Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu zasekaný notebook

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Mortiz696
Návštěvník
Návštěvník
Příspěvky: 76
Registrován: 29 led 2014 19:24

Prosím o kontrolu zasekaný notebook

#1 Příspěvek od Mortiz696 »

Logfile of random's system information tool 1.10 (written by random/random)
Run by Martina Kirchnerová at 2019-01-19 15:56:07
Microsoft Windows 10 Home
System drive C: has 899 GB (94%) free of 953 GB
Total RAM: 4016 MB (46% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:56:16, on 19.01.2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Martina Kirchnerová\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
C:\Program Files\trend micro\Martina Kirchnerová.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer15.msn.com/?pc=ACTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer15.msn.com/?pc=ACTE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O4 - HKLM\..\Run: [abDocsDllLoader] C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Martina Kirchnerová\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.amazon.com
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Security Assist - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
O23 - Service: Intel(R) Security Assist Helper (isaHelperSvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)

--
End of file - 8030 bytes

======Listing Processes======









C:\WINDOWS\system32\lsass.exe
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
c:\windows\system32\svchost.exe -k rpcss -p
winlogon.exe
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
"fontdrvhost.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
"dwm.exe"
c:\windows\system32\svchost.exe -k localservice -p -s nsi
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule

c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
C:\WINDOWS\system32\igfxCUIService.exe
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
"C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc

C:\WINDOWS\system32\svchost.exe -k imgsvc


c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
c:\windows\system32\svchost.exe -k networkservice -p -s TapiSrv
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s WdiSystemHost
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
c:\windows\system32\svchost.exe -k netsvcs
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe -first
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
"ctfmon.exe"
C:\WINDOWS\Explorer.EXE

c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
C:\WINDOWS\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
igfxEM.exe
igfxHK.exe
igfxTray.exe
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" XGpuTrayIcon"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
"C:\Program Files\Acer\Acer Quick Access\QAAgent.exe"
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe" -ServerName:SkypeBackgroundHost
C:\OEM\Preload\FubTracking\FubTracking.exe
"C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\Video.UI.exe" -ServerName:Microsoft.ZuneVideo.AppX758ya5sqdjd98rx6z7g95nw6jy7bqx9y.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\browser_broker.exe -Embedding
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Users\Martina Kirchnerová\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
c:\windows\system32\svchost.exe -k unistacksvcgroup
"C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe" task
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe"
"C:\Program Files\rempl\sedsvc.exe"

c:\windows\system32\svchost.exe -k netsvcs -p
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
"C:\Program Files (x86)\Acer\Care Center\ACCStd.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\Acer\Acer Power Management\ePowerButton_NB.exe" -s
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Martina Kirchnerová\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Martina Kirchnerová\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Martina Kirchnerová\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=71.0.3578.98 --initial-client-data=0x1d4,0x1d8,0x1dc,0x1d0,0x1e0,0x7ffd4f0264d0,0x7ffd4f0264e0,0x7ffd4f0264f0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=8576 --on-initialized-event-handle=652 --parent-handle=656 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1492,2581418237514251198,2666198252064865646,131072 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAAAAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=14142596826173177017 --mojo-platform-channel-handle=1508 --ignored=" --type=renderer " /prefetch:2
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s RmSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s lmhosts
"C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe" -ServerName:Microsoft.MicrosoftOfficeHub.AppX6an27ssxm1kq22j0wm54a996rsgjh8an.mca
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeApp.exe" -ServerName:App.AppXffn3yxqvgawq9fpmnhy90fr3y01d1t5b.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1492,2581418237514251198,2666198252064865646,131072 --service-pipe-token=7876999678779853915 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=1 --service-request-channel-token=7876999678779853915 --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3984 /prefetch:1
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s gpsvc
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s BITS
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1492,2581418237514251198,2666198252064865646,131072 --service-pipe-token=14786495245587978196 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=1 --service-request-channel-token=14786495245587978196 --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6880 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1492,2581418237514251198,2666198252064865646,131072 --service-pipe-token=15442874996645467016 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=1 --service-request-channel-token=15442874996645467016 --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7844 /prefetch:1

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1492,2581418237514251198,2666198252064865646,131072 --service-pipe-token=14617128071212524493 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=1 --service-request-channel-token=14617128071212524493 --renderer-client-id=87 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5764 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1492,2581418237514251198,2666198252064865646,131072 --service-pipe-token=17565604270695818650 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=1 --service-request-channel-token=17565604270695818650 --renderer-client-id=88 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6840 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1492,2581418237514251198,2666198252064865646,131072 --service-pipe-token=5029579491913996441 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=1 --service-request-channel-token=5029579491913996441 --renderer-client-id=89 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7932 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1492,2581418237514251198,2666198252064865646,131072 --service-pipe-token=10856021076589293543 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=1 --service-request-channel-token=10856021076589293543 --renderer-client-id=92 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1428 /prefetch:1
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 744 748 756 8192 752
C:\WINDOWS\system32\AUDIODG.EXE 0x130
"C:\Users\Martina Kirchnerová\Downloads\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2018-04-12 638872]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-07-07 14040792]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-06-03 2754704]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-06-03 1571696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Martina Kirchnerová\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2018-12-18 1543264]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2019-01-10 19645800]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"abDocsDllLoader"=C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [2017-09-28 91488]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe /gui []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2019-01-19 15:56:07 ----D---- C:\rsit
2019-01-19 15:56:07 ----D---- C:\Program Files\trend micro
2019-01-19 15:37:05 ----D---- C:\AdwCleaner
2019-01-19 15:11:46 ----D---- C:\Program Files\Common Files\AVAST Software
2019-01-19 15:09:30 ----D---- C:\Program Files\CCleaner
2019-01-18 19:38:39 ----SHD---- C:\Config.Msi
2019-01-10 19:46:42 ----A---- C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2019-01-09 18:20:31 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2019-01-09 18:20:31 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-01-09 18:20:30 ----A---- C:\WINDOWS\system32\edgehtml.dll
2019-01-09 18:20:26 ----A---- C:\WINDOWS\system32\mshtml.dll
2019-01-09 18:20:21 ----A---- C:\WINDOWS\system32\wininet.dll
2019-01-09 18:20:20 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2019-01-09 18:20:20 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2019-01-09 18:20:18 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2019-01-09 18:20:16 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2019-01-09 18:20:16 ----A---- C:\WINDOWS\system32\Chakra.dll
2019-01-09 18:20:14 ----A---- C:\WINDOWS\system32\ieframe.dll
2019-01-09 18:20:14 ----A---- C:\WINDOWS\system32\combase.dll
2019-01-09 18:20:13 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2019-01-09 18:20:13 ----A---- C:\WINDOWS\system32\EdgeContent.dll
2019-01-09 18:20:12 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2019-01-09 18:20:10 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2019-01-09 18:20:10 ----A---- C:\WINDOWS\system32\hvix64.exe
2019-01-09 18:20:09 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2019-01-09 18:20:09 ----A---- C:\WINDOWS\system32\msxml6.dll
2019-01-09 18:20:09 ----A---- C:\WINDOWS\system32\iertutil.dll
2019-01-09 18:20:08 ----A---- C:\WINDOWS\system32\WebRuntimeManager.dll
2019-01-09 18:20:07 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2019-01-09 18:20:07 ----A---- C:\WINDOWS\system32\hvax64.exe
2019-01-09 18:20:07 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2019-01-09 18:20:06 ----A---- C:\WINDOWS\system32\wlidsvc.dll
2019-01-09 18:20:06 ----A---- C:\WINDOWS\system32\urlmon.dll
2019-01-09 18:20:06 ----A---- C:\WINDOWS\system32\rpcss.dll
2019-01-09 18:20:04 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2019-01-09 18:20:04 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2019-01-09 18:20:02 ----A---- C:\WINDOWS\system32\EdgeManager.dll
2019-01-09 18:20:02 ----A---- C:\WINDOWS\system32\aadtb.dll
2019-01-09 18:20:01 ----A---- C:\WINDOWS\system32\bcastdvruserservice.dll
2019-01-09 18:20:00 ----A---- C:\WINDOWS\SYSWOW64\msrd3x40.dll
2019-01-09 18:20:00 ----A---- C:\WINDOWS\system32\lsasrv.dll
2019-01-09 18:19:59 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2019-01-09 18:19:57 ----A---- C:\WINDOWS\SYSWOW64\EdgeManager.dll
2019-01-09 18:19:57 ----A---- C:\WINDOWS\system32\Windows.Web.dll
2019-01-09 18:19:57 ----A---- C:\WINDOWS\system32\MusNotification.exe
2019-01-09 18:19:57 ----A---- C:\WINDOWS\system32\edgeIso.dll
2019-01-09 18:19:56 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.OnlineId.dll
2019-01-09 18:19:56 ----A---- C:\WINDOWS\system32\wlidprov.dll
2019-01-09 18:19:56 ----A---- C:\WINDOWS\system32\WinTypes.dll
2019-01-09 18:19:56 ----A---- C:\WINDOWS\system32\browserbroker.dll
2019-01-09 18:19:55 ----A---- C:\WINDOWS\SYSWOW64\Windows.Web.dll
2019-01-09 18:19:55 ----A---- C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-01-09 18:19:55 ----A---- C:\WINDOWS\system32\tcblaunch.exe
2019-01-09 18:19:55 ----A---- C:\WINDOWS\system32\kerberos.dll
2019-01-09 18:19:53 ----A---- C:\WINDOWS\SYSWOW64\WinTypes.dll
2019-01-09 18:19:53 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2019-01-09 18:19:52 ----A---- C:\WINDOWS\SYSWOW64\MSVideoDSP.dll
2019-01-09 18:19:52 ----A---- C:\WINDOWS\system32\MSVideoDSP.dll
2019-01-09 18:19:52 ----A---- C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2019-01-09 18:19:52 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2019-01-09 18:19:51 ----A---- C:\WINDOWS\SYSWOW64\Windows.Graphics.Printing.Workflow.dll
2019-01-09 18:19:51 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2019-01-09 18:19:50 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2019-01-09 18:19:50 ----A---- C:\WINDOWS\system32\dssvc.dll
2019-01-09 18:19:49 ----A---- C:\WINDOWS\SYSWOW64\wlidcredprov.dll
2019-01-09 18:19:49 ----A---- C:\WINDOWS\SYSWOW64\webplatstorageserver.dll
2019-01-09 18:19:49 ----A---- C:\WINDOWS\SYSWOW64\MicrosoftAccountTokenProvider.dll
2019-01-09 18:19:49 ----A---- C:\WINDOWS\SYSWOW64\edgeIso.dll
2019-01-09 18:19:49 ----A---- C:\WINDOWS\system32\msv1_0.dll
2019-01-09 18:19:49 ----A---- C:\WINDOWS\system32\hvloader.dll
2019-01-09 18:19:49 ----A---- C:\WINDOWS\system32\drivers\tm.sys
2019-01-09 18:19:49 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2019-01-09 18:19:49 ----A---- C:\WINDOWS\system32\drivers\hvservice.sys
2019-01-09 18:19:49 ----A---- C:\WINDOWS\system32\browser_broker.exe
2019-01-09 18:19:48 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2019-01-09 18:19:48 ----A---- C:\WINDOWS\system32\MSPhotography.dll
2019-01-09 18:19:47 ----A---- C:\WINDOWS\SYSWOW64\wlidprov.dll
2019-01-09 18:19:47 ----A---- C:\WINDOWS\SYSWOW64\MSPhotography.dll
2019-01-09 18:19:47 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2019-01-09 18:19:47 ----A---- C:\WINDOWS\SYSWOW64\dhcpcore.dll
2019-01-09 18:19:47 ----A---- C:\WINDOWS\system32\wlidcli.dll
2019-01-09 18:19:47 ----A---- C:\WINDOWS\system32\drivers\wanarp.sys
2019-01-09 18:19:47 ----A---- C:\WINDOWS\system32\dhcpcore.dll
2019-01-09 18:19:47 ----A---- C:\WINDOWS\system32\browserexport.exe
2019-01-09 18:19:46 ----A---- C:\WINDOWS\SYSWOW64\wlidcli.dll
2019-01-09 18:19:46 ----A---- C:\WINDOWS\system32\windowslivelogin.dll
2019-01-09 18:19:46 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2019-01-09 18:19:45 ----A---- C:\WINDOWS\SYSWOW64\windowslivelogin.dll
2019-01-09 18:19:45 ----A---- C:\WINDOWS\SYSWOW64\wincorlib.dll
2019-01-09 18:19:45 ----A---- C:\WINDOWS\system32\wlidcredprov.dll
2019-01-09 18:19:45 ----A---- C:\WINDOWS\system32\Print.Workflow.Source.dll
2019-01-09 18:19:45 ----A---- C:\WINDOWS\system32\iemigplugin.dll

======List of files/folders modified in the last 1 month======

2019-01-19 15:56:15 ----D---- C:\WINDOWS\Temp
2019-01-19 15:56:15 ----D---- C:\WINDOWS\Prefetch
2019-01-19 15:56:07 ----RD---- C:\Program Files
2019-01-19 15:54:31 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2019-01-19 15:44:18 ----D---- C:\Windows
2019-01-19 15:43:23 ----D---- C:\WINDOWS\system32\Tasks
2019-01-19 15:41:52 ----D---- C:\WINDOWS\System32
2019-01-19 15:41:52 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-01-19 15:41:43 ----D---- C:\WINDOWS\AppReadiness
2019-01-19 15:41:03 ----D---- C:\ProgramData\NVIDIA
2019-01-19 15:40:55 ----D---- C:\ProgramData\AVAST Software
2019-01-19 15:40:48 ----HD---- C:\ProgramData
2019-01-19 15:40:48 ----D---- C:\WINDOWS\system32\drivers
2019-01-19 15:40:48 ----D---- C:\Program Files\Common Files\McAfee
2019-01-19 15:40:48 ----AD---- C:\Program Files\mcafee
2019-01-19 15:40:47 ----D---- C:\Program Files\Common Files
2019-01-19 15:40:03 ----D---- C:\WINDOWS\system32\sru
2019-01-19 15:39:07 ----D---- C:\WINDOWS\system32\Tasks_Migrated
2019-01-19 15:24:29 ----RD---- C:\Program Files (x86)
2019-01-19 15:24:27 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2019-01-19 15:23:54 ----HD---- C:\Program Files\WindowsApps
2019-01-19 15:15:26 ----DC---- C:\WINDOWS\Panther
2019-01-19 15:15:24 ----D---- C:\WINDOWS\INF
2019-01-19 15:15:23 ----D---- C:\WINDOWS\LiveKernelReports
2019-01-19 15:15:23 ----D---- C:\WINDOWS\debug
2019-01-19 15:14:53 ----D---- C:\WINDOWS\system32\config
2019-01-19 15:12:27 ----D---- C:\WINDOWS\WinSxS
2019-01-19 15:11:49 ----HD---- C:\WINDOWS\ELAMBKUP
2019-01-19 15:06:00 ----SHD---- C:\WINDOWS\Installer
2019-01-19 15:05:32 ----D---- C:\Program Files (x86)\Acer
2019-01-19 14:59:58 ----SD---- C:\ProgramData\Microsoft
2019-01-19 14:59:52 ----SD---- C:\Users\Martina Kirchnerová\AppData\Roaming\Microsoft
2019-01-19 14:58:37 ----D---- C:\Program Files\Intel
2019-01-19 14:58:33 ----D---- C:\WINDOWS\system32\DriverStore
2019-01-19 14:57:24 ----D---- C:\ProgramData\McAfee
2019-01-19 14:54:51 ----RD---- C:\WINDOWS\assembly
2019-01-19 14:52:01 ----D---- C:\Program Files (x86)\WildTangent Games
2019-01-19 14:51:31 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2019-01-19 14:51:21 ----D---- C:\ProgramData\CyberLink
2019-01-19 14:47:45 ----D---- C:\WINDOWS\SysWOW64
2019-01-19 14:47:38 ----D---- C:\WINDOWS\system32\catroot2
2019-01-19 14:44:50 ----SHD---- C:\System Volume Information
2019-01-19 14:36:14 ----D---- C:\WINDOWS\system32\SleepStudy
2019-01-19 14:31:39 ----RD---- C:\WINDOWS\Microsoft.NET
2019-01-18 19:39:40 ----AD---- C:\Program Files\rempl
2019-01-17 13:14:17 ----D---- C:\WINDOWS\system32\LogFiles
2019-01-16 19:24:21 ----D---- C:\WINDOWS\Logs
2019-01-12 15:37:44 ----D---- C:\WINDOWS\CbsTemp
2019-01-10 19:31:30 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2019-01-10 17:47:00 ----D---- C:\WINDOWS\TextInput
2019-01-10 17:47:00 ----D---- C:\WINDOWS\SYSWOW64\zu-ZA
2019-01-10 17:47:00 ----D---- C:\WINDOWS\SYSWOW64\yo-NG
2019-01-10 17:47:00 ----D---- C:\WINDOWS\SYSWOW64\xh-ZA
2019-01-10 17:47:00 ----D---- C:\WINDOWS\SYSWOW64\wo-SN
2019-01-10 17:47:00 ----D---- C:\WINDOWS\SYSWOW64\uz-Latn-UZ
2019-01-10 17:47:00 ----D---- C:\WINDOWS\SYSWOW64\tn-ZA
2019-01-10 17:47:00 ----D---- C:\WINDOWS\SYSWOW64\ti-ET
2019-01-10 17:47:00 ----D---- C:\WINDOWS\SYSWOW64\tg-Cyrl-TJ
2019-01-10 17:47:00 ----D---- C:\WINDOWS\SYSWOW64\sr-Cyrl-RS
2019-01-10 17:47:00 ----D---- C:\WINDOWS\SYSWOW64\sr-Cyrl-BA
2019-01-10 17:47:00 ----D---- C:\WINDOWS\SYSWOW64\sd-Arab-PK
2019-01-10 17:47:00 ----D---- C:\WINDOWS\SYSWOW64\rw-RW
2019-01-10 17:47:00 ----D---- C:\WINDOWS\SYSWOW64\quc-Latn-GT
2019-01-10 17:47:00 ----D---- C:\WINDOWS\SYSWOW64\pa-Arab-PK
2019-01-10 17:47:00 ----D---- C:\WINDOWS\SYSWOW64\nso-ZA
2019-01-10 17:47:00 ----D---- C:\WINDOWS\SYSWOW64\ku-Arab-IQ
2019-01-10 17:47:00 ----D---- C:\WINDOWS\SYSWOW64\ig-NG
2019-01-10 17:47:00 ----D---- C:\WINDOWS\SYSWOW64\chr-CHER-US
2019-01-10 17:47:00 ----D---- C:\WINDOWS\SYSWOW64\ha-Latn-NG
2019-01-10 17:47:00 ----D---- C:\WINDOWS\SYSWOW64\ca-ES-valencia
2019-01-10 17:47:00 ----D---- C:\WINDOWS\SYSWOW64\bs-Latn-BA
2019-01-10 17:47:00 ----D---- C:\WINDOWS\SYSWOW64\az-Latn-AZ
2019-01-10 17:47:00 ----D---- C:\WINDOWS\system32\zu-ZA
2019-01-10 17:47:00 ----D---- C:\WINDOWS\system32\yo-NG
2019-01-10 17:47:00 ----D---- C:\WINDOWS\system32\xh-ZA
2019-01-10 17:47:00 ----D---- C:\WINDOWS\system32\wo-SN
2019-01-10 17:47:00 ----D---- C:\WINDOWS\system32\uz-Latn-UZ
2019-01-10 17:47:00 ----D---- C:\WINDOWS\system32\tn-ZA
2019-01-10 17:47:00 ----D---- C:\WINDOWS\system32\ti-ET
2019-01-10 17:47:00 ----D---- C:\WINDOWS\system32\tg-Cyrl-TJ
2019-01-10 17:47:00 ----D---- C:\WINDOWS\system32\sr-Cyrl-RS
2019-01-10 17:47:00 ----D---- C:\WINDOWS\system32\sr-Cyrl-BA
2019-01-10 17:47:00 ----D---- C:\WINDOWS\system32\sd-Arab-PK
2019-01-10 17:47:00 ----D---- C:\WINDOWS\system32\rw-RW
2019-01-10 17:47:00 ----D---- C:\WINDOWS\system32\quc-Latn-GT
2019-01-10 17:47:00 ----D---- C:\WINDOWS\system32\pa-Arab-PK
2019-01-10 17:47:00 ----D---- C:\WINDOWS\system32\nso-ZA
2019-01-10 17:47:00 ----D---- C:\WINDOWS\system32\ku-Arab-IQ
2019-01-10 17:47:00 ----D---- C:\WINDOWS\system32\ig-NG
2019-01-10 17:47:00 ----D---- C:\WINDOWS\system32\chr-CHER-US
2019-01-10 17:47:00 ----D---- C:\WINDOWS\system32\ha-Latn-NG
2019-01-10 17:47:00 ----D---- C:\WINDOWS\system32\ca-ES-valencia
2019-01-10 17:47:00 ----D---- C:\WINDOWS\system32\bs-Latn-BA
2019-01-10 17:47:00 ----D---- C:\WINDOWS\system32\az-Latn-AZ
2019-01-10 17:46:59 ----D---- C:\WINDOWS\bcastdvr
2019-01-09 18:53:27 ----D---- C:\WINDOWS\system32\MRT
2019-01-09 18:32:37 ----AC---- C:\WINDOWS\system32\MRT.exe
2019-01-02 20:41:40 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2018-12-23 02:17:36 ----D---- C:\WINDOWS\system32\WDI
2018-12-23 02:12:43 ----D---- C:\Program Files (x86)\McAfee
2018-12-23 02:10:32 ----D---- C:\WINDOWS\system32\migration
2018-12-23 02:10:31 ----D---- C:\WINDOWS\system32\Boot

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2015-06-23 1455552]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2018-12-08 58168]
R0 SgrmAgent;@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001; C:\WINDOWS\system32\drivers\SgrmAgent.sys [2018-04-12 63896]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2018-04-12 39424]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-04-12 60320]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2018-04-12 55808]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-04-12 8192]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2018-07-14 414720]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2018-12-08 43008]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2018-12-08 82432]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2016-09-30 610656]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2018-04-12 85504]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2018-04-12 60320]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2017-09-25 7971792]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-07-07 4514008]
R3 LMDriver;@oem67.inf,%LMDriver.SVCDESC%;Launch Manager Wireless Driver; C:\WINDOWS\System32\drivers\LMDriver.sys [2018-05-15 31000]
R3 MEIx64;@oem44.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2015-06-12 183584]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvlddmkm.sys [2017-01-17 14190520]
R3 nvvad_WaveExtensible;@oem24.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2015-05-19 46768]
R3 Qcamain10x64;@oem45.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN 11AC device driver; C:\WINDOWS\system32\DRIVERS\Qcamain10x64.sys [2017-04-24 2412976]
R3 RadioShim;@oem67.inf,%RadioShim.SVCDESC%;Shim for HID-KMDF Interface layer; C:\WINDOWS\System32\drivers\RadioShim.sys [2018-05-15 25368]
R3 rt640x64;@oem61.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-05-29 886528]
R3 RTSUER;@oem50.inf,%RtsUER%;Realtek USB Card Reader - UER; C:\WINDOWS\system32\Drivers\RtsUer.sys [2016-09-28 410880]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2018-04-12 38304]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-04-12 321432]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-04-12 885144]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-04-12 145816]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-04-12 124312]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-04-12 128408]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-04-12 75160]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2018-04-12 82328]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2018-04-12 58776]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2018-04-12 61848]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2018-04-12 39840]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2018-08-03 128920]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2018-06-15 48544]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-04-12 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2018-04-12 18432]
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2018-12-08 92688]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2018-12-08 1097728]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-04-12 39936]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2018-04-12 123392]
S3 dg_ssudbus;@oem64.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2016-09-05 131712]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-04-12 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-04-12 50592]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2019-01-01 76088]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2018-04-12 27136]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-04-12 1836952]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2018-04-12 36864]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2018-04-12 91648]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-04-12 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-04-12 88576]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-04-12 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-04-12 174592]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2018-04-12 526232]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-04-12 38912]
S3 IntcDAud;@oem59.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2016-05-12 481768]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2018-04-12 32256]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2018-04-12 119808]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2018-04-12 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2018-04-12 56736]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-04-12 842648]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2018-04-12 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2018-04-12 175104]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2018-04-12 104448]
S3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-06-03 19600]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2018-04-12 105984]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2018-04-12 16896]
S3 Qcamain;Qualcomm Atheros Extensible Wireless LAN 11AC device driver; C:\WINDOWS\System32\drivers\Qcamainx64.sys [2015-07-10 2276352]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2018-06-15 945568]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2018-04-12 104448]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2018-04-12 33176]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2018-04-12 57752]
S3 ssudmdm;@oem38.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2016-09-05 165504]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2018-04-12 33184]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R2 CDPUserSvc_4b225;Uživatelská služba platformy připojených zařízení_4b225; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-06-03 1152656]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2017-09-25 373712]
R2 isaHelperSvc;Intel(R) Security Assist Helper; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [2015-05-19 7680]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2015-06-24 223008]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2015-06-24 411936]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2016-12-29 458176]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-06-03 1893008]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-06-03 23007376]
R2 OneSyncSvc_4b225;Hostitel synchronizace_4b225; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2018-07-14 760888]
R2 sedsvc;Windows Remediation Service; C:\Program Files\rempl\sedsvc.exe [2019-01-11 325432]
R2 SgrmBroker;@%SystemRoot%\System32\SgrmBroker.exe,-100; C:\WINDOWS\system32\SgrmBroker.exe [2018-04-12 163336]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R3 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2018-06-16 43648]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BcastDVRUserService_4b225;Uživatelská služba pro GameDVR a vysílání her_4b225; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BluetoothUserService_4b225;Služba pro podporu uživatelů Bluetooth_4b225; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DevicePickerUserSvc_4b225;DevicePicker_4b225; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DevicesFlowUserSvc_4b225;Tok zařízení_4b225; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-08-03 90624]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2015-05-22 881152]
S3 Intel(R) Security Assist;Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [2015-05-19 335872]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 MessagingService_4b225;Služba zasílání zpráv_4b225; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 PimIndexMaintenanceSvc_4b225;Data kontaktů_4b225; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 PrintWorkflowUserSvc_4b225;PrintWorkflow_4b225; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2018-04-12 1273344]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2018-06-08 976384]
S4 0180091547905993mcinstcleanup;McAfee Application Installer Cleanup (0180091547905993); C:\Users\MARTIN~1\AppData\Local\Temp\018009~1.EXE [2018-09-30 1031928]
S4 AtherosSvc;AtherosSvc; C:\WINDOWS\system32\AdminService.exe [2016-09-30 355760]
S4 CCDMonitorService;CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2017-09-26 2278688]
S4 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2017-09-25 300624]
S4 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2015-05-14 2573568]
S4 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2016-09-01 350064]
S4 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2016-09-01 210288]
S4 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\elevation_service.exe [2018-12-12 443872]
S4 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-29 153752]
S4 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-29 153752]
S4 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
S4 QALSvc;Quick Access Local Service; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [2015-07-09 398176]
S4 QASvc;Quick Access Service; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [2015-07-09 450400]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S4 ssh-agent;OpenSSH Authentication Agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [2018-03-10 495616]

-----------------EOF-----------------

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o kontrolu zasekaný notebook

#2 Příspěvek od Conder »

Ahoj :)

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
  • Nechaj zaskrtnute vsetky nalezy
  • Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Mortiz696
Návštěvník
Návštěvník
Příspěvky: 76
Registrován: 29 led 2014 19:24

Re: Prosím o kontrolu zasekaný notebook

#3 Příspěvek od Mortiz696 »

sken č 1
# -------------------------------
# Malwarebytes AdwCleaner 7.2.6.0
# -------------------------------
# Build: 12-18-2018
# Database: 2019-01-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 01-19-2019
# Duration: 00:00:21
# OS: Windows 10 Home
# Scanned: 32265
# Detected: 44


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

Adware.pokki C:\Windows\ServiceProfiles\LocalService\AppData\Local\Host App Service
Adware.pokki C:\Users\Public\App Explorer
Adware.pokki C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Host App Service
Adware.pokki C:\Users\Public\Pokki
PUP.Optional.Booking C:\Program Files\Booking.com

***** [ Files ] *****

Adware.pokki C:\Windows\ServiceProfiles\LocalService\Desktop\App Explorer.lnk
Adware.pokki C:\Windows\ServiceProfiles\NetworkService\Desktop\App Explorer.lnk
Adware.pokki C:\Windows\System32\Tasks_Migrated\App Explorer
PUP.Optional.AmazonAssistant C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AmazonAssistant.lnk
PUP.Optional.AmazonAssistant C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AmazonAssistant.lnk
PUP.Optional.AmazonAssistant C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AmazonAssistant (2).lnk
PUP.Optional.AmazonAssistant C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AmazonAssistant (2).lnk
PUP.Optional.Booking C:\Windows\ServiceProfiles\NetworkService\Favorites\Booking.com.url
PUP.Optional.Booking C:\Windows\ServiceProfiles\LocalService\Favorites\Booking.com.url
PUP.Optional.Booking C:\Users\Martina Kirchnerová\Favorites\Booking.com.url
PUP.Optional.Booking C:\Users\Public\Desktop\Booking.com.lnk

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Amazon1Button HKCU\Software\Classes\Software\APPDATALOW\SOFTWARE\AMAZON\Amazon1ButtonApp
PUP.Optional.Amazon1Button HKU\S-1-5-18\Software\APPDATALOW\SOFTWARE\AMAZON\Amazon1ButtonApp
PUP.Optional.Amazon1Button HKCU\Software\APPDATALOW\SOFTWARE\AMAZON\Amazon1ButtonApp
PUP.Optional.Amazon1Button HKU\.DEFAULT\Software\APPDATALOW\SOFTWARE\AMAZON\Amazon1ButtonApp
PUP.Optional.Amazon1Button HKLM\Software\Wow6432Node\APPDATALOW\SOFTWARE\AMAZON\Amazon1ButtonApp
PUP.Optional.Amazon1Button HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F5415905096AA504A9FB967C7A138943
PUP.Optional.Amazon1Button HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|Amazon1ButtonTaskbarApp.exe
PUP.Optional.Amazon1Button HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|Amazon1ButtonTaskbarApp.exe
PUP.Optional.AmazonAssistant HKLM\Software\Wow6432Node\AppDataLow\Software\Amazon\AmazonAssistant
PUP.Optional.AmazonAssistant HKLM\Software\Wow6432Node\Classes\AppID\AmazonAppIE.dll
PUP.Optional.AmazonAssistant HKLM\SOFTWARE\Classes\AppID\AmazonAppIE.dll
PUP.Optional.AmazonAssistant HKLM\SYSTEM\Setup\FirstBoot\Services\Amazon Assistant Service
PUP.Optional.AmazonAssistant HKLM\Software\Wow6432Node\Classes\Interface\{571139B2-8D93-4B29-9AA9-496EF27D6AF8}
PUP.Optional.AmazonAssistant HKLM\Software\Classes\Interface\{571139B2-8D93-4B29-9AA9-496EF27D6AF8}
PUP.Optional.AmazonAssistant HKLM\Software\Wow6432Node\Classes\Interface\{BFF94CF8-2D3B-4B2F-BB83-3600280AFEBA}
PUP.Optional.AmazonAssistant HKLM\Software\Wow6432Node\Classes\Interface\{6B7479D5-C493-40F0-99B6-BFC901980034}
PUP.Optional.AmazonAssistant HKLM\Software\Wow6432Node\Classes\Interface\{3268A00F-D329-42E1-ABF0-E78D5656BA2A}
PUP.Optional.AmazonAssistant HKLM\Software\Classes\Interface\{3268A00F-D329-42E1-ABF0-E78D5656BA2A}
PUP.Optional.AmazonAssistant HKLM\Software\Wow6432Node\Classes\AppID\{F18AE3C4-D2AD-42AC-9282-509DCF035D06}
PUP.Optional.AmazonAssistant HKLM\Software\Classes\AppID\{F18AE3C4-D2AD-42AC-9282-509DCF035D06}
PUP.Optional.Assistant HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}
PUP.Optional.Assistant HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}
PUP.Optional.Assistant HKLM\System\CurrentControlSet\Services\EventLog\Application\Amazon Assistant Service
PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}
PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3DCCCD6BD02558446B24CF1C63EC213C
PUP.Optional.Legacy HKLM\Software\Wow6432Node\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}
PUP.Optional.Legacy HKLM\Software\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
sken č 2

# -------------------------------
# Malwarebytes AdwCleaner 7.2.6.0
# -------------------------------
# Build: 12-18-2018
# Database: 2019-01-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 01-19-2019
# Duration: 00:00:19
# OS: Windows 10 Home
# Scanned: 32265
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.


AdwCleaner[S00].txt - [6088 octets] - [19/01/2019 15:37:35]
AdwCleaner[C00].txt - [5476 octets] - [19/01/2019 15:39:11]
AdwCleaner[S01].txt - [1372 octets] - [19/01/2019 15:45:15]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S02].txt ##########

novy frst
Logfile of random's system information tool 1.10 (written by random/random)
Run by Martina Kirchnerová at 2019-01-19 17:09:39
Microsoft Windows 10 Home
System drive C: has 899 GB (94%) free of 953 GB
Total RAM: 4016 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:09:42, on 19.01.2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Martina Kirchnerová\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
C:\Users\Martina Kirchnerová\Downloads\adwcleaner_7.2.6.0.exe
C:\Program Files\trend micro\Martina Kirchnerová.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer15.msn.com/?pc=ACTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer15.msn.com/?pc=ACTE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O4 - HKLM\..\Run: [abDocsDllLoader] C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Martina Kirchnerová\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.amazon.com
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Security Assist - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
O23 - Service: Intel(R) Security Assist Helper (isaHelperSvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)

--
End of file - 8093 bytes

======Listing Processes======









C:\WINDOWS\system32\lsass.exe
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
c:\windows\system32\svchost.exe -k rpcss -p
winlogon.exe
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
"fontdrvhost.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
"dwm.exe"
c:\windows\system32\svchost.exe -k localservice -p -s nsi
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule

c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
C:\WINDOWS\system32\igfxCUIService.exe
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc

C:\WINDOWS\system32\svchost.exe -k imgsvc

c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
c:\windows\system32\svchost.exe -k networkservice -p -s TapiSrv
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
c:\windows\system32\svchost.exe -k netsvcs
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe -first
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
"ctfmon.exe"
C:\WINDOWS\Explorer.EXE

c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
C:\WINDOWS\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
igfxEM.exe
igfxHK.exe
igfxTray.exe
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" XGpuTrayIcon"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
"C:\Program Files\Acer\Acer Quick Access\QAAgent.exe"
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe" -ServerName:SkypeBackgroundHost
"C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\Video.UI.exe" -ServerName:Microsoft.ZuneVideo.AppX758ya5sqdjd98rx6z7g95nw6jy7bqx9y.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\browser_broker.exe -Embedding
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Users\Martina Kirchnerová\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
c:\windows\system32\svchost.exe -k unistacksvcgroup
"C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe" task
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe"
"C:\Program Files\rempl\sedsvc.exe"

c:\windows\system32\svchost.exe -k netsvcs -p
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
"C:\Program Files (x86)\Acer\Care Center\ACCStd.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerButton_NB.exe" -s
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s RmSvc
"C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe" -ServerName:Microsoft.MicrosoftOfficeHub.AppX6an27ssxm1kq22j0wm54a996rsgjh8an.mca
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeApp.exe" -ServerName:App.AppXffn3yxqvgawq9fpmnhy90fr3y01d1t5b.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
"C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s DoSvc
"C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe"
C:\WINDOWS\servicing\TrustedInstaller.exe
C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17134.464_none_eaf315ac1d6e512f\TiWorker.exe -Embedding

"C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe" -ServerName:WindowsDefaultLockScreen.AppX7y4nbzq37zn4ks9k7amqjywdat7d3j2z.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s gpsvc
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s camsvc
C:\WINDOWS\system32\AUDIODG.EXE 0x438
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Martina Kirchnerová\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Martina Kirchnerová\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Martina Kirchnerová\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=71.0.3578.98 --initial-client-data=0x1d4,0x1d8,0x1dc,0x1d0,0x1e0,0x7ffd549964d0,0x7ffd549964e0,0x7ffd549964f0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=17204 --on-initialized-event-handle=652 --parent-handle=656 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1808,14859933724596849448,15439548571280263112,131072 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAAAAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=6655519834292375325 --mojo-platform-channel-handle=1844 --ignored=" --type=renderer " /prefetch:2
"C:\Users\Martina Kirchnerová\Downloads\adwcleaner_7.2.6.0.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1808,14859933724596849448,15439548571280263112,131072 --service-pipe-token=1897676298784355268 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=1 --service-request-channel-token=1897676298784355268 --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6136 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1808,14859933724596849448,15439548571280263112,131072 --service-pipe-token=13965864398389107730 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=1 --service-request-channel-token=13965864398389107730 --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4668 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1808,14859933724596849448,15439548571280263112,131072 --service-pipe-token=5346599089676182266 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=1 --service-request-channel-token=5346599089676182266 --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4680 /prefetch:1
"C:\WINDOWS\system32\NOTEPAD.EXE" C:\AdwCleaner\Logs\AdwCleaner[S00].txt
"C:\Program Files\Realtek\Audio\HDA\FMAPP.exe" -START
"C:\Users\Martina Kirchnerová\Downloads\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe6_ Global\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 744 748 756 8192 752
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
"C:\Program Files\Realtek\Audio\HDA\FMAPP.exe" -STOP

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2018-04-12 638872]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-07-07 14040792]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-06-03 2754704]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-06-03 1571696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Martina Kirchnerová\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2018-12-18 1543264]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2019-01-10 19645800]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"abDocsDllLoader"=C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [2017-09-28 91488]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe /gui []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2019-01-19 15:56:07 ----D---- C:\rsit
2019-01-19 15:56:07 ----D---- C:\Program Files\trend micro
2019-01-19 15:37:05 ----D---- C:\AdwCleaner
2019-01-19 15:11:46 ----D---- C:\Program Files\Common Files\AVAST Software
2019-01-19 15:09:30 ----D---- C:\Program Files\CCleaner
2019-01-18 19:38:39 ----SHD---- C:\Config.Msi
2019-01-10 19:46:42 ----A---- C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2019-01-09 18:20:31 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2019-01-09 18:20:31 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-01-09 18:20:30 ----A---- C:\WINDOWS\system32\edgehtml.dll
2019-01-09 18:20:26 ----A---- C:\WINDOWS\system32\mshtml.dll
2019-01-09 18:20:21 ----A---- C:\WINDOWS\system32\wininet.dll
2019-01-09 18:20:20 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2019-01-09 18:20:20 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2019-01-09 18:20:18 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2019-01-09 18:20:16 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2019-01-09 18:20:16 ----A---- C:\WINDOWS\system32\Chakra.dll
2019-01-09 18:20:14 ----A---- C:\WINDOWS\system32\ieframe.dll
2019-01-09 18:20:14 ----A---- C:\WINDOWS\system32\combase.dll
2019-01-09 18:20:13 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2019-01-09 18:20:13 ----A---- C:\WINDOWS\system32\EdgeContent.dll
2019-01-09 18:20:12 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2019-01-09 18:20:10 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2019-01-09 18:20:10 ----A---- C:\WINDOWS\system32\hvix64.exe
2019-01-09 18:20:09 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2019-01-09 18:20:09 ----A---- C:\WINDOWS\system32\msxml6.dll
2019-01-09 18:20:09 ----A---- C:\WINDOWS\system32\iertutil.dll
2019-01-09 18:20:08 ----A---- C:\WINDOWS\system32\WebRuntimeManager.dll
2019-01-09 18:20:07 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2019-01-09 18:20:07 ----A---- C:\WINDOWS\system32\hvax64.exe
2019-01-09 18:20:07 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2019-01-09 18:20:06 ----A---- C:\WINDOWS\system32\wlidsvc.dll
2019-01-09 18:20:06 ----A---- C:\WINDOWS\system32\urlmon.dll
2019-01-09 18:20:06 ----A---- C:\WINDOWS\system32\rpcss.dll
2019-01-09 18:20:04 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2019-01-09 18:20:04 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2019-01-09 18:20:02 ----A---- C:\WINDOWS\system32\EdgeManager.dll
2019-01-09 18:20:02 ----A---- C:\WINDOWS\system32\aadtb.dll
2019-01-09 18:20:01 ----A---- C:\WINDOWS\system32\bcastdvruserservice.dll
2019-01-09 18:20:00 ----A---- C:\WINDOWS\SYSWOW64\msrd3x40.dll
2019-01-09 18:20:00 ----A---- C:\WINDOWS\system32\lsasrv.dll
2019-01-09 18:19:59 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2019-01-09 18:19:57 ----A---- C:\WINDOWS\SYSWOW64\EdgeManager.dll
2019-01-09 18:19:57 ----A---- C:\WINDOWS\system32\Windows.Web.dll
2019-01-09 18:19:57 ----A---- C:\WINDOWS\system32\MusNotification.exe
2019-01-09 18:19:57 ----A---- C:\WINDOWS\system32\edgeIso.dll
2019-01-09 18:19:56 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.OnlineId.dll
2019-01-09 18:19:56 ----A---- C:\WINDOWS\system32\wlidprov.dll
2019-01-09 18:19:56 ----A---- C:\WINDOWS\system32\WinTypes.dll
2019-01-09 18:19:56 ----A---- C:\WINDOWS\system32\browserbroker.dll
2019-01-09 18:19:55 ----A---- C:\WINDOWS\SYSWOW64\Windows.Web.dll
2019-01-09 18:19:55 ----A---- C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-01-09 18:19:55 ----A---- C:\WINDOWS\system32\tcblaunch.exe
2019-01-09 18:19:55 ----A---- C:\WINDOWS\system32\kerberos.dll
2019-01-09 18:19:53 ----A---- C:\WINDOWS\SYSWOW64\WinTypes.dll
2019-01-09 18:19:53 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2019-01-09 18:19:52 ----A---- C:\WINDOWS\SYSWOW64\MSVideoDSP.dll
2019-01-09 18:19:52 ----A---- C:\WINDOWS\system32\MSVideoDSP.dll
2019-01-09 18:19:52 ----A---- C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2019-01-09 18:19:52 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2019-01-09 18:19:51 ----A---- C:\WINDOWS\SYSWOW64\Windows.Graphics.Printing.Workflow.dll
2019-01-09 18:19:51 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2019-01-09 18:19:50 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2019-01-09 18:19:50 ----A---- C:\WINDOWS\system32\dssvc.dll
2019-01-09 18:19:49 ----A---- C:\WINDOWS\SYSWOW64\wlidcredprov.dll
2019-01-09 18:19:49 ----A---- C:\WINDOWS\SYSWOW64\webplatstorageserver.dll
2019-01-09 18:19:49 ----A---- C:\WINDOWS\SYSWOW64\MicrosoftAccountTokenProvider.dll
2019-01-09 18:19:49 ----A---- C:\WINDOWS\SYSWOW64\edgeIso.dll
2019-01-09 18:19:49 ----A---- C:\WINDOWS\system32\msv1_0.dll
2019-01-09 18:19:49 ----A---- C:\WINDOWS\system32\hvloader.dll
2019-01-09 18:19:49 ----A---- C:\WINDOWS\system32\drivers\tm.sys
2019-01-09 18:19:49 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2019-01-09 18:19:49 ----A---- C:\WINDOWS\system32\drivers\hvservice.sys
2019-01-09 18:19:49 ----A---- C:\WINDOWS\system32\browser_broker.exe
2019-01-09 18:19:48 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2019-01-09 18:19:48 ----A---- C:\WINDOWS\system32\MSPhotography.dll
2019-01-09 18:19:47 ----A---- C:\WINDOWS\SYSWOW64\wlidprov.dll
2019-01-09 18:19:47 ----A---- C:\WINDOWS\SYSWOW64\MSPhotography.dll
2019-01-09 18:19:47 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2019-01-09 18:19:47 ----A---- C:\WINDOWS\SYSWOW64\dhcpcore.dll
2019-01-09 18:19:47 ----A---- C:\WINDOWS\system32\wlidcli.dll
2019-01-09 18:19:47 ----A---- C:\WINDOWS\system32\drivers\wanarp.sys
2019-01-09 18:19:47 ----A---- C:\WINDOWS\system32\dhcpcore.dll
2019-01-09 18:19:47 ----A---- C:\WINDOWS\system32\browserexport.exe
2019-01-09 18:19:46 ----A---- C:\WINDOWS\SYSWOW64\wlidcli.dll
2019-01-09 18:19:46 ----A---- C:\WINDOWS\system32\windowslivelogin.dll
2019-01-09 18:19:46 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2019-01-09 18:19:45 ----A---- C:\WINDOWS\SYSWOW64\windowslivelogin.dll
2019-01-09 18:19:45 ----A---- C:\WINDOWS\SYSWOW64\wincorlib.dll
2019-01-09 18:19:45 ----A---- C:\WINDOWS\system32\wlidcredprov.dll
2019-01-09 18:19:45 ----A---- C:\WINDOWS\system32\Print.Workflow.Source.dll
2019-01-09 18:19:45 ----A---- C:\WINDOWS\system32\iemigplugin.dll

======List of files/folders modified in the last 1 month======

2019-01-19 17:09:42 ----D---- C:\WINDOWS\Temp
2019-01-19 17:07:20 ----D---- C:\WINDOWS\Prefetch
2019-01-19 17:06:21 ----D---- C:\WINDOWS\system32\sru
2019-01-19 17:05:42 ----D---- C:\WINDOWS\system32\SleepStudy
2019-01-19 16:17:17 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2019-01-19 16:14:20 ----D---- C:\WINDOWS\system32\config
2019-01-19 15:56:07 ----RD---- C:\Program Files
2019-01-19 15:44:18 ----D---- C:\Windows
2019-01-19 15:43:23 ----D---- C:\WINDOWS\system32\Tasks
2019-01-19 15:41:52 ----D---- C:\WINDOWS\System32
2019-01-19 15:41:52 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-01-19 15:41:47 ----D---- C:\WINDOWS\AppReadiness
2019-01-19 15:41:03 ----D---- C:\ProgramData\NVIDIA
2019-01-19 15:40:55 ----D---- C:\ProgramData\AVAST Software
2019-01-19 15:40:48 ----HD---- C:\ProgramData
2019-01-19 15:40:48 ----D---- C:\WINDOWS\system32\drivers
2019-01-19 15:40:48 ----D---- C:\Program Files\Common Files\McAfee
2019-01-19 15:40:48 ----AD---- C:\Program Files\mcafee
2019-01-19 15:40:47 ----D---- C:\Program Files\Common Files
2019-01-19 15:39:07 ----D---- C:\WINDOWS\system32\Tasks_Migrated
2019-01-19 15:24:29 ----RD---- C:\Program Files (x86)
2019-01-19 15:24:27 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2019-01-19 15:23:54 ----HD---- C:\Program Files\WindowsApps
2019-01-19 15:15:26 ----DC---- C:\WINDOWS\Panther
2019-01-19 15:15:24 ----D---- C:\WINDOWS\INF
2019-01-19 15:15:23 ----D---- C:\WINDOWS\LiveKernelReports
2019-01-19 15:15:23 ----D---- C:\WINDOWS\debug
2019-01-19 15:12:27 ----D---- C:\WINDOWS\WinSxS
2019-01-19 15:11:49 ----HD---- C:\WINDOWS\ELAMBKUP
2019-01-19 15:06:00 ----SHD---- C:\WINDOWS\Installer
2019-01-19 15:05:32 ----D---- C:\Program Files (x86)\Acer
2019-01-19 14:59:58 ----SD---- C:\ProgramData\Microsoft
2019-01-19 14:59:52 ----SD---- C:\Users\Martina Kirchnerová\AppData\Roaming\Microsoft
2019-01-19 14:58:37 ----D---- C:\Program Files\Intel
2019-01-19 14:58:33 ----D---- C:\WINDOWS\system32\DriverStore
2019-01-19 14:57:24 ----D---- C:\ProgramData\McAfee
2019-01-19 14:54:51 ----RD---- C:\WINDOWS\assembly
2019-01-19 14:52:01 ----D---- C:\Program Files (x86)\WildTangent Games
2019-01-19 14:51:31 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2019-01-19 14:51:21 ----D---- C:\ProgramData\CyberLink
2019-01-19 14:47:45 ----D---- C:\WINDOWS\SysWOW64
2019-01-19 14:47:38 ----D---- C:\WINDOWS\system32\catroot2
2019-01-19 14:44:50 ----SHD---- C:\System Volume Information
2019-01-19 14:31:39 ----RD---- C:\WINDOWS\Microsoft.NET
2019-01-18 19:39:40 ----AD---- C:\Program Files\rempl
2019-01-17 13:14:17 ----D---- C:\WINDOWS\system32\LogFiles
2019-01-16 19:24:21 ----D---- C:\WINDOWS\Logs
2019-01-12 15:37:44 ----D---- C:\WINDOWS\CbsTemp
2019-01-10 19:31:30 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2019-01-10 17:47:00 ----D---- C:\WINDOWS\TextInput
2019-01-10 17:47:00 ----D---- C:\WINDOWS\SYSWOW64\zu-ZA
2019-01-10 17:47:00 ----D---- C:\WINDOWS\SYSWOW64\yo-NG
2019-01-10 17:47:00 ----D---- C:\WINDOWS\SYSWOW64\xh-ZA
2019-01-10 17:47:00 ----D---- C:\WINDOWS\SYSWOW64\wo-SN
2019-01-10 17:47:00 ----D---- C:\WINDOWS\SYSWOW64\uz-Latn-UZ
2019-01-10 17:47:00 ----D---- C:\WINDOWS\SYSWOW64\tn-ZA
2019-01-10 17:47:00 ----D---- C:\WINDOWS\SYSWOW64\ti-ET
2019-01-10 17:47:00 ----D---- C:\WINDOWS\SYSWOW64\tg-Cyrl-TJ
2019-01-10 17:47:00 ----D---- C:\WINDOWS\SYSWOW64\sr-Cyrl-RS
2019-01-10 17:47:00 ----D---- C:\WINDOWS\SYSWOW64\sr-Cyrl-BA
2019-01-10 17:47:00 ----D---- C:\WINDOWS\SYSWOW64\sd-Arab-PK
2019-01-10 17:47:00 ----D---- C:\WINDOWS\SYSWOW64\rw-RW
2019-01-10 17:47:00 ----D---- C:\WINDOWS\SYSWOW64\quc-Latn-GT
2019-01-10 17:47:00 ----D---- C:\WINDOWS\SYSWOW64\pa-Arab-PK
2019-01-10 17:47:00 ----D---- C:\WINDOWS\SYSWOW64\nso-ZA
2019-01-10 17:47:00 ----D---- C:\WINDOWS\SYSWOW64\ku-Arab-IQ
2019-01-10 17:47:00 ----D---- C:\WINDOWS\SYSWOW64\ig-NG
2019-01-10 17:47:00 ----D---- C:\WINDOWS\SYSWOW64\chr-CHER-US
2019-01-10 17:47:00 ----D---- C:\WINDOWS\SYSWOW64\ha-Latn-NG
2019-01-10 17:47:00 ----D---- C:\WINDOWS\SYSWOW64\ca-ES-valencia
2019-01-10 17:47:00 ----D---- C:\WINDOWS\SYSWOW64\bs-Latn-BA
2019-01-10 17:47:00 ----D---- C:\WINDOWS\SYSWOW64\az-Latn-AZ
2019-01-10 17:47:00 ----D---- C:\WINDOWS\system32\zu-ZA
2019-01-10 17:47:00 ----D---- C:\WINDOWS\system32\yo-NG
2019-01-10 17:47:00 ----D---- C:\WINDOWS\system32\xh-ZA
2019-01-10 17:47:00 ----D---- C:\WINDOWS\system32\wo-SN
2019-01-10 17:47:00 ----D---- C:\WINDOWS\system32\uz-Latn-UZ
2019-01-10 17:47:00 ----D---- C:\WINDOWS\system32\tn-ZA
2019-01-10 17:47:00 ----D---- C:\WINDOWS\system32\ti-ET
2019-01-10 17:47:00 ----D---- C:\WINDOWS\system32\tg-Cyrl-TJ
2019-01-10 17:47:00 ----D---- C:\WINDOWS\system32\sr-Cyrl-RS
2019-01-10 17:47:00 ----D---- C:\WINDOWS\system32\sr-Cyrl-BA
2019-01-10 17:47:00 ----D---- C:\WINDOWS\system32\sd-Arab-PK
2019-01-10 17:47:00 ----D---- C:\WINDOWS\system32\rw-RW
2019-01-10 17:47:00 ----D---- C:\WINDOWS\system32\quc-Latn-GT
2019-01-10 17:47:00 ----D---- C:\WINDOWS\system32\pa-Arab-PK
2019-01-10 17:47:00 ----D---- C:\WINDOWS\system32\nso-ZA
2019-01-10 17:47:00 ----D---- C:\WINDOWS\system32\ku-Arab-IQ
2019-01-10 17:47:00 ----D---- C:\WINDOWS\system32\ig-NG
2019-01-10 17:47:00 ----D---- C:\WINDOWS\system32\chr-CHER-US
2019-01-10 17:47:00 ----D---- C:\WINDOWS\system32\ha-Latn-NG
2019-01-10 17:47:00 ----D---- C:\WINDOWS\system32\ca-ES-valencia
2019-01-10 17:47:00 ----D---- C:\WINDOWS\system32\bs-Latn-BA
2019-01-10 17:47:00 ----D---- C:\WINDOWS\system32\az-Latn-AZ
2019-01-10 17:46:59 ----D---- C:\WINDOWS\bcastdvr
2019-01-09 18:53:27 ----D---- C:\WINDOWS\system32\MRT
2019-01-09 18:32:37 ----AC---- C:\WINDOWS\system32\MRT.exe
2019-01-02 20:41:40 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2018-12-23 02:17:36 ----D---- C:\WINDOWS\system32\WDI
2018-12-23 02:12:43 ----D---- C:\Program Files (x86)\McAfee
2018-12-23 02:10:32 ----D---- C:\WINDOWS\system32\migration
2018-12-23 02:10:31 ----D---- C:\WINDOWS\system32\Boot

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2015-06-23 1455552]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2018-12-08 58168]
R0 SgrmAgent;@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001; C:\WINDOWS\system32\drivers\SgrmAgent.sys [2018-04-12 63896]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2018-04-12 39424]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-04-12 60320]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2018-04-12 55808]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-04-12 8192]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2018-07-14 414720]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2018-12-08 43008]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2018-12-08 82432]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2016-09-30 610656]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2018-04-12 85504]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2018-04-12 60320]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2017-09-25 7971792]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-07-07 4514008]
R3 LMDriver;@oem67.inf,%LMDriver.SVCDESC%;Launch Manager Wireless Driver; C:\WINDOWS\System32\drivers\LMDriver.sys [2018-05-15 31000]
R3 MEIx64;@oem44.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2015-06-12 183584]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvlddmkm.sys [2017-01-17 14190520]
R3 nvvad_WaveExtensible;@oem24.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2015-05-19 46768]
R3 Qcamain10x64;@oem45.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN 11AC device driver; C:\WINDOWS\system32\DRIVERS\Qcamain10x64.sys [2017-04-24 2412976]
R3 RadioShim;@oem67.inf,%RadioShim.SVCDESC%;Shim for HID-KMDF Interface layer; C:\WINDOWS\System32\drivers\RadioShim.sys [2018-05-15 25368]
R3 rt640x64;@oem61.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-05-29 886528]
R3 RTSUER;@oem50.inf,%RtsUER%;Realtek USB Card Reader - UER; C:\WINDOWS\system32\Drivers\RtsUer.sys [2016-09-28 410880]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2018-04-12 38304]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-04-12 321432]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-04-12 885144]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-04-12 145816]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-04-12 124312]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-04-12 128408]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-04-12 75160]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2018-04-12 82328]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2018-04-12 58776]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2018-04-12 61848]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2018-04-12 39840]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2018-08-03 128920]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2018-06-15 48544]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-04-12 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2018-04-12 18432]
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2018-12-08 92688]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2018-12-08 1097728]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-04-12 39936]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2018-04-12 123392]
S3 dg_ssudbus;@oem64.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2016-09-05 131712]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-04-12 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-04-12 50592]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2019-01-01 76088]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2018-04-12 27136]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-04-12 1836952]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2018-04-12 36864]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2018-04-12 91648]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-04-12 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-04-12 88576]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-04-12 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-04-12 174592]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2018-04-12 526232]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-04-12 38912]
S3 IntcDAud;@oem59.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2016-05-12 481768]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2018-04-12 32256]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2018-04-12 119808]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2018-04-12 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2018-04-12 56736]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-04-12 842648]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2018-04-12 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2018-04-12 175104]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2018-04-12 104448]
S3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-06-03 19600]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2018-04-12 105984]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2018-04-12 16896]
S3 Qcamain;Qualcomm Atheros Extensible Wireless LAN 11AC device driver; C:\WINDOWS\System32\drivers\Qcamainx64.sys [2015-07-10 2276352]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2018-06-15 945568]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2018-04-12 104448]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2018-04-12 33176]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2018-04-12 57752]
S3 ssudmdm;@oem38.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2016-09-05 165504]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2018-04-12 33184]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R2 CDPUserSvc_4b225;Uživatelská služba platformy připojených zařízení_4b225; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-06-03 1152656]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2017-09-25 373712]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2015-06-24 223008]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2015-06-24 411936]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2016-12-29 458176]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-06-03 1893008]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-06-03 23007376]
R2 OneSyncSvc_4b225;Hostitel synchronizace_4b225; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2018-07-14 760888]
R2 sedsvc;Windows Remediation Service; C:\Program Files\rempl\sedsvc.exe [2019-01-11 325432]
R2 SgrmBroker;@%SystemRoot%\System32\SgrmBroker.exe,-100; C:\WINDOWS\system32\SgrmBroker.exe [2018-04-12 163336]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R3 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2018-06-16 43648]
R3 Intel(R) Security Assist;Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [2015-05-19 335872]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S2 isaHelperSvc;Intel(R) Security Assist Helper; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [2015-05-19 7680]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BcastDVRUserService_4b225;Uživatelská služba pro GameDVR a vysílání her_4b225; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BluetoothUserService_4b225;Služba pro podporu uživatelů Bluetooth_4b225; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DevicePickerUserSvc_4b225;DevicePicker_4b225; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DevicesFlowUserSvc_4b225;Tok zařízení_4b225; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-08-03 90624]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2015-05-22 881152]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 MessagingService_4b225;Služba zasílání zpráv_4b225; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 PimIndexMaintenanceSvc_4b225;Data kontaktů_4b225; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 PrintWorkflowUserSvc_4b225;PrintWorkflow_4b225; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2018-04-12 1273344]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2018-06-08 976384]
S4 0180091547905993mcinstcleanup;McAfee Application Installer Cleanup (0180091547905993); C:\Users\MARTIN~1\AppData\Local\Temp\018009~1.EXE [2018-09-30 1031928]
S4 AtherosSvc;AtherosSvc; C:\WINDOWS\system32\AdminService.exe [2016-09-30 355760]
S4 CCDMonitorService;CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2017-09-26 2278688]
S4 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2017-09-25 300624]
S4 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2015-05-14 2573568]
S4 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2016-09-01 350064]
S4 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2016-09-01 210288]
S4 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\elevation_service.exe [2018-12-12 443872]
S4 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-29 153752]
S4 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-29 153752]
S4 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
S4 QALSvc;Quick Access Local Service; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [2015-07-09 398176]
S4 QASvc;Quick Access Service; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [2015-07-09 450400]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S4 ssh-agent;OpenSSH Authentication Agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [2018-03-10 495616]

-----------------EOF-----------------

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o kontrolu zasekaný notebook

#4 Příspěvek od Conder »

:arrow: OK, poprosim o obidva logy z FRST podla tohto navodu - https://forum.viry.cz/viewtopic.php?f=13&t=154679 (to co si poslal je log z RSIT, co je uz zastaraly skener a na Windows 10 nepouzitelny).
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Mortiz696
Návštěvník
Návštěvník
Příspěvky: 76
Registrován: 29 led 2014 19:24

Re: Prosím o kontrolu zasekaný notebook

#5 Příspěvek od Mortiz696 »

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1812.3-0\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1812.3-0\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
() C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerButton_NB.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18112.10711.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.37.98.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.37.98.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040792 2015-07-07] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-03] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [91488 2017-09-28] ()
HKLM-x32\...\Run: [AvastUI.exe] => "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-3960966812-2404325950-3596051818-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19645800 2019-01-10] (Piriform Software Ltd)
HKU\S-1-5-21-3960966812-2404325950-3596051818-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Martina Kirchnerová\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-3960966812-2404325950-3596051818-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Martina Kirchnerová\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-3960966812-2404325950-3596051818-1001\...\RunOnce: [Uninstall 18.222.1104.0007\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina Kirchnerová\AppData\Local\Microsoft\OneDrive\18.222.1104.0007\amd64"
HKU\S-1-5-21-3960966812-2404325950-3596051818-1001\...\RunOnce: [Uninstall 18.222.1104.0007] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina Kirchnerová\AppData\Local\Microsoft\OneDrive\18.222.1104.0007"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-14] (Google Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 46.33.112.42 8.8.8.8
Tcpip\..\Interfaces\{290661be-72c4-4b1c-ab18-76a666e097f4}: [DhcpNameServer] 46.33.112.42 8.8.8.8
Tcpip\..\Interfaces\{357e7827-1cd2-4d02-b3c6-d33903fd0656}: [DhcpNameServer] 40.31.1.55

Internet Explorer:
==================
HKU\S-1-5-21-3960966812-2404325950-3596051818-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer15.msn.com/?pc=ACTE
HKU\S-1-5-21-3960966812-2404325950-3596051818-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE
SearchScopes: HKU\S-1-5-21-3960966812-2404325950-3596051818-1001 -> DefaultScope {DE3EC480-4ED2-404C-B454-28527BE2CA56} URL =
SearchScopes: HKU\S-1-5-21-3960966812-2404325950-3596051818-1001 -> {DE3EC480-4ED2-404C-B454-28527BE2CA56} URL =
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File

FireFox:
========
FF DefaultProfile: byuzqvhs.default
FF ProfilePath: C:\Users\Martina Kirchnerová\AppData\Roaming\Mozilla\Firefox\Profiles\byuzqvhs.default [2019-01-19]
FF Extension: (Amazon 1Button App for Firefox) - C:\Users\Martina Kirchnerová\AppData\Roaming\Mozilla\Firefox\Profiles\byuzqvhs.default\Extensions\abb@amazon.com [2016-09-28] [Legacy] [not signed]
FF Extension: (Czech (CZ) Language Pack) - C:\Users\Martina Kirchnerová\AppData\Roaming\Mozilla\Firefox\Profiles\byuzqvhs.default\Extensions\langpack-cs@firefox.mozilla.org [2016-09-28] [Legacy] [not signed]
FF Extension: (српски (sr) Language Pack) - C:\Users\Martina Kirchnerová\AppData\Roaming\Mozilla\Firefox\Profiles\byuzqvhs.default\Extensions\langpack-sr@firefox.mozilla.org [2016-09-28] [Legacy] [not signed]
FF Extension: (Svenska (SE) Language Pack) - C:\Users\Martina Kirchnerová\AppData\Roaming\Mozilla\Firefox\Profiles\byuzqvhs.default\Extensions\langpack-sv-SE@firefox.mozilla.org [2016-09-28] [Legacy] [not signed]
FF Extension: (Thai Language Pack) - C:\Users\Martina Kirchnerová\AppData\Roaming\Mozilla\Firefox\Profiles\byuzqvhs.default\Extensions\langpack-th@firefox.mozilla.org [2016-09-28] [Legacy] [not signed]
FF Extension: (Türkçe (TR) Language Pack) - C:\Users\Martina Kirchnerová\AppData\Roaming\Mozilla\Firefox\Profiles\byuzqvhs.default\Extensions\langpack-tr@firefox.mozilla.org [2016-09-28] [Legacy] [not signed]
FF Extension: (Ukrainian (UA) Language Pack) - C:\Users\Martina Kirchnerová\AppData\Roaming\Mozilla\Firefox\Profiles\byuzqvhs.default\Extensions\langpack-uk@firefox.mozilla.org [2016-09-28] [Legacy] [not signed]
FF Extension: (Chinese Simplified (zh-CN) Language Pack) - C:\Users\Martina Kirchnerová\AppData\Roaming\Mozilla\Firefox\Profiles\byuzqvhs.default\Extensions\langpack-zh-CN@firefox.mozilla.org [2016-09-28] [Legacy] [not signed]
FF Extension: (Traditional Chinese (zh-TW) Language Pack) - C:\Users\Martina Kirchnerová\AppData\Roaming\Mozilla\Firefox\Profiles\byuzqvhs.default\Extensions\langpack-zh-TW@firefox.mozilla.org [2016-09-28] [Legacy] [not signed]
FF Extension: (No Name) - C:\Program Files\McAfee\WebAdvisor\saffplg.xpi [not found]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-22] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-22] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2016-09-01] ()

Chrome:
=======
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee_uninternational&type=E210CZ662G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Profile: C:\Users\Martina Kirchnerová\AppData\Local\Google\Chrome\User Data\Default [2019-01-26]
CHR Extension: (Prezentace) - C:\Users\Martina Kirchnerová\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-17]
CHR Extension: (Dokumenty) - C:\Users\Martina Kirchnerová\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-17]
CHR Extension: (Disk Google) - C:\Users\Martina Kirchnerová\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-29]
CHR Extension: (YouTube) - C:\Users\Martina Kirchnerová\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-29]
CHR Extension: (Tabulky) - C:\Users\Martina Kirchnerová\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\Martina Kirchnerová\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-29]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Martina Kirchnerová\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-13]
CHR Extension: (Gmail) - C:\Users\Martina Kirchnerová\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-29]
CHR Extension: (Chrome Media Router) - C:\Users\Martina Kirchnerová\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-29]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 0180091547905993mcinstcleanup; C:\Users\Martina Kirchnerová\AppData\Local\Temp\0180091547905993mcinst.exe [1031928 2018-09-30] (McAfee, Inc.) <==== ATTENTION
S4 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2278688 2017-09-26] (Acer Incorporated)
S4 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573568 2015-05-14] (Acer Incorporated)
S4 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [350064 2016-09-01] (WildTangent)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-03] (NVIDIA Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373712 2017-09-25] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223008 2015-06-24] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-06-03] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-03] (NVIDIA Corporation)
S4 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [398176 2015-07-09] (Acer Incorporated)
S4 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [450400 2015-07-09] (Acer Incorporated)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S4 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [247040 2015-05-27] (acer)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3880120 2018-12-12] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MsMpEng.exe [114208 2018-12-12] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46768 2015-05-19] (NVIDIA Corporation)
S3 Qcamain; C:\WINDOWS\System32\drivers\Qcamainx64.sys [2276352 2015-07-10] (Qualcomm Atheros, Inc.) [File not signed]
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [410880 2016-09-28] (Realsil Semiconductor Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [51368 2015-05-11] (Synaptics Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46680 2018-12-12] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [330936 2018-12-12] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62136 2018-12-12] (Microsoft Corporation)

========================== Drivers MD5 =======================

C:\WINDOWS\System32\drivers\1394ohci.sys 4B45A2D37CCE3CC0F161B7C7286081A6
C:\WINDOWS\System32\drivers\3ware.sys F5E5BA493B7C497F1F769942E2EA4CE2
C:\WINDOWS\System32\drivers\ACPI.sys CA51BB1B81F97E896E116C839B92D9D8
C:\WINDOWS\System32\drivers\AcpiDev.sys 75795E4B19BB3ED8D3C25A17CD15DC30
C:\WINDOWS\System32\Drivers\acpiex.sys DDA0FC1400A24988A7D3E746AEDF2C0F
C:\WINDOWS\System32\drivers\acpipagr.sys 1F2EC25DA23D1DF3ADA12FE5A26D321C
C:\WINDOWS\System32\drivers\acpipmi.sys 6AFFD57803BBB6FBCB483F983900A5C4
C:\WINDOWS\System32\drivers\acpitime.sys 0FC8673FAFC7D78C1CDC000F892CAC64
C:\WINDOWS\System32\drivers\ADP80XX.SYS A3D4CF2F3A433BE18CD4AD3E6665DC63
C:\WINDOWS\system32\drivers\afd.sys 4DCCC3E02A22ED4A4ADB11386F226071
C:\WINDOWS\system32\drivers\afunix.sys F267095A11A461BEF39FB180750BE801
C:\Windows\SysWOW64\drivers\afunix.sys 254921C0E1C35BBF22728BE95AD31950
C:\WINDOWS\System32\DRIVERS\ahcache.sys 0CD0F0C62414217DE9EA7EC8D425277E
C:\WINDOWS\System32\drivers\amdk8.sys 6DF48AD26E6285FB137F11328B64A376
C:\WINDOWS\System32\drivers\amdppm.sys D8804032BCDE4077A6D8D431D12AC6CC
C:\WINDOWS\System32\drivers\amdsata.sys A88F5E24B65228FB25F2051B3408A0E4
C:\WINDOWS\System32\drivers\amdsbs.sys AECD39E51DABC2BF045B2857F02FA2BD
C:\WINDOWS\System32\drivers\amdxata.sys B4CC9943230CAEB05B46CC30C220E141
C:\WINDOWS\System32\drivers\appid.sys C3ECF8840E4EAF09A4F2AE0174D6F36A
C:\WINDOWS\System32\drivers\applockerfltr.sys 769316CA5884FBBD02D45C28FE105922
C:\WINDOWS\System32\drivers\arcsas.sys 013E057DF3D13A4462AD912D7732E7E0
C:\WINDOWS\System32\drivers\asyncmac.sys B25ACCD9BE5F5798E9DD8FFB04D7BE4C
C:\WINDOWS\System32\drivers\atapi.sys 90AB4ED8EBD72A1C096A40CC35404B91
C:\WINDOWS\System32\drivers\bxvbda.sys F10E4C9444A9FC6DCBAB2C42F6999FA1
C:\WINDOWS\System32\drivers\bam.sys 982FAA5686F67BFEF3E6094705C2621F
C:\WINDOWS\System32\drivers\BasicDisplay.sys FA4973E379E872C61D0CF4E39F807833
C:\WINDOWS\System32\drivers\BasicRender.sys F024B80EA0076A318598DAB795F9C3D0
C:\WINDOWS\System32\drivers\bcmfn2.sys 739D089777D2B66DBE7201E5EA4BA2D7
C:\Windows\System32\Drivers\Beep.sys 9B068DF7B7B3DDF768D06DFD69B49FD0
C:\WINDOWS\system32\drivers\bindflt.sys E60934C14CBC38236800059EECAC29DA
C:\WINDOWS\System32\DRIVERS\bowser.sys 85B874696CC64AFE22DEAD2B87498621
C:\WINDOWS\system32\DRIVERS\btfilter.sys 7170961E98A4F47175972D7F096AA7C5
C:\WINDOWS\System32\drivers\bthhfenum.sys 5512D026F23AA7C99B49A8A18FE8556F
C:\WINDOWS\System32\drivers\bthmodem.sys A0EC1D5C937995A2C5F1179538A8A6B4
C:\WINDOWS\System32\drivers\BTHport.sys 11205A6A03B7F58BD45EF9896C01B50B
C:\WINDOWS\System32\drivers\BTHUSB.sys 0D5ECDF2601312025811F6AC413F851A
C:\WINDOWS\System32\drivers\bttflt.sys E3786BEBB7E4003DE324A18069DDA081
C:\WINDOWS\System32\drivers\buttonconverter.sys 03C13BB635635B9152DBF49AA07B728C
C:\WINDOWS\System32\drivers\CAD.sys 9983FF8D9834F2E67787F4BDC42A8E36
C:\WINDOWS\System32\drivers\capimg.sys 407B33DE151A3DFCF564AC4270E44B1D
C:\WINDOWS\System32\DRIVERS\cdfs.sys D3CBC6DE5955D014407C7BD1FFE80F00
C:\WINDOWS\System32\drivers\cdrom.sys 6834DBBA2A1DBA5B9B6360D0B9A3CBB5
C:\WINDOWS\System32\drivers\cht4sx64.sys 4A08B239F92B319AD31E3916D27AD4B9
C:\WINDOWS\System32\drivers\cht4vx64.sys C8EA9376E4D284F9DF24B27AC6E3AB85
C:\WINDOWS\System32\drivers\circlass.sys 3AA86DA04A561E8162C2DBBF92D12074
C:\WINDOWS\System32\drivers\cldflt.sys 4C9CDDE070A9A005CC11CF17483720A4
C:\WINDOWS\System32\drivers\CLFS.sys DB26170CF6555B9AFF76CFA067ABCF90
C:\WINDOWS\System32\drivers\CmBatt.sys 66CBF6F8FE6F436B315D7FEAF5D2BB40
C:\WINDOWS\System32\Drivers\cng.sys C87059D18F28CDDBD9188C1E32A05473
C:\WINDOWS\System32\DRIVERS\cnghwassist.sys 037DCC7A71938729CB12E8174E03031C
C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_bcb89b3386563bd7\CompositeBus.sys E40C99A3E0FFF49687F2187BF3E3050D
C:\WINDOWS\System32\drivers\condrv.sys 3799A9DFB162D9AAD6AC12CB8185FD19
C:\WINDOWS\System32\drivers\dam.sys 8711386E9B04357F8F58166760759F3A
C:\WINDOWS\System32\Drivers\dfsc.sys 8A1C10410FDA4287A76EC5A64371E221
C:\WINDOWS\system32\DRIVERS\ssudbus.sys 9593475FBC857A05D93BFF4FA7323C2B
C:\WINDOWS\System32\drivers\disk.sys A79FCB89805FA9EA9F48B671A4591D4E
C:\WINDOWS\System32\drivers\dmvsc.sys F69D7A5D7EDEE16B85F08040836FB09C
C:\WINDOWS\System32\drivers\drmkaud.sys AD1BEFBF96C0273925EDC9282557D984
C:\WINDOWS\System32\drivers\dxgkrnl.sys 9DE01582E771304FC81538738CA5C7E0
C:\WINDOWS\System32\drivers\evbda.sys 75CA88887850A74DDAAAF92500B6D9B9
C:\WINDOWS\System32\drivers\EhStorClass.sys 7E838D857FC55535710C316441459C38
C:\WINDOWS\System32\drivers\EhStorTcgDrv.sys 49023DD6F646B8C70AE1C105415F3E2B
C:\WINDOWS\System32\drivers\errdev.sys 1DF19D7A941CB06F8EADF89FA0BF59AD
C:\Windows\System32\Drivers\exfat.sys F03D76FD609F3490AD8661F175024CED
C:\Windows\System32\Drivers\fastfat.sys 7EB91BCA4FAC626098300885E6914BE4
C:\WINDOWS\System32\drivers\fdc.sys 6701B9973DE98578A491721B4BDE0926
C:\WINDOWS\System32\drivers\filecrypt.sys 9BC7FE262AF52B341048234809AA7D91
C:\WINDOWS\System32\drivers\fileinfo.sys 6702E71BDC30527842F86F1BF5B9F59E
C:\WINDOWS\System32\drivers\filetrace.sys 01D83D284E6B37902DB3C4D4DB0649E0
C:\WINDOWS\System32\drivers\flpydisk.sys CE9CB1DB00B5007ABFFF0717E748E919
C:\WINDOWS\System32\drivers\fltmgr.sys C5374BA2CAE89DE7269EC61A969EF5D5
C:\WINDOWS\System32\drivers\FsDepends.sys 835F9C7193B6F9A796DE76897DC56968
C:\Windows\System32\Drivers\Fs_Rec.sys A01BA0506E07F316483E99D7AD9B6E75
C:\WINDOWS\System32\DRIVERS\fvevol.sys 73721B6013AA296F935755A2EC8A3574
C:\WINDOWS\System32\drivers\vmgencounter.sys 71DBED7FB264DB60341BC796EC2E8135
C:\WINDOWS\System32\drivers\genericusbfn.sys EA5EE5EF9765A9157B346DF671952F18
C:\WINDOWS\System32\Drivers\msgpioclx.sys 6BE6550F1A32796A11EBC58BBC72C44D
C:\WINDOWS\System32\drivers\gpuenergydrv.sys 508614CAC7BF8AEE4FB9002A413919B1
C:\WINDOWS\System32\drivers\HDAudBus.sys DED74127C7A2266715C0B8EA2EE75214
C:\WINDOWS\System32\drivers\HidBatt.sys 95888B85956AF97320D1F5C354632957
C:\WINDOWS\System32\drivers\hidbth.sys 104124D3EB9D10608F80D621FA1B4525
C:\WINDOWS\System32\drivers\hidi2c.sys 6D767FEB02DF712F783BEEFF09E06431
C:\WINDOWS\System32\drivers\hidinterrupt.sys 542AB7A14235C5227A9307ACF1636F0B
C:\WINDOWS\System32\drivers\hidir.sys 1553DF41F4EE4F60B4BEEEC62264BE71
C:\WINDOWS\System32\drivers\hidusb.sys 6E3FB2047B8AE72E1B5F1C00A5F3E475
C:\WINDOWS\System32\drivers\HpSAMD.sys 621B1FFB2E4E4745484EA01B013BF1D2
C:\WINDOWS\System32\drivers\HTTP.sys 87B74C28D0A841D920B05184554C41BB
C:\WINDOWS\System32\drivers\hvcrash.sys 9E1F3BA540DB9F4942A3F50A92E5754F
C:\WINDOWS\System32\drivers\hvservice.sys 5BC33B3FEC9C98149D8225CED349901C
C:\WINDOWS\System32\Drivers\mshwnclx.sys B149905CD7451160B6BFA2191A3F6182
C:\WINDOWS\System32\drivers\hwpolicy.sys FE36689912DEC37D45B7A6C6414046FE
C:\WINDOWS\System32\drivers\hyperkbd.sys A1133368F47D514D73DD7FB4C4FD2B75
C:\WINDOWS\System32\drivers\HyperVideo.sys B68252C53556FFB52CCE18FF30FACA99
C:\WINDOWS\System32\drivers\i8042prt.sys DA179667B8CEC22E4ECBBF4210DC0E35
C:\WINDOWS\System32\drivers\iagpio.sys B5EC43755E62591197DE5CBBDAA9FEB7
C:\WINDOWS\System32\drivers\iai2c.sys D8CA23F9C5FEF44296FDE1E005C06EC0
C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys 7B769C9D19C013F94874C4B15D59A005
C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys E0F1B3A2A70FABE3BE1C9140BB55E607
C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys 89A869BCC0588A3009ECB875B09ECD39
C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys 2E693DF3C02A0859DB8DE25772751100
C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys 16A10CCEDCF5AC4CAAE43DC9FC40392F
C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys EB82A11613326691508D9ED9A4FE29E7
C:\WINDOWS\System32\drivers\iaStorA.sys 12859E1215AA083A42E7ADCDE5C061D1
C:\WINDOWS\System32\drivers\iaStorAVC.sys 26405FA714257E449581DE5D6E6200E6
C:\WINDOWS\System32\drivers\iaStorV.sys 11AC0355FE52CC8813EE6864DE7531E4
C:\WINDOWS\System32\drivers\ibbus.sys 62CD9FA7394BCDF7784CCEFC9D00C9AA
C:\WINDOWS\system32\DRIVERS\igdkmd64.sys E37A72E55D16176707D63BF2F96C1235
C:\WINDOWS\System32\drivers\IndirectKmd.sys AA38C19A3D65E8228D822EB18037E19D
C:\WINDOWS\system32\drivers\RTKVHD64.sys D172E06EFE08DF148155A59DB716C1B6
C:\WINDOWS\system32\DRIVERS\IntcDAud.sys E300D1E37B737ED14F7A08CD5604E5D9
C:\WINDOWS\System32\drivers\intelide.sys F1B552F7ACDF6E3E4DDDB76118CAFDE3
C:\WINDOWS\System32\drivers\intelpep.sys E6CC7C1E7CEDC81D6B15BF2CF4C99109
C:\WINDOWS\System32\drivers\intelppm.sys 2CEF9DEB97B2CA327175EE8AD5F195A1
C:\WINDOWS\System32\drivers\iorate.sys 8F466DA27E6160934A695BCCEFB80AC3
C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys FB72A49FAD5C343C8C38948F92D87BBF
C:\WINDOWS\System32\drivers\IPMIDrv.sys 5C58142E0F1F8AA379748CC123BA7527
C:\WINDOWS\System32\drivers\ipnat.sys 7408B83959A4B8271EF67FD06A6B366B
C:\WINDOWS\System32\drivers\ipt.sys 7BEA2228C81FB6E1EADDD54D615B4C7E
C:\WINDOWS\system32\drivers\irda.sys 030AE3773151CFA728C67E38416FAD8D
C:\WINDOWS\System32\drivers\irenum.sys 79D02DC54AB4F85D2C13A728A0E36193
C:\WINDOWS\System32\drivers\isapnp.sys 38A6EC08D0067DECF7B5BA4C871B846C
C:\WINDOWS\System32\drivers\msiscsi.sys 5529131AAB75E07D9295B19E20C54DAE
C:\WINDOWS\System32\drivers\ItSas35i.sys C35FD802C800F3CBB4FD426D5A542A22
C:\WINDOWS\System32\drivers\kbdclass.sys 17F3B012B28F27E7B813A7B037A3D790
C:\WINDOWS\System32\drivers\kbdhid.sys 843B4BBD15DD0340C5C293CD419D4A76
C:\WINDOWS\System32\drivers\kdnic.sys 5BBB86F3F1700E0ACE1DF10F0EF7B227
C:\WINDOWS\System32\Drivers\ksecdd.sys 9E2603E22242B1482EB5184EBE6ED107
C:\WINDOWS\System32\Drivers\ksecpkg.sys 43C0423E16C823E22BA9E50DB06FB275
C:\WINDOWS\system32\drivers\ksthunk.sys 10F2EBC1F1C4549C355781715DE47B66
C:\WINDOWS\System32\drivers\lltdio.sys 3CF979AFF0196DF3DF5E54DFC049EB1F
C:\WINDOWS\System32\drivers\LMDriver.sys 262ACFCAC89FEC27C361969613EB29DA
C:\WINDOWS\System32\drivers\lsi_sas.sys 48380096385DB46E43D85CD92B9500DB
C:\WINDOWS\System32\drivers\lsi_sas2i.sys F708223E5829510DF0D5AF209D11C8B8
C:\WINDOWS\System32\drivers\lsi_sas3i.sys B91BCC8F670F128A4BB826ACF2C2B9D5
C:\WINDOWS\System32\drivers\lsi_sss.sys FA31CDF977CD31AF9AEAAA422966ACC1
C:\WINDOWS\system32\drivers\luafv.sys E86400D7B6E095E89CF63667D94D3F50
C:\WINDOWS\System32\drivers\mausbhost.sys BD3D311802427608403C5E73A8D6137D
C:\WINDOWS\System32\drivers\mausbip.sys 61C2D9790943D8E3AD05AE35E4A313EF
C:\WINDOWS\System32\drivers\megasas.sys 61BCE12529E96E6F0335A2A8DEB83C61
C:\WINDOWS\System32\drivers\MegaSas2i.sys CA22763F12783A9C81C512ED747CECDD
C:\WINDOWS\System32\drivers\megasas35i.sys FDB06D857FC43D654547BBB31D039DB4
C:\WINDOWS\System32\drivers\megasr.sys 230361AF74DDB91705284E024A22DF4F
C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys 5AC258A5845A72B91C675F44050058B2
C:\WINDOWS\System32\drivers\mlx4_bus.sys A8931C3820D5F392D89176E0628E766E
C:\WINDOWS\system32\drivers\mmcss.sys 133BE679CF8962E52A7E927C25F41EF3
C:\WINDOWS\System32\drivers\modem.sys CA25F2D78FDD0D36E3F3071B4B317BD4
C:\WINDOWS\System32\drivers\monitor.sys 13142B3B30F633F407D5256B2FFCCEF0
C:\WINDOWS\System32\drivers\mouclass.sys 66C9CCC6A100ACF7A4514BD3091CE566
C:\WINDOWS\System32\drivers\mouhid.sys 6BE61DAF4CDC0E13940096EAC4A9F490
C:\WINDOWS\System32\drivers\mountmgr.sys 2CFB54C638F75E39FBB22723401A8A56
C:\WINDOWS\System32\drivers\mpsdrv.sys BC7C041E5AB2D7F157731456188BFCF5
C:\WINDOWS\system32\drivers\mrxdav.sys C12373EC998C6F17C0FE2D6C3CBB9C04
C:\WINDOWS\System32\DRIVERS\mrxsmb.sys 6C321DB795F5EF5FF870737177825FC9
C:\WINDOWS\System32\DRIVERS\mrxsmb20.sys 42FE3D84EFE835443151DC2A50D05643
C:\WINDOWS\System32\drivers\bridge.sys F14DE177087F9E990EDE95ACE1F94662
C:\Windows\System32\Drivers\Msfs.sys 128E1D8C23F690DF1DD7AFDB214DB6ED
C:\WINDOWS\System32\drivers\msgpiowin32.sys 5A5ABA987943317300A4E55A5C5EB8C4
C:\WINDOWS\System32\drivers\mshidkmdf.sys D727DEA75E316C80793C7098225D3F56
C:\WINDOWS\System32\drivers\mshidumdf.sys E12A703CE10B068727499276340D5296
C:\WINDOWS\System32\drivers\msisadrv.sys 8E42D6B92CB4567467E29F58F2E31715
C:\WINDOWS\System32\drivers\MSKSSRV.sys 2F3B9A23F8DEE9C3AD58CB3D966D83DD
C:\WINDOWS\System32\drivers\mslldp.sys AECFFBE104D428E8A74BCABF5B3B9912
C:\WINDOWS\System32\drivers\MSPCLOCK.sys 83364A92271339D8042C9DD5FD938A84
C:\WINDOWS\System32\drivers\MSPQM.sys AE5A4B89CDFF544B6481970BFD48A056
C:\Windows\System32\Drivers\MsRPC.sys 63794CE6137D70D2E8468E147A89BD76
C:\WINDOWS\System32\drivers\mssmbios.sys 4566CB65F176CE5CD8FCA487D2E3A64B
C:\WINDOWS\System32\drivers\MSTEE.sys 8A11E03B32840C0B73C14D16794F1A8A
C:\WINDOWS\System32\drivers\MTConfig.sys 794285C4F166B8108292E63FEA3C41E3
C:\WINDOWS\System32\Drivers\mup.sys EEB9D3E90B83546864211D63C1A0A74A
C:\WINDOWS\System32\drivers\mvumis.sys 69CECA6726FAD321F5643B16A1FF3934
C:\WINDOWS\System32\DRIVERS\nwifi.sys 84E984CE780DDAFDC1460C0DDBDE0DF3
C:\WINDOWS\System32\drivers\ndfltr.sys AB9EB3CADF4D415B598487397476A23A
C:\WINDOWS\System32\drivers\ndis.sys E54D9AC4A3315D7E775ECC7B06F373DC
C:\WINDOWS\System32\drivers\ndiscap.sys AF73B18F3096B165A6F4417C5ED36B01
C:\WINDOWS\System32\drivers\NdisImPlatform.sys 1A9B1F5B8B131CE461A01C9424E149D7
C:\WINDOWS\System32\DRIVERS\ndistapi.sys 4C8BBD7EE829CE9BFB8E21134AC477E0
C:\WINDOWS\System32\drivers\ndisuio.sys 76DB7B344F90A29A16CB6B7C67B87CF6
C:\WINDOWS\System32\drivers\NdisVirtualBus.sys A76D79B71300EB3FEDD3D12D4C6F1D76
C:\WINDOWS\System32\drivers\ndiswan.sys 407FC276F4E21FC9BF40D8F78E9D96AE
C:\WINDOWS\System32\DRIVERS\ndiswan.sys 407FC276F4E21FC9BF40D8F78E9D96AE
C:\WINDOWS\System32\DRIVERS\NDProxy.sys 934E4A5CFD9CB891CD338052FA3467C6
C:\WINDOWS\System32\drivers\Ndu.sys 0E3B0F3645D1BAE79397C66FE8AF6402
C:\WINDOWS\System32\drivers\NetAdapterCx.sys A704515CF3038668E9E2CA66E31A0700
C:\WINDOWS\System32\drivers\netbios.sys DD09E3115DF2CDB36FED21E67149EB91
C:\WINDOWS\System32\DRIVERS\netbt.sys A6C01E478CD9ED26F6FB7ABCF9A2C773
C:\WINDOWS\System32\drivers\netvsc.sys DA8548D75434CE421BF921BAAC0916D9
C:\Windows\System32\Drivers\Npfs.sys 7190932DB00BE83B57C01B5EAC4D746B
C:\WINDOWS\System32\drivers\npsvctrig.sys 218DB396170D77BB94F69B526CC51B8F
C:\WINDOWS\System32\drivers\nsiproxy.sys A4952889D7C5804F17ABB9F454A371C2
C:\Windows\System32\Drivers\Ntfs.sys D17E3E9423FC7493DECD896B699E5407
C:\Windows\System32\Drivers\Null.sys C029E5408EEE26C3B4E5BA5D29738DB8
C:\WINDOWS\System32\drivers\nvdimm.sys 189E5FCB96ABFEA84239A16062256EE4
C:\WINDOWS\System32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvlddmkm.sys 88F3EEDD47473E7206C0A049AE96A0F7
C:\WINDOWS\System32\drivers\nvraid.sys 1F50ED95984009BF3634D6BD1A16FA5B
C:\WINDOWS\System32\drivers\nvstor.sys D6C14906B78F235461EEF96A886830D4
C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys 9408391358F3B9FD0F59E27151383C51
C:\WINDOWS\system32\drivers\nvvad64v.sys 6AC68DDFCAC19A300D738AF3493E46AA
C:\WINDOWS\System32\drivers\parport.sys 13B175715A4391E4E5D2AB2EBC8CDBB5
C:\WINDOWS\System32\drivers\partmgr.sys 428B9FAFB0EE6EF66EAAB7B49A96487A
C:\WINDOWS\System32\drivers\pci.sys 171FEE651F837DE6BC0831EB2EE6E667
C:\WINDOWS\System32\drivers\pciide.sys C447CDA030A3415711E4E940D2E9B399
C:\WINDOWS\System32\drivers\pcmcia.sys 753174DF234EA8BBF732986D5F78FCE7
C:\WINDOWS\System32\drivers\pcw.sys 1D05B6DE437515281CD91A16C16529E6
C:\WINDOWS\System32\drivers\pdc.sys F5F1A092463D6E46E71CC709A65403D1
C:\WINDOWS\System32\drivers\peauth.sys 42B12A76D3C98AE69C97727E3BEC7D8A
C:\WINDOWS\System32\drivers\percsas2i.sys CD9BA1C279BE0E92E971C2B45A7F3D9B
C:\WINDOWS\System32\drivers\percsas3i.sys 6D5EA79E82A48B181E18C2C39416E8C8
C:\WINDOWS\System32\drivers\pmem.sys E8BE4041A69023B6A4D1096EE8436347
C:\WINDOWS\System32\drivers\pnpmem.sys 99ECEDA6B2E1FDB6892FBD5AED1E5D99
C:\WINDOWS\System32\drivers\raspptp.sys 1FB09FD846D5030B82EB345E9970A105
C:\WINDOWS\System32\drivers\processr.sys E0E55CDA29C80A9520FCFC78D7F8A73D
C:\WINDOWS\System32\drivers\pacer.sys E4BF8BE7B3711BCBBC95EE983C0236F4
C:\WINDOWS\System32\drivers\Qcamainx64.sys D76F885983B04E8BE2D1BDEF118A097E
C:\WINDOWS\system32\DRIVERS\Qcamain10x64.sys E8A44A8D55FCAFCDB56355B649650DAF
C:\WINDOWS\system32\drivers\qwavedrv.sys 00F72861538B6C4E925A21BAE397A49D
C:\WINDOWS\System32\drivers\RadioShim.sys 911BD6CE96BB62D7779A74498089BCE2
C:\WINDOWS\System32\DRIVERS\ramdisk.sys 0FFABEB2D06CD74DDE0BCA510EEAEEBC
C:\WINDOWS\System32\DRIVERS\rasacd.sys B834761352403111D0113284D8736025
C:\WINDOWS\System32\drivers\AgileVpn.sys FA99CE309B66586A0AA6EF9CFF7BC467
C:\WINDOWS\System32\drivers\rasl2tp.sys 775ED7E51B58CF9EB415A1DBA540DACF
C:\WINDOWS\System32\DRIVERS\raspppoe.sys E2433A620ABF4083157944E4692C500D
C:\WINDOWS\System32\drivers\rassstp.sys EE5D1D51FA74ECCE57CF2DB8F6A417D8
C:\WINDOWS\System32\DRIVERS\rdbss.sys 8CBCB14A22D48DE6EADFAED372AF870D
C:\WINDOWS\System32\drivers\rdpbus.sys 206AB796793FDBD518B82E2F308A7176
C:\WINDOWS\System32\drivers\rdpdr.sys 3DE4216324BE32FC3AF7667AE2406EE5
C:\WINDOWS\System32\drivers\rdpvideominiport.sys 0600DF60EF88FD10663EC84709E5E245
C:\WINDOWS\System32\drivers\rdyboost.sys 65652EFAAF4A8A59E60A2D7BE15317E8
C:\Windows\System32\Drivers\ReFS.sys 3DCB3FAFE46B9FE41C9065EBBED97724
C:\Windows\System32\Drivers\ReFSv1.sys B76350D40A46DBA17205F8373528FD83
C:\WINDOWS\System32\drivers\rhproxy.sys 3D4F4CCE0364CD3F1B539D2630686F24
C:\WINDOWS\System32\drivers\rspndr.sys FFFB16EF6E0B8B5F7F19B425923E7D12
C:\WINDOWS\System32\drivers\rt640x64.sys 12A3D1530E3F67B8664EBA923A3981E4
C:\WINDOWS\system32\Drivers\RtsUer.sys 87CCF37EC2858FCF7689F8FC0B72F39A
C:\WINDOWS\System32\drivers\vms3cap.sys A2939E69027B97105014434BFBFF7195
C:\WINDOWS\System32\drivers\sbp2port.sys 04C51BBD8C9F54E5F2C5D831B03B11E3
C:\WINDOWS\System32\DRIVERS\scfilter.sys 0070C2DC6563C48EDA63A282748F3FCD
C:\WINDOWS\System32\drivers\scmbus.sys A61C34A8B6BA61E61C612CAD636C369F
C:\WINDOWS\System32\drivers\sdbus.sys 495273177E87B0C34D7E431E9254FA23
C:\WINDOWS\System32\drivers\SDFRd.sys 9EF09DE84CE20B787C02395394AC2A7E
C:\WINDOWS\System32\drivers\sdstor.sys F80D6C03FEA2F7DEE14023B7229DA8C2
C:\WINDOWS\System32\drivers\SerCx.sys C5CF2941AA9E417B3A224601255C002E
C:\WINDOWS\System32\drivers\SerCx2.sys B9C113BD9FCA4F3E23F03708A7DA07CC
C:\WINDOWS\System32\drivers\serenum.sys 1845736FA47A1DFBBB642FE21095B4E0
C:\WINDOWS\System32\drivers\serial.sys F1BABF50469041797ED9928C31318832
C:\WINDOWS\System32\drivers\sermouse.sys 340116988930B07629A2D0C2B380A365
C:\WINDOWS\System32\drivers\sfloppy.sys 77FF0A5BA023D8E8C82EACCD54EA5C78
C:\WINDOWS\System32\drivers\SgrmAgent.sys 1941F5CA54C469E16957587FD56ED842
C:\WINDOWS\System32\drivers\SiSRaid2.sys 1443CF919C2A3207CE7724E0A31686A2
C:\WINDOWS\System32\drivers\sisraid4.sys C0B1EAD6CC127CAE4E84EBF54105B3B8
C:\WINDOWS\System32\drivers\spaceport.sys FF44BF888D6F8046FD4FCBF96A5FCE65
C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys FE1776E587227120DC04EAEC45473245
C:\WINDOWS\System32\drivers\SpbCx.sys D05EB2BB52EC6B665D1631EC33241B80
C:\WINDOWS\System32\DRIVERS\srv.sys ED80563D25C600CA00523D5ACD63F96F
C:\WINDOWS\System32\DRIVERS\srv2.sys D9EFD1D7829994F16141DA4FB6ACAABC
C:\WINDOWS\System32\DRIVERS\srvnet.sys 93DF24D0C33F2894429D4180145CBDA7
C:\WINDOWS\system32\DRIVERS\ssudmdm.sys 592FF34A2FD6C6351B8A3AA76B2C0A9E
C:\WINDOWS\System32\drivers\stexstor.sys DA82903F26AE12034CC5229F61098948
C:\WINDOWS\System32\drivers\storahci.sys F2D1983C7BEF5E3AB8978A7796C59A75
C:\WINDOWS\System32\drivers\vmstorfl.sys 76C9E2AA3400C22FC7091AD2F2999F95
C:\WINDOWS\System32\drivers\stornvme.sys 701078F20919BD635EA25F691880F651
C:\WINDOWS\System32\drivers\storqosflt.sys 16CEC85543981EE1D01978C210462993
C:\WINDOWS\System32\drivers\storufs.sys 25D7B79F80F3C2CD97D797C14D470165
C:\WINDOWS\System32\drivers\storvsc.sys 1FC7B7BE58A29DF27F5E6F6C2F061FA3
C:\WINDOWS\System32\DriverStore\FileRepository\swenum.inf_amd64_ea7b19c04e7a8136\swenum.sys 54255DF324C621A97220EBFA832237D2
C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys DC6ACBBBA547BF6F7425986B4EDC2091
C:\WINDOWS\System32\drivers\Synth3dVsc.sys A2A42A570524C975259E3B81C4D80DCA
C:\WINDOWS\System32\drivers\tcpip.sys B8BED15865E17E73CF19A23CD6EB9FB7
C:\WINDOWS\System32\drivers\tcpip.sys B8BED15865E17E73CF19A23CD6EB9FB7
C:\WINDOWS\System32\drivers\tcpipreg.sys 085F8A5F09E64CC27309AF160EF4F9BA
C:\WINDOWS\system32\DRIVERS\tdx.sys 16071C42E21CE3378FA449322FB9AB1D
C:\WINDOWS\System32\drivers\terminpt.sys B2C4D7CB291293CAC636748E695D111E
C:\WINDOWS\System32\drivers\tpm.sys 330F5AA122A302F0244D918B9C92C9D1
C:\WINDOWS\System32\drivers\tsusbflt.sys 0D721F40C179EC5737C15E551F22C69B
C:\WINDOWS\System32\drivers\TsUsbGD.sys DE1296871208D1F13B7AC57C4B1FA46C
C:\WINDOWS\System32\drivers\tunnel.sys BC938ABBF586272BD4063CA51F09149F
C:\WINDOWS\System32\drivers\uaspstor.sys BDFACE024EFF2398214797143AD76C87
C:\WINDOWS\System32\Drivers\UcmCx.sys 00C4396DE1CD3502884BB2E2B6D6861C
C:\WINDOWS\System32\Drivers\UcmTcpciCx.sys ED9CBD1541C8AFDAA9B8255A384E2B53
C:\WINDOWS\System32\drivers\UcmUcsi.sys F58F1BC6A6972437CE18516F8ACCEB9F
C:\WINDOWS\System32\drivers\ucx01000.sys 017FB9532F54B28EFC1E37A91DB9ECC5
C:\WINDOWS\System32\drivers\udecx.sys 12E2B6B642360E66396502B62B048694
C:\WINDOWS\System32\DRIVERS\udfs.sys 6A442723D4D05D9F15D24C9942CDA00D
C:\WINDOWS\System32\drivers\UEFI.sys D30AF38971B6670C222250AC2CBB6227
C:\WINDOWS\System32\drivers\ufx01000.sys 588B9212DEE84F5192C09A147AA5C316
C:\WINDOWS\System32\drivers\UfxChipidea.sys 78B5C069C9AA1463ACC833FD7E2A3BD5
C:\WINDOWS\System32\drivers\ufxsynopsys.sys 533BF4F456A1C6E7581E8C0A4EC59300
C:\WINDOWS\System32\drivers\umbus.sys 360FEE6F687D98EFFE46A5433FE6182E
C:\WINDOWS\System32\drivers\umpass.sys F6F1A9D91F684AA02951B96EE8127DAE
C:\WINDOWS\System32\drivers\urschipidea.sys 49A5E1B43C59DC0E363AD9C2D7D10BE4
C:\WINDOWS\System32\drivers\urscx01000.sys 53F1DA2D92D1D8CE4BB9D33E58D7DF01
C:\WINDOWS\System32\drivers\urssynopsys.sys 09518A324B95BBC0B472BD5A472CB916
C:\WINDOWS\System32\drivers\usbccgp.sys B7211393225AB05324C52BA47B31FEB4
C:\WINDOWS\System32\drivers\usbcir.sys 250D21958EE5F45CD13FE6BE3788EE70
C:\WINDOWS\System32\drivers\usbehci.sys 4269DE1EB8029D55B3BB3A8A330FCF90
C:\WINDOWS\System32\drivers\usbhub.sys D67AABAE0C9EBAC9BBA2E20E0AF52EF1
C:\WINDOWS\System32\drivers\UsbHub3.sys 95A5A70091854B99C09A4231E5050C65
C:\WINDOWS\System32\drivers\usbohci.sys A547E7B1B3FB2228259AA85AC7E82698
C:\WINDOWS\System32\drivers\usbprint.sys 692C0BA4109C8F78392A299369F51129
C:\WINDOWS\System32\drivers\usbser.sys 45A9E57185B79420EFEA5A4AED655809
C:\WINDOWS\System32\drivers\USBSTOR.SYS CEF7527514EC49EBE0C760D784643EF0
C:\WINDOWS\System32\drivers\usbuhci.sys A4124036C4FD2B94C6157C4588EEB4E3
C:\WINDOWS\System32\Drivers\usbvideo.sys 9431F7E997A8750139517709B04D8629
C:\WINDOWS\System32\drivers\USBXHCI.SYS 9F4CCFCD4B4C6008C940510E43D54AEC
C:\WINDOWS\System32\drivers\vdrvroot.sys 8DCB7E5A9497C030484E5AD9E541B85C
C:\WINDOWS\System32\drivers\VerifierExt.sys 5C25C1A89650C95D15F7988D71487B08
C:\WINDOWS\System32\drivers\vhdmp.sys 621BC9225307C834A0DCE2842052A6B8
C:\WINDOWS\System32\drivers\vhf.sys EDCD732D7845A2B21B91C7D0CE96DA10
C:\WINDOWS\System32\drivers\vmbus.sys AD63BC4A11A4FD436ED23208BB8D1A9C
C:\WINDOWS\System32\drivers\VMBusHID.sys E2D57FB1A62F0BB7F70570806A09CE2B
C:\WINDOWS\System32\drivers\vmgid.sys 7D778F1E82EBA9F5A4DD392CFD3C4224
C:\WINDOWS\System32\drivers\volmgr.sys 708410755721F94FC8939673893C2E2B
C:\WINDOWS\System32\drivers\volmgrx.sys 1514506CA7462A64DC38C48108DDBB45
C:\WINDOWS\System32\drivers\volsnap.sys F0EE4E6028CCA58BEA9A04E7BEAB7DB4
C:\WINDOWS\System32\drivers\volume.sys 77FD1607F2C371ABD241EC7699C58884
C:\WINDOWS\System32\drivers\vpci.sys A8E3A6BA6A1B4D1DFEC5E8D5CFF786DF
C:\WINDOWS\System32\drivers\vsmraid.sys ED0B3436E1DE601C6C8EB86789AC8BAB
C:\WINDOWS\System32\drivers\vstxraid.sys 3D706FBED35DF3B17809C6714F31F9B0
C:\WINDOWS\System32\drivers\vwifibus.sys 0B11DBB8173AD374D67893D54EBEE9F3
C:\WINDOWS\System32\drivers\vwififlt.sys 95540F74893235C189409C98643D7A77
C:\WINDOWS\System32\drivers\vwifimp.sys 60A14582772A4DF0D0BE27B3F873BE6B
C:\WINDOWS\System32\drivers\wacompen.sys 87A01F65BD16C9FCCDD1B65F56CB93B0
C:\WINDOWS\System32\DRIVERS\wanarp.sys 78284C8CA31F9DC0B572F34CCA29A360
C:\WINDOWS\System32\DRIVERS\wanarp.sys 78284C8CA31F9DC0B572F34CCA29A360
C:\WINDOWS\system32\drivers\wcifs.sys 8A304D6CDC067922448CBA1EBB9FFCA8
C:\WINDOWS\system32\drivers\wcnfs.sys 8E899F2D39BBE4BD49A1E36C3E8A1E5F
C:\WINDOWS\System32\drivers\wd\WdBoot.sys E7E16778C8440BB459C94B5AD8282491
C:\WINDOWS\System32\drivers\Wdf01000.sys 152926023B401D1F5F8852929572F5C3
C:\WINDOWS\System32\drivers\wd\WdFilter.sys 421A69C03BEB260A1CCAFFD3435AD587
C:\WINDOWS\System32\DRIVERS\wdiwifi.sys 7CF63F36E6271E9647CE3C44F95DD613
C:\WINDOWS\System32\drivers\WdmCompanionFilter.sys EAF4FB729E94561EE31BDE5BEF869C65
C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys E385410A4C16A62E9B6CC2DFF3C7C921
C:\WINDOWS\System32\drivers\wfplwfs.sys EB0B154F12F78DE232F38EF61BCDEEA2
C:\WINDOWS\System32\drivers\wimmount.sys 3AE28A996C9EB8A6F2AC12BC55035126
C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys 2BB82BABE32D41F430D290239ABC0E87
C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys 5F0EDDA201630E132C2251BC9DA85023
C:\WINDOWS\System32\drivers\winmad.sys 762D8D839C44C5A0BE0449AA84034522
C:\WINDOWS\System32\drivers\winnat.sys C5AE3E1B653FD1F8072BE67D2BA28160
C:\WINDOWS\System32\drivers\WinUSB.SYS 6FA3D810FE082001B16ADE19829F1E8E
C:\WINDOWS\System32\drivers\winverbs.sys D2D6DB37E06608A5AF5B68D8E677B219
C:\WINDOWS\System32\drivers\wmiacpi.sys EAEF2A087812BB7110C744446AB731D5
C:\Windows\System32\Drivers\Wof.sys E122AD60BF4D7E4B28CCBABF33B28C1F
C:\WINDOWS\System32\drivers\WpdUpFltr.sys 15C1131EA0216F799C86B03EDAE0BE45
C:\WINDOWS\system32\drivers\ws2ifsl.sys C1C2E769FCD3B00A59FF876FB2AD4336
C:\WINDOWS\System32\drivers\WudfPf.sys 813DC18CC654CFB1875074139B0FEFD3
C:\WINDOWS\System32\drivers\WudfRd.sys FB64BAD6DEDB27EA39B03685AC0A8EB4
C:\WINDOWS\system32\DRIVERS\WUDFRd.sys FB64BAD6DEDB27EA39B03685AC0A8EB4
C:\WINDOWS\system32\DRIVERS\WUDFRd.sys FB64BAD6DEDB27EA39B03685AC0A8EB4
C:\WINDOWS\System32\drivers\xboxgip.sys 93352403D9E6B71C275996690672488F
C:\WINDOWS\System32\drivers\xinputhid.sys CE1F78B5C1F14F74242008B2B3153FA2

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Three months (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-26 18:39 - 2019-01-26 18:40 - 000045122 _____ C:\Users\Martina Kirchnerová\Downloads\FRST.txt
2019-01-26 18:37 - 2019-01-26 18:39 - 000000000 ____D C:\FRST
2019-01-26 18:36 - 2019-01-26 18:37 - 002428416 _____ (Farbar) C:\Users\Martina Kirchnerová\Downloads\FRST64.exe
2019-01-19 15:56 - 2019-01-19 17:09 - 000000000 ____D C:\Program Files\trend micro
2019-01-19 15:56 - 2019-01-19 15:56 - 000000000 ____D C:\rsit
2019-01-19 15:55 - 2019-01-19 15:55 - 001222144 _____ C:\Users\Martina Kirchnerová\Downloads\RSITx64.exe
2019-01-19 15:37 - 2019-01-19 15:38 - 000000000 ____D C:\AdwCleaner
2019-01-19 15:36 - 2019-01-19 15:36 - 007320272 _____ (Malwarebytes) C:\Users\Martina Kirchnerová\Downloads\adwcleaner_7.2.6.0.exe
2019-01-19 15:26 - 2019-01-19 15:26 - 000188496 _____ C:\Users\Martina Kirchnerová\Documents\záloha registru.reg
2019-01-19 15:17 - 2019-01-19 15:17 - 000000000 ____D C:\Users\Martina Kirchnerová\AppData\Local\OneDrive
2019-01-19 15:13 - 2019-01-19 15:13 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2019-01-19 15:11 - 2019-01-19 15:11 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2019-01-19 15:09 - 2019-01-19 15:09 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-01-19 15:09 - 2019-01-19 15:09 - 000002916 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-01-19 15:09 - 2019-01-19 15:09 - 000000867 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-01-19 15:09 - 2019-01-19 15:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-01-19 15:09 - 2019-01-19 15:09 - 000000000 ____D C:\Program Files\CCleaner
2019-01-19 15:08 - 2019-01-19 15:08 - 019350312 _____ (Piriform Software Ltd) C:\Users\Martina Kirchnerová\Downloads\cctrialsetup.exe
2019-01-19 14:58 - 2019-01-19 14:58 - 000000000 ____D C:\Users\Martina Kirchnerová\Intel
2019-01-19 14:36 - 2019-01-19 15:03 - 000000000 ____D C:\Users\Martina Kirchnerová\AppData\Local\D3DSCache
2019-01-10 19:46 - 2018-09-04 23:36 - 001476904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2019-01-09 18:20 - 2019-01-01 14:46 - 012710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-01-09 18:20 - 2019-01-01 14:43 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-01-09 18:20 - 2019-01-01 14:20 - 011902976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-01-09 18:20 - 2019-01-01 08:14 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-01-09 18:20 - 2019-01-01 08:14 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-01-09 18:20 - 2019-01-01 08:13 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-01-09 18:20 - 2019-01-01 08:12 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-01-09 18:20 - 2019-01-01 08:12 - 007520104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-01-09 18:20 - 2019-01-01 08:12 - 002765344 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-01-09 18:20 - 2019-01-01 08:12 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-01-09 18:20 - 2019-01-01 08:12 - 002421288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-01-09 18:20 - 2019-01-01 07:55 - 025856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-01-09 18:20 - 2019-01-01 07:50 - 022715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-01-09 18:20 - 2019-01-01 07:50 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-01-09 18:20 - 2019-01-01 07:47 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-01-09 18:20 - 2019-01-01 07:45 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-01-09 18:20 - 2019-01-01 07:45 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-01-09 18:20 - 2019-01-01 07:44 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-01-09 18:20 - 2019-01-01 07:43 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-01-09 18:20 - 2019-01-01 07:42 - 004939776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-01-09 18:20 - 2019-01-01 07:42 - 002247680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2019-01-09 18:20 - 2019-01-01 07:42 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-01-09 18:20 - 2019-01-01 07:41 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-01-09 18:20 - 2019-01-01 07:37 - 006571584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-01-09 18:20 - 2019-01-01 07:37 - 002478664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-01-09 18:20 - 2019-01-01 07:37 - 002253696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-01-09 18:20 - 2019-01-01 07:37 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-01-09 18:20 - 2019-01-01 07:29 - 022016512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-01-09 18:20 - 2019-01-01 07:22 - 019405312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-01-09 18:20 - 2019-01-01 07:16 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-01-09 18:20 - 2019-01-01 07:15 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-01-09 18:20 - 2019-01-01 07:14 - 004514816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-01-09 18:20 - 2019-01-01 07:13 - 001628160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-01-09 18:20 - 2018-12-19 05:49 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-01-09 18:19 - 2019-01-01 14:50 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-01-09 18:19 - 2019-01-01 14:47 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll
2019-01-09 18:19 - 2019-01-01 14:45 - 000714752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2019-01-09 18:19 - 2019-01-01 14:45 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2019-01-09 18:19 - 2019-01-01 14:20 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowslivelogin.dll
2019-01-09 18:19 - 2019-01-01 14:18 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2019-01-09 18:19 - 2019-01-01 14:17 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2019-01-09 18:19 - 2019-01-01 08:14 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-01-09 18:19 - 2019-01-01 08:14 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-01-09 18:19 - 2019-01-01 08:14 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-01-09 18:19 - 2019-01-01 08:14 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-01-09 18:19 - 2019-01-01 08:13 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-01-09 18:19 - 2019-01-01 08:13 - 000709728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-01-09 18:19 - 2019-01-01 08:13 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-01-09 18:19 - 2019-01-01 08:13 - 000170808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-01-09 18:19 - 2019-01-01 08:12 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-01-09 18:19 - 2019-01-01 08:12 - 000268304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-01-09 18:19 - 2019-01-01 08:12 - 000128824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-01-09 18:19 - 2019-01-01 08:12 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-01-09 18:19 - 2019-01-01 07:48 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-01-09 18:19 - 2019-01-01 07:48 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-01-09 18:19 - 2019-01-01 07:48 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Print.Workflow.Source.dll
2019-01-09 18:19 - 2019-01-01 07:47 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-01-09 18:19 - 2019-01-01 07:46 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2019-01-09 18:19 - 2019-01-01 07:46 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-01-09 18:19 - 2019-01-01 07:46 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-01-09 18:19 - 2019-01-01 07:45 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-01-09 18:19 - 2019-01-01 07:44 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-01-09 18:19 - 2019-01-01 07:44 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-01-09 18:19 - 2019-01-01 07:44 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2019-01-09 18:19 - 2019-01-01 07:44 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-01-09 18:19 - 2019-01-01 07:42 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-01-09 18:19 - 2019-01-01 07:41 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-01-09 18:19 - 2019-01-01 07:41 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2019-01-09 18:19 - 2019-01-01 07:41 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-01-09 18:19 - 2019-01-01 07:37 - 000880048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2019-01-09 18:19 - 2019-01-01 07:37 - 000581808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-01-09 18:19 - 2019-01-01 07:37 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-01-09 18:19 - 2019-01-01 07:17 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2019-01-09 18:19 - 2019-01-01 07:16 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-01-09 18:19 - 2019-01-01 07:16 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2019-01-09 18:19 - 2019-01-01 07:15 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-01-09 18:19 - 2019-01-01 07:15 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-01-09 18:19 - 2019-01-01 07:15 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-01-09 18:19 - 2019-01-01 07:14 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-01-09 18:19 - 2019-01-01 07:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-01-09 18:19 - 2019-01-01 07:13 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2019-01-09 18:19 - 2019-01-01 07:13 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-01-09 18:19 - 2019-01-01 07:12 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-01-09 18:19 - 2019-01-01 07:12 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2019-01-09 18:19 - 2019-01-01 07:12 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-01-09 18:19 - 2019-01-01 07:12 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2019-01-09 18:19 - 2019-01-01 06:23 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2018-12-19 21:06 - 2018-12-14 07:55 - 003396608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-12-19 21:06 - 2018-12-14 07:54 - 006032384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2018-12-19 21:06 - 2018-12-14 07:52 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2018-12-19 21:05 - 2018-12-14 08:29 - 001130760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-12-19 21:05 - 2018-12-14 08:25 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-12-19 21:05 - 2018-12-14 08:21 - 001457240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-12-19 21:05 - 2018-12-14 08:21 - 001257672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-12-19 21:05 - 2018-12-14 08:21 - 001140480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-12-19 21:05 - 2018-12-14 08:21 - 001098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-12-19 21:05 - 2018-12-14 08:21 - 000982912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-12-19 21:05 - 2018-12-14 08:10 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2018-12-19 21:05 - 2018-12-14 08:07 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-12-19 21:05 - 2018-12-14 07:55 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-12-19 21:05 - 2018-12-14 07:54 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2018-12-19 21:05 - 2018-12-14 07:52 - 002173440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-12-19 21:05 - 2018-12-14 07:51 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-12-19 21:05 - 2018-12-14 07:50 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-12-12 14:40 - 2018-12-08 13:42 - 004527800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-12-12 14:40 - 2018-12-08 13:42 - 001616824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2018-12-12 14:40 - 2018-12-08 13:29 - 013572608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-12-12 14:40 - 2018-12-08 13:28 - 006586880 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-12-12 14:40 - 2018-12-08 13:28 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-12-12 14:40 - 2018-12-08 13:25 - 012500992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-12-12 14:40 - 2018-12-08 13:23 - 003649024 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-12-12 14:40 - 2018-12-08 09:07 - 005625352 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-12-12 14:40 - 2018-12-08 09:06 - 001017168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2018-12-12 14:40 - 2018-12-08 09:05 - 007436216 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-12-12 14:40 - 2018-12-08 09:04 - 002371296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-12-12 14:40 - 2018-12-08 08:47 - 000861744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2018-12-12 14:40 - 2018-12-08 08:46 - 002331480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-12-12 14:40 - 2018-12-08 08:45 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-12-12 14:40 - 2018-12-08 08:41 - 007057408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2018-12-12 14:40 - 2018-12-08 08:40 - 004710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-12-12 14:40 - 2018-12-08 08:38 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-12-12 14:40 - 2018-11-09 07:15 - 021388752 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-12-12 14:40 - 2018-11-09 03:56 - 001213472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2018-12-12 14:40 - 2018-11-09 03:21 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-12-12 14:39 - 2018-12-08 13:47 - 001048712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2018-12-12 14:39 - 2018-12-08 13:47 - 000645320 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2018-12-12 14:39 - 2018-12-08 13:46 - 000549760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2018-12-12 14:39 - 2018-12-08 13:42 - 001634944 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-12-12 14:39 - 2018-12-08 13:41 - 002394960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2018-12-12 14:39 - 2018-12-08 13:41 - 000481880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2018-12-12 14:39 - 2018-12-08 13:40 - 001454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-12-12 14:39 - 2018-12-08 13:39 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2018-12-12 14:39 - 2018-12-08 13:27 - 005657600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-12-12 14:39 - 2018-12-08 13:23 - 002892288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-12-12 14:39 - 2018-12-08 13:23 - 001856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-12-12 14:39 - 2018-12-08 13:23 - 001661440 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2018-12-12 14:39 - 2018-12-08 13:23 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2018-12-12 14:39 - 2018-12-08 13:22 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-12-12 14:39 - 2018-12-08 13:22 - 001469952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2018-12-12 14:39 - 2018-12-08 13:22 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2018-12-12 14:39 - 2018-12-08 09:12 - 000272408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-12-12 14:39 - 2018-12-08 09:12 - 000269336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-12-12 14:39 - 2018-12-08 09:12 - 000092688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2018-12-12 14:39 - 2018-12-08 09:07 - 001328632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2018-12-12 14:39 - 2018-12-08 09:06 - 000777512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2018-12-12 14:39 - 2018-12-08 09:06 - 000491416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2018-12-12 14:39 - 2018-12-08 09:06 - 000433168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-12-12 14:39 - 2018-12-08 09:06 - 000249088 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2018-12-12 14:39 - 2018-12-08 09:05 - 002822656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-12-12 14:39 - 2018-12-08 09:05 - 001935008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-12-12 14:39 - 2018-12-08 09:05 - 001209888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-12-12 14:39 - 2018-12-08 09:05 - 000793592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-12-12 14:39 - 2018-12-08 09:05 - 000706040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-12-12 14:39 - 2018-12-08 09:05 - 000594224 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-12-12 14:39 - 2018-12-08 09:05 - 000421176 _____ (Microsoft Corporation) C:\WINDOWS\system32\xbgmengine.dll
2018-12-12 14:39 - 2018-12-08 09:05 - 000413920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2018-12-12 14:39 - 2018-12-08 09:05 - 000130312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2018-12-12 14:39 - 2018-12-08 09:05 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fileinfo.sys
2018-12-12 14:39 - 2018-12-08 09:04 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-12-12 14:39 - 2018-12-08 09:04 - 002590296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2018-12-12 14:39 - 2018-12-08 09:04 - 001943328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-12-12 14:39 - 2018-12-08 09:04 - 001188512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-12-12 14:39 - 2018-12-08 09:04 - 001150312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2018-12-12 14:39 - 2018-12-08 09:04 - 000885760 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-12-12 14:39 - 2018-12-08 09:04 - 000604984 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-12-12 14:39 - 2018-12-08 09:04 - 000527160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-12-12 14:39 - 2018-12-08 09:04 - 000416024 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2018-12-12 14:39 - 2018-12-08 09:04 - 000413176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-12-12 14:39 - 2018-12-08 09:04 - 000375608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-12-12 14:39 - 2018-12-08 09:04 - 000260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-12-12 14:39 - 2018-12-08 09:04 - 000158624 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2018-12-12 14:39 - 2018-12-08 09:04 - 000058168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\iorate.sys
2018-12-12 14:39 - 2018-12-08 08:47 - 000785760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-12-12 14:39 - 2018-12-08 08:46 - 001397104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2018-12-12 14:39 - 2018-12-08 08:46 - 000665224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2018-12-12 14:39 - 2018-12-08 08:46 - 000457056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAudDecMFT.dll
2018-12-12 14:39 - 2018-12-08 08:46 - 000101192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2018-12-12 14:39 - 2018-12-08 08:45 - 004789952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-12-12 14:39 - 2018-12-08 08:45 - 002307240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2018-12-12 14:39 - 2018-12-08 08:45 - 001805656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-12-12 14:39 - 2018-12-08 08:45 - 001620472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-12-12 14:39 - 2018-12-08 08:45 - 001379816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2018-12-12 14:39 - 2018-12-08 08:45 - 001011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-12-12 14:39 - 2018-12-08 08:45 - 000567256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-12-12 14:39 - 2018-12-08 08:45 - 000129296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-12-12 14:39 - 2018-12-08 08:42 - 009084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2018-12-12 14:39 - 2018-12-08 08:38 - 002739200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-12-12 14:39 - 2018-12-08 08:38 - 000419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\eeprov.dll
2018-12-12 14:39 - 2018-12-08 08:38 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2018-12-12 14:39 - 2018-12-08 08:37 - 002825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2018-12-12 14:39 - 2018-12-08 08:37 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll
2018-12-12 14:39 - 2018-12-08 08:37 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2018-12-12 14:39 - 2018-12-08 08:37 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\appsruprov.dll
2018-12-12 14:39 - 2018-12-08 08:36 - 003381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2018-12-12 14:39 - 2018-12-08 08:36 - 003090432 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-12-12 14:39 - 2018-12-08 08:36 - 002364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2018-12-12 14:39 - 2018-12-08 08:36 - 001768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-12-12 14:39 - 2018-12-08 08:36 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-12-12 14:39 - 2018-12-08 08:36 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2018-12-12 14:39 - 2018-12-08 08:35 - 002126336 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2018-12-12 14:39 - 2018-12-08 08:35 - 000623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-12-12 14:39 - 2018-12-08 08:34 - 001023488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2018-12-12 14:39 - 2018-12-08 08:34 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2018-12-12 14:39 - 2018-12-08 08:34 - 000693248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2018-12-12 14:39 - 2018-12-08 08:34 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-12-12 14:39 - 2018-12-08 08:34 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2018-12-12 14:39 - 2018-12-08 08:33 - 002904064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-12-12 14:39 - 2018-12-08 08:33 - 001457152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-12-12 14:39 - 2018-12-08 08:33 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2018-12-12 14:39 - 2018-12-08 08:33 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-12-12 14:39 - 2018-12-08 08:33 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2018-12-12 14:39 - 2018-12-08 08:33 - 000823296 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2018-12-12 14:39 - 2018-12-08 08:32 - 001097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2018-12-12 14:39 - 2018-12-08 08:32 - 001032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-12-12 14:39 - 2018-12-08 08:32 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-12-12 14:39 - 2018-12-08 08:32 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-12-12 14:39 - 2018-12-08 08:30 - 006647296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2018-12-12 14:39 - 2018-12-08 08:30 - 002966528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-12-12 14:39 - 2018-12-08 08:29 - 005883904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2018-12-12 14:39 - 2018-12-08 08:29 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-12-12 14:39 - 2018-12-08 08:28 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2018-12-12 14:39 - 2018-12-08 08:28 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-12-12 14:39 - 2018-12-08 08:27 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2018-12-12 14:39 - 2018-12-08 08:27 - 001986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2018-12-12 14:39 - 2018-12-08 08:27 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2018-12-12 14:39 - 2018-12-08 08:26 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2018-12-12 14:39 - 2018-12-08 08:26 - 000848384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2018-12-12 14:39 - 2018-12-08 08:25 - 000978944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2018-12-12 14:39 - 2018-12-08 08:25 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-12-12 14:39 - 2018-12-08 08:25 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2018-12-12 14:39 - 2018-12-08 08:25 - 000702464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2018-12-12 14:39 - 2018-12-08 08:24 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-12-12 14:39 - 2018-11-09 06:59 - 008623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-12-12 14:39 - 2018-11-09 06:58 - 000244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2018-12-12 14:39 - 2018-11-09 06:57 - 004491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-12-12 14:39 - 2018-11-09 06:57 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sensrsvc.dll
2018-12-12 14:39 - 2018-11-09 06:56 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-12-12 14:39 - 2018-11-09 06:56 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2018-12-12 14:39 - 2018-11-09 06:55 - 001254400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-12-12 14:39 - 2018-11-09 06:55 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2018-12-12 14:39 - 2018-11-09 06:54 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2018-12-12 14:39 - 2018-11-09 06:32 - 020383832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-12-12 14:39 - 2018-11-09 06:20 - 007987712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2018-12-12 14:39 - 2018-11-09 06:20 - 003397632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-12-12 14:39 - 2018-11-09 06:19 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2018-12-12 14:39 - 2018-11-09 06:18 - 000320512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
2018-12-12 14:39 - 2018-11-09 06:17 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2018-12-12 14:39 - 2018-11-09 03:49 - 000723416 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-12-12 14:39 - 2018-11-09 03:49 - 000565048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2018-12-12 14:39 - 2018-11-09 03:49 - 000368656 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2018-12-12 14:39 - 2018-11-09 03:48 - 003179760 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2018-12-12 14:39 - 2018-11-09 03:48 - 002719736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-12-12 14:39 - 2018-11-09 03:48 - 001613288 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2018-12-12 14:39 - 2018-11-09 03:48 - 000899920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2018-12-12 14:39 - 2018-11-09 03:48 - 000766704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2018-12-12 14:39 - 2018-11-09 03:48 - 000745472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2018-12-12 14:39 - 2018-11-09 03:48 - 000375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-12-12 14:39 - 2018-11-09 03:47 - 002571128 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-12-12 14:39 - 2018-11-09 03:47 - 002062392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2018-12-12 14:39 - 2018-11-09 03:47 - 001285432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-12-12 14:39 - 2018-11-09 03:47 - 000930616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2018-12-12 14:39 - 2018-11-09 03:47 - 000537912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2018-12-12 14:39 - 2018-11-09 03:21 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-12-12 14:39 - 2018-11-09 03:20 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2018-12-12 14:39 - 2018-11-09 03:20 - 000399872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthAvctpSvc.dll
2018-12-12 14:39 - 2018-11-09 03:18 - 003320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-12-12 14:39 - 2018-11-09 03:18 - 001487360 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2018-12-12 14:39 - 2018-11-09 03:18 - 000573952 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2018-12-12 14:39 - 2018-11-09 03:18 - 000514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2018-12-12 14:39 - 2018-11-09 03:17 - 002584576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-12-12 14:39 - 2018-11-09 03:17 - 001069568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2018-12-12 14:39 - 2018-11-09 03:16 - 002224640 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-12-12 14:39 - 2018-11-09 03:16 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
2018-12-12 14:39 - 2018-11-09 03:16 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2018-12-12 14:39 - 2018-11-09 03:16 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2018-12-12 14:39 - 2018-11-09 03:15 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2018-12-12 14:39 - 2018-11-09 03:15 - 000933888 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-12-12 14:39 - 2018-11-09 03:15 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2018-12-12 14:39 - 2018-11-09 03:07 - 002417976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2018-12-12 14:39 - 2018-11-09 03:07 - 001299704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2018-12-12 14:39 - 2018-11-09 02:48 - 000550728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2018-12-12 14:39 - 2018-11-09 02:47 - 000295224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2018-12-12 14:39 - 2018-11-09 02:46 - 002161008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2018-12-12 14:39 - 2018-11-09 02:46 - 001980776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-12-12 14:39 - 2018-11-09 02:46 - 000829960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2018-12-12 14:39 - 2018-11-09 02:46 - 000721024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2018-12-12 14:39 - 2018-11-09 02:46 - 000573504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2018-12-12 14:39 - 2018-11-09 02:29 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-12-12 14:39 - 2018-11-09 02:29 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-12-12 14:39 - 2018-11-09 02:28 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-12-12 14:39 - 2018-11-09 02:26 - 001110528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2018-12-12 14:39 - 2018-11-09 02:25 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2018-12-12 14:39 - 2018-11-09 02:25 - 000705024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2018-12-12 14:38 - 2018-12-08 13:27 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storqosflt.sys
2018-12-12 14:38 - 2018-12-08 13:27 - 000068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdBth.dll
2018-12-12 14:38 - 2018-12-08 13:27 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdBth.dll
2018-12-12 14:38 - 2018-12-08 13:23 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2018-12-12 14:38 - 2018-12-08 09:05 - 001018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2018-12-12 14:38 - 2018-12-08 09:04 - 000335672 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2018-12-12 14:38 - 2018-12-08 08:45 - 000356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2018-12-12 14:38 - 2018-12-08 08:39 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnsruprov.dll
2018-12-12 14:38 - 2018-12-08 08:38 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageLiveTileTask.exe
2018-12-12 14:38 - 2018-12-08 08:38 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2018-12-12 14:38 - 2018-12-08 08:38 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcnfs.sys
2018-12-12 14:38 - 2018-12-08 08:38 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2018-12-12 14:38 - 2018-12-08 08:37 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2018-12-12 14:38 - 2018-12-08 08:37 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageHandlers.dll
2018-12-12 14:38 - 2018-12-08 08:37 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2018-12-12 14:38 - 2018-12-08 08:37 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2018-12-12 14:38 - 2018-12-08 08:37 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2018-12-12 14:38 - 2018-12-08 08:36 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2018-12-12 14:38 - 2018-12-08 08:36 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2018-12-12 14:38 - 2018-12-08 08:36 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2018-12-12 14:38 - 2018-12-08 08:36 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mmcss.sys
2018-12-12 14:38 - 2018-12-08 08:33 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2018-12-12 14:38 - 2018-12-08 08:32 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-12-12 14:38 - 2018-12-08 08:30 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2018-12-12 14:38 - 2018-12-08 08:29 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Diagnostics.dll
2018-12-12 14:38 - 2018-12-08 08:29 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2018-12-12 14:38 - 2018-12-08 08:28 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-12-12 14:38 - 2018-12-08 08:27 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2018-12-12 14:38 - 2018-12-08 08:25 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2018-12-12 14:38 - 2018-12-08 08:24 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2018-12-12 14:38 - 2018-12-08 08:24 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-12-12 14:38 - 2018-11-09 07:00 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-12-12 14:38 - 2018-11-09 06:56 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSoftwareInstallationClient.dll
2018-12-12 14:38 - 2018-11-09 06:22 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2018-12-12 14:38 - 2018-11-09 06:18 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-12-12 14:38 - 2018-11-09 03:22 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2018-12-12 14:38 - 2018-11-09 03:22 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttpcom.dll
2018-12-12 14:38 - 2018-11-09 03:21 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2018-12-12 14:38 - 2018-11-09 03:21 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2018-12-12 14:38 - 2018-11-09 03:21 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-12-12 14:38 - 2018-11-09 03:20 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiswan.sys
2018-12-12 14:38 - 2018-11-09 03:20 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2018-12-12 14:38 - 2018-11-09 03:19 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-12-12 14:38 - 2018-11-09 03:19 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2018-12-12 14:38 - 2018-11-09 03:18 - 000300032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2018-12-12 14:38 - 2018-11-09 02:31 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2018-12-12 14:38 - 2018-11-09 02:31 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-12-12 14:38 - 2018-11-09 02:30 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2018-12-12 14:38 - 2018-11-09 02:30 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttpcom.dll
2018-12-12 14:38 - 2018-11-09 02:29 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2018-12-12 14:38 - 2018-11-09 02:27 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2018-12-12 14:38 - 2018-11-09 02:26 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2018-11-19 17:46 - 2019-01-02 20:41 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-11-19 17:46 - 2019-01-02 20:41 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-11-16 21:14 - 2018-11-01 10:15 - 023861760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-11-16 21:14 - 2018-11-01 10:13 - 019525120 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-11-16 21:14 - 2018-11-01 08:25 - 001784680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2018-11-16 21:14 - 2018-11-01 08:25 - 001288920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-11-16 21:14 - 2018-11-01 08:00 - 008189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-11-16 21:14 - 2018-10-21 13:46 - 004393472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-11-16 21:14 - 2018-10-21 08:45 - 003283512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2018-11-16 21:14 - 2018-10-21 08:28 - 016592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-11-16 21:14 - 2018-10-21 08:09 - 013873664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-11-16 21:13 - 2018-11-01 12:49 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-11-16 21:13 - 2018-11-01 12:45 - 001376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-11-16 21:13 - 2018-11-01 12:30 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2018-11-16 21:13 - 2018-11-01 12:30 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2018-11-16 21:13 - 2018-11-01 12:29 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2018-11-16 21:13 - 2018-11-01 12:28 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2018-11-16 21:13 - 2018-11-01 12:27 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2018-11-16 21:13 - 2018-11-01 11:09 - 001027000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-11-16 21:13 - 2018-11-01 10:56 - 000226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2018-11-16 21:13 - 2018-11-01 10:56 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2018-11-16 21:13 - 2018-11-01 10:53 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2018-11-16 21:13 - 2018-11-01 08:25 - 000463672 _____ (Microsoft Corporation) C:\WINDOWS\system32\coml2.dll
2018-11-16 21:13 - 2018-11-01 08:03 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmtask.exe
2018-11-16 21:13 - 2018-11-01 08:02 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmapi.dll
2018-11-16 21:13 - 2018-11-01 08:02 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\CSystemEventsBrokerClient.dll
2018-11-16 21:13 - 2018-11-01 07:59 - 000322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-11-16 21:13 - 2018-11-01 07:59 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2018-11-16 21:13 - 2018-11-01 07:59 - 000192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2018-11-16 21:13 - 2018-11-01 07:59 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPTaskScheduler.dll
2018-11-16 21:13 - 2018-11-01 07:59 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2018-11-16 21:13 - 2018-11-01 07:58 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2018-11-16 21:13 - 2018-11-01 07:57 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-11-16 21:13 - 2018-11-01 07:57 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2018-11-16 21:13 - 2018-11-01 07:57 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2018-11-16 21:13 - 2018-11-01 07:57 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2018-11-16 21:13 - 2018-11-01 07:56 - 002929664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2018-11-16 21:13 - 2018-11-01 07:56 - 001395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-11-16 21:13 - 2018-11-01 07:56 - 000506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2018-11-16 21:13 - 2018-11-01 07:54 - 001679360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2018-11-16 21:13 - 2018-11-01 07:54 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-11-16 21:13 - 2018-11-01 07:54 - 000606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-11-16 21:13 - 2018-11-01 07:53 - 001373696 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-11-16 21:13 - 2018-11-01 07:53 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-11-16 21:13 - 2018-11-01 05:48 - 000384520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coml2.dll
2018-11-16 21:13 - 2018-11-01 05:47 - 001020064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-11-16 21:13 - 2018-11-01 05:33 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-11-16 21:13 - 2018-11-01 05:29 - 001862656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2018-11-16 21:13 - 2018-11-01 05:29 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2018-11-16 21:13 - 2018-11-01 05:28 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-11-16 21:13 - 2018-11-01 05:27 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-11-16 21:13 - 2018-10-21 14:00 - 001639560 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2018-11-16 21:13 - 2018-10-21 14:00 - 001516120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-11-16 21:13 - 2018-10-21 14:00 - 000790416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-11-16 21:13 - 2018-10-21 14:00 - 000396304 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2018-11-16 21:13 - 2018-10-21 13:59 - 000766480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2018-11-16 21:13 - 2018-10-21 13:59 - 000236728 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2018-11-16 21:13 - 2018-10-21 13:45 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-11-16 21:13 - 2018-10-21 13:44 - 000623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2018-11-16 21:13 - 2018-10-21 13:44 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\INETRES.dll
2018-11-16 21:13 - 2018-10-21 13:43 - 000345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-11-16 21:13 - 2018-10-21 13:43 - 000276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2018-11-16 21:13 - 2018-10-21 13:43 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2018-11-16 21:13 - 2018-10-21 13:42 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2018-11-16 21:13 - 2018-10-21 13:42 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2018-11-16 21:13 - 2018-10-21 13:42 - 000592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2018-11-16 21:13 - 2018-10-21 13:42 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2018-11-16 21:13 - 2018-10-21 13:41 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2018-11-16 21:13 - 2018-10-21 12:38 - 001322376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-11-16 21:13 - 2018-10-21 12:38 - 000662312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-11-16 21:13 - 2018-10-21 12:38 - 000660480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2018-11-16 21:13 - 2018-10-21 12:38 - 000221216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2018-11-16 21:13 - 2018-10-21 12:37 - 001626656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2018-11-16 21:13 - 2018-10-21 12:28 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\INETRES.dll
2018-11-16 21:13 - 2018-10-21 12:23 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2018-11-16 21:13 - 2018-10-21 12:23 - 000523264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2018-11-16 21:13 - 2018-10-21 12:22 - 002405888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2018-11-16 21:13 - 2018-10-21 12:22 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2018-11-16 21:13 - 2018-10-21 10:29 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-11-16 21:13 - 2018-10-21 09:44 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-11-16 21:13 - 2018-10-21 08:46 - 000717112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2018-11-16 21:13 - 2018-10-21 08:46 - 000611640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-11-16 21:13 - 2018-10-21 08:46 - 000560136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2018-11-16 21:13 - 2018-10-21 08:46 - 000497864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2018-11-16 21:13 - 2018-10-21 08:45 - 000607136 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2018-11-16 21:13 - 2018-10-21 08:45 - 000185120 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2018-11-16 21:13 - 2018-10-21 08:45 - 000175624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2018-11-16 21:13 - 2018-10-21 08:45 - 000139792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2018-11-16 21:13 - 2018-10-21 08:45 - 000058088 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2018-11-16 21:13 - 2018-10-21 08:21 - 001589248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2018-11-16 21:13 - 2018-10-21 08:21 - 000123424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2018-11-16 21:13 - 2018-10-21 08:20 - 000424000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2018-11-16 21:13 - 2018-10-21 08:20 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2018-11-16 21:13 - 2018-10-21 08:20 - 000141312 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2018-11-16 21:13 - 2018-10-21 08:20 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2018-11-16 21:13 - 2018-10-21 08:19 - 002487088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2018-11-16 21:13 - 2018-10-21 08:19 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2018-11-16 21:13 - 2018-10-21 08:19 - 000505616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2018-11-16 21:13 - 2018-10-21 08:19 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2018-11-16 21:13 - 2018-10-21 08:19 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2018-11-16 21:13 - 2018-10-21 08:19 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2018-11-16 21:13 - 2018-10-21 08:19 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2018-11-16 21:13 - 2018-10-21 08:19 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2018-11-16 21:13 - 2018-10-21 08:19 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ofdeploy.exe
2018-11-16 21:13 - 2018-10-21 08:19 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthAvrcpAppSvc.dll
2018-11-16 21:13 - 2018-10-21 08:19 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhf.sys
2018-11-16 21:13 - 2018-10-21 08:19 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2018-11-16 21:13 - 2018-10-21 08:18 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2018-11-16 21:13 - 2018-10-21 08:18 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Activities.dll
2018-11-16 21:13 - 2018-10-21 08:18 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2018-11-16 21:13 - 2018-10-21 08:18 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2018-11-16 21:13 - 2018-10-21 08:18 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\officecsp.dll
2018-11-16 21:13 - 2018-10-21 08:18 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2018-11-16 21:13 - 2018-10-21 08:17 - 001668096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2018-11-16 21:13 - 2018-10-21 08:17 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2018-11-16 21:13 - 2018-10-21 08:17 - 000473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2018-11-16 21:13 - 2018-10-21 08:17 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthAvrcp.dll
2018-11-16 21:13 - 2018-10-21 08:17 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2018-11-16 21:13 - 2018-10-21 08:16 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-11-16 21:13 - 2018-10-21 08:16 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2018-11-16 21:13 - 2018-10-21 08:15 - 003212800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2018-11-16 21:13 - 2018-10-21 08:15 - 000743936 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintRenderAPIHost.DLL
2018-11-16 21:13 - 2018-10-21 08:15 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-11-16 21:13 - 2018-10-21 08:14 - 001919488 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2018-11-16 21:13 - 2018-10-21 08:14 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-11-16 21:13 - 2018-10-21 08:14 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2018-11-16 21:13 - 2018-10-21 08:14 - 000453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2018-11-16 21:13 - 2018-10-21 08:02 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2018-11-16 21:13 - 2018-10-21 08:01 - 001189376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2018-11-16 21:13 - 2018-10-21 08:01 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2018-11-16 21:13 - 2018-10-21 08:00 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2018-11-16 21:13 - 2018-10-21 07:59 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2018-11-16 21:13 - 2018-10-21 07:58 - 001124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
2018-11-16 21:13 - 2018-10-21 07:58 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2018-11-16 21:13 - 2018-10-21 07:58 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2018-11-16 21:13 - 2018-10-21 07:57 - 002611200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2018-11-16 21:13 - 2018-10-21 06:59 - 000806320 _____ C:\WINDOWS\SysWOW64\locale.nls
2018-11-16 21:13 - 2018-10-21 06:59 - 000806320 _____ C:\WINDOWS\system32\locale.nls
2018-11-16 21:13 - 2018-04-28 05:02 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll

==================== Three months (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-26 18:34 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-01-26 17:39 - 2018-06-16 20:47 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-01-26 12:04 - 2018-06-16 21:18 - 000003406 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3960966812-2404325950-3596051818-1001
2019-01-26 12:04 - 2018-06-16 20:55 - 000002437 _____ C:\Users\Martina Kirchnerová\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-01-26 12:04 - 2016-09-28 11:35 - 000000000 ___RD C:\Users\Martina Kirchnerová\OneDrive
2019-01-26 11:44 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-01-26 11:44 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-01-20 13:36 - 2018-08-19 20:24 - 000000000 ____D C:\Users\Martina Kirchnerová\Desktop\Maturitní otázky UCE
2019-01-19 15:41 - 2016-11-12 16:21 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-01-19 15:41 - 2016-09-28 11:10 - 000000000 __SHD C:\Users\Martina Kirchnerová\IntelGraphicsProfiles
2019-01-19 15:41 - 2015-09-22 19:06 - 000000000 ____D C:\ProgramData\NVIDIA
2019-01-19 15:40 - 2018-06-16 21:18 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-01-19 15:40 - 2018-04-11 22:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-01-19 15:40 - 2015-07-16 04:34 - 000000000 ____D C:\Program Files\mcafee
2019-01-19 15:40 - 2015-07-16 04:34 - 000000000 ____D C:\Program Files\Common Files\McAfee
2019-01-19 15:40 - 2015-07-16 04:32 - 000000000 ____D C:\ProgramData\AVAST Software
2019-01-19 15:39 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2019-01-19 15:25 - 2018-01-01 13:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2019-01-19 15:24 - 2015-07-16 04:33 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-01-19 15:23 - 2018-01-01 16:32 - 000000000 ____D C:\Users\Martina Kirchnerová\AppData\Local\Packages
2019-01-19 15:15 - 2018-06-08 12:32 - 000000000 ___DC C:\WINDOWS\Panther
2019-01-19 15:15 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-01-19 15:15 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2019-01-19 15:15 - 2016-09-28 11:11 - 000000000 ____D C:\Users\Martina Kirchnerová\AppData\Local\CrashDumps
2019-01-19 15:11 - 2018-04-12 00:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-01-19 15:05 - 2015-07-16 04:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2019-01-19 15:05 - 2015-07-16 04:31 - 000000000 ____D C:\Program Files (x86)\Acer
2019-01-19 14:58 - 2018-06-16 20:55 - 000000000 ____D C:\Users\Martina Kirchnerová
2019-01-19 14:58 - 2016-11-12 16:20 - 000000000 ____D C:\Program Files\Intel
2019-01-19 14:57 - 2015-07-16 04:34 - 000000000 ____D C:\ProgramData\McAfee
2019-01-19 14:56 - 2018-04-11 22:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-01-19 14:53 - 2015-07-10 10:05 - 000000000 ____D C:\Users\Default.migrated
2019-01-19 14:52 - 2015-07-16 04:32 - 000000000 ____D C:\Program Files (x86)\WildTangent Games
2019-01-19 14:51 - 2015-09-22 19:22 - 000000000 ____D C:\ProgramData\CyberLink
2019-01-19 14:51 - 2015-09-22 18:52 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-01-19 11:14 - 2016-11-15 18:38 - 000000000 ____D C:\Users\Martina Kirchnerová\Desktop\fotky
2019-01-18 19:39 - 2017-09-29 17:04 - 000000000 ____D C:\Program Files\rempl
2019-01-12 15:37 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-01-10 19:31 - 2018-06-16 21:09 - 001689050 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-01-10 19:31 - 2018-04-12 16:50 - 000716276 _____ C:\WINDOWS\system32\perfh005.dat
2019-01-10 19:31 - 2018-04-12 16:50 - 000144534 _____ C:\WINDOWS\system32\perfc005.dat
2019-01-10 17:47 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-01-10 17:46 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-01-09 18:53 - 2016-10-13 12:28 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-01-09 18:32 - 2016-09-28 16:37 - 132790320 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

Some files in TEMP:
====================
2019-01-19 14:53 - 2018-09-30 10:12 - 001031928 _____ (McAfee, Inc.) C:\Users\Martina Kirchnerová\AppData\Local\Temp\0180091547905993mcinst.exe
2019-01-19 15:05 - 2017-10-02 15:04 - 001683232 _____ (Acer Incorporated) C:\Users\Martina Kirchnerová\AppData\Local\Temp\AcerPortalSetup.exe
2019-01-19 14:48 - 2015-03-16 19:12 - 005912800 _____ (Foxit Corporation) C:\Users\Martina Kirchnerová\AppData\Local\Temp\FoxitUpdater.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== BCD ================================

Firmware Boot Manager
---------------------
identifier {fwbootmgr}
displayorder {bootmgr}
{00f953ff-60e1-11e5-9f2e-806e6f6e6963}
{00f95400-60e1-11e5-9f2e-806e6f6e6963}
{00f95401-60e1-11e5-9f2e-806e6f6e6963}
timeout 0

Windows Boot Manager
--------------------
identifier {bootmgr}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale cs-CZ
inherit {globalsettings}
default {current}
resumeobject {62e99783-71a6-11e8-894c-c0cca40adba1}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30

Firmware Application (101fffff)
-------------------------------
identifier {00f953ff-60e1-11e5-9f2e-806e6f6e6963}
description EFI USB Device

Firmware Application (101fffff)
-------------------------------
identifier {00f95400-60e1-11e5-9f2e-806e6f6e6963}
description EFI DVD/CDROM

Firmware Application (101fffff)
-------------------------------
identifier {00f95401-60e1-11e5-9f2e-806e6f6e6963}
description EFI Network

Firmware Application (101fffff)
-------------------------------
identifier {cabaf6a0-6166-11e5-a19b-2c600ce11795}
description Network Boot-IPV4: 2C-60-0C-E1-17-95

Windows Boot Loader
-------------------
identifier {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 10
locale cs-CZ
inherit {bootloadersettings}
recoverysequence {62e99785-71a6-11e8-894c-c0cca40adba1}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {62e99783-71a6-11e8-894c-c0cca40adba1}
nx OptIn
bootmenupolicy Standard

Windows Boot Loader
-------------------
identifier {62e99785-71a6-11e8-894c-c0cca40adba1}
device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{62e99786-71a6-11e8-894c-c0cca40adba1}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale cs-CZ
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{62e99786-71a6-11e8-894c-c0cca40adba1}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes

Resume from Hibernate
---------------------
identifier {62e99783-71a6-11e8-894c-c0cca40adba1}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale cs-CZ
inherit {resumeloadersettings}
recoverysequence {62e99785-71a6-11e8-894c-c0cca40adba1}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No

Windows Memory Tester
---------------------
identifier {memdiag}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostika pam�ti syst�mu Windows
locale cs-CZ
inherit {globalsettings}
badmemoryaccess Yes

EMS Settings
------------
identifier {emssettings}
bootems No

Debugger Settings
-----------------
identifier {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200

RAM Defects
-----------
identifier {badmemory}

Global Settings
---------------
identifier {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}

Boot Loader Settings
--------------------
identifier {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}

Hypervisor Settings
-------------------
identifier {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200

Resume Loader Settings
----------------------
identifier {resumeloadersettings}
inherit {globalsettings}

Device options
--------------
identifier {62e99786-71a6-11e8-894c-c0cca40adba1}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume4
ramdisksdipath \Recovery\WindowsRE\boot.sdi


LastRegBack: 2018-06-16 20:47

==================== End of FRST.txt ============================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26.01.2019
Ran by Martina Kirchnerová (26-01-2019 18:41:45)
Running from C:\Users\Martina Kirchnerová\Downloads
Windows 10 Home Version 1803 17134.523 (X64) (2018-06-16 20:20:47)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3960966812-2404325950-3596051818-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3960966812-2404325950-3596051818-503 - Limited - Disabled)
Guest (S-1-5-21-3960966812-2404325950-3596051818-501 - Limited - Disabled)
Martina Kirchnerová (S-1-5-21-3960966812-2404325950-3596051818-1001 - Administrator - Enabled) => C:\Users\Martina Kirchnerová
WDAGUtilityAccount (S-1-5-21-3960966812-2404325950-3596051818-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

12 Labours of Hercules III: Girl Power (HKLM-x32\...\WTA-428eae2c-9e05-492a-985a-f36ddac22115) (Version: 3.0.2.118 - WildTangent) Hidden
abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.10.2002 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2001 - Acer Incorporated)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.03.2003 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 4.00.2001.1 - Acer Incorporated)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3005 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3001 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8109 - Acer Incorporated)
Acer Quick Access (HKLM\...\{E3678E72-78E3-4F91-A9FB-913876FF6DA2}) (Version: 2.00.3005 - Acer Incorporated)
Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 2.01.3002 - Acer Incorporated)
Advertising Center (HKLM-x32\...\{b2ec4a38-b545-4a00-8214-13fe0e915e6d}) (Version: 0.0.0.1 - Nero AG) Hidden
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.25.2001.0 - Acer Incorporated)
CCleaner (HKLM\...\CCleaner) (Version: 5.52 - Piriform)
Command and Conquer: Tiberium Alliances (HKLM-x32\...\WildTangentGDF-acer-commandandconqueralliances) (Version: 13.0.0.6 - WildTangent) Hidden
Dino Storm (HKLM-x32\...\WildTangentGDF-acer-dinostorm) (Version: 13.0.0.6 - WildTangent) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Home Makeover (HKLM-x32\...\WTA-f2bf7eb9-e377-484f-8cde-dbb7152c6ea8) (Version: 3.0.2.59 - WildTangent) Hidden
Hospital Manager (HKLM-x32\...\WTA-14c4f7e7-d0e1-4085-a15a-0a6358564217) (Version: 3.0.2.59 - WildTangent) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1153 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4703 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.253.0 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Jewel Match 3 (HKLM-x32\...\WTA-b9eca6f0-f350-409b-80b6-7cfb979d1682) (Version: 2.2.0.97 - WildTangent) Hidden
Jewel Match Snowscapes (HKLM-x32\...\WTA-d55a4c69-9aca-46c0-bd47-30a8aafd5860) (Version: 3.0.2.118 - WildTangent) Hidden
Magic Academy (HKLM-x32\...\WTA-4f8f4d42-f753-460a-acd0-d2dc96643b21) (Version: 2.2.0.97 - WildTangent) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3960966812-2404325950-3596051818-1001\...\OneDriveSetup.exe) (Version: 18.240.1202.0004 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Nero 9 Essentials (HKLM-x32\...\{01c01d76-3119-48b5-956c-de15eee0e75e}) (Version: - Nero AG)
NVIDIA GeForce Experience 2.4.5.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.44 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenOffice 4.1.2 (HKLM-x32\...\{69D27D4C-36CE-4CB2-A290-C38B0A990955}) (Version: 4.12.9782 - Apache Software Foundation)
Ovládací panel NVIDIA 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 376.54 - NVIDIA Corporation) Hidden
Polar Bowler 1st Frame (HKLM-x32\...\WTA-34fb3df7-7fa1-468d-b159-6c215f62b392) (Version: 3.0.2.59 - WildTangent) Hidden
Qualcomm Atheros QCA9377 Wireless LAN & Bluetooth Installer (HKLM-x32\...\{3241744A-BA36-41F0-B4AA-EF3946D00632}) (Version: 11.0.0.043 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.)
Rory's Restaurant (HKLM-x32\...\WTA-50fce378-1db4-4ede-903b-d8bba2a72c0d) (Version: 3.0.2.126 - WildTangent) Hidden
Runefall (HKLM-x32\...\WTA-a45a3a05-8eaf-448a-b0c5-1c16a11f485c) (Version: 3.0.2.126 - WildTangent) Hidden
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.4.5.44 - NVIDIA Corporation) Hidden
The Chronicles of Emerland Solitaire (HKLM-x32\...\WTA-f2df862f-623d-476b-a94b-10046a7862bf) (Version: 3.0.2.51 - WildTangent) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
Vegas World (HKLM-x32\...\WildTangentGDF-acer-vegasworld) (Version: 13.0.0.6 - WildTangent) Hidden
Villagers and Heroes (HKLM-x32\...\WildTangentGDF-acer-villagersandheroes) (Version: 13.0.0.6 - WildTangent) Hidden
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer) (Version: 4.0.11.16 - WildTangent) Hidden
zavvyuka (HKLM-x32\...\{94A65759-6B3F-4AF8-944A-66F3FABDEFDE}_is1) (Version: 1.0.04 - Novuco)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-09-25] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1528CC17-4535-4DB3-8C92-0991D2E5C9B7} - System32\Tasks\abDocsDllLoader => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [2017-09-28] ()
Task: {3120A358-E5B6-494F-A97D-0C97A81E221D} - System32\Tasks\FUBTrackingByPLD => C:\OEM\Preload\FubTracking\FubTracking.exe [2015-05-14] ()
Task: {3B3B0D22-F0BD-44B4-AF70-77195BE5A064} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-13] (TODO: <Company name>)
Task: {4CBCD738-55A6-456F-8807-E68B34A87D0C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-12] (Microsoft Corporation)
Task: {50FBEAD2-FFAB-4C21-9861-24A990A48340} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-12] (Microsoft Corporation)
Task: {555D6C99-E70C-493B-9E4C-6FEFEF0ED7D7} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2017-09-26] (Acer Incorporated)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {748C56D9-D949-423A-BAD8-FA08023868C5} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2015-07-09] (Acer Incorporated)
Task: {7670611A-BBBA-4FA2-B19E-C0EC06045156} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2015-07-09] (Acer Incorporated)
Task: {84D6404B-7999-4C13-AA40-BE3B1E06FCDA} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2015-05-14] (Acer Incorporated)
Task: {91F9D2B6-9405-4B55-8297-BF24C7AD5C78} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2015-07-10] ()
Task: {94F2E5D0-0F05-4788-BF30-0F987995C055} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-12] (Microsoft Corporation)
Task: {963D0548-1350-439C-91DB-3B3E394E6CEE} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2015-07-10] ()
Task: {A07B3ECE-0B00-422C-9BD4-429DFE67375D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-29] (Google Inc.)
Task: {A8217C03-BD27-4576-B4FB-A93C032D989F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2019-01-10] (Piriform Ltd)
Task: {B6C4E227-F112-41C8-A1CC-CF53D46FB6A0} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {BF25DBE9-3F46-4E77-81E8-B3133FE55EC5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-29] (Google Inc.)
Task: {C4854F01-F18E-4DF1-A816-C87BCC23ACF4} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Power Management\ePowerButton_NB.exe [2015-05-14] (Acer Incorporated)
Task: {CD6F702C-470B-4241-8589-E1071B89BA8F} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [2015-07-10] ()
Task: {D6DF90FD-C4B4-402C-A7AE-C4BB3993FE0C} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2019-01-19] (AVAST Software)
Task: {E0106444-E9F7-43DF-95F6-6670EC19553C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2019-01-10] (Piriform Software Ltd)
Task: {EED4705A-F4DB-48F9-989C-5C57BA3192A6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-12] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2016-11-12 16:22 - 2016-12-29 14:16 - 000134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-12-12 14:39 - 2018-11-09 03:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2015-07-16 04:41 - 2015-05-08 18:41 - 000111872 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2017-09-25 00:01 - 2017-09-25 00:01 - 000400984 _____ () C:\WINDOWS\system32\igfxTray.exe
2019-01-09 18:20 - 2019-01-01 07:42 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-07-10 11:38 - 2015-07-10 11:38 - 004580704 _____ () C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
2018-07-11 06:49 - 2018-07-11 06:50 - 001922224 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll
2019-01-18 19:42 - 2019-01-18 19:43 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2019-01-18 19:42 - 2019-01-18 19:43 - 065903104 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2019-01-18 19:42 - 2019-01-18 19:43 - 000012288 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-01-01 17:32 - 2018-01-01 17:34 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-11-16 20:23 - 2018-11-16 20:32 - 003715072 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-08-17 19:00 - 2018-08-17 19:02 - 002480640 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\opencv_imgproc320.dll
2018-08-17 19:00 - 2018-08-17 19:02 - 002280960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\opencv_core320.dll
2018-11-16 20:23 - 2018-11-16 20:32 - 000036352 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-04-03 15:05 - 2018-04-03 15:07 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2019-01-18 19:42 - 2019-01-18 19:43 - 014186496 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-11-16 20:23 - 2018-11-16 20:32 - 003569152 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2019-01-18 19:42 - 2019-01-18 19:43 - 002871296 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-08-29 08:54 - 2018-08-29 08:56 - 000973312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-07-27 08:50 - 2018-07-27 08:51 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-01-18 19:42 - 2019-01-18 19:43 - 000145920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\SKU.dll
2018-12-14 03:46 - 2018-12-12 06:11 - 005237216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libglesv2.dll
2018-12-14 03:46 - 2018-12-12 06:11 - 000117216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libegl.dll
2019-01-18 19:40 - 2019-01-18 19:40 - 025375744 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18112.10711.0_x64__8wekyb3d8bbwe\Music.UI.exe
2019-01-18 19:40 - 2019-01-18 19:40 - 000305152 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18112.10711.0_x64__8wekyb3d8bbwe\SharedUI.dll
2017-12-02 17:09 - 2017-12-02 17:09 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18112.10711.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2018-12-01 22:16 - 2018-12-01 22:16 - 004202208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18112.10711.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-01-18 19:40 - 2019-01-18 19:40 - 006187520 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18112.10711.0_x64__8wekyb3d8bbwe\EntCommon.dll
2019-01-26 11:39 - 2019-01-26 11:39 - 028012544 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\Video.UI.exe
2019-01-26 11:39 - 2019-01-26 11:39 - 000305152 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\SharedUI.dll
2017-12-02 17:09 - 2017-12-02 17:09 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2018-12-01 22:16 - 2018-12-01 22:16 - 004202208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-01-26 11:39 - 2019-01-26 11:39 - 006187520 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\EntCommon.dll
2019-01-26 11:39 - 2019-01-26 11:39 - 009388544 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\EntPlat.dll
2018-10-23 18:34 - 2018-10-23 18:35 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.37.98.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2019-01-26 11:39 - 2019-01-26 11:40 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.37.98.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2019-01-26 11:39 - 2019-01-26 11:40 - 000019456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.37.98.0_x64__kzf8qxf38zg5c\SkypeProxiesAndStubs.dll
2019-01-26 11:39 - 2019-01-26 11:40 - 000182272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.37.98.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2015-09-22 19:06 - 2015-06-03 22:06 - 000011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-06-24 09:07 - 2015-06-24 09:07 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-09-22 15:17 - 2017-09-22 15:17 - 000641312 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2017-09-22 15:14 - 2017-09-22 15:14 - 000202528 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2017-09-22 15:17 - 2017-09-22 15:17 - 000654072 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2017-09-22 15:16 - 2017-09-22 15:16 - 000119072 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2018-06-16 20:57 - 2018-06-16 20:57 - 000015136 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2017-09-26 12:35 - 2017-09-26 12:35 - 000013088 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2017-09-26 12:34 - 2017-09-26 12:34 - 000277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3960966812-2404325950-3596051818-1001\...\amazon.com -> amazon.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 12:04 - 2015-07-10 12:02 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3960966812-2404325950-3596051818-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Martina Kirchnerová\Desktop\fotky\IMG_0086.JPG
DNS Servers: 46.33.112.42 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: 0180091547905993mcinstcleanup => 2
MSCONFIG\Services: AtherosSvc => 2
MSCONFIG\Services: CCDMonitorService => 2
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: ePowerSvc => 3
MSCONFIG\Services: GamesAppIntegrationService => 2
MSCONFIG\Services: GamesAppService => 3
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: Nero BackItUp Scheduler 4.0 => 2
MSCONFIG\Services: QALSvc => 3
MSCONFIG\Services: QASvc => 3
MSCONFIG\Services: SecureLine => 2
MSCONFIG\Services: UEIPSvc => 3
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run32: => "abDocsDllLoader"
HKLM\...\StartupApproved\Run32: => "AvastUI.exe"
HKU\S-1-5-21-3960966812-2404325950-3596051818-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{28E340DD-A6E4-4059-B026-AA11ABFA7618}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation)
FirewallRules: [{FB184F7B-EB71-4363-A6A9-02A452557FD7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation)
FirewallRules: [{9D92AA1A-8E1F-4B06-B5F5-D21E99AEE3B2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
FirewallRules: [{13034B3A-0614-4AF0-B11A-758923F9EF66}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
FirewallRules: [{7456B177-F3A4-4680-BA3F-C029A641E7C8}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (acer)
FirewallRules: [{EC3208F3-2858-4033-948B-9FC0C05D4036}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (acer)
FirewallRules: [{030AD213-B01A-4478-8883-98ACC90362D1}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (acer)
FirewallRules: [{AC4F09D0-A1A1-491B-A6C8-7B850DA5B4AB}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (acer)
FirewallRules: [{8A51B2ED-B3C9-491A-9BE7-0BF196CCC4FB}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Cloud Technology)
FirewallRules: [{90DCACF2-AD29-4E57-BC3B-9517855EA057}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Cloud Technology)
FirewallRules: [{EFB37BBD-3F4F-4475-A536-AFE9B8089602}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
FirewallRules: [{5095CF83-7F09-4525-8B27-EBF8AEC1AA60}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{DB256D6D-0647-41C4-84A1-6EF7DB1CA1A6}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)

==================== Restore Points =========================

09-01-2019 18:17:59 Windows Update
16-01-2019 19:24:35 Naplánovaný kontrolní bod
19-01-2019 14:43:31 Removed Bonjour

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/19/2019 03:41:06 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: An error has occurred (Can't create NSS process. [0]).

Error: (01/19/2019 03:41:06 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: An error has occurred (Failed to create process. [2]).


System errors:
=============
Error: (01/26/2019 11:35:48 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/22/2019 05:35:24 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070643): Aktualizace definic pro Windows Defender Antivirus - KB2267602 (definice 1.283.3502.0).

Error: (01/20/2019 11:08:48 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/20/2019 11:07:30 AM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-P3CDBNRB)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli LAPTOP-P3CDBNRB\Martina Kirchnerová (SID: S-1-5-21-3960966812-2404325950-3596051818-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/19/2019 05:06:18 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-P3CDBNRB)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli LAPTOP-P3CDBNRB\Martina Kirchnerová (SID: S-1-5-21-3960966812-2404325950-3596051818-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/19/2019 04:17:20 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-P3CDBNRB)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli LAPTOP-P3CDBNRB\Martina Kirchnerová (SID: S-1-5-21-3960966812-2404325950-3596051818-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/19/2019 03:47:55 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-P3CDBNRB)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli LAPTOP-P3CDBNRB\Martina Kirchnerová (SID: S-1-5-21-3960966812-2404325950-3596051818-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/19/2019 03:38:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Security Assist byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
===================================
Date: 2019-01-19 14:37:28.163
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {367AF04D-D2C6-46B1-B68B-B2A8C3A2EABF}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-01-12 15:49:30.097
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {A5F43FEB-A98B-4377-9EE9-BF290C450380}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-01-10 17:43:33.808
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {07788B49-09AB-4D9D-82DD-E68C4E80C87A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-01-07 18:05:52.145
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {53D98088-1D5E-4DD5-AB99-4762E62B98F4}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-01-07 17:30:34.219
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {B9C2B44F-9A1A-4303-B6EA-58BFA2E617E0}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-01-26 11:45:40.370
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.283.3502.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15600.4
Kód chyby: 0x80240016
Popis chyby :Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2019-01-22 17:34:21.648
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.283.3302.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15500.2
Kód chyby: 0x80240016
Popis chyby :Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2019-01-16 19:18:50.754
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.283.2945.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15500.2
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2019-01-16 19:18:50.753
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.283.2945.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15500.2
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2019-01-16 19:18:50.753
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.283.2945.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15500.2
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

==================== Memory info ===========================

Processor: Intel(R) Pentium(R) 3556U @ 1.70GHz
Percentage of memory in use: 59%
Total physical RAM: 4016.45 MB
Available physical RAM: 1642.67 MB
Total Virtual: 6320.45 MB
Available Virtual: 3056.21 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:930.91 GB) (Free:878.71 GB) NTFS

\\?\Volume{5c538c19-35ae-46c4-acab-0bb71d7a4096}\ (Recovery) (Fixed) (Total:0.49 GB) (Free:0.11 GB) NTFS
\\?\Volume{0f79bc4b-5398-4493-bd63-8a88c03fbaea}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.05 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 19D76522)

Partition: GPT.

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o kontrolu zasekaný notebook

#6 Příspěvek od Conder »

:arrow: Z logu chyba zaciatok. Vytvor ho este raz a tie nastavenia nechaj zasrktnute tak ako su.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Mortiz696
Návštěvník
Návštěvník
Příspěvky: 76
Registrován: 29 led 2014 19:24

Re: Prosím o kontrolu zasekaný notebook

#7 Příspěvek od Mortiz696 »

Přikládám požadované testy do zip souboru kvůli velikosti.
Přílohy
test.zip
(17.86 KiB) Staženo 50 x

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o kontrolu zasekaný notebook

#8 Příspěvek od Conder »

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
    CloseProcesses:
    CreateRestorePoint:
    
    PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
    File: C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
    File: C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
    File: C:\WINDOWS\System32\drivers\Qcamainx64.sys
    
    HKLM-x32\...\Run: [AvastUI.exe] => "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
    HKU\S-1-5-21-3960966812-2404325950-3596051818-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer15.msn.com/?pc=ACTE
    HKU\S-1-5-21-3960966812-2404325950-3596051818-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE
    SearchScopes: HKU\S-1-5-21-3960966812-2404325950-3596051818-1001 -> DefaultScope {DE3EC480-4ED2-404C-B454-28527BE2CA56} URL = 
    SearchScopes: HKU\S-1-5-21-3960966812-2404325950-3596051818-1001 -> {DE3EC480-4ED2-404C-B454-28527BE2CA56} URL = 
    Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
    Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
    FF Extension: (No Name) - C:\Program Files\McAfee\WebAdvisor\saffplg.xpi [not found]
    FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [No File]
    FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [No File]
    CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee_uninternational&type=E210CZ662G0&p={searchTerms}
    CHR DefaultSearchKeyword: Default -> mcafee
    S4 0180091547905993mcinstcleanup; C:\Users\MARTIN~1\AppData\Local\Temp\018009~1.EXE -cleanup -nolog [X] <==== ATTENTION
    2019-03-09 20:34 - 2019-01-19 15:56 - 000000000 ____D C:\Program Files\trend micro
    ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
    ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
    Task: {B6C4E227-F112-41C8-A1CC-CF53D46FB6A0} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
    MSCONFIG\Services: 0180091547905993mcinstcleanup => 2
    HKLM\...\StartupApproved\Run32: => "AvastUI.exe"
    
    Hosts:
    EmptyTemp:
    End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Odpovědět