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-07-16 00:35 - 2019-05-17 07:36 - 000115200 ____C (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2019-07-16 00:35 - 2019-05-17 07:36 - 000096768 ____C (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2019-07-16 00:35 - 2019-05-17 07:36 - 000067584 ____C (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2019-07-16 00:35 - 2019-05-17 07:36 - 000040960 ____C (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2019-07-16 00:35 - 2019-05-17 07:36 - 000034816 ____C (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2019-07-16 00:35 - 2019-05-17 07:36 - 000002560 ____C (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-07-16 00:35 - 2019-05-17 07:35 - 000362496 ____C (Microsoft Corporation) C:\WINDOWS\system32\esentutl.exe
2019-07-16 00:35 - 2019-05-17 07:34 - 000275456 ____C (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2019-07-16 00:35 - 2019-05-17 07:34 - 000270336 ____C (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2019-07-16 00:35 - 2019-05-17 07:34 - 000175104 ____C (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-07-16 00:35 - 2019-05-17 07:34 - 000141312 ____C (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2019-07-16 00:35 - 2019-05-17 07:34 - 000047616 ____C (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll
2019-07-16 00:35 - 2019-05-17 07:33 - 000270336 ____C (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2019-07-16 00:35 - 2019-05-17 07:31 - 000466432 ____C (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-07-16 00:35 - 2019-05-03 14:13 - 000396088 ____C (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2019-07-16 00:35 - 2019-05-03 13:55 - 000123392 ____C (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-07-16 00:35 - 2019-05-03 13:54 - 000177664 ____C (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-07-16 00:35 - 2019-05-03 13:52 - 000119808 ____C (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-07-16 00:35 - 2019-05-03 13:49 - 000488448 ____C (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-07-16 00:35 - 2019-05-03 13:49 - 000210944 ____C (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-07-16 00:35 - 2019-05-03 13:30 - 000138752 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-07-16 00:35 - 2019-05-03 13:30 - 000098304 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-07-16 00:35 - 2019-05-03 13:27 - 000176640 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2019-07-16 00:35 - 2019-05-03 13:26 - 000425472 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-07-16 00:35 - 2019-05-03 08:43 - 000177128 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2019-07-16 00:35 - 2019-05-03 08:34 - 000159864 ____C (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2019-07-16 00:35 - 2019-05-03 08:33 - 000063072 ____C (Microsoft Corporation) C:\WINDOWS\system32\cryptdll.dll
2019-07-16 00:35 - 2019-05-03 08:32 - 000438984 ____C (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-07-16 00:35 - 2019-05-03 08:32 - 000164664 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2019-07-16 00:35 - 2019-05-03 08:20 - 000434704 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-07-16 00:35 - 2019-05-03 08:20 - 000384976 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-07-16 00:35 - 2019-05-03 08:20 - 000146920 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2019-07-16 00:35 - 2019-05-03 08:19 - 000056288 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptdll.dll
2019-07-16 00:35 - 2019-05-03 08:00 - 000120832 ____C (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-processor-power-events.dll
2019-07-16 00:35 - 2019-05-03 08:00 - 000099328 ____C (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2019-07-16 00:35 - 2019-05-03 07:59 - 000204288 ____C (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-07-16 00:35 - 2019-05-03 07:56 - 000773632 ____C (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2019-07-16 00:35 - 2019-05-03 07:55 - 000659968 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2019-07-16 00:35 - 2019-05-03 07:54 - 000778752 ____C (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2019-07-16 00:35 - 2019-05-03 07:54 - 000667136 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2019-07-16 00:35 - 2019-04-19 12:38 - 000058368 ____C (Microsoft Corporation) C:\WINDOWS\system32\RDSPnf.exe
2019-07-16 00:35 - 2019-04-19 12:38 - 000040960 ____C (Microsoft Corporation) C:\WINDOWS\system32\perfproc.dll
2019-07-16 00:35 - 2019-04-19 11:30 - 000036864 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfproc.dll
2019-07-16 00:35 - 2019-04-19 06:41 - 000095232 ____C (Microsoft Corporation) C:\WINDOWS\system32\EduPrintProv.exe
2019-07-16 00:35 - 2019-04-19 06:40 - 000342528 ____C (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-07-16 00:35 - 2019-04-19 06:40 - 000167936 ____C (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2019-07-16 00:35 - 2019-04-19 06:40 - 000081408 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetDriverInstall.dll
2019-07-16 00:35 - 2019-04-19 06:39 - 000425472 ____C (Microsoft Corporation) C:\WINDOWS\system32\SDDS.dll
2019-07-16 00:35 - 2019-04-19 06:39 - 000374784 ____C (Microsoft Corporation) C:\WINDOWS\system32\BingASDS.dll
2019-07-16 00:35 - 2019-04-19 06:38 - 000300544 ____C (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2019-07-16 00:35 - 2019-04-19 06:37 - 000221184 ____C (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2019-07-16 00:35 - 2019-04-19 06:36 - 001300992 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2019-07-16 00:35 - 2019-04-19 06:36 - 000357888 ____C (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-07-16 00:35 - 2019-04-19 06:36 - 000186368 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2019-07-16 00:35 - 2019-04-19 06:35 - 001938944 ____C (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2019-07-16 00:35 - 2019-04-19 06:35 - 000535040 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2019-07-16 00:35 - 2019-04-19 06:35 - 000312320 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2019-07-16 00:35 - 2019-04-09 03:48 - 000376320 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2019-07-16 00:01 - 2019-07-15 23:57 - 007025360 ____C (Malwarebytes) C:\Users\Uzivatel\Desktop\adwcleaner_7.3.exe
2019-07-15 23:37 - 2019-07-15 23:38 - 000000000 ___DC C:\rsit
2019-07-15 23:37 - 2019-07-15 23:37 - 000000000 ____D C:\Program Files\trend micro
2019-07-15 23:37 - 2019-07-15 23:33 - 001222144 ____C C:\Users\Uzivatel\Desktop\RSITx64.exe

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-16 09:03 - 2015-08-19 10:45 - 000000000 ___DC C:\FRST
2019-07-16 08:58 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-07-16 08:58 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-07-16 08:55 - 2018-05-21 06:44 - 001776048 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-07-16 08:55 - 2018-04-12 17:50 - 000743502 _____ C:\WINDOWS\system32\perfh005.dat
2019-07-16 08:55 - 2018-04-12 17:50 - 000159208 _____ C:\WINDOWS\system32\perfc005.dat
2019-07-16 08:55 - 2013-12-11 22:09 - 000000000 ___DC C:\Program Files (x86)\TeamViewer
2019-07-16 08:53 - 2015-10-13 20:15 - 000000000 ___DC C:\Users\Uzivatel\AppData\Local\Spotify
2019-07-16 08:53 - 2015-10-13 20:11 - 000000000 ___DC C:\Users\Uzivatel\AppData\Roaming\Spotify
2019-07-16 08:50 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-07-16 08:50 - 2018-01-06 22:04 - 000000000 ___RD C:\Users\Uzivatel\3D Objects
2019-07-16 08:50 - 2015-11-26 17:27 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-07-16 08:49 - 2018-05-21 06:39 - 000619864 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-07-16 08:49 - 2017-10-29 17:37 - 000000000 ____D C:\ProgramData\NVIDIA
2019-07-16 08:47 - 2018-05-21 07:07 - 000000006 ___HC C:\WINDOWS\Tasks\SA.DAT
2019-07-16 08:47 - 2018-05-20 19:33 - 000251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2019-07-16 01:28 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-07-16 01:25 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-07-16 01:25 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-07-16 01:25 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-07-16 01:25 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-07-16 01:25 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-07-16 01:25 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-07-16 01:25 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-07-16 01:25 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-07-16 01:25 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\Provisioning
2019-07-16 01:25 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-07-16 01:25 - 2018-04-11 23:04 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-07-16 01:24 - 2018-05-21 06:39 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-07-16 01:15 - 2018-05-21 07:07 - 000004208 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{530343BF-965E-4F46-B704-C25D7D73F7E4}
2019-07-16 01:08 - 2017-09-30 10:44 - 000000000 ____D C:\Program Files\rempl
2019-07-16 01:07 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-07-16 01:06 - 2013-07-28 08:54 - 000000000 ___DC C:\WINDOWS\system32\MRT
2019-07-16 00:59 - 2012-05-24 16:11 - 136618864 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-07-16 00:29 - 2018-03-09 20:06 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-07-16 00:25 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-07-16 00:17 - 2018-05-21 06:45 - 000000000 ____D C:\Users\Uzivatel
2019-07-16 00:05 - 2017-01-12 16:26 - 000000000 ___DC C:\AdwCleaner
2019-07-15 23:40 - 2018-05-21 07:07 - 000003768 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1332348435-3952591356-909228679-1000UA1d25949cceec550
2019-07-15 23:40 - 2018-05-21 07:07 - 000003500 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1332348435-3952591356-909228679-1000Core1d25949cccf9d30
2019-07-15 23:40 - 2018-05-21 07:07 - 000003472 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-07-15 23:40 - 2018-05-21 07:07 - 000003348 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-07-15 23:38 - 2010-11-21 05:27 - 000741432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2019-07-15 23:35 - 2017-07-11 22:57 - 000000000 ____D C:\Program Files\UNP
2019-07-15 23:20 - 2018-05-21 07:07 - 000003376 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1332348435-3952591356-909228679-1000
2019-07-15 23:19 - 2018-05-21 06:45 - 000002411 _____ C:\Users\Uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-07-15 23:19 - 2015-11-26 17:35 - 000000000 ___RD C:\Users\Uzivatel\OneDrive
2019-07-15 23:18 - 2018-05-21 07:07 - 000004652 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-07-15 23:17 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-07-15 23:16 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed

==================== Files in the root of some directories ================

2013-04-07 21:35 - 2013-04-07 21:35 - 000003492 ____C () C:\Users\Uzivatel\AppData\Local\recently-used.xbel

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

Toto je zas FRST.txt Postupuj este raz podla tohto prispevku: https://forum.viry.cz/viewtopic.php?p=1522999#p1522999

Fix result of Farbar Recovery Scan Tool (x64) Version: 15-07-2019 01
Ran by Uzivatel (17-07-2019 17:27:12) Run:2
Running from C:\Users\Uzivatel\Desktop
Loaded Profiles: Uzivatel (Available Profiles: Uzivatel & UpdatusUser)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum

HKU\S-1-5-21-1332348435-3952591356-909228679-1000\...\Policies\Explorer: []
Task: {1908DE61-0C6C-4B48-947E-657FED499F33} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {2B1EB950-A2DD-4E3E-B7D3-9BE755B76E99} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {5529084B-8B44-4F37-8618-5D9AA35D13FC} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {6AE80B7B-B9FA-4685-8D6E-D0E64D5096EE} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {73CB3203-4EFE-47A1-98CA-827398911A91} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {8F0D39D5-DCC6-481B-BEEB-B3E812D47E15} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {BA70EFCE-926B-4BCA-BEBB-80F43ADB4A8F} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {C5C77708-CF62-456E-ACDC-2ACC2A9CC723} - \Rest Comp -> No File <==== ATTENTION
Task: {CC7C1E1A-EED2-4C43-8834-D68DB288062E} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {CDE69B64-8CCC-4DD4-9510-FE4AA39E580A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {E1881366-DF93-4AAB-A5E0-A513ECDFCE63} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {EC14783D-33F9-43C6-871D-A9191347EA7D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {F55A0650-BC6A-44F6-88B8-AB3B779245DC} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {FBDF21E1-B6B4-4E3B-BDC5-34B86975616D} - System32\Tasks\{5C7FCAF9-2EF2-4464-AF3A-B7717FFEC645} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\setup.exe" -c -runfromtemp -l0x0005 -removeonly
Task: {FECC2726-8910-4D8F-8FC2-B31BDC4F7CCE} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
HKU\S-1-5-21-1332348435-3952591356-909228679-1000\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKU\S-1-5-21-1332348435-3952591356-909228679-1000 -> DefaultScope {A06ED961-D98F-4CF9-A89B-80AB11DB149C} URL =
BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
U3 aspnet_state; no ImagePath
2019-07-15 23:37 - 2019-07-15 23:38 - 000000000 ___DC C:\rsit
2019-07-15 23:37 - 2019-07-15 23:37 - 000000000 ____D C:\Program Files\trend micro
2019-07-15 23:37 - 2019-07-15 23:33 - 001222144 ____C C:\Users\Uzivatel\Desktop\RSITx64.exe

CustomCLSID: HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 39
Average :
Sum : 43315880
Maximum :
Minimum :
Property : Length




========= End of Powershell: =========

"HKU\S-1-5-21-1332348435-3952591356-909228679-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1908DE61-0C6C-4B48-947E-657FED499F33}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2B1EB950-A2DD-4E3E-B7D3-9BE755B76E99}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5529084B-8B44-4F37-8618-5D9AA35D13FC}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6AE80B7B-B9FA-4685-8D6E-D0E64D5096EE}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{73CB3203-4EFE-47A1-98CA-827398911A91}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8F0D39D5-DCC6-481B-BEEB-B3E812D47E15}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BA70EFCE-926B-4BCA-BEBB-80F43ADB4A8F}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C5C77708-CF62-456E-ACDC-2ACC2A9CC723}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Rest Comp" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CC7C1E1A-EED2-4C43-8834-D68DB288062E}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CDE69B64-8CCC-4DD4-9510-FE4AA39E580A}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E1881366-DF93-4AAB-A5E0-A513ECDFCE63}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EC14783D-33F9-43C6-871D-A9191347EA7D}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F55A0650-BC6A-44F6-88B8-AB3B779245DC}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FBDF21E1-B6B4-4E3B-BDC5-34B86975616D}" => not found
"C:\WINDOWS\System32\Tasks\{5C7FCAF9-2EF2-4464-AF3A-B7717FFEC645}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{5C7FCAF9-2EF2-4464-AF3A-B7717FFEC645}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FECC2726-8910-4D8F-8FC2-B31BDC4F7CCE}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => not found
HKU\S-1-5-21-1332348435-3952591356-909228679-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
"HKU\S-1-5-21-1332348435-3952591356-909228679-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => not found
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF} => not found
HKLM\Software\Classes\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF} => not found
aspnet_state => service not found.
"C:\rsit" => not found
"C:\Program Files\trend micro" => not found
"C:\Users\Uzivatel\Desktop\RSITx64.exe" => not found
HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4} => not found
HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856} => not found
HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4} => not found
HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E} => not found
HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9} => not found
HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98} => not found
HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247} => not found
HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04} => not found
HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8} => not found
HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD} => not found
HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA} => not found
HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2} => not found
HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF} => not found
HKU\S-1-5-21-1332348435-3952591356-909228679-1000_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => not found
HKLM\Software\Classes\CLSID\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets => not found
HKLM\Software\Classes\CLSID\{6B9228DA-9C15-419e-856C-19E768A13BDC} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => not found
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => not found
HKLM\Software\Classes\CLSID\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 9461760 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 8460492 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 182337 B
Edge => 0 B
Chrome => 9710429 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
LocalService => 0 B
NetworkService => 4500 B
NetworkService => 0 B
Uzivatel => 14396814 B
UpdatusUser => 0 B

RecycleBin => 17750 B
EmptyTemp: => 40.3 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 17:28:56 ====

OK. Ako to vyzera s PC? Nastala nejaka zmena alebo su este nejake problemy?

pořád mi jede disk na 100% výkonu

Otvor Spravcu uloh (skratkou Ctrl+Shift+Esc) a na karte Procesy skontroluj a napis, aky program vytazuje najviac disk.

Poprosim o obidva nove logy z FRST.