Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23.09.2018 Ran by Agata (28-09-2018 10:38:57) Running from C:\Users\Agata\Desktop Windows 10 Home Version 1803 17134.285 (X64) (2018-05-30 21:02:58) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-28988410-767054531-3856019114-500 - Administrator - Disabled) Agata (S-1-5-21-28988410-767054531-3856019114-1001 - Administrator - Enabled) => C:\Users\Agata DefaultAccount (S-1-5-21-28988410-767054531-3856019114-503 - Limited - Disabled) Guest (S-1-5-21-28988410-767054531-3856019114-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-28988410-767054531-3856019114-1003 - Limited - Enabled) WDAGUtilityAccount (S-1-5-21-28988410-767054531-3856019114-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: AVG Antivirus (Enabled - Up to date) {C50510DE-367A-330C-FD5C-556ACFB11243} AS: AVG Antivirus (Enabled - Up to date) {7E64F13A-1040-3C82-C7EC-6E18B43658FE} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 9.21beta (HKLM-x32\...\7-Zip) (Version: - ) Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.108 - Adobe Systems Incorporated) Adobe Flash Player 31 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 31.0.0.108 - Adobe Systems Incorporated) Adobe Reader X (10.1.16) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.16 - Adobe Systems Incorporated) Alcor Micro USB Card Reader (HKLM-x32\...\{4592BAE7-B99A-47A5-9B6B-3BC236B9D3E9}) (Version: 3.9.145.62246 - Alcor Micro Corp.) Hidden Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.9.145.62246 - Alcor Micro Corp.) ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.8 - ASUS) ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.4 - ASUS) ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.9 - ASUS) ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.0.4 - ASUS) ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.1 - ASUS) ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.1.3 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0005 - ASUS) ASUS Tutor (HKLM-x32\...\{58172D66-2F69-4215-9AEC-ED8196023736}) (Version: 1.0.8 - ASUS) ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS) ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.26 - ASUS) ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.10.123 - ASUS Cloud Corporation) Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0027 - ASUS) Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.6.2349 - AVAST Software) Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 69.0.792.82 - AVAST Software) AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 18.6.3066 - AVG Technologies) AVG Driver Updater (HKLM-x32\...\{BAAB946F-7E00-41F4-BEC7-B8CCF758E012}) (Version: 2.3.0 - AVG Netherlands B.V) Hidden AVG Driver Updater (HKLM-x32\...\AVG Driver Updater) (Version: 2.3.0 - AVG Netherlands B.V) AVG PC TuneUp (HKLM-x32\...\{F0A7F6FC-97BC-4D27-B33B-6E1EFE1BB42D}) (Version: 16.78.2 - AVG Technologies) Hidden AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.78.3.33194 - AVG Technologies) AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.9.626 - AVG Technologies) Business Everywhere (HKLM-x32\...\{23D624DA-73E3-4633-A34F-01413EFB2E3D}) (Version: 4.1.102 - OrangeBusinessServices) ChomikBox (HKLM-x32\...\{26050F54-3928-4D9C-849A-C48A9E831E6F}) (Version: 2.0.5.0 - Chomikuj.pl) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden FMW 1 (HKLM\...\{4CC5FB14-3F4D-4FA8-B921-00A9B40145C4}) (Version: 1.227.45 - AVG Technologies) Hidden Free Zip Opener (HKLM-x32\...\Free Zip Opener) (Version: 1.0 - BlueCPA) Galería de fotos (HKLM-x32\...\{8F7FECEC-088F-431D-A5FB-2B59E1E69943}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Galerie de photos (HKLM-x32\...\{446CC8CE-0E90-44F7-ADD0-774B243EF090}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 69.0.3497.100 - „Google Inc.“) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden HP DeskJet 2130 series Basic Device Software (HKLM\...\{54A80AED-ADB5-4D32-83F2-A9A5DF4ED2C1}) (Version: 35.0.61.54677 - Hewlett-Packard Co.) HP DeskJet 2130 series Help (HKLM-x32\...\{1CDFD3C9-BDF8-4DDC-BDA2-EBC53F938B5F}) (Version: 35.0.0 - Hewlett Packard) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 6.0.5.1080 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) ITRADER MetaTrader 4 Terminal (HKLM-x32\...\ITRADER MetaTrader 4 Terminal) (Version: 4.00 - MetaQuotes Software Corp.) Java 8 Update 65 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418065F0}) (Version: 8.0.650.17 - Oracle Corporation) MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS) Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-28988410-767054531-3856019114-1001\...\OneDriveSetup.exe) (Version: 18.151.0729.0012 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) MySearch App (HKLM-x32\...\{41444150-2D43-3300-76A7-A758B70C2D01}) (Version: 12.45.1.4248 - APN, LLC) Movie Maker (HKLM-x32\...\{13F3CEA5-9E2C-4C4E-9F0F-D0DB389CF4A9}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{5BABDA39-61CF-41EE-992D-4054B6649A9B}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{A17946CA-18E5-4CF0-8D55-A56D804718F8}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{ED6C77F9-4D7E-447C-9EC0-9A212D075535}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Opera Stable 55.0.2994.61 (HKLM-x32\...\Opera 55.0.2994.61) (Version: 55.0.2994.61 - Opera Software) osrss (HKLM-x32\...\{1BA1133B-1C7A-41A0-8CBF-9B993E63D296}) (Version: 1.0.0 - Microsoft Corporation) Hidden Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Plus-HD-9.6 (HKLM-x32\...\Plus-HD-9.6) (Version: 1.34.5.12 - Plus HD) <==== ATTENTION Product Improvement Study for HP DeskJet 2130 series (HKLM\...\{EA4DB54A-FAE0-4FDA-A66D-AEB8F5FFBE83}) (Version: 35.0.61.54677 - Hewlett-Packard Co.) Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6878 - Realtek Semiconductor Corp.) SceneSwitch (HKLM-x32\...\{5172E572-C175-4F80-A6D5-5CB45826AD61}) (Version: 1.0.16 - ASUS) Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft) Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee) Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation) Skype version 8.29 (HKLM-x32\...\Skype_is1) (Version: 8.29 - Skype Technologies S.A.) sweet-page uninstaller (HKLM-x32\...\sweet-page uninstaller) (Version: - sweet-page) <==== ATTENTION Update for Skype for Business 2015 (KB4092457) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{B6756C17-29E3-478B-B585-661E9EA286D6}) (Version: - Microsoft) Update for Skype for Business 2015 (KB4092457) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUS_{B6756C17-29E3-478B-B585-661E9EA286D6}) (Version: - Microsoft) Update for Skype for Business 2015 (KB4092457) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUS_{B6756C17-29E3-478B-B585-661E9EA286D6}) (Version: - Microsoft) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{5009B7EE-8A15-4A23-B404-15E31D02DA67}) (Version: 2.43.0.0 - Microsoft Corporation) UpdateAssistant (HKLM\...\{57D07AAD-97E2-4E16-89C4-1A3C51BC9C98}) (Version: 1.16.0.0 - Microsoft Corporation) Hidden Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22402 - Microsoft Corporation) Windows Driver Package - ASUS (ATP) Mouse (01/10/2013 1.0.0.170) (HKLM\...\4A9DE1E9EBC800B7F01739D4DE7363EF6751BDF5) (Version: 01/10/2013 1.0.0.170 - ASUS) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation) Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - ) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS) WinRAR 5.11 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-28988410-767054531-3856019114-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-23] (AVAST Software) ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-23] (AVAST Software) ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll -> No File ContextMenuHandlers1-x32: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-23] (AVAST Software) ContextMenuHandlers1-x32: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll [2018-09-13] (AVG Technologies CZ, s.r.o.) ContextMenuHandlers1-x32: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\AVG\AVG PC TuneUp\SDShelEx-x64.dll [2018-07-26] (AVG Technologies CZ, s.r.o.) ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal) ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal) ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-23] (AVAST Software) ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-23] (AVAST Software) ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2325} => C:\WINDOWS\system32\mscoree.dll [2018-04-12] (Microsoft Corporation) ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll -> No File ContextMenuHandlers4-x32: [AVG Disk Space Explorer Shell Extension] -> {4838CD50-7E5D-4811-9B17-C47A85539F28} => C:\Program Files (x86)\AVG\AVG PC TuneUp\DseShExt-x64.dll [2018-07-26] (AVG Technologies CZ, s.r.o.) ContextMenuHandlers4-x32: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\AVG\AVG PC TuneUp\SDShelEx-x64.dll [2018-07-26] (AVG Technologies CZ, s.r.o.) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Intel Corporation) ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-23] (AVAST Software) ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll [2018-09-13] (AVG Technologies CZ, s.r.o.) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {07858856-345D-4404-94A2-342B257D7323} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-18] (ASUSTek Computer Inc.) Task: {0D3E4617-4031-47CD-925A-C7FCB04ED60E} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {0D3E602D-90EF-4FFD-95A8-E4B3172CA8DF} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {0FBC1D74-FBED-4BC9-A02D-D8ABE1511DB4} - System32\Tasks\dress4u_notification_service => C:\Program Files (x86)\dress4u\dress4u_notification_service.exe <==== ATTENTION Task: {11A77B2F-F6ED-45E1-960B-20211C810AEE} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION Task: {1590B985-AB60-4F6A-914A-C0626DDE544C} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-09-14] (Adobe Systems Incorporated) Task: {1A906C33-8F68-4C35-8E61-BFAAF500F4F0} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [2012-09-25] (ASUS) Task: {1E0B533C-CC13-431F-995A-6F7C6FE188D8} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe Task: {21F6CE6C-3E64-4CDF-87C1-06E25570FC08} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-11-29] (ASUS) Task: {298B5A49-C294-43FB-AA56-BBF7D5DCD4AD} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-08-09] (AVAST Software) Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe Task: {42BD02B7-9BB0-4BB8-99D1-C69092932E8C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {4A8EDC22-A251-44E8-851D-5F24C102E9FD} - System32\Tasks\HPCustParticipation HP DeskJet 2130 series => C:\Program Files\HP\HP DeskJet 2130 series\Bin\HPCustPartic.exe [2015-04-09] (Hewlett-Packard Development Company, LP) Task: {4C73E965-E608-4928-94F4-4CDDA8D3DCA3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation) Task: {4E30832F-B8D2-42BA-BF23-571ACF4E35DF} - System32\Tasks\AVG Driver Updater Startup => C:\Program Files (x86)\AVG Driver Updater\AVG Driver Updater.exe [2017-01-30] (AVG Netherlands B.V) Task: {56752B07-FE74-46A8-8CB0-89D7EAA3DC07} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe Task: {58FEDB64-9984-43ED-B77C-D481BCB1D1C6} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [2018-09-13] (AVG Technologies CZ, s.r.o.) Task: {59746F91-AFCB-4341-ADE3-809BA8539E4D} - System32\Tasks\a3bb1f37-ca48-4005-9c57-de3ec606553c-5 => C:\Program Files (x86)\Plus-HD-9.6\a3bb1f37-ca48-4005-9c57-de3ec606553c-5.exe <==== ATTENTION Task: {598B6D02-71C2-490A-A7BC-F6376525EB31} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-25] (ASUS) Task: {5E42C792-072F-4248-ABC7-39621C35744E} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-02-26] (ASUSTeK Computer Inc.) Task: {5E9C1209-F1F7-4BEA-A104-69104B252892} - \GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-28988410-767054531-3856019114-1001 -> No File <==== ATTENTION Task: {6063B86A-8447-4C67-862A-8253A811047F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {60C08B58-6D3C-444F-9427-3FEAB92A13BE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {63C1D158-4553-4379-8721-C46917D02185} - System32\Tasks\a3bb1f37-ca48-4005-9c57-de3ec606553c-4 => C:\Program Files (x86)\Plus-HD-9.6\a3bb1f37-ca48-4005-9c57-de3ec606553c-4.exe <==== ATTENTION Task: {659F820E-842F-40A4-AEA6-203D2B427F44} - System32\Tasks\dress4u_updating_service => C:\Program Files (x86)\dress4u\dress4u_updating_service.exe <==== ATTENTION Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] () Task: {679D0B9E-4048-49AC-B32E-F58ADC615FDF} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {70673882-9CB6-4479-87E4-A82FC8691B71} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {801E1FD2-B9A6-454E-A798-37F05038989B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation) Task: {82ECE8DC-E040-4F89-BF1F-93A150795696} - System32\Tasks\a3bb1f37-ca48-4005-9c57-de3ec606553c-2 => C:\Program Files (x86)\Plus-HD-9.6\a3bb1f37-ca48-4005-9c57-de3ec606553c-2.exe <==== ATTENTION Task: {878F2AA0-5B53-4EE1-8291-ED689CCFAD4A} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION Task: {8902F2F7-468E-4804-B5C8-82BF093968B9} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe Task: {896E9E30-C2FC-46DB-BA4F-FF1111330DE1} - System32\Tasks\AVG Driver Updater Scan => C:\Program Files (x86)\AVG Driver Updater\AVG Driver Updater.exe [2017-01-30] (AVG Netherlands B.V) Task: {8ED0B266-679D-486D-B118-F1F1078D56B2} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_108_pepper.exe [2018-09-14] (Adobe Systems Incorporated) Task: {8FFBC5A2-D176-44CF-8971-C081E74F5250} - System32\Tasks\a3bb1f37-ca48-4005-9c57-de3ec606553c-1 => C:\Program Files (x86)\Plus-HD-9.6\Plus-HD-9.6-codedownloader.exe <==== ATTENTION Task: {908159DF-3587-4BF3-9F23-144538EFB5FD} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_108_Plugin.exe [2018-09-12] (Adobe Systems Incorporated) Task: {94BFB3E4-4FF2-40A8-A70D-1E40CAAE0F71} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2018-09-15] (AVG Technologies CZ, s.r.o.) Task: {97A61F06-A266-42F9-9873-6B08C264F663} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe [2018-07-26] (AVG Technologies CZ, s.r.o.) Task: {98B43A2A-046D-421A-80AC-2E3B59AD02B2} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe Task: {A07642D4-061B-42FB-8F56-8445226D3764} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-09-15] (AVAST Software) Task: {A59238E4-7792-48AA-8E18-0DA784FBA046} - System32\Tasks\NEToMyx0kg1YfuIGF7Hgxflu => C:\Users\Agata\AppData\Roaming\NEToMyx0kg1YfuIGF7Hgxflu.exe <==== ATTENTION Task: {A7075B9E-4B9D-4373-82E6-03CD7C501B44} - System32\Tasks\a3bb1f37-ca48-4005-9c57-de3ec606553c-7 => C:\Program Files (x86)\Plus-HD-9.6\Plus-HD-9.6-nova.exe <==== ATTENTION Task: {AC511A6B-67CD-43D1-943E-0C1569C724B4} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION Task: {B2C3F329-08E6-4CFE-9969-AB2FE8E1DC68} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {B41468D2-E83B-4FB5-B70C-6F3304FBE245} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe Task: {B515C5A8-45CE-49DF-8F3D-01802EBACBB7} - System32\Tasks\a3bb1f37-ca48-4005-9c57-de3ec606553c-6 => C:\Program Files (x86)\Plus-HD-9.6\Plus-HD-9.6-novainstaller.exe <==== ATTENTION Task: {B5B35F83-2B11-4A8F-BDD9-974EC1DE0FC0} - System32\Tasks\a3bb1f37-ca48-4005-9c57-de3ec606553c-3 => C:\Program Files (x86)\Plus-HD-9.6\a3bb1f37-ca48-4005-9c57-de3ec606553c-3.exe <==== ATTENTION Task: {B6220E6F-EBC9-4937-88CD-E537648E9B96} - System32\Tasks\Opera scheduled Autoupdate 1389620075 => C:\Program Files (x86)\Opera\launcher.exe [2018-09-13] (Opera Software) Task: {BFAB295D-6A83-40DC-9EE4-9E58C4C089A2} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-08-23] (AVAST Software) Task: {C20AA499-408C-45CC-AF86-92EDC324FA37} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION Task: {C5576A15-AE7B-497F-9406-0F802AB77B1A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {C76AC3B6-D168-46BB-B777-2256F713D78F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {D405B6F3-3F64-40C1-AB77-717A24D00E01} - System32\Tasks\S-1-5-21-28988410-767054531-3856019114-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2018-04-12] (Microsoft Corporation) Task: {DD2C90EE-8630-411B-85AE-0DEA06D6A449} - \WPD\SqmUpload_S-1-5-21-28988410-767054531-3856019114-1001 -> No File <==== ATTENTION Task: {E7F8A9EE-72C5-4503-9EE0-59E0C12C327D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {E95DD998-F819-40A8-9A71-16484D7B04FE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {F12DCD8F-DD9F-4581-A953-20F0872B0745} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated) Task: {FB1EFD6C-F5D2-4A99-8F88-131CE2FA6308} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-08-09] (AVAST Software) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\a3bb1f37-ca48-4005-9c57-de3ec606553c-1.job => C:\Program Files (x86)\Plus-HD-9.6\Plus-HD-9.6-codedownloader.exeȌ/qtQCMHHnL /AYEkKzPj=task /rBiSOI='Plus-HD-9.6' /pddaYPFqh=57304 /LfXFUGAy='001545' /kRzHMjn='0' /ioCCER='0' /XvAxy=9B892BE7D9574BF4B15848A47352A605IE /lIBKJ=5da6c2a94985d42e65aa3b6ea5e55ff4 /JbVsNCWPS=1_34_05_12 /ZgmOjP=1.34.5.12 /JcxcD=1401263589 /YhkGGoX=hxxp:/stats.clientstatsservice.com /UepBMJ=hxxp:/errors.clientstatsservice.com /DaGtquWvG=hxxp:/js.clientstatsservice.com /vicAjQpS=ch /piZHq /IRUTDJVXH='hxxp:/update.clientstatsservice.com/ie_code_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION Task: C:\WINDOWS\Tasks\a3bb1f37-ca48-4005-9c57-de3ec606553c-2.job => C:\Program Files (x86)\Plus-HD-9.6\a3bb1f37-ca48-4005-9c57-de3ec606553c-2.exeǸ/OWKJEcECT /rBiSOI='Plus-HD-9.6' /pddaYPFqh=57304 /LfXFUGAy='001545' /kRzHMjn='0' /ioCCER='0' /XvAxy=9B892BE7D9574BF4B15848A47352A605IE /lIBKJ=5da6c2a94985d42e65aa3b6ea5e55ff4 /JbVsNCWPS=1_34_05_12 /JcxcD=1401263589 /YhkGGoX=hxxp:/stats.clientstatsservice.com /UepBMJ=hxxp:/errors.clientstatsservice.com /BgxUNPa=11111111-1111-1111-1111-110511731104 /vicAjQpS=ch /vHGCPWv /piZHq /IRUTDJVXH='hxxp:/update.clientstatsservice.com/ie_enable_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION Task: C:\WINDOWS\Tasks\a3bb1f37-ca48-4005-9c57-de3ec606553c-3.job => C:\Program Files (x86)\Plus-HD-9.6\a3bb1f37-ca48-4005-9c57-de3ec606553c-3.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\a3bb1f37-ca48-4005-9c57-de3ec606553c-4.job => C:\Program Files (x86)\Plus-HD-9.6\a3bb1f37-ca48-4005-9c57-de3ec606553c-4.exeΘ/pfSbbl /rBiSOI='Plus-HD-9.6' /ZdNge C:\Program Files (x86)\Plus-HD-9.6\57304.xpi' /pddaYPFqh=57304 /LfXFUGAy='001545' /kRzHMjn='0' /ioCCER='0' /XvAxy=9B892BE7D9574BF4B15848A47352A605IE /lIBKJ=5da6c2a94985d42e65aa3b6ea5e55ff4 /JbVsNCWPS=1_34_05_12 /ZgmOjP=1.34.5.12 /JcxcD=1401263589 /YhkGGoX=hxxp:/stats.clientstatsservice.com /UepBMJ=hxxp:/errors.clientstatsservice.com /SWtisu=300 /fwNGmbie=048da175-3ee8-49e5-9d6f-2feb4d4793d5@3f15bd8f-93f6-4d68-a7c5-ae4f792d6bd4.com /PGWRYkB=0.94 /RAZvl=a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304 /eAJhvfA=hxxps:/w9u6a2p6.ssl.hwcdn.net/plugin/ff/update/57304.rdf /SNINTW='Plus-HD-9.6' /TGPVsUds='Turn YouTube videos to High Definition by default' /uAAjF='Plus HD' /vicAjQpS=ch /TTYxpaKrS='{asw:[1, 321]}' /piZHq /tzskRnY /SeFCZ /IRUTDJVXH='hxxp:/update.clientstatsservice.com/ff_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION Task: C:\WINDOWS\Tasks\a3bb1f37-ca48-4005-9c57-de3ec606553c-5.job => C:\Program Files (x86)\Plus-HD-9.6\a3bb1f37-ca48-4005-9c57-de3ec606553c-5.exeȪ/XiuiodlB /rBiSOI='Plus-HD-9.6' /pddaYPFqh=57304 /LfXFUGAy='001545' /kRzHMjn='0' /ioCCER='0' /XvAxy=9B892BE7D9574BF4B15848A47352A605IE /lIBKJ=5da6c2a94985d42e65aa3b6ea5e55ff4 /JbVsNCWPS=1_34_05_12 /JcxcD=1401263589 /YhkGGoX=hxxp:/stats.clientstatsservice.com /UepBMJ=hxxp:/errors.clientstatsservice.com /dRXRSK=hxxp:/ipgeoapi.com/ /BRCeilF=hxxp:/update.clientstatsservice.com /Cvees=2 /kOnAewh=hxxp:/logs.clientstatsservice.com /IRUTDJVXH='hxxp:/update.clientstatsservice.com/updater_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION Task: C:\WINDOWS\Tasks\a3bb1f37-ca48-4005-9c57-de3ec606553c-6.job => C:\Program Files (x86)\Plus-HD-9.6\Plus-HD-9.6-novainstaller.exeȐ/QruoVTDsw /AYEkKzPj=task /rBiSOI='Plus-HD-9.6' /pddaYPFqh=57304 /LfXFUGAy='001545' /kRzHMjn='0' /ioCCER='0' /XvAxy=9B892BE7D9574BF4B15848A47352A605IE /lIBKJ=5da6c2a94985d42e65aa3b6ea5e55ff4 /JbVsNCWPS=1_34_05_12 /ZgmOjP=1.34.5.12 /JcxcD=1401263589 /YhkGGoX=hxxp:/stats.clientstatsservice.com /UepBMJ=hxxp:/errors.clientstatsservice.com /DaGtquWvG=hxxp:/js.clientstatsservice.com /vicAjQpS=ch /MqEHYK /JZkAydD='nova' /IRUTDJVXH='hxxp:/update.clientstatsservice.com/novacode/{CAMP_ID}/update.jso <==== ATTENTION Task: C:\WINDOWS\Tasks\a3bb1f37-ca48-4005-9c57-de3ec606553c-7.job => C:\Program Files (x86)\Plus-HD-9.6\Plus-HD-9.6-nova.exeǵ/rBiSOI='Plus-HD-9.6' /pddaYPFqh=57304 /LfXFUGAy='001545' /kRzHMjn='0' /ioCCER='0' /XvAxy=9B892BE7D9574BF4B15848A47352A605IE /lIBKJ=5da6c2a94985d42e65aa3b6ea5e55ff4 /JbVsNCWPS=1_34_05_12 /ZgmOjP=1.34.5.12 /JcxcD=1401263589 /YhkGGoX=hxxp:/stats.clientstatsservice.com /UepBMJ=hxxp:/errors.clientstatsservice.com /DaGtquWvG=hxxp:/js.clientstatsservice.com /vicAjQpS=ch /MqEHYK /JZkAydD='nova' /IRUTDJVXH='hxxp:/update.clientstatsservice.com/novarun/{CAMP_ID}/update.jso <==== ATTENTION Task: C:\WINDOWS\Tasks\AVG Driver Updater Scan.job => C:\Program Files (x86)\AVG Driver Updater\AVG Driver Updater.exe Task: C:\WINDOWS\Tasks\AVG Driver Updater Startup.job => C:\Program Files (x86)\AVG Driver Updater\AVG Driver Updater.exe Task: C:\WINDOWS\Tasks\dress4u_notification_service.job => C:\Program Files (x86)\dress4u\dress4u_notification_service.exeǢ/url='hxxp:/cdn.selectbestopt.com/notf_sys/index.html' /crregname='dress4u' /appid='73143' /srcid='2913' /bic='fb28046c9841c59a24be7648fa22cbcd' /verifier='b550cbd4c6b84ee2e9d03435b6a9369d' /installerversion='1.50.3.10' /statsdomain='hxxp:/stats.buildomserv.com/data.gif?' /errorsdomain='hxxp:/stats.buildomserv.com/data.gif?' /monetizationdomain='hxxp:/logs.buildomserv.com/monetization.gif <==== ATTENTION Task: C:\WINDOWS\Tasks\dress4u_updating_service.job => C:\Program Files (x86)\dress4u\dress4u_updating_service.exe/campid=2913 /verid=1 /url=hxxp:/cdn.buildomserv.com/txt/@CAMPID@/@VER@/file.txt /appid=73143 /taskname=dress4u_updating_service /funurl=hxxp:/stats.buildomserv.com <==== ATTENTION Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\NEToMyx0kg1YfuIGF7Hgxflu.job => C:\Users\Agata\AppData\Roaming\NEToMyx0kg1YfuIGF7Hgxflu.exe <==== ATTENTION ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\Agata\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.sweet-page.com/?type=sc&ts=1401263650&from=sof&uid=WDCXWD5000LPVX-80V0TT0_WD-WX41A23U7509U7509 ShortcutWithArgument: C:\Users\Agata\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.sweet-page.com/?type=sc&ts=1401263650&from=sof&uid=WDCXWD5000LPVX-80V0TT0_WD-WX41A23U7509U7509 ShortcutWithArgument: C:\Users\Agata\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.sweet-page.com/?type=sc&ts=1401263650&from=sof&uid=WDCXWD5000LPVX-80V0TT0_WD-WX41A23U7509U7509 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.sweet-page.com/?type=sc&ts=1401263650&from=sof&uid=WDCXWD5000LPVX-80V0TT0_WD-WX41A23U7509U7509 ==================== Loaded Modules (Whitelisted) ============== 2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll 2016-09-14 13:52 - 2018-09-08 11:07 - 000811520 ____N () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe 2012-06-06 17:17 - 2012-06-06 17:17 - 000173008 _____ () C:\Program Files (x86)\OrangeBusinessServices\Business Everywhere\{ad30a369-08e3-414c-9d2c-7f47dbe748da}\BEWConfigSrv.exe 2013-04-24 05:16 - 2012-07-30 13:26 - 000029056 _____ () C:\WINDOWS\system32\DptfParticipantProcessorService.exe 2013-04-24 05:16 - 2012-07-30 13:27 - 000030592 _____ () C:\WINDOWS\system32\DptfPolicyConfigTDPService.exe 2015-09-25 22:07 - 2015-09-25 22:07 - 000065640 _____ () C:\WINDOWS\system32\ASGCoInstaller_x64.DLL 2012-08-25 02:26 - 2012-08-25 02:26 - 000031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll 2017-02-23 09:29 - 2017-02-23 09:29 - 008909512 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll 2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll 2018-08-07 21:48 - 2018-08-07 21:53 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2018-08-07 21:48 - 2018-08-07 21:53 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2018-08-07 21:48 - 2018-08-07 21:53 - 022373888 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkyWrap.dll 2018-08-07 21:48 - 2018-08-07 21:53 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\skypert.dll 2018-08-07 21:48 - 2018-08-07 21:53 - 000653824 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll 2018-09-11 23:54 - 2018-09-12 00:05 - 035124736 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.10311.0_x64__8wekyb3d8bbwe\Video.UI.exe 2018-09-11 23:54 - 2018-09-12 00:05 - 000290816 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.10311.0_x64__8wekyb3d8bbwe\SharedUI.dll 2018-09-11 23:54 - 2018-09-12 00:05 - 006417408 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.10311.0_x64__8wekyb3d8bbwe\EntCommon.dll 2017-09-27 09:50 - 2017-09-27 09:50 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.10311.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2018-09-11 23:54 - 2018-09-12 00:05 - 009010176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.10311.0_x64__8wekyb3d8bbwe\EntPlat.dll 2018-09-17 12:05 - 2018-08-31 05:12 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2012-06-06 17:17 - 2012-06-06 17:17 - 003363808 _____ () C:\Program Files (x86)\OrangeBusinessServices\Business Everywhere\{ad30a369-08e3-414c-9d2c-7f47dbe748da}\BusinessEverywhere.exe 2012-06-06 17:17 - 2012-06-06 17:17 - 001359824 _____ () C:\Program Files (x86)\OrangeBusinessServices\Business Everywhere\{ad30a369-08e3-414c-9d2c-7f47dbe748da}\SMSNotifier.exe 2017-02-22 20:11 - 2018-09-08 11:07 - 002195968 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe 2018-09-22 17:38 - 2018-09-22 18:12 - 000479232 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe 2018-09-22 17:38 - 2018-09-22 18:12 - 069128192 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll 2017-10-16 18:07 - 2017-10-16 18:09 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll 2018-09-22 17:38 - 2018-09-22 18:12 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll 2018-05-14 17:59 - 2018-05-14 18:51 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\ImagePipelineNative.dll 2018-08-31 11:55 - 2018-08-31 12:14 - 003699200 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll 2018-08-17 20:51 - 2018-08-17 21:08 - 002480640 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\opencv_imgproc320.dll 2018-08-17 20:51 - 2018-08-17 21:08 - 002280960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\opencv_core320.dll 2018-05-14 17:59 - 2018-05-14 18:51 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll 2018-08-31 11:55 - 2018-08-31 12:14 - 000035328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll 2018-09-22 17:38 - 2018-09-22 18:12 - 014171648 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll 2018-08-31 11:55 - 2018-08-31 12:02 - 003544576 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\MediaEngine.dll 2018-09-22 17:38 - 2018-09-22 18:12 - 002866176 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll 2018-08-31 11:55 - 2018-08-31 12:14 - 000973312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll 2018-08-07 21:46 - 2018-08-07 21:54 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2018-09-22 17:38 - 2018-09-22 18:17 - 001401632 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.10730.20115.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Word.dll 2018-08-07 22:07 - 2018-08-07 22:10 - 001922224 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll 2018-09-26 23:26 - 2018-09-26 23:28 - 004790784 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_10.1808.2461.0_x64__8wekyb3d8bbwe\Time.exe 2018-08-21 22:19 - 2018-08-21 22:23 - 004445248 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_10.1808.2461.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2018-09-26 23:26 - 2018-09-26 23:28 - 000953344 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_10.1808.2461.0_x64__8wekyb3d8bbwe\TimeControls.dll 2018-09-26 23:26 - 2018-09-26 23:28 - 000875520 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_10.1808.2461.0_x64__8wekyb3d8bbwe\TimeBackground.dll 2016-11-28 22:11 - 2016-11-28 22:11 - 048920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll 2018-09-17 15:00 - 2018-09-17 15:00 - 087476312 _____ () C:\Program Files (x86)\Opera\55.0.2994.61\opera_browser.dll 2017-02-23 09:29 - 2017-02-23 09:29 - 008909512 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2018-09-17 15:00 - 2018-09-17 14:59 - 004066904 _____ () C:\Program Files (x86)\Opera\55.0.2994.61\libglesv2.dll 2018-09-17 15:00 - 2018-09-17 14:59 - 000096856 _____ () C:\Program Files (x86)\Opera\55.0.2994.61\libegl.dll 2018-03-19 23:08 - 2018-03-19 23:08 - 067127976 _____ () C:\Program Files (x86)\AVG\Antivirus\libcef.dll 2018-09-13 14:49 - 2018-09-13 14:49 - 000574192 _____ () C:\Program Files (x86)\AVG\Antivirus\streamback.dll 2018-08-09 22:43 - 2018-08-09 22:43 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2018-08-23 17:45 - 2018-08-23 17:45 - 000575704 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000699392 _____ () C:\Program Files (x86)\ChomikBox\libgstreamer-0.10.dll 2011-12-02 14:14 - 2011-12-02 14:14 - 001396736 _____ () C:\Program Files (x86)\ChomikBox\libxml2-2.dll 2011-12-02 14:14 - 2011-12-02 14:14 - 000085504 _____ () C:\Program Files (x86)\ChomikBox\z.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000053760 _____ () C:\Program Files (x86)\ChomikBox\libgstinterfaces-0.10.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000013824 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstacmmp3dec.dll 2011-12-02 14:14 - 2011-12-02 14:14 - 000041984 _____ () C:\Program Files (x86)\ChomikBox\libgstriff-0.10.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000133120 _____ () C:\Program Files (x86)\ChomikBox\libgsttag-0.10.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000109568 _____ () C:\Program Files (x86)\ChomikBox\libgstaudio-0.10.dll 2011-12-02 14:14 - 2011-12-02 14:14 - 000253440 _____ () C:\Program Files (x86)\ChomikBox\libgstbase-0.10.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000038400 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstaiff.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000018944 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstalaw.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000015360 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstapetag.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000098304 _____ () C:\Program Files (x86)\ChomikBox\libgstpbutils-0.10.dll 2011-12-02 14:14 - 2011-12-02 14:14 - 000038912 _____ () C:\Program Files (x86)\ChomikBox\libgstvideo-0.10.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000008192 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstapp.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000039936 _____ () C:\Program Files (x86)\ChomikBox\libgstapp-0.10.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000095232 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstasf.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000070656 _____ () C:\Program Files (x86)\ChomikBox\libgstrtp-0.10.dll 2011-12-02 14:14 - 2011-12-02 14:14 - 000025088 _____ () C:\Program Files (x86)\ChomikBox\libgstsdp-0.10.dll 2011-12-02 14:14 - 2011-12-02 14:14 - 000070144 _____ () C:\Program Files (x86)\ChomikBox\libgstrtsp-0.10.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000064000 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstasfmux.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000078336 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstaudioconvert.dll 2011-12-02 14:14 - 2011-12-02 14:14 - 000563712 _____ () C:\Program Files (x86)\ChomikBox\liborc-0.4-0.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000020480 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstaudiorate.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000052224 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstaudioresample.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000018944 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstauparse.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000029184 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstautodetect.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000022528 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstcdxaparse.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000212992 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstcoreelements.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000011776 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstcoreindexers.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000032768 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstdecodebin.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000086016 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstdecodebin2.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000228864 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstdirectsound.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000026624 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstequalizer.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000126976 _____ () C:\Program Files (x86)\ChomikBox\libgstcontroller-0.10.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000180736 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstffmpeg-lgpl.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000111104 _____ () C:\Program Files (x86)\ChomikBox\avutil-lgpl-50.dll 2011-12-02 14:14 - 2011-12-02 14:14 - 000881664 _____ () C:\Program Files (x86)\ChomikBox\avformat-lgpl-52.dll 2011-12-02 14:14 - 2011-12-02 14:14 - 005038592 _____ () C:\Program Files (x86)\ChomikBox\avcodec-lgpl-52.dll 2011-12-02 14:14 - 2011-12-02 14:14 - 000018944 _____ () C:\Program Files (x86)\ChomikBox\avcore-lgpl-0.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000067584 _____ () C:\Program Files (x86)\ChomikBox\libbz2.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000069120 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstflac.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000331264 _____ () C:\Program Files (x86)\ChomikBox\libFLAC-8.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000023552 _____ () C:\Program Files (x86)\ChomikBox\libogg-0.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000015872 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgsticydemux.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000032256 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstid3demux.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000035840 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstinterleave.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000019456 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstlevel.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000047616 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstmpegaudioparse.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000151040 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstmpegdemux.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000030208 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstmpegpsmux.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000059904 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstmpegstream.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000039424 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstmpegtsmux.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000023552 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstneonhttpsrc.dll 2011-12-02 14:14 - 2011-12-02 14:14 - 000125952 _____ () C:\Program Files (x86)\ChomikBox\libneon-27.dll 2011-12-02 14:14 - 2011-12-02 14:14 - 000167424 _____ () C:\Program Files (x86)\ChomikBox\libexpat-1.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000718336 _____ () C:\Program Files (x86)\ChomikBox\libgnutls-26.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000077312 _____ () C:\Program Files (x86)\ChomikBox\libtasn1-3.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000604160 _____ () C:\Program Files (x86)\ChomikBox\libgcrypt-11.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000035328 _____ () C:\Program Files (x86)\ChomikBox\libgpg-error-0.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000014336 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstnetsim.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000132608 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstogg.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000197632 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstplaybin.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000149504 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstqtdemux.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000114688 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstqtmux.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000035840 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstrawparse.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000030208 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstreal.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000035328 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstreplaygain.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000017920 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstspeed.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000012288 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgststereo.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000022016 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgsttta.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000061952 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgsttypefindfunctions.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000034304 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstvolume.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000053760 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstvorbis.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000162304 _____ () C:\Program Files (x86)\ChomikBox\libvorbis-0.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 001520128 _____ () C:\Program Files (x86)\ChomikBox\libvorbisenc-2.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000019968 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstwasapi.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000015360 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstwaveenc.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000015872 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstwaveformsink.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000050688 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstwavpack.dll 2011-12-02 14:14 - 2011-12-02 14:14 - 000196608 _____ () C:\Program Files (x86)\ChomikBox\libwavpack-1.dll 2011-12-02 14:15 - 2011-12-02 14:15 - 000042496 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstwavparse.dll 2012-02-22 16:25 - 2015-10-28 14:50 - 000025088 _____ () C:\Program Files (x86)\ChomikBox\tsplugins\integration\chomikbox_win7.tsp 2012-06-06 17:13 - 2012-06-06 17:13 - 000093184 _____ () C:\Program Files (x86)\OrangeBusinessServices\Business Everywhere\{ad30a369-08e3-414c-9d2c-7f47dbe748da}\GIS.dll 2012-06-06 17:13 - 2012-06-06 17:13 - 000182784 _____ () C:\Program Files (x86)\OrangeBusinessServices\Business Everywhere\{ad30a369-08e3-414c-9d2c-7f47dbe748da}\ProxyDetection.dll 2018-07-28 23:52 - 2018-08-28 19:44 - 001790592 _____ () C:\Program Files (x86)\Microsoft\Skype for Desktop\ffmpeg.dll 2013-05-24 10:44 - 2012-06-25 19:41 - 001198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 15:25 - 2018-09-28 09:56 - 000000845 _____ C:\WINDOWS\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-28988410-767054531-3856019114-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg DNS Servers: 192.168.43.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == If an entry is included in the fixlist, it will be removed. ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{7B0C6E1B-C8B8-4089-A7AD-B968576D140F}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe FirewallRules: [{3C2556E4-457D-435A-B844-0447BA191D5B}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe FirewallRules: [{679019D5-9982-4267-B8CD-7143AAD5BCAE}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe FirewallRules: [{AA7A4EF5-60D1-46C9-A5B2-96557620B71C}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe FirewallRules: [{E1041C16-1403-496E-BCDD-A3B41E881FF3}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe FirewallRules: [{C9FB4746-4CE0-4EB8-8F24-B753F4786127}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe FirewallRules: [{5B94F721-96DF-46FD-9CA6-74608B68116F}] => (Allow) C:\Users\Agata\AppData\Local\Temp\7zS140A\HPDiagnosticCoreUI.exe FirewallRules: [{4F953B70-B572-4748-9D3B-5B6BA79E7E4D}] => (Allow) C:\Users\Agata\AppData\Local\Temp\7zS140A\HPDiagnosticCoreUI.exe FirewallRules: [{E4C0220C-5B77-451F-BA58-B0E43522BF9F}] => (Allow) C:\Program Files\HP\HP DeskJet 2130 series\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{B251AE86-55C5-4385-839F-A004FBEC1A7B}] => (Allow) C:\Program Files\HP\HP DeskJet 2130 series\Bin\USBSetup.exe FirewallRules: [{8A7CA7E0-2E3A-46C0-BF4A-22CC9AA81355}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe FirewallRules: [{C2F0FC63-7E92-4A44-8A38-A21DC0A4054F}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe FirewallRules: [{75238A94-4A0C-4EB5-B76B-8E764E9D1775}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe FirewallRules: [{F9095EFA-F314-42BE-93D5-7919E219119B}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe FirewallRules: [{B187A43C-D427-46B1-B563-52DA288A78D2}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe FirewallRules: [{5F5329A1-1ADD-4049-8BF0-6717D6B72860}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe FirewallRules: [UDP Query User{4F522A1C-24F9-4C4A-8CF1-CC71C416B416}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{C0CB3F03-F07B-48CA-BA7D-3ABDD0D1C3D5}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{D18A5788-D1AE-492D-94C9-AAA704A98D22}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{B52FDEAE-452F-48E7-B22D-95C1791F2615}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{29F187E3-06FC-42DB-BCD5-0250660E1364}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{B8CE08E2-DDEA-44FE-B163-4CC21256DF0F}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{3F97F54C-9353-448E-B10D-3977FDE863C6}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{036C032C-1A67-4540-9637-80D45B8D7DEC}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{8995E591-39F2-4BC3-A644-6A6713E2BEA8}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{4138E4E6-3676-4E74-8A7C-D5CF5F0FE403}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{FBA33FC7-DEF3-427A-A8D6-A8DA6C12312C}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{A8F6257E-29D4-4768-ADFC-01507E837D0C}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{9F25673E-3DA9-4AF5-B8D3-22A598095E76}] => (Allow) LPort=2869 FirewallRules: [{C58A8B59-48FA-4DA0-9FE6-91C9C912AD75}] => (Allow) LPort=1900 FirewallRules: [{68B2FE63-DC89-4FD6-B5E4-AA243C9E8DE0}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe FirewallRules: [{D86B4DBA-19A0-4D0F-A203-F397524C22A3}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe FirewallRules: [{BEEA8B1F-1615-45CC-94A8-271C15469C4C}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe FirewallRules: [{894D35C3-86E2-494B-A0AA-54DB5A7646E0}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe FirewallRules: [TCP Query User{2BC55A79-E4FD-4FE9-9A52-3502F39C96AD}C:\users\agata\downloads\anydesk.exe] => (Block) C:\users\agata\downloads\anydesk.exe FirewallRules: [UDP Query User{E3BEA397-7C93-4BB2-A9E8-7F80F0A172A2}C:\users\agata\downloads\anydesk.exe] => (Block) C:\users\agata\downloads\anydesk.exe FirewallRules: [{644CBE98-1D94-443F-9F42-CC0AE24D3DB0}] => (Allow) C:\Users\Agata\AppData\Local\Temp\7zS52A9\HPDiagnosticCoreUI.exe FirewallRules: [{AAB21416-4A9D-4205-9598-FF1A274B2723}] => (Allow) C:\Users\Agata\AppData\Local\Temp\7zS52A9\HPDiagnosticCoreUI.exe FirewallRules: [{FD5A69D0-F067-43F9-BD2A-896F3C75C985}] => (Allow) C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe FirewallRules: [{C2F5A1FF-8299-44FE-824B-2DB1F9999757}] => (Allow) C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe FirewallRules: [{D4277D58-DCBA-4939-86A7-B2FE3CF0ACD6}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe FirewallRules: [{D16718A5-4C4F-4B80-93E3-38761027ACD1}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe FirewallRules: [{BAE4BD2E-3278-4642-8980-46EECEF6D09E}] => (Allow) C:\Program Files (x86)\Opera\55.0.2994.44\opera.exe FirewallRules: [{FF6078D7-64F6-40AE-B389-767C2880717E}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe FirewallRules: [{28CDBBAE-7872-4804-9EBE-C4C693FC5538}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe FirewallRules: [{B3F9E818-5643-4957-B08D-56918D9D60DC}] => (Allow) C:\Program Files (x86)\Opera\55.0.2994.61\opera.exe FirewallRules: [{4AA8C437-FFAC-47BE-A68F-BC7164089A81}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{613FB534-CAB5-48E9-8E8A-E09C4624426E}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe ==================== Restore Points ========================= 26-09-2018 21:57:13 Scheduled Checkpoint ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (09/28/2018 10:05:41 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY) Description: Product: Avast Update Helper -- Error 1316. The specified account already exists. Error: (09/28/2018 09:59:13 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY) Description: Product: Avast Update Helper -- Error 1316. The specified account already exists. Error: (09/27/2018 10:05:39 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY) Description: Product: Avast Update Helper -- Error 1316. The specified account already exists. Error: (09/27/2018 09:05:41 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY) Description: Product: Avast Update Helper -- Error 1316. The specified account already exists. Error: (09/27/2018 08:05:39 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY) Description: Product: Avast Update Helper -- Error 1316. The specified account already exists. Error: (09/27/2018 07:05:40 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY) Description: Product: Avast Update Helper -- Error 1316. The specified account already exists. Error: (09/27/2018 06:05:42 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY) Description: Product: Avast Update Helper -- Error 1316. The specified account already exists. Error: (09/27/2018 05:30:43 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY) Description: Product: Avast Update Helper -- Error 1316. The specified account already exists. System errors: ============= Error: (09/28/2018 10:23:28 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: The server {784E29F4-5EBE-4279-9948-1E8FE941646D} did not register with DCOM within the required timeout. Error: (09/28/2018 10:00:33 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: The server {784E29F4-5EBE-4279-9948-1E8FE941646D} did not register with DCOM within the required timeout. Error: (09/28/2018 09:59:36 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (09/28/2018 09:57:28 AM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TuneUp.UtilitiesSvc service. Error: (09/28/2018 09:57:18 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: The server {784E29F4-5EBE-4279-9948-1E8FE941646D} did not register with DCOM within the required timeout. Error: (09/28/2018 09:56:58 AM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TuneUp.UtilitiesSvc service. Error: (09/28/2018 03:01:47 AM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TuneUp.UtilitiesSvc service. Error: (09/27/2018 09:30:55 PM) (Source: DCOM) (EventID: 10016) (User: AGATAA) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {8BC3F05E-D86B-11D0-A075-00C04FB68820} and APPID {8BC3F05E-D86B-11D0-A075-00C04FB68820} to the user Agataa\Agata SID (S-1-5-21-28988410-767054531-3856019114-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool. Windows Defender: =================================== Date: 2018-09-16 19:35:54.467 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.209.617.0 Update Source: Microsoft Malware Protection Center Signature Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.12205.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved Date: 2018-09-16 19:35:54.466 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.209.617.0 Update Source: Microsoft Malware Protection Center Signature Type: AntiSpyware Update Type: Full Current Engine Version: Previous Engine Version: 1.1.12205.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved Date: 2018-09-16 19:35:54.466 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.209.617.0 Update Source: Microsoft Malware Protection Center Signature Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.12205.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved Date: 2018-09-16 19:35:54.181 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.209.617.0 Update Source: Microsoft Update Server Signature Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.12205.0 Error code: 0x80240022 Error description: The program can't check for definition updates. Date: 2018-09-16 19:35:54.181 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.209.617.0 Update Source: Microsoft Update Server Signature Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.12205.0 Error code: 0x80240022 Error description: The program can't check for definition updates. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i3-3217U CPU @ 1.80GHz Percentage of memory in use: 77% Total physical RAM: 3981.72 MB Available physical RAM: 891.35 MB Total Virtual: 8845.72 MB Available Virtual: 4819.39 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:444.11 GB) (Free:328.42 GB) NTFS ==>[system with boot components (obtained from drive)] \\?\Volume{fddb56f4-1302-4d76-87cc-e965b2aff5c4}\ (Recovery) (Fixed) (Total:0.88 GB) (Free:0.53 GB) NTFS \\?\Volume{b47d9f1b-9214-4359-a3b5-e601d16e8f34}\ () (Fixed) (Total:0.34 GB) (Free:0.3 GB) NTFS \\?\Volume{5c476232-29b5-4467-b6ca-51a0ed610d68}\ (Restore) (Fixed) (Total:20.01 GB) (Free:10.37 GB) NTFS \\?\Volume{03059cf0-2a7a-43bd-88b6-112418ad1baa}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.25 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 337AEAFE) Partition: GPT. ==================== End of Addition.txt ============================