Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Nestandardní chování notebooku

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Trasheek
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 21 úno 2009 20:32

Nestandardní chování notebooku

#1 Příspěvek od Trasheek »

Zdravím, mám problém s Acerem, systém mu "zamrzá" hlavně při spuštění aplikace Spotify nebo asi když běží více procesů a teď se k tomu přidala novinka – v pracovním "adminu" mám okna s textem, který v náhledu vidím, když se ale do okna chci proklikem dostat, to okno ani text tam najednou není. Prosím tedy o kontrolu logu:

Logfile of random's system information tool 1.10 (written by random/random)
Run by lpopo at 2019-04-16 19:13:01
Microsoft Windows 10 Home
System drive C: has 16 GB (3%) free of 476 GB
Total RAM: 3919 MB (20% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:13:35, on 16.04.2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17763.0001)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
C:\Program Files\trend micro\lpopo.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer15.msn.com/?pc=ACTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: True Key Helper - {0F4B8786-5502-4803-8EBC-F652A1153BB6} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL
O3 - Toolbar: True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O4 - HKLM\..\Run: [abDocsDllLoader] C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
O4 - HKLM\..\Run: [isa] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
O4 - HKLM\..\Run: [Avira System Speedup User Starter] "C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe"
O4 - HKLM\..\Run: [Avira SystrayStartTrigger] "C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe"
O4 - HKLM\..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Office16\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.amazon.com
O18 - Protocol: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
O23 - Service: Avira Protected Service (AntivirProtectedService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: Avira Optimizer Host (AviraOptimizerHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
O23 - Service: Avira Phantom VPN (AviraPhantomVPN) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
O23 - Service: Avira Updater Service (AviraUpdaterService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @oem25.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\WINDOWS\system32\ibtsiva (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: Intel(R) Security Assist - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
O23 - Service: Intel(R) Security Assist Helper (isaHelperSvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: Quick Access Local Service (QALSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
O23 - Service: Quick Access Service (QASvc) - Acer Incorporated - C:\Program Files\Acer\Acer Quick Access\QASvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Scout Update Service (scupdate) (scupdate) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe
O23 - Service: Scout Update Service (scupdatem) (scupdatem) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 12 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: Intel Security True Key (TrueKey) - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
O23 - Service: Intel Security True Key Scheduler (TrueKeyScheduler) - McAfee, Inc. - C:\Program Files\TrueKey\McTkSchedulerService.exe
O23 - Service: Intel Security True Key Helper Service (TrueKeyServiceHelper) - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe
O23 - Service: User Experience Improvement Program (UEIPSvc) - acer - C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 12588 bytes

======Listing Processes======








winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s PlugPlay
"fontdrvhost.exe"
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
C:\WINDOWS\system32\svchost.exe -k RPCSS -p
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s LSM
"dwm.exe"
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Schedule
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s ProfSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s bthserv
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s BthAvctpSvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s TimeBrokerSvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s EventLog
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UserManager
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -s BTAGService
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s camsvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s EventSystem
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s SysMain
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s Themes
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s nsi

dashost.exe {81525032-9d1d-4b1a-a7c8e31cee1c2a99}
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s Dhcp
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s NlaSvc
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s AudioEndpointBuilder
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s FontCache
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s Dnscache
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s netprofm
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s SSDPSRV
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s MSiSCSI
C:\WINDOWS\system32\WLANExt.exe 2651387806464
\??\C:\WINDOWS\system32\conhost.exe 0x4
dashost.exe {60f4e749-fded-4f4a-83caa026e8a60486}
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\Antivirus\sched.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s LanmanWorkstation
"C:\Program Files (x86)\Avira\Antivirus\avguard.exe"
"C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe"

C:\WINDOWS\System32\svchost.exe -k utcsvc -p
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s CryptSvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s DPS
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe"
"C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe"
C:\WINDOWS\system32\ibtsiva
"C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe"
C:\WINDOWS\System32\svchost.exe -k NetSvcs -p -s iphlpsvc
"C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s LanmanServer
"C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
"C:\Program Files\Acer\Acer Quick Access\QASvc.exe"
"C:\Program Files\Acer\Acer Quick Access\QALSvc.exe"
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s SstpSvc
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TrkWks
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s WpnService
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s WdiServiceHost
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s lfsvc
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s workfolderssvc
"C:\Program Files (x86)\Avira\Antivirus\avshadow.exe" avshadowcontrol0_00000e9c
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s CDPUserSvc
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s TokenBroker
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe" /c
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TabletInputService
C:\WINDOWS\Explorer.EXE
"ctfmon.exe"
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s CDPSvc
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\system32\svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc
"C:\WINDOWS\system32\igfxEM.exe"
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s PcaSvc
"C:\WINDOWS\system32\igfxHK.exe"
"C:\WINDOWS\system32\igfxTray.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Appinfo
"C:\Program Files\Acer\Acer Quick Access\QAAgent.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s LicenseManager
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\OEM\Preload\FubTracking\FubTracking.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wuauserv
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe"
"C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding

C:\Windows\System32\smartscreen.exe -Embedding
"C:\Windows\System32\SecurityHealthSystray.exe"

"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s StorSvc
"C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe"

-BootProc
-BootProc
"C:\Program Files (x86)\Avira\Antivirus\avgnt.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UsoSvc
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\lpopo\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\lpopo\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\lpopo\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=73.0.3683.103 --initial-client-data=0x1fc,0x200,0x204,0x1f8,0x208,0x7ffbf50e6830,0x7ffbf50e6840,0x7ffbf50e6850
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=9736 --on-initialized-event-handle=684 --parent-handle=688 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1728,12479262428617726319,7486670851892855403,131072 --gpu-preferences=KAAAAAAAAACAAwAAAQAAAAAAAAAAAGAAAAAAAAEAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=13080721579841190070 --mojo-platform-channel-handle=1748 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1728,12479262428617726319,7486670851892855403,131072 --lang=cs --service-sandbox-type=network --service-request-channel-token=14891034099652665392 --mojo-platform-channel-handle=2164 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1728,12479262428617726319,7486670851892855403,131072 --service-pipe-token=2131621950035281433 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=2131621950035281433 --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3416 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1728,12479262428617726319,7486670851892855403,131072 --service-pipe-token=12610423872910856434 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=12610423872910856434 --renderer-client-id=4 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3424 /prefetch:1
"C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1728,12479262428617726319,7486670851892855403,131072 --service-pipe-token=10873829670429477951 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=10873829670429477951 --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4192 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1728,12479262428617726319,7486670851892855403,131072 --service-pipe-token=8872699680546111049 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=8872699680546111049 --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5280 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1728,12479262428617726319,7486670851892855403,131072 --service-pipe-token=10333608190836690461 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=10333608190836690461 --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2032 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1728,12479262428617726319,7486670851892855403,131072 --service-pipe-token=8591311033042008771 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=8591311033042008771 --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4340 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1728,12479262428617726319,7486670851892855403,131072 --service-pipe-token=5415139645792694354 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=5415139645792694354 --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5612 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1728,12479262428617726319,7486670851892855403,131072 --service-pipe-token=4559905100637895183 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=4559905100637895183 --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3052 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1728,12479262428617726319,7486670851892855403,131072 --service-pipe-token=3862191978213229002 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=3862191978213229002 --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6184 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1728,12479262428617726319,7486670851892855403,131072 --service-pipe-token=11338750716614718638 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=11338750716614718638 --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6372 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1728,12479262428617726319,7486670851892855403,131072 --service-pipe-token=16758416182172727790 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=16758416182172727790 --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6544 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1728,12479262428617726319,7486670851892855403,131072 --service-pipe-token=4789260996164657748 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=4789260996164657748 --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7800 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1728,12479262428617726319,7486670851892855403,131072 --service-pipe-token=3340275093637031749 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=3340275093637031749 --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7940 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1728,12479262428617726319,7486670851892855403,131072 --service-pipe-token=981707759212620692 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=981707759212620692 --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7404 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1728,12479262428617726319,7486670851892855403,131072 --service-pipe-token=4109703916378884236 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=4109703916378884236 --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7700 /prefetch:1

C:\WINDOWS\system32\svchost.exe -k LocalService -p
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1728,12479262428617726319,7486670851892855403,131072 --service-pipe-token=8954668174725439253 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=8954668174725439253 --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9072 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1728,12479262428617726319,7486670851892855403,131072 --service-pipe-token=16721280195125943874 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=16721280195125943874 --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9224 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1728,12479262428617726319,7486670851892855403,131072 --service-pipe-token=13338842268892781910 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=13338842268892781910 --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4536 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1728,12479262428617726319,7486670851892855403,131072 --service-pipe-token=1808525287420229672 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=1808525287420229672 --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9456 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1728,12479262428617726319,7486670851892855403,131072 --service-pipe-token=14859156358366970166 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=14859156358366970166 --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9964 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1728,12479262428617726319,7486670851892855403,131072 --service-pipe-token=2686549791817951693 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=2686549791817951693 --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10036 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1728,12479262428617726319,7486670851892855403,131072 --service-pipe-token=12203161635378705434 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=12203161635378705434 --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10008 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1728,12479262428617726319,7486670851892855403,131072 --service-pipe-token=4796204848155923227 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=4796204848155923227 --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9968 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1728,12479262428617726319,7486670851892855403,131072 --service-pipe-token=8474147462776901947 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=8474147462776901947 --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10760 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1728,12479262428617726319,7486670851892855403,131072 --service-pipe-token=11246465741416945661 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=11246465741416945661 --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10648 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1728,12479262428617726319,7486670851892855403,131072 --service-pipe-token=4588341973132746450 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=4588341973132746450 --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11000 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1728,12479262428617726319,7486670851892855403,131072 --service-pipe-token=16582348528502749671 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=16582348528502749671 --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11004 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1728,12479262428617726319,7486670851892855403,131072 --service-pipe-token=8626450658612308299 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=8626450658612308299 --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11688 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1728,12479262428617726319,7486670851892855403,131072 --service-pipe-token=1627233216663283539 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=1627233216663283539 --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11304 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1728,12479262428617726319,7486670851892855403,131072 --service-pipe-token=15260704516649096934 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=15260704516649096934 --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11492 /prefetch:1
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1728,12479262428617726319,7486670851892855403,131072 --service-pipe-token=10073662829104021467 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=10073662829104021467 --renderer-client-id=81 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8596 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1728,12479262428617726319,7486670851892855403,131072 --service-pipe-token=934325380826783598 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=934325380826783598 --renderer-client-id=85 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8568 /prefetch:1
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19031.57.0_x64__8wekyb3d8bbwe\YourPhone.exe" -ServerName:App.AppX9yct9q388jvt4h7y0gn06smzkxcsnt8m.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1728,12479262428617726319,7486670851892855403,131072 --service-pipe-token=9543275147649488361 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=9543275147649488361 --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1620 /prefetch:1
"C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe"
C:\WINDOWS\System32\svchost.exe -k swprv
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s gpsvc
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1728,12479262428617726319,7486670851892855403,131072 --service-pipe-token=16431508475776513591 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=16431508475776513591 --renderer-client-id=118 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9004 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1728,12479262428617726319,7486670851892855403,131072 --service-pipe-token=12698107213918603604 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=12698107213918603604 --renderer-client-id=119 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8344 /prefetch:1
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc


"C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
C:\WINDOWS\system32\AUDIODG.EXE 0x450
"C:\Program Files\WindowsApps\Microsoft.People_10.1902.633.0_x64__8wekyb3d8bbwe\PeopleApp.exe" -ServerName:x4c7a3b7dy2188y46d4ya362y19ac5a5805e5x.AppXp4q8q2jfk5x248b0h39ew5k7wz3xvc5b.mca
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 780 784 792 8192 788

C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wisvc
"C:\Users\lpopo\Desktop\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Windows\System32\RuntimeBroker.exe -Embedding

=========Mozilla firefox=========

ProfilePath - C:\Users\lpopo\AppData\Roaming\Mozilla\Firefox\Profiles\x40un1uv.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\Office16\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@scout.avira-update.com/Avira Scout Update;version=3]
"Description"=Avira Scout Update
"Path"=C:\Program Files (x86)\Avira\Scout Update\1.3.32.7\npScoutUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@scout.avira-update.com/Avira Scout Update;version=9]
"Description"=Avira Scout Update
"Path"=C:\Program Files (x86)\Avira\Scout Update\1.3.32.7\npScoutUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office\Office16\NPSPWRAP.DLL


C:\Users\lpopo\AppData\Roaming\Mozilla\Firefox\Profiles\x40un1uv.default\extensions\
abs@avira.com
passwordmanager@avira.com
safesearchplus2@avira.com

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6}]
True Key Helper - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-06-26 1429728]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6}]
True Key Helper - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-06-26 1056992]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31 1512152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - True Key - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-06-26 1429728]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - True Key - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-06-26 1056992]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\WINDOWS\system32\SecurityHealthSystray.exe [2018-09-15 83968]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-04-13 13876952]
"Classic Start Menu"=C:\Program Files\Classic Shell\ClassicStartMenu.exe [2016-07-30 163800]
"rfagent"=C:\Program Files\RFA 9\rfagent64.exe [2014-01-28 3429536]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"abDocsDllLoader"=C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [2016-08-15 91488]
"isa"=C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [2015-02-26 330240]
"Avira System Speedup User Starter"=C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [2018-03-22 64096]
"Avira SystrayStartTrigger"=C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [2019-03-20 98024]
"ControlCenter4"=C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [2012-09-06 143360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2019-04-16 19:13:02 ----D---- C:\Program Files\trend micro
2019-04-16 19:13:01 ----D---- C:\rsit
2019-04-11 14:51:48 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2019-04-11 14:51:46 ----A---- C:\WINDOWS\SYSWOW64\msvproc.dll
2019-04-11 14:51:44 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2019-04-11 14:51:42 ----A---- C:\WINDOWS\system32\mfps.dll
2019-04-11 14:51:38 ----A---- C:\WINDOWS\system32\mfcore.dll
2019-04-11 14:51:36 ----A---- C:\WINDOWS\system32\mfsvr.dll
2019-04-11 14:51:35 ----A---- C:\WINDOWS\system32\msvproc.dll
2019-04-11 14:51:31 ----A---- C:\WINDOWS\SYSWOW64\fveapibase.dll
2019-04-11 14:51:31 ----A---- C:\WINDOWS\SYSWOW64\fveapi.dll
2019-04-11 14:51:30 ----A---- C:\WINDOWS\system32\fvewiz.dll
2019-04-11 14:51:30 ----A---- C:\WINDOWS\system32\fveui.dll
2019-04-11 14:51:30 ----A---- C:\WINDOWS\system32\fveapibase.dll
2019-04-11 14:51:30 ----A---- C:\WINDOWS\system32\fveapi.dll
2019-04-11 14:51:30 ----A---- C:\WINDOWS\system32\bdesvc.dll
2019-04-11 14:51:29 ----A---- C:\WINDOWS\system32\fvecpl.dll
2019-04-11 14:51:13 ----A---- C:\WINDOWS\SYSWOW64\wsp_fs.dll
2019-04-11 14:51:13 ----A---- C:\WINDOWS\SYSWOW64\perfts.dll
2019-04-11 14:51:12 ----A---- C:\WINDOWS\SYSWOW64\mstsc.exe
2019-04-11 14:51:11 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2019-04-11 14:51:10 ----A---- C:\WINDOWS\SYSWOW64\msjet40.dll
2019-04-11 14:51:10 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2019-04-11 14:51:08 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2019-04-11 14:51:06 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2019-04-11 14:51:06 ----A---- C:\WINDOWS\SYSWOW64\msexcl40.dll
2019-04-11 14:51:06 ----A---- C:\WINDOWS\SYSWOW64\EdgeManager.dll
2019-04-11 14:51:03 ----A---- C:\WINDOWS\SYSWOW64\webplatstorageserver.dll
2019-04-11 14:51:03 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2019-04-11 14:51:02 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2019-04-11 14:51:01 ----A---- C:\WINDOWS\SYSWOW64\msxbde40.dll
2019-04-11 14:51:01 ----A---- C:\WINDOWS\SYSWOW64\msrd3x40.dll
2019-04-11 14:51:01 ----A---- C:\WINDOWS\SYSWOW64\mspbde40.dll
2019-04-11 14:51:00 ----A---- C:\WINDOWS\SYSWOW64\msiexec.exe
2019-04-11 14:51:00 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2019-04-11 14:51:00 ----A---- C:\WINDOWS\SYSWOW64\dataclen.dll
2019-04-11 14:50:59 ----A---- C:\WINDOWS\SYSWOW64\nshhttp.dll
2019-04-11 14:50:59 ----A---- C:\WINDOWS\SYSWOW64\clusapi.dll
2019-04-11 14:50:58 ----A---- C:\WINDOWS\SYSWOW64\mispace.dll
2019-04-11 14:50:57 ----A---- C:\WINDOWS\system32\sysmain.dll
2019-04-11 14:50:56 ----A---- C:\WINDOWS\system32\SharedRealitySvc.dll
2019-04-11 14:50:56 ----A---- C:\WINDOWS\system32\RDSPnf.exe
2019-04-11 14:50:56 ----A---- C:\WINDOWS\system32\EduPrintProv.exe
2019-04-11 14:50:55 ----A---- C:\WINDOWS\system32\perfts.dll
2019-04-11 14:50:55 ----A---- C:\WINDOWS\system32\mstsc.exe
2019-04-11 14:50:54 ----A---- C:\WINDOWS\system32\mstscax.dll
2019-04-11 14:50:53 ----A---- C:\WINDOWS\system32\termsrv.dll
2019-04-11 14:50:53 ----A---- C:\WINDOWS\system32\FrameServer.dll
2019-04-11 14:50:52 ----A---- C:\WINDOWS\system32\FSClient.dll
2019-04-11 14:50:26 ----A---- C:\WINDOWS\system32\wsp_fs.dll
2019-04-11 14:50:23 ----A---- C:\WINDOWS\system32\nshwfp.dll
2019-04-11 14:50:23 ----A---- C:\WINDOWS\system32\msi.dll
2019-04-11 14:50:22 ----A---- C:\WINDOWS\system32\msiexec.exe
2019-04-11 14:50:21 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2019-04-11 14:50:21 ----A---- C:\WINDOWS\system32\Chakra.dll
2019-04-11 14:50:20 ----A---- C:\WINDOWS\system32\ieframe.dll
2019-04-11 14:50:17 ----A---- C:\WINDOWS\system32\mshtml.dll
2019-04-11 14:50:16 ----A---- C:\WINDOWS\system32\EdgeManager.dll
2019-04-11 14:50:12 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2019-04-11 14:50:12 ----A---- C:\WINDOWS\system32\edgehtml.dll
2019-04-11 14:50:11 ----A---- C:\WINDOWS\system32\jscript.dll
2019-04-11 14:50:10 ----A---- C:\WINDOWS\system32\nshhttp.dll
2019-04-11 14:50:08 ----A---- C:\WINDOWS\system32\spacebridge.dll
2019-04-11 14:50:08 ----A---- C:\WINDOWS\system32\objsel.dll
2019-04-11 14:50:08 ----A---- C:\WINDOWS\system32\dataclen.dll
2019-04-11 14:50:07 ----A---- C:\WINDOWS\system32\mispace.dll
2019-04-11 14:50:06 ----A---- C:\WINDOWS\system32\clusapi.dll
2019-04-11 14:50:05 ----A---- C:\WINDOWS\SYSWOW64\ntshrui.dll
2019-04-11 14:50:05 ----A---- C:\WINDOWS\SYSWOW64\AzureSettingSyncProvider.dll
2019-04-11 14:50:05 ----A---- C:\WINDOWS\system32\bcastdvruserservice.dll
2019-04-11 14:50:04 ----A---- C:\WINDOWS\SYSWOW64\Windows.Graphics.Printing.Workflow.dll
2019-04-11 14:50:04 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncHost.exe
2019-04-11 14:50:02 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncCore.dll
2019-04-11 14:50:02 ----A---- C:\WINDOWS\SYSWOW64\OneDriveSettingSyncProvider.dll
2019-04-11 14:50:01 ----A---- C:\WINDOWS\SYSWOW64\SmartcardCredentialProvider.dll
2019-04-11 14:50:01 ----A---- C:\WINDOWS\SYSWOW64\cscapi.dll
2019-04-11 14:50:00 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2019-04-11 14:50:00 ----A---- C:\WINDOWS\SYSWOW64\cscdll.dll
2019-04-11 14:49:59 ----A---- C:\WINDOWS\SYSWOW64\setupapi.dll
2019-04-11 14:49:58 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2019-04-11 14:49:58 ----A---- C:\WINDOWS\SYSWOW64\mprddm.dll
2019-04-11 14:49:54 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2019-04-11 14:49:53 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2019-04-11 14:49:53 ----A---- C:\WINDOWS\SYSWOW64\hlink.dll
2019-04-11 14:49:52 ----A---- C:\WINDOWS\SYSWOW64\LockAppBroker.dll
2019-04-11 14:49:51 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2019-04-11 14:49:50 ----A---- C:\WINDOWS\SYSWOW64\perfproc.dll
2019-04-11 14:49:50 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2019-04-11 14:49:49 ----A---- C:\WINDOWS\SYSWOW64\mf3216.dll
2019-04-11 14:49:48 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2019-04-11 14:49:48 ----A---- C:\WINDOWS\SYSWOW64\BitLockerCsp.dll
2019-04-11 14:49:47 ----A---- C:\WINDOWS\SYSWOW64\dmenrollengine.dll
2019-04-11 14:49:46 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Management.dll
2019-04-11 14:49:45 ----A---- C:\WINDOWS\SYSWOW64\wincredui.dll
2019-04-11 14:49:44 ----A---- C:\WINDOWS\SYSWOW64\ntlanman.dll
2019-04-11 14:49:44 ----A---- C:\WINDOWS\SYSWOW64\credui.dll
2019-04-11 14:49:42 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2019-04-11 14:49:41 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Playback.MediaPlayer.dll
2019-04-11 14:49:40 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-04-11 14:49:39 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.BackgroundMediaPlayback.dll
2019-04-11 14:49:34 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2019-04-11 14:49:33 ----A---- C:\WINDOWS\SYSWOW64\RpcPing.exe
2019-04-11 14:49:27 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2019-04-11 14:49:25 ----A---- C:\WINDOWS\SYSWOW64\drvsetup.dll
2019-04-11 14:49:24 ----A---- C:\WINDOWS\SYSWOW64\UserDataTimeUtil.dll
2019-04-11 14:49:23 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepository.dll
2019-04-11 14:49:20 ----A---- C:\WINDOWS\SYSWOW64\rdpcore.dll
2019-04-11 14:49:19 ----RA---- C:\WINDOWS\SYSWOW64\icuuc.dll
2019-04-11 14:49:19 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2019-04-11 14:49:18 ----RA---- C:\WINDOWS\SYSWOW64\icuin.dll
2019-04-11 14:49:15 ----A---- C:\WINDOWS\SYSWOW64\rdpserverbase.dll
2019-04-11 14:49:12 ----A---- C:\WINDOWS\SYSWOW64\rdpbase.dll
2019-04-11 14:49:10 ----A---- C:\WINDOWS\SYSWOW64\wpnapps.dll
2019-04-11 14:49:06 ----A---- C:\WINDOWS\SYSWOW64\cmintegrator.dll
2019-04-11 14:49:04 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.Vpn.dll
2019-04-11 14:49:02 ----A---- C:\WINDOWS\SYSWOW64\InstallService.dll
2019-04-11 14:49:01 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2019-04-11 14:49:00 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2019-04-11 14:48:59 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2019-04-11 14:48:58 ----A---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2019-04-11 14:48:55 ----A---- C:\WINDOWS\SYSWOW64\MbaeApi.dll
2019-04-11 14:48:54 ----A---- C:\WINDOWS\SYSWOW64\MbaeApiPublic.dll
2019-04-11 14:48:52 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2019-04-11 14:48:51 ----A---- C:\WINDOWS\SYSWOW64\StructuredQuery.dll
2019-04-11 14:48:50 ----A---- C:\WINDOWS\SYSWOW64\thumbcache.dll
2019-04-11 14:48:49 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Radios.dll
2019-04-11 14:48:49 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Enumeration.dll
2019-04-11 14:48:48 ----A---- C:\WINDOWS\SYSWOW64\ShareHost.dll
2019-04-11 14:48:46 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2019-04-11 14:48:42 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.LowLevel.dll
2019-04-11 14:48:41 ----A---- C:\WINDOWS\SYSWOW64\Windows.AI.MachineLearning.dll
2019-04-11 14:48:39 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.SerialCommunication.dll
2019-04-11 14:48:37 ----A---- C:\WINDOWS\SYSWOW64\D3D12.dll
2019-04-11 14:48:36 ----A---- C:\WINDOWS\SYSWOW64\LicensingWinRT.dll
2019-04-11 14:48:35 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2019-04-11 14:48:34 ----A---- C:\WINDOWS\SYSWOW64\TSWorkspace.dll
2019-04-11 14:48:33 ----A---- C:\WINDOWS\SYSWOW64\RADCUI.dll
2019-04-11 14:48:32 ----A---- C:\WINDOWS\SYSWOW64\sppcext.dll
2019-04-11 14:48:32 ----A---- C:\WINDOWS\SYSWOW64\kernel32.dll
2019-04-11 14:48:31 ----A---- C:\WINDOWS\SYSWOW64\WWAHost.exe
2019-04-11 14:48:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2019-04-11 14:48:29 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2019-04-11 14:48:28 ----A---- C:\WINDOWS\SYSWOW64\oleprn.dll
2019-04-11 14:48:28 ----A---- C:\WINDOWS\system32\DeviceEnroller.exe
2019-04-11 14:48:28 ----A---- C:\WINDOWS\system32\configmanager2.dll
2019-04-11 14:48:28 ----A---- C:\WINDOWS\system32\BitLockerCsp.dll
2019-04-11 14:48:27 ----A---- C:\WINDOWS\system32\WebRuntimeManager.dll
2019-04-11 14:48:27 ----A---- C:\WINDOWS\system32\dmenrollengine.dll
2019-04-11 14:48:26 ----A---- C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-04-11 14:48:26 ----A---- C:\WINDOWS\system32\mdmmigrator.dll
2019-04-11 14:48:26 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2019-04-11 14:48:26 ----A---- C:\WINDOWS\system32\DMPushRouterCore.dll
2019-04-11 14:48:25 ----A---- C:\WINDOWS\system32\hlink.dll
2019-04-11 14:48:25 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2019-04-11 14:48:25 ----A---- C:\WINDOWS\system32\gdi32full.dll
2019-04-11 14:48:24 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2019-04-11 14:48:24 ----A---- C:\WINDOWS\system32\urlmon.dll
2019-04-11 14:48:23 ----A---- C:\WINDOWS\system32\wincredui.dll
2019-04-11 14:48:23 ----A---- C:\WINDOWS\system32\perfproc.dll
2019-04-11 14:48:23 ----A---- C:\WINDOWS\system32\iertutil.dll
2019-04-11 14:48:23 ----A---- C:\WINDOWS\system32\credui.dll
2019-04-11 14:47:33 ----A---- C:\WINDOWS\system32\mf3216.dll
2019-04-11 14:47:32 ----A---- C:\WINDOWS\system32\ntlanman.dll
2019-04-11 14:47:32 ----A---- C:\WINDOWS\system32\NetSetupSvc.dll
2019-04-11 14:47:32 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2019-04-11 14:47:31 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2019-04-11 14:47:31 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2019-04-11 14:47:30 ----A---- C:\WINDOWS\SYSWOW64\NetSetupEngine.dll
2019-04-11 14:47:30 ----A---- C:\WINDOWS\SYSWOW64\NetSetupApi.dll
2019-04-11 14:47:29 ----A---- C:\WINDOWS\system32\ntdll.dll
2019-04-11 14:47:28 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2019-04-11 14:47:27 ----A---- C:\WINDOWS\system32\KernelBase.dll
2019-04-11 14:47:27 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2019-04-11 14:47:26 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2019-04-11 14:47:26 ----A---- C:\WINDOWS\system32\NetSetupEngine.dll
2019-04-11 14:47:26 ----A---- C:\WINDOWS\system32\NetSetupApi.dll
2019-04-11 14:47:25 ----A---- C:\WINDOWS\system32\uDWM.dll
2019-04-11 14:47:25 ----A---- C:\WINDOWS\system32\sxssrv.dll
2019-04-11 14:47:25 ----A---- C:\WINDOWS\system32\sppcommdlg.dll
2019-04-11 14:47:25 ----A---- C:\WINDOWS\system32\phoneactivate.exe
2019-04-11 14:47:24 ----A---- C:\WINDOWS\system32\twinui.dll
2019-04-11 14:47:23 ----A---- C:\WINDOWS\system32\TSWorkspace.dll
2019-04-11 14:47:23 ----A---- C:\WINDOWS\system32\RADCUI.dll
2019-04-11 14:47:22 ----A---- C:\WINDOWS\system32\slui.exe
2019-04-11 14:47:22 ----A---- C:\WINDOWS\system32\schedsvc.dll
2019-04-11 14:47:22 ----A---- C:\WINDOWS\system32\LicensingWinRT.dll
2019-04-11 14:47:21 ----A---- C:\WINDOWS\system32\RpcPing.exe
2019-04-11 14:47:21 ----A---- C:\WINDOWS\system32\pcasvc.dll
2019-04-11 14:47:21 ----A---- C:\WINDOWS\system32\kernel32.dll
2019-04-11 14:47:21 ----A---- C:\WINDOWS\system32\devinv.dll
2019-04-11 14:47:20 ----A---- C:\WINDOWS\system32\win32appinventorycsp.dll
2019-04-11 14:47:20 ----A---- C:\WINDOWS\system32\invagent.dll
2019-04-11 14:47:20 ----A---- C:\WINDOWS\system32\aeinv.dll
2019-04-11 14:47:19 ----A---- C:\WINDOWS\system32\appraiser.dll
2019-04-11 14:47:19 ----A---- C:\WINDOWS\system32\aitstatic.exe
2019-04-11 14:47:18 ----A---- C:\WINDOWS\system32\winresume.exe
2019-04-11 14:47:18 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2019-04-11 14:47:18 ----A---- C:\WINDOWS\system32\acmigration.dll
2019-04-11 14:47:17 ----A---- C:\WINDOWS\system32\winload.exe
2019-04-11 14:47:17 ----A---- C:\WINDOWS\system32\drivers\refs.sys
2019-04-11 14:47:16 ----A---- C:\WINDOWS\system32\drivers\refsv1.sys
2019-04-11 14:47:15 ----A---- C:\WINDOWS\system32\ole32.dll
2019-04-11 14:47:15 ----A---- C:\WINDOWS\system32\generaltel.dll
2019-04-11 14:47:14 ----A---- C:\WINDOWS\system32\SettingsHandlers_PCDisplay.dll
2019-04-11 14:47:14 ----A---- C:\WINDOWS\system32\SettingsHandlers_Language.dll
2019-04-11 14:47:13 ----A---- C:\WINDOWS\system32\Windows.SharedPC.CredentialProvider.dll
2019-04-11 14:47:13 ----A---- C:\WINDOWS\system32\SharedPCCSP.dll
2019-04-11 14:47:13 ----A---- C:\WINDOWS\system32\ntshrui.dll
2019-04-11 14:47:12 ----A---- C:\WINDOWS\system32\SettingSyncHost.exe
2019-04-11 14:47:12 ----A---- C:\WINDOWS\system32\SettingSyncCore.dll
2019-04-11 14:47:12 ----A---- C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2019-04-11 14:47:12 ----A---- C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2019-04-11 14:47:11 ----A---- C:\WINDOWS\system32\sppsvc.exe
2019-04-11 14:47:10 ----A---- C:\WINDOWS\system32\sppobjs.dll
2019-04-11 14:47:10 ----A---- C:\WINDOWS\system32\sppcext.dll
2019-04-11 14:47:09 ----A---- C:\WINDOWS\system32\sppwinob.dll
2019-04-11 14:47:09 ----A---- C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2019-04-11 14:47:08 ----A---- C:\WINDOWS\system32\rascustom.dll
2019-04-11 14:47:08 ----A---- C:\WINDOWS\system32\cscapi.dll
2019-04-11 14:47:07 ----A---- C:\WINDOWS\system32\rasmans.dll
2019-04-11 14:47:07 ----A---- C:\WINDOWS\system32\mprddm.dll
2019-04-11 14:47:07 ----A---- C:\WINDOWS\system32\cscdll.dll
2019-04-11 14:47:06 ----A---- C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-04-11 14:47:06 ----A---- C:\WINDOWS\system32\vbscript.dll
2019-04-11 14:47:06 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-04-11 14:47:05 ----A---- C:\WINDOWS\system32\NetSetupShim.dll
2019-04-11 14:47:05 ----A---- C:\WINDOWS\system32\netprofmsvc.dll
2019-04-11 14:47:04 ----A---- C:\WINDOWS\system32\ImplatSetup.dll
2019-04-11 14:47:04 ----A---- C:\WINDOWS\system32\drvinst.exe
2019-04-11 14:47:04 ----A---- C:\WINDOWS\system32\drivers\netbt.sys
2019-04-11 14:47:03 ----A---- C:\WINDOWS\system32\setupapi.dll
2019-04-11 14:47:00 ----A---- C:\WINDOWS\system32\msxml3.dll
2019-04-11 14:46:59 ----A---- C:\WINDOWS\system32\LockAppBroker.dll
2019-04-11 14:46:59 ----A---- C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2019-04-11 14:46:59 ----A---- C:\WINDOWS\system32\drivers\luafv.sys
2019-04-11 14:46:58 ----A---- C:\WINDOWS\system32\drivers\WppRecorder.sys
2019-04-11 14:46:58 ----A---- C:\WINDOWS\system32\consent.exe
2019-04-11 14:46:57 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2019-04-11 14:46:56 ----A---- C:\WINDOWS\system32\hal.dll
2019-04-11 14:46:56 ----A---- C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2019-04-11 14:46:56 ----A---- C:\WINDOWS\system32\daxexec.dll
2019-04-11 14:46:55 ----A---- C:\WINDOWS\system32\win32kfull.sys
2019-04-11 14:46:55 ----A---- C:\WINDOWS\system32\win32k.sys
2019-04-11 14:46:55 ----A---- C:\WINDOWS\system32\rdpcore.dll
2019-04-11 14:46:54 ----A---- C:\WINDOWS\system32\rdpserverbase.dll
2019-04-11 14:46:54 ----A---- C:\WINDOWS\system32\rdpbase.dll
2019-04-11 14:46:54 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-04-11 14:46:53 ----A---- C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2019-04-11 14:46:53 ----A---- C:\WINDOWS\system32\tetheringservice.dll
2019-04-11 14:46:53 ----A---- C:\WINDOWS\system32\cmintegrator.dll
2019-04-11 14:46:23 ----A---- C:\WINDOWS\system32\wpnapps.dll
2019-04-11 14:46:23 ----A---- C:\WINDOWS\system32\UserDataTimeUtil.dll
2019-04-11 14:46:23 ----A---- C:\WINDOWS\system32\InstallService.dll
2019-04-11 14:46:23 ----A---- C:\WINDOWS\system32\FirewallAPI.dll
2019-04-11 14:46:23 ----A---- C:\WINDOWS\system32\drivers\mpsdrv.sys
2019-04-11 14:46:22 ----A---- C:\WINDOWS\system32\msxml6.dll
2019-04-11 14:46:22 ----A---- C:\WINDOWS\system32\MbaeApiPublic.dll
2019-04-11 14:46:22 ----A---- C:\WINDOWS\system32\MbaeApi.dll
2019-04-11 14:46:22 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2019-04-11 14:46:21 ----A---- C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2019-04-11 14:46:21 ----A---- C:\WINDOWS\system32\EdgeContent.dll
2019-04-11 14:46:21 ----A---- C:\WINDOWS\system32\BFE.DLL
2019-04-11 14:46:19 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2019-04-11 14:46:19 ----A---- C:\WINDOWS\system32\mssprxy.dll
2019-04-11 14:46:18 ----A---- C:\WINDOWS\system32\tquery.dll
2019-04-11 14:46:18 ----A---- C:\WINDOWS\system32\mssrch.dll
2019-04-11 14:46:17 ----A---- C:\WINDOWS\system32\win32kbase.sys
2019-04-11 14:46:16 ----A---- C:\WINDOWS\system32\thumbcache.dll
2019-04-11 14:46:16 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2019-04-11 14:46:16 ----A---- C:\WINDOWS\system32\D3D12.dll
2019-04-11 14:46:15 ----A---- C:\WINDOWS\system32\Windows.Devices.Radios.dll
2019-04-11 14:46:15 ----A---- C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2019-04-11 14:46:15 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-04-11 14:46:14 ----A---- C:\WINDOWS\system32\Windows.AI.MachineLearning.dll
2019-04-11 14:46:13 ----A---- C:\WINDOWS\system32\Windows.CloudStore.dll
2019-04-11 14:46:13 ----A---- C:\WINDOWS\system32\ShareHost.dll
2019-04-11 14:46:12 ----A---- C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2019-04-11 14:46:12 ----A---- C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2019-04-11 14:46:12 ----A---- C:\WINDOWS\system32\negoexts.dll
2019-04-11 14:46:11 ----A---- C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-04-11 14:46:11 ----A---- C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2019-04-11 14:46:11 ----A---- C:\WINDOWS\system32\drivers\dam.sys
2019-04-11 14:46:09 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-04-11 14:46:09 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2019-04-11 14:46:08 ----A---- C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-04-11 14:46:07 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-04-11 14:46:07 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-04-11 14:46:06 ----A---- C:\WINDOWS\system32\WWAHost.exe
2019-04-11 14:46:06 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-04-11 14:46:04 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-04-11 14:46:04 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2019-04-11 14:46:03 ----A---- C:\WINDOWS\system32\oleprn.dll
2019-04-11 14:46:03 ----A---- C:\WINDOWS\system32\drivers\WdiWiFi.sys
2019-04-11 14:46:03 ----A---- C:\WINDOWS\system32\drivers\nwifi.sys
2019-04-11 14:46:02 ----A---- C:\WINDOWS\system32\WiFiCloudStore.dll
2019-04-11 14:46:01 ----A---- C:\WINDOWS\system32\RjvMDMConfig.dll
2019-04-11 14:46:01 ----A---- C:\WINDOWS\system32\MDMAgent.exe
2019-04-11 14:45:58 ----A---- C:\WINDOWS\system32\drivers\pdc.sys
2019-04-11 14:45:58 ----A---- C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2019-04-11 14:45:57 ----A---- C:\WINDOWS\system32\DolbyHrtfEnc.dll
2019-04-11 14:45:54 ----A---- C:\WINDOWS\system32\drivers\http.sys
2019-04-11 14:45:53 ----A---- C:\WINDOWS\system32\wuuhext.dll
2019-04-11 14:45:53 ----A---- C:\WINDOWS\system32\wups2.dll
2019-04-11 14:45:53 ----A---- C:\WINDOWS\system32\AppReadiness.dll
2019-04-11 14:45:52 ----A---- C:\WINDOWS\system32\wuuhosdeployment.dll
2019-04-11 14:45:52 ----A---- C:\WINDOWS\system32\wuaueng.dll
2019-04-11 14:45:51 ----A---- C:\WINDOWS\SYSWOW64\dtdump.exe
2019-04-11 14:45:51 ----A---- C:\WINDOWS\system32\diagtrack.dll
2019-04-11 14:45:50 ----A---- C:\WINDOWS\system32\SgrmBroker.exe
2019-04-11 14:45:50 ----A---- C:\WINDOWS\system32\drvsetup.dll
2019-04-11 14:45:50 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2019-04-11 14:45:49 ----A---- C:\WINDOWS\SYSWOW64\drvstore.dll
2019-04-11 14:45:49 ----A---- C:\WINDOWS\system32\lsasrv.dll
2019-04-11 14:45:49 ----A---- C:\WINDOWS\system32\drvstore.dll
2019-04-11 14:45:46 ----A---- C:\WINDOWS\system32\ucrtbase_enclave.dll
2019-04-11 14:45:46 ----A---- C:\WINDOWS\system32\securekernel.exe
2019-04-11 14:45:45 ----A---- C:\WINDOWS\system32\tcblaunch.exe
2019-04-11 14:45:44 ----A---- C:\WINDOWS\SYSWOW64\wevtapi.dll
2019-04-11 14:45:44 ----A---- C:\WINDOWS\SYSWOW64\mpr.dll
2019-04-11 14:45:44 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2019-04-11 14:45:44 ----A---- C:\WINDOWS\system32\wevtapi.dll
2019-04-11 14:45:43 ----A---- C:\WINDOWS\SYSWOW64\winhttp.dll
2019-04-11 14:45:43 ----A---- C:\WINDOWS\SYSWOW64\aepic.dll
2019-04-11 14:45:43 ----A---- C:\WINDOWS\system32\mpr.dll
2019-04-11 14:45:43 ----A---- C:\WINDOWS\system32\dosvc.dll
2019-04-11 14:45:43 ----A---- C:\WINDOWS\system32\domgmt.dll
2019-04-11 14:45:42 ----A---- C:\WINDOWS\SYSWOW64\tzres.dll
2019-04-11 14:45:42 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2019-04-11 14:45:41 ----A---- C:\WINDOWS\SYSWOW64\ucrtbase.dll
2019-04-11 14:45:41 ----A---- C:\WINDOWS\SYSWOW64\dhcpcore.dll
2019-04-11 14:45:23 ----A---- C:\WINDOWS\SYSWOW64\dnsapi.dll
2019-04-11 14:45:23 ----A---- C:\WINDOWS\SYSWOW64\dhcpcore6.dll
2019-04-11 14:45:22 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2019-04-11 14:45:22 ----A---- C:\WINDOWS\system32\profsvc.dll
2019-04-11 14:45:21 ----A---- C:\WINDOWS\system32\winhttp.dll
2019-04-11 14:45:21 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2019-04-11 14:45:21 ----A---- C:\WINDOWS\system32\dcntel.dll
2019-04-11 14:45:21 ----A---- C:\WINDOWS\system32\aepic.dll
2019-04-11 14:45:20 ----A---- C:\WINDOWS\system32\KdsCli.dll
2019-04-11 14:45:20 ----A---- C:\WINDOWS\system32\combase.dll
2019-04-11 14:45:19 ----A---- C:\WINDOWS\system32\tzres.dll
2019-04-11 14:45:19 ----A---- C:\WINDOWS\system32\schannel.dll
2019-04-11 14:45:19 ----A---- C:\WINDOWS\system32\msv1_0.dll
2019-04-11 14:45:19 ----A---- C:\WINDOWS\system32\ci.dll
2019-04-11 14:45:18 ----A---- C:\WINDOWS\system32\winquic.dll
2019-04-11 14:45:18 ----A---- C:\WINDOWS\system32\ucrtbase.dll
2019-04-11 14:45:18 ----A---- C:\WINDOWS\system32\drivers\winquic.sys
2019-04-11 14:45:17 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2019-04-11 14:45:17 ----A---- C:\WINDOWS\system32\dnsapi.dll
2019-04-11 14:45:17 ----A---- C:\WINDOWS\system32\dhcpcore6.dll
2019-04-11 14:45:17 ----A---- C:\WINDOWS\system32\dhcpcore.dll
2019-04-11 14:45:16 ----A---- C:\WINDOWS\system32\oleaut32.dll
2019-04-11 14:45:16 ----A---- C:\WINDOWS\system32\drivers\wcifs.sys
2019-04-11 14:45:15 ----A---- C:\WINDOWS\system32\wcimage.dll
2019-04-11 14:45:15 ----A---- C:\WINDOWS\system32\wc_storage.dll
2019-04-11 14:45:14 ----A---- C:\WINDOWS\system32\conhost.exe
2019-04-11 14:45:13 ----RA---- C:\WINDOWS\system32\icuin.dll
2019-04-11 14:45:12 ----A---- C:\WINDOWS\system32\windows.storage.dll
2019-04-11 14:45:12 ----A---- C:\WINDOWS\system32\StructuredQuery.dll
2019-04-11 14:45:11 ----A---- C:\WINDOWS\system32\Windows.StateRepository.dll
2019-04-11 14:45:11 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-04-11 14:45:10 ----A---- C:\WINDOWS\system32\pkeyhelper.dll
2019-04-11 14:45:10 ----A---- C:\WINDOWS\system32\ClipSVC.dll
2019-04-11 14:45:09 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2019-04-11 14:45:09 ----A---- C:\WINDOWS\SYSWOW64\negoexts.dll
2019-04-11 14:45:09 ----A---- C:\WINDOWS\system32\drivers\ClipSp.sys
2019-04-11 14:45:08 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2019-04-11 14:45:08 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2019-04-11 14:45:07 ----A---- C:\WINDOWS\SYSWOW64\spacebridge.dll
2019-04-11 14:45:07 ----A---- C:\WINDOWS\SYSWOW64\NetSetupShim.dll
2019-04-11 14:45:06 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2019-04-11 14:45:06 ----A---- C:\WINDOWS\SYSWOW64\FirewallAPI.dll
2019-04-11 14:45:06 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2019-04-11 14:45:05 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll
2019-04-11 14:44:57 ----A---- C:\WINDOWS\system32\hvloader.dll
2019-04-11 14:44:57 ----A---- C:\WINDOWS\system32\hvax64.exe
2019-04-11 14:44:56 ----A---- C:\WINDOWS\system32\hvix64.exe
2019-04-11 14:44:55 ----A---- C:\WINDOWS\system32\computestorage.dll
2019-04-11 14:44:13 ----A---- C:\WINDOWS\SYSWOW64\objsel.dll
2019-04-11 14:44:13 ----A---- C:\WINDOWS\SYSWOW64\nshwfp.dll
2019-04-11 14:44:12 ----A---- C:\WINDOWS\system32\rdpudd.dll
2019-04-11 14:44:12 ----A---- C:\WINDOWS\system32\rdpnano.dll
2019-04-11 14:44:12 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2019-04-11 14:44:10 ----A---- C:\WINDOWS\system32\drivers\stornvme.sys
2019-04-11 14:44:10 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2019-04-11 14:44:09 ----A---- C:\WINDOWS\system32\drivers\usbvideo.sys
2019-04-11 14:44:06 ----A---- C:\WINDOWS\system32\drivers\spacedump.sys
2019-04-11 14:44:06 ----A---- C:\WINDOWS\system32\drivers\netvsc.sys
2019-04-11 14:44:05 ----A---- C:\WINDOWS\system32\drivers\spaceport.sys

======List of files/folders modified in the last 1 month======

2019-04-16 19:13:14 ----D---- C:\WINDOWS\Prefetch
2019-04-16 19:13:07 ----D---- C:\WINDOWS\Temp
2019-04-16 19:13:02 ----RD---- C:\Program Files
2019-04-16 19:10:45 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2019-04-16 19:02:39 ----D---- C:\WINDOWS\Logs
2019-04-16 19:00:52 ----D---- C:\WINDOWS\system32\Recovery
2019-04-16 18:47:06 ----HD---- C:\Program Files\WindowsApps
2019-04-16 18:46:45 ----D---- C:\WINDOWS\AppReadiness
2019-04-16 18:32:20 ----D---- C:\WINDOWS\System32
2019-04-16 18:32:20 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-04-16 18:29:33 ----D---- C:\WINDOWS\system32\SleepStudy
2019-04-16 18:10:53 ----D---- C:\WINDOWS\INF
2019-04-16 18:06:57 ----D---- C:\WINDOWS\system32\drivers\wd
2019-04-16 17:52:25 ----D---- C:\Users\lpopo\AppData\Roaming\Spotify
2019-04-16 17:46:57 ----D---- C:\WINDOWS\system32\sru
2019-04-16 17:40:48 ----D---- C:\ProgramData\RFA_Backups
2019-04-16 17:10:53 ----SHD---- C:\System Volume Information
2019-04-16 10:24:46 ----D---- C:\WINDOWS\SysWOW64
2019-04-16 04:47:31 ----D---- C:\Users\lpopo\AppData\Roaming\vlc
2019-04-15 21:12:55 ----D---- C:\Users\lpopo\AppData\Roaming\uTorrent
2019-04-15 20:03:01 ----RD---- C:\WINDOWS\Microsoft.NET
2019-04-15 03:03:03 ----D---- C:\KMPlayer
2019-04-14 15:08:11 ----D---- C:\WINDOWS\system32\config
2019-04-13 04:54:05 ----D---- C:\WINDOWS\system32\catroot2
2019-04-12 18:48:50 ----SHD---- C:\WINDOWS\Installer
2019-04-12 18:48:49 ----SHD---- C:\Config.Msi
2019-04-12 14:34:09 ----D---- C:\Users\lpopo\AppData\Roaming\WhatsApp
2019-04-12 10:19:07 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2019-04-12 04:17:08 ----D---- C:\WINDOWS\system32\DriverStore
2019-04-12 04:17:04 ----D---- C:\WINDOWS\WinSxS
2019-04-11 15:14:10 ----D---- C:\WINDOWS\system32\drivers
2019-04-11 15:10:19 ----D---- C:\WINDOWS\SYSWOW64\en-US
2019-04-11 15:10:19 ----D---- C:\WINDOWS\SYSWOW64\Dism
2019-04-11 15:10:19 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2019-04-11 15:10:09 ----D---- C:\WINDOWS\system32\wbem
2019-04-11 15:10:06 ----D---- C:\WINDOWS\system32\oobe
2019-04-11 15:10:06 ----D---- C:\WINDOWS\system32\en-US
2019-04-11 15:10:05 ----SD---- C:\WINDOWS\system32\DiagSvcs
2019-04-11 15:10:05 ----D---- C:\WINDOWS\system32\Dism
2019-04-11 15:10:05 ----D---- C:\WINDOWS\system32\cs-CZ
2019-04-11 15:10:05 ----D---- C:\WINDOWS\system32\Boot
2019-04-11 15:09:53 ----D---- C:\WINDOWS\bcastdvr
2019-04-11 15:09:53 ----D---- C:\WINDOWS\apppatch
2019-04-11 15:09:41 ----D---- C:\WINDOWS\system32\drivers\UMDF
2019-04-11 14:59:19 ----D---- C:\WINDOWS\CbsTemp
2019-04-10 22:49:13 ----D---- C:\ProgramData\ProductData
2019-04-10 18:00:00 ----D---- C:\WINDOWS\system32\LogFiles
2019-04-10 11:11:28 ----D---- C:\WINDOWS\system32\MRT
2019-04-10 10:57:34 ----AC---- C:\WINDOWS\system32\MRT.exe
2019-04-09 18:13:10 ----D---- C:\WINDOWS\system32\Macromed
2019-04-09 18:12:45 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2019-04-09 18:12:41 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerInstaller.exe
2019-04-01 20:02:36 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2019-04-01 00:52:54 ----D---- C:\WINDOWS\system32\Tasks
2019-03-29 11:53:47 ----D---- C:\ProgramData\Package Cache
2019-03-28 11:26:02 ----RD---- C:\Program Files (x86)
2019-03-27 20:43:07 ----D---- C:\WINDOWS\system32\NDF
2019-03-20 16:05:33 ----D---- C:\WINDOWS\LiveKernelReports

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 avdevprot;avdevprot; C:\WINDOWS\system32\DRIVERS\avdevprot.sys [2019-02-28 75432]
R0 avusbflt;avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [2019-02-28 45472]
R0 cm_km;Kaspersky Lab ZAO Cryptographic Module x64 (Weak); C:\WINDOWS\System32\drivers\cm_km.sys [2015-07-06 389816]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2019-01-12 55608]
R0 SgrmAgent;@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001; C:\WINDOWS\system32\drivers\SgrmAgent.sys [2018-09-15 87552]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2018-09-15 40960]
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2019-04-12 194136]
R1 avkmgr;avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [2019-02-28 46704]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-09-15 63288]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2018-09-15 60416]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-09-15 8704]
R1 klhk;Kaspersky Lab service driver; C:\WINDOWS\System32\drivers\klhk.sys [2016-05-05 237488]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2019-04-12 192152]
R2 avnetflt;avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [2019-02-28 89736]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2019-03-13 452096]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2019-01-12 51712]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2019-01-12 111104]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2018-09-15 90624]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2018-09-15 133120]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2018-09-15 92672]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2018-09-15 63288]
R3 dtlitescsibus;@oem21.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2017-04-23 30264]
R3 dtliteusbbus;@oem27.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2017-04-23 47672]
R3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2018-09-15 36352]
R3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2018-09-15 91136]
R3 ibtusb;@oem25.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R); C:\WINDOWS\system32\DRIVERS\ibtusb.sys [2016-12-12 230656]
R3 igfxLP;igfxLP; C:\WINDOWS\system32\DRIVERS\igdkmd64lp.sys [2018-04-11 7408584]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-05-05 4467928]
R3 IntcDAud;@oem38.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2016-05-12 481768]
R3 LMDriver;@oem16.inf,%LMDriver.SVCDESC%;Launch Manager Wireless Driver; C:\WINDOWS\System32\drivers\LMDriver.sys [2018-05-15 31000]
R3 NETwNb64;___ Ovladač adaptéru Intel(R) Wireless pro systém Windows 8.1 64 Bit; C:\WINDOWS\System32\drivers\Netwbw02.sys [2015-06-22 3776792]
R3 phantomtap;@oem24.inf,%DeviceDescription%;Phantom TAP-Windows Adapter V9; C:\WINDOWS\System32\drivers\phantomtap.sys [2018-11-27 45056]
R3 PTPFilter;@oem0.inf,%PTPFilter.SVCDESC%;Samsung PTP Component Service; C:\WINDOWS\System32\drivers\PTPFilter.sys [2016-08-29 51032]
R3 RadioShim;@oem16.inf,%RadioShim.SVCDESC%;Shim for HID-KMDF Interface layer; C:\WINDOWS\System32\drivers\RadioShim.sys [2018-05-15 25368]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2018-09-15 202240]
R3 rt640x64;@oem32.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-06-18 895256]
R3 RTSUER;@oem6.inf,%RtsUER%;Realtek USB Card Reader - UER; C:\WINDOWS\system32\Drivers\RtsUer.sys [2015-05-19 411712]
S0 avelam;avelam; C:\WINDOWS\system32\drivers\avelam.sys [2019-02-28 22336]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2018-09-15 42504]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-09-15 319488]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-09-15 885048]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-09-15 148480]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-09-15 124416]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-09-15 128512]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-09-15 75264]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2018-09-15 79872]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2018-09-15 58880]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2018-09-15 68608]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2018-09-15 41784]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2018-09-15 135168]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-09-15 19968]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2018-09-15 18432]
S3 aswTap;avast! SecureLine TAP Adapter v3; C:\WINDOWS\System32\drivers\aswTap.sys [2014-09-05 44640]
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2019-03-13 104248]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys [2018-09-15 34816]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2019-03-13 1221120]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-09-15 40960]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2018-09-15 125952]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-09-15 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-09-15 51512]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\WINDOWS\System32\drivers\hidspi.sys [2018-09-15 60928]
S3 hitmanpro37;HitmanPro 3.7 Support Driver; \??\C:\WINDOWS\system32\drivers\hitmanpro37.sys [2017-07-11 55232]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2018-09-15 80184]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2018-09-15 27648]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-09-15 1866768]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-09-15 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-09-15 93184]
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [2018-09-15 112128]
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [2018-09-15 96256]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-09-15 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-09-15 175104]
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [2018-09-15 180736]
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [2018-09-15 177664]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2018-09-15 566800]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-09-15 45568]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2018-09-15 42496]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2018-09-15 124928]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2018-09-15 515384]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2018-09-15 58680]
S3 MbbCx;MBB Network Adapter Class Extension; C:\WINDOWS\system32\drivers\MbbCx.sys [2019-03-13 290816]
S3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2018-09-15 53760]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-09-15 1150496]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2018-09-15 153616]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2018-09-15 184320]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2018-09-15 148480]
S3 PktMon;Packet Monitor Driver; C:\WINDOWS\system32\drivers\PktMon.sys [2018-09-15 85504]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2018-09-15 117248]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2018-09-15 17408]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2019-04-11 981816]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2018-09-15 108032]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2018-09-15 33080]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2018-09-15 33280]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntivirProtectedService;Avira Protected Service; C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe [2019-04-12 311152]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [2019-04-12 244656]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\Antivirus\sched.exe [2019-04-12 244656]
R2 AviraOptimizerHost;Avira Optimizer Host; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2018-02-15 2938504]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
R2 CDPUserSvc_6c2c8;Uživatelská služba platformy připojených zařízení_6c2c8; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2015-06-12 640928]
R2 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2015-04-14 373312]
R2 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2014-12-17 265808]
R2 ibtsiva;@oem25.inf,%SERVICE_NAME%;Intel Bluetooth Service; C:\WINDOWS\system32\ibtsiva []
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2018-04-11 373704]
R2 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [2015-05-22 881152]
R2 Intel(R) Security Assist;Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [2015-02-26 330240]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [2015-04-21 174368]
R2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2016-07-29 3046688]
R2 OneSyncSvc_6c2c8;Hostitel synchronizace_6c2c8; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
R2 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2015-07-31 242864]
R2 QALSvc;Quick Access Local Service; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [2015-07-09 398176]
R2 QASvc;Quick Access Service; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [2015-07-09 450400]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2015-06-12 157088]
R2 SgrmBroker;@%SystemRoot%\System32\SgrmBroker.exe,-100; C:\WINDOWS\system32\SgrmBroker.exe [2019-04-11 255128]
R3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
R3 cbdhsvc_6c2c8;Uživatelská služba schránky_6c2c8; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
R3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
R3 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2019-01-12 43632]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
R3 PimIndexMaintenanceSvc_6c2c8;Data kontaktů_6c2c8; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
R3 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2019-02-12 864056]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [2019-04-16 908160]
S2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [2019-04-16 1182464]
S2 Avira.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [2019-03-20 466280]
S2 AviraPhantomVPN;Avira Phantom VPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [2019-01-29 359400]
S2 AviraUpdaterService;Avira Updater Service; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [2019-04-12 104752]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-11-16 153168]
S2 isaHelperSvc;Intel(R) Security Assist Helper; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [2015-02-26 7680]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S2 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2018-12-22 146888]
S2 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2015-06-12 268192]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S2 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S2 scupdate;Scout Update Service (scupdate); C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe [2017-06-11 114824]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-04-09 335416]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 BcastDVRUserService_6c2c8;Uživatelská služba pro GameDVR a vysílání her_6c2c8; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 BluetoothUserService_6c2c8;Služba pro podporu uživatelů Bluetooth_6c2c8; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 CaptureService_6c2c8;CaptureService_6c2c8; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 ConsentUxUserSvc_6c2c8;ConsentUX_6c2c8; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2018-04-11 502728]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 DevicePickerUserSvc_6c2c8;DevicePicker_6c2c8; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 DevicesFlowUserSvc_6c2c8;Tok zařízení_6c2c8; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-09-15 92672]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2017-02-07 1471168]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\elevation_service.exe [2019-04-04 1268720]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-11-16 153168]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 MessagingService_6c2c8;Služba zasílání zpráv_6c2c8; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [2018-09-15 78848]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 PrintWorkflowUserSvc_6c2c8;PrintWorkflow_6c2c8; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S3 scupdatem;Scout Update Service (scupdatem); C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe [2017-06-11 114824]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2018-09-15 1269248]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]

-----------------EOF-----------------

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Nestandardní chování notebooku

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Trasheek
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 21 úno 2009 20:32

Re: Nestandardní chování notebooku

#3 Příspěvek od Trasheek »

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-04-15.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-16-2019
# Duration: 00:00:05
# OS: Windows 10 Home
# Cleaned: 16
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\lpopo\AppData\Roaming\IObit\Advanced SystemCare

***** [ Files ] *****

Deleted C:\Users\lpopo\Favorites\Booking.com.url
Deleted C:\Windows\ServiceProfiles\LocalService\Favorites\Booking.com.url
Deleted C:\Windows\ServiceProfiles\NetworkService\Favorites\Booking.com.url

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\APPDATALOW\SOFTWARE\AMAZON\Amazon1ButtonApp
Deleted HKCU\Software\csastats
Deleted HKLM\SOFTWARE\Classes\AppID\AmazonAppIE.dll
Deleted HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|Amazon1ButtonTaskbarApp.exe
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F5415905096AA504A9FB967C7A138943
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}
Deleted HKLM\Software\Wow6432Node\APPDATALOW\SOFTWARE\AMAZON\Amazon1ButtonApp
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\AmazonAppIE.dll
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|Amazon1ButtonTaskbarApp.exe
Deleted HKU\.DEFAULT\Software\APPDATALOW\SOFTWARE\AMAZON\Amazon1ButtonApp
Deleted HKU\S-1-5-18\Software\APPDATALOW\SOFTWARE\AMAZON\Amazon1ButtonApp

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

Deleted Avira SafeSearch Plus

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2744 octets] - [16/04/2019 20:00:57]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Nestandardní chování notebooku

#4 Příspěvek od Rudy »

OK. Teď dejte log FRST+Addition: https://forum.viry.cz/viewtopic.php?f=13&t=154679 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Trasheek
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 21 úno 2009 20:32

Re: Nestandardní chování notebooku

#5 Příspěvek od Trasheek »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15.04.2019 01
Ran by lpopo (administrator) on LAPTOP-F6D2N2T4 (16-04-2019 21:11:02)
Running from C:\Users\lpopo\Desktop
Loaded Profiles: lpopo (Available Profiles: lpopo)
Platform: Windows 10 Home Version 1809 17763.437 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(WildTangent Inc -> WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(WildTangent Inc -> WildTangent, Inc.) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel® Trusted Connect Service -> Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
() [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Users\lpopo\Desktop\adwcleaner_7.3.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19031.57.0_x64__8wekyb3d8bbwe\YourPhone.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
() [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Acer Incorporated -> acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19021.18010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13876952 2015-04-13] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163800 2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
HKLM\...\Run: [rfagent] => C:\Program Files\RFA 9\rfagent64.exe [3429536 2014-01-28] (Rose City Software LLC -> KsL Software)
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [91488 2016-08-15] (Acer Incorporated -> )
HKLM-x32\...\Run: [isa] => C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [330240 2015-02-26] () [File not signed]
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [64096 2018-03-22] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [98024 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.) [File not signed]
HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\Installer\chrmstp.exe [2019-04-11] (Google LLC -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D00AE86-E9F9-43A0-82A4-79EBA59183E2}] -> C:\Program Files (x86)\Avira\Scout\Application\59.0.3071.2851\Installer\chrmstp.exe [2017-07-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM\Software\...\Authentication\Credential Providers: [{B7724AE5-1135-4889-8A5F-CA98BE6CA1ED}] -> C:\Program Files\TrueKey\McAfee.TrueKey.CredentialProvider.dll [2017-06-26] (McAfee, Inc. -> McAfee, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 195.250.128.34 212.20.96.34
Tcpip\..\Interfaces\{2618f032-b431-4b53-a4ca-bdd9c63fbea0}: [DhcpNameServer] 195.250.128.34 212.20.96.34
Tcpip\..\Interfaces\{42b3fe31-4fea-4560-b228-729ee681c443}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{45df0a06-8806-47cb-b4bd-27c4d292f871}: [DhcpNameServer] 192.16.128.24
Tcpip\..\Interfaces\{46344e5e-ce34-423d-b4e1-f3e7867a995f}: [DhcpNameServer] 192.168.12.1
Tcpip\..\Interfaces\{7cab7744-c1c3-47d9-9590-d6a89be16b31}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{88042594-2dff-4716-80aa-d1c4de9e69ee}: [DhcpNameServer] 195.250.128.34 212.20.96.34

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-1132476843-1612301917-2949182917-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1132476843-1612301917-2949182917-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE
SearchScopes: HKU\S-1-5-21-1132476843-1612301917-2949182917-1001 -> DefaultScope {5CC363B1-F2E6-4A33-B833-D05CA07CB8A7} URL =
SearchScopes: HKU\S-1-5-21-1132476843-1612301917-2949182917-1001 -> {6A73C339-328C-422E-9E30-D39FC8877701} URL =
BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-06-26] (McAfee, Inc. -> Intel Security)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-06-26] (McAfee, Inc. -> Intel Security)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-06-26] (McAfee, Inc. -> Intel Security)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-06-26] (McAfee, Inc. -> Intel Security)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: x40un1uv.default
FF ProfilePath: C:\Users\lpopo\AppData\Roaming\Mozilla\Firefox\Profiles\x40un1uv.default [2019-04-16]
FF Extension: (Avira Browser Safety) - C:\Users\lpopo\AppData\Roaming\Mozilla\Firefox\Profiles\x40un1uv.default\Extensions\abs@avira.com [2017-06-11] [hxxps://download.avira.com/package/abs/firefox/update-webext.rdf]
FF Extension: (Czech (CZ) Language Pack) - C:\Users\lpopo\AppData\Roaming\Mozilla\Firefox\Profiles\x40un1uv.default\Extensions\langpack-cs@firefox.mozilla.org.xpi [2018-11-26] [Legacy]
FF Extension: (Avira Password Manager) - C:\Users\lpopo\AppData\Roaming\Mozilla\Firefox\Profiles\x40un1uv.default\Extensions\passwordmanager@avira.com [2017-06-11] [hxxps://s3.eu-central-1.amazonaws.com/avira-pwm-extensions/update.rdf]
FF Extension: (No Name) - C:\Users\lpopo\AppData\Roaming\Mozilla\Firefox\Profiles\x40un1uv.default\Extensions\safesearchplus2@avira.com [2017-11-06] [not signed]
FF Extension: (Amazon 1Button App for Firefox) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\abb@amazon.com [2018-12-22] [Legacy] [not signed]
FF Extension: (Czech (CZ) Language Pack) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-cs@firefox.mozilla.org [2018-12-22] [Legacy] [not signed]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-02] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-02] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @scout.avira-update.com/Avira Scout Update;version=3 -> C:\Program Files (x86)\Avira\Scout Update\1.3.32.7\npScoutUpdate3.dll [2017-06-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FF Plugin-x32: @scout.avira-update.com/Avira Scout Update;version=9 -> C:\Program Files (x86)\Avira\Scout Update\1.3.32.7\npScoutUpdate3.dll [2017-06-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN -> VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-15] (WildTangent Inc -> )

Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR Profile: C:\Users\lpopo\AppData\Local\Google\Chrome\User Data\Default [2019-04-16]
CHR Extension: (Prezentace) - C:\Users\lpopo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-11-16]
CHR Extension: (Rozšíření pro webové stránky - WP Screenshot) - C:\Users\lpopo\AppData\Local\Google\Chrome\User Data\Default\Extensions\akgpcdalpfphjmfifkmfbpdmgdmeeaeo [2019-02-28]
CHR Extension: (GIPHY for Gmail) - C:\Users\lpopo\AppData\Local\Google\Chrome\User Data\Default\Extensions\andgibkjiikabclfdkecpmdkfanpdapf [2019-04-11]
CHR Extension: (Dokumenty) - C:\Users\lpopo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-11-16]
CHR Extension: (Disk Google) - C:\Users\lpopo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-11-16]
CHR Extension: (YouTube) - C:\Users\lpopo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-11-16]
CHR Extension: (Full Page Screen Capture) - C:\Users\lpopo\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoalclacl [2018-11-16]
CHR Extension: (Tabulky) - C:\Users\lpopo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-11-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\lpopo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-11-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\lpopo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-11-16]
CHR Extension: (Gmail) - C:\Users\lpopo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-05]
CHR Extension: (Chrome Media Router) - C:\Users\lpopo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-25]
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [908160 2019-04-16] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntivirProtectedService; C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe [311152 2019-04-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [244656 2019-04-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [244656 2019-04-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1182464 2019-04-16] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [466280 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2938504 2018-02-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [359400 2019-01-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [104752 2019-04-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-02-07] (Disc Soft Ltd -> Disc Soft Ltd)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [373312 2015-04-14] (WildTangent Inc -> WildTangent)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [184064 2016-12-12] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373704 2018-04-11] (Intel(R) pGFX -> Intel Corporation)
R2 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [881152 2015-05-22] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [330240 2015-02-26] () [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-02-26] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [174368 2015-04-21] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [3046688 2016-07-29] (IObit Information Technology -> IObit)
S2 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-06-12] (Intel Corporation-Wireless Connectivity Solutions -> )
R2 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [398176 2015-07-09] (Acer Incorporated -> Acer Incorporated)
R2 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [450400 2015-07-09] (Acer Incorporated -> Acer Incorporated)
S2 scupdate; C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe [114824 2017-06-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 scupdatem; C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe [114824 2017-06-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10883824 2017-03-17] (TeamViewer GmbH -> TeamViewer GmbH)
S2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [1001920 2017-06-26] (McAfee, Inc. -> McAfee, Inc.)
S2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16928 2017-06-26] (McAfee, Inc. -> McAfee, Inc.)
R2 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [87760 2017-06-26] (McAfee, Inc. -> McAfee, Inc.)
R2 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [247040 2015-05-27] (Acer Incorporated -> acer)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\NisSrv.exe [3856504 2019-04-16] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\MsMpEng.exe [113992 2019-04-16] (Microsoft Corporation -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831200 2015-06-12] (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [44640 2014-09-05] (AVAST Software a.s. -> The OpenVPN Project)
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [75432 2019-02-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S0 avelam; C:\WINDOWS\System32\drivers\avelam.sys [22336 2019-02-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [192152 2019-04-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [194136 2019-04-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2019-02-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [89736 2019-02-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [45472 2019-02-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 cm_km; C:\WINDOWS\System32\drivers\cm_km.sys [389816 2015-07-06] (Kaspersky Lab -> Kaspersky Lab ZAO)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-04-23] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-04-23] (Disc Soft Ltd -> Disc Soft Ltd)
S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [55232 2017-07-11] (SurfRight B.V. -> )
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [230656 2016-12-12] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
R3 igfxLP; C:\WINDOWS\system32\DRIVERS\igdkmd64lp.sys [7408584 2018-04-11] (Intel(R) pGFX -> Intel Corporation)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [237488 2016-05-05] (Kaspersky Lab -> AO Kaspersky Lab)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated -> Acer Incorporated)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3776792 2015-06-22] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
R3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [45056 2018-11-27] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
R3 PTPFilter; C:\WINDOWS\System32\drivers\PTPFilter.sys [51032 2016-08-29] (WDKTestCert tguni.kim,130826319441063508 -> Samsung)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated -> Acer Incorporated)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [895256 2015-06-18] (Realtek Semiconductor Corp -> Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [411712 2015-05-19] (Microsoft Windows Hardware Compatibility Publisher -> Realsil Semiconductor Corporation)
R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [47784 2015-05-27] (Synaptics Incorporated -> Synaptics Incorporated)
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [146232 2015-06-26] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46472 2019-04-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [343520 2019-04-16] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [68576 2019-04-16] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-16 21:11 - 2019-04-16 21:14 - 000031385 _____ C:\Users\lpopo\Desktop\FRST.txt
2019-04-16 21:10 - 2019-04-16 21:11 - 000000000 ____D C:\FRST
2019-04-16 21:08 - 2019-04-16 21:08 - 002434048 _____ (Farbar) C:\Users\lpopo\Desktop\FRST64.exe
2019-04-16 19:55 - 2019-04-16 19:55 - 007025360 _____ (Malwarebytes) C:\Users\lpopo\Desktop\adwcleaner_7.3.exe
2019-04-16 19:13 - 2019-04-16 19:13 - 000000000 ____D C:\rsit
2019-04-16 19:13 - 2019-04-16 19:13 - 000000000 ____D C:\Program Files\trend micro
2019-04-16 19:12 - 2019-04-16 19:12 - 001222144 _____ C:\Users\lpopo\Desktop\RSITx64.exe
2019-04-15 21:10 - 2019-04-15 21:10 - 000000000 ____D C:\Users\lpopo\AppData\LocalLow\uTorrent
2019-04-11 14:51 - 2019-04-11 14:51 - 020815360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-04-11 14:51 - 2019-04-11 14:51 - 019025408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-04-11 14:51 - 2019-04-11 14:51 - 012139008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-04-11 14:51 - 2019-04-11 14:51 - 007919104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-04-11 14:51 - 2019-04-11 14:51 - 006071296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-04-11 14:51 - 2019-04-11 14:51 - 005436904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-04-11 14:51 - 2019-04-11 14:51 - 003904512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-04-11 14:51 - 2019-04-11 14:51 - 003551112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-04-11 14:51 - 2019-04-11 14:51 - 003421696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2019-04-11 14:51 - 2019-04-11 14:51 - 001521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2019-04-11 14:51 - 2019-04-11 14:51 - 001459080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-04-11 14:51 - 2019-04-11 14:51 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-04-11 14:51 - 2019-04-11 14:51 - 001297120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-04-11 14:51 - 2019-04-11 14:51 - 001294520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2019-04-11 14:51 - 2019-04-11 14:51 - 001259320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-04-11 14:51 - 2019-04-11 14:51 - 001072424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2019-04-11 14:51 - 2019-04-11 14:51 - 000897536 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-04-11 14:51 - 2019-04-11 14:51 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-04-11 14:51 - 2019-04-11 14:51 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2019-04-11 14:51 - 2019-04-11 14:51 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-04-11 14:51 - 2019-04-11 14:51 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2019-04-11 14:51 - 2019-04-11 14:51 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-04-11 14:51 - 2019-04-11 14:51 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2019-04-11 14:51 - 2019-04-11 14:51 - 000454144 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2019-04-11 14:51 - 2019-04-11 14:51 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2019-04-11 14:51 - 2019-04-11 14:51 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-04-11 14:51 - 2019-04-11 14:51 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-04-11 14:51 - 2019-04-11 14:51 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-04-11 14:51 - 2019-04-11 14:51 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2019-04-11 14:51 - 2019-04-11 14:51 - 000311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2019-04-11 14:51 - 2019-04-11 14:51 - 000309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2019-04-11 14:51 - 2019-04-11 14:51 - 000263600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-04-11 14:51 - 2019-04-11 14:51 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2019-04-11 14:51 - 2019-04-11 14:51 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dataclen.dll
2019-04-11 14:51 - 2019-04-11 14:51 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfts.dll
2019-04-11 14:50 - 2019-04-11 14:50 - 026810368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-04-11 14:50 - 2019-04-11 14:50 - 023440896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-04-11 14:50 - 2019-04-11 14:50 - 012843520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-04-11 14:50 - 2019-04-11 14:50 - 008898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-04-11 14:50 - 2019-04-11 14:50 - 007877120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-04-11 14:50 - 2019-04-11 14:50 - 004660224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-04-11 14:50 - 2019-04-11 14:50 - 003690496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2019-04-11 14:50 - 2019-04-11 14:50 - 003656192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2019-04-11 14:50 - 2019-04-11 14:50 - 002942464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2019-04-11 14:50 - 2019-04-11 14:50 - 002127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2019-04-11 14:50 - 2019-04-11 14:50 - 001387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-04-11 14:50 - 2019-04-11 14:50 - 001370624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2019-04-11 14:50 - 2019-04-11 14:50 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-04-11 14:50 - 2019-04-11 14:50 - 001064448 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2019-04-11 14:50 - 2019-04-11 14:50 - 001047552 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2019-04-11 14:50 - 2019-04-11 14:50 - 001019392 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2019-04-11 14:50 - 2019-04-11 14:50 - 000964096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2019-04-11 14:50 - 2019-04-11 14:50 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-04-11 14:50 - 2019-04-11 14:50 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-04-11 14:50 - 2019-04-11 14:50 - 000828728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2019-04-11 14:50 - 2019-04-11 14:50 - 000793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2019-04-11 14:50 - 2019-04-11 14:50 - 000772608 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2019-04-11 14:50 - 2019-04-11 14:50 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2019-04-11 14:50 - 2019-04-11 14:50 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2019-04-11 14:50 - 2019-04-11 14:50 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\objsel.dll
2019-04-11 14:50 - 2019-04-11 14:50 - 000642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2019-04-11 14:50 - 2019-04-11 14:50 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2019-04-11 14:50 - 2019-04-11 14:50 - 000528384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2019-04-11 14:50 - 2019-04-11 14:50 - 000316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2019-04-11 14:50 - 2019-04-11 14:50 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-04-11 14:50 - 2019-04-11 14:50 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-04-11 14:50 - 2019-04-11 14:50 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-04-11 14:50 - 2019-04-11 14:50 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\EduPrintProv.exe
2019-04-11 14:50 - 2019-04-11 14:50 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2019-04-11 14:50 - 2019-04-11 14:50 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2019-04-11 14:50 - 2019-04-11 14:50 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDSPnf.exe
2019-04-11 14:50 - 2019-04-11 14:50 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dataclen.dll
2019-04-11 14:50 - 2019-04-11 14:50 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshhttp.dll
2019-04-11 14:50 - 2019-04-11 14:50 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscapi.dll
2019-04-11 14:50 - 2019-04-11 14:50 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfts.dll
2019-04-11 14:50 - 2019-04-11 14:50 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshhttp.dll
2019-04-11 14:50 - 2019-04-11 14:50 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscdll.dll
2019-04-11 14:49 - 2019-04-11 14:49 - 006544824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-04-11 14:49 - 2019-04-11 14:49 - 005205448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2019-04-11 14:49 - 2019-04-11 14:49 - 004527624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2019-04-11 14:49 - 2019-04-11 14:49 - 002765312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-04-11 14:49 - 2019-04-11 14:49 - 002275896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-04-11 14:49 - 2019-04-11 14:49 - 001760768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-04-11 14:49 - 2019-04-11 14:49 - 001615872 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icuin.dll
2019-04-11 14:49 - 2019-04-11 14:49 - 001590064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2019-04-11 14:49 - 2019-04-11 14:49 - 001506304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2019-04-11 14:49 - 2019-04-11 14:49 - 001484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-04-11 14:49 - 2019-04-11 14:49 - 001467344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-04-11 14:49 - 2019-04-11 14:49 - 001249280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2019-04-11 14:49 - 2019-04-11 14:49 - 001221944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2019-04-11 14:49 - 2019-04-11 14:49 - 001155072 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icuuc.dll
2019-04-11 14:49 - 2019-04-11 14:49 - 001072640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-04-11 14:49 - 2019-04-11 14:49 - 001026792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-04-11 14:49 - 2019-04-11 14:49 - 001001472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2019-04-11 14:49 - 2019-04-11 14:49 - 000982528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2019-04-11 14:49 - 2019-04-11 14:49 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-04-11 14:49 - 2019-04-11 14:49 - 000762880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2019-04-11 14:49 - 2019-04-11 14:49 - 000731648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2019-04-11 14:49 - 2019-04-11 14:49 - 000730112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-04-11 14:49 - 2019-04-11 14:49 - 000712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2019-04-11 14:49 - 2019-04-11 14:49 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-04-11 14:49 - 2019-04-11 14:49 - 000653040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-04-11 14:49 - 2019-04-11 14:49 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-04-11 14:49 - 2019-04-11 14:49 - 000460800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2019-04-11 14:49 - 2019-04-11 14:49 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-04-11 14:49 - 2019-04-11 14:49 - 000364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2019-04-11 14:49 - 2019-04-11 14:49 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
2019-04-11 14:49 - 2019-04-11 14:49 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2019-04-11 14:49 - 2019-04-11 14:49 - 000099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2019-04-11 14:49 - 2019-04-11 14:49 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2019-04-11 14:49 - 2019-04-11 14:49 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvsetup.dll
2019-04-11 14:49 - 2019-04-11 14:49 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntlanman.dll
2019-04-11 14:49 - 2019-04-11 14:49 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-04-11 14:49 - 2019-04-11 14:49 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfproc.dll
2019-04-11 14:49 - 2019-04-11 14:49 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credui.dll
2019-04-11 14:49 - 2019-04-11 14:49 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
2019-04-11 14:49 - 2019-04-11 14:49 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RpcPing.exe
2019-04-11 14:48 - 2019-04-11 14:49 - 002346496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-04-11 14:48 - 2019-04-11 14:48 - 015223296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-04-11 14:48 - 2019-04-11 14:48 - 006440960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-04-11 14:48 - 2019-04-11 14:48 - 006309040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-04-11 14:48 - 2019-04-11 14:48 - 005765120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-04-11 14:48 - 2019-04-11 14:48 - 003496448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AI.MachineLearning.dll
2019-04-11 14:48 - 2019-04-11 14:48 - 002777224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-04-11 14:48 - 2019-04-11 14:48 - 002689024 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-04-11 14:48 - 2019-04-11 14:48 - 001860096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-04-11 14:48 - 2019-04-11 14:48 - 001711104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2019-04-11 14:48 - 2019-04-11 14:48 - 001701888 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-04-11 14:48 - 2019-04-11 14:48 - 001687552 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-04-11 14:48 - 2019-04-11 14:48 - 001674480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-04-11 14:48 - 2019-04-11 14:48 - 001671352 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-04-11 14:48 - 2019-04-11 14:48 - 001458056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2019-04-11 14:48 - 2019-04-11 14:48 - 000976896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2019-04-11 14:48 - 2019-04-11 14:48 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-04-11 14:48 - 2019-04-11 14:48 - 000909840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2019-04-11 14:48 - 2019-04-11 14:48 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2019-04-11 14:48 - 2019-04-11 14:48 - 000845824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2019-04-11 14:48 - 2019-04-11 14:48 - 000711168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2019-04-11 14:48 - 2019-04-11 14:48 - 000672256 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2019-04-11 14:48 - 2019-04-11 14:48 - 000649064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-04-11 14:48 - 2019-04-11 14:48 - 000617784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2019-04-11 14:48 - 2019-04-11 14:48 - 000551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-04-11 14:48 - 2019-04-11 14:48 - 000540448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2019-04-11 14:48 - 2019-04-11 14:48 - 000496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2019-04-11 14:48 - 2019-04-11 14:48 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2019-04-11 14:48 - 2019-04-11 14:48 - 000408528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2019-04-11 14:48 - 2019-04-11 14:48 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2019-04-11 14:48 - 2019-04-11 14:48 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-04-11 14:48 - 2019-04-11 14:48 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-04-11 14:48 - 2019-04-11 14:48 - 000312632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2019-04-11 14:48 - 2019-04-11 14:48 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RADCUI.dll
2019-04-11 14:48 - 2019-04-11 14:48 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2019-04-11 14:48 - 2019-04-11 14:48 - 000201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2019-04-11 14:48 - 2019-04-11 14:48 - 000188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMPushRouterCore.dll
2019-04-11 14:48 - 2019-04-11 14:48 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2019-04-11 14:48 - 2019-04-11 14:48 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2019-04-11 14:48 - 2019-04-11 14:48 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll
2019-04-11 14:48 - 2019-04-11 14:48 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2019-04-11 14:48 - 2019-04-11 14:48 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2019-04-11 14:48 - 2019-04-11 14:48 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\credui.dll
2019-04-11 14:48 - 2019-04-11 14:48 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfproc.dll
2019-04-11 14:47 - 2019-04-11 14:47 - 006925824 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-04-11 14:47 - 2019-04-11 14:47 - 004704272 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2019-04-11 14:47 - 2019-04-11 14:47 - 004588536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-04-11 14:47 - 2019-04-11 14:47 - 004304896 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-04-11 14:47 - 2019-04-11 14:47 - 002925880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-04-11 14:47 - 2019-04-11 14:47 - 002871304 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-04-11 14:47 - 2019-04-11 14:47 - 002701304 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-04-11 14:47 - 2019-04-11 14:47 - 002627384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-04-11 14:47 - 2019-04-11 14:47 - 002073960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-04-11 14:47 - 2019-04-11 14:47 - 001994768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-04-11 14:47 - 2019-04-11 14:47 - 001969464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-04-11 14:47 - 2019-04-11 14:47 - 001918464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2019-04-11 14:47 - 2019-04-11 14:47 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2019-04-11 14:47 - 2019-04-11 14:47 - 001697752 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-04-11 14:47 - 2019-04-11 14:47 - 001647632 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-04-11 14:47 - 2019-04-11 14:47 - 001641400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-04-11 14:47 - 2019-04-11 14:47 - 001468952 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-04-11 14:47 - 2019-04-11 14:47 - 001395056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-04-11 14:47 - 2019-04-11 14:47 - 001360184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2019-04-11 14:47 - 2019-04-11 14:47 - 001342400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-04-11 14:47 - 2019-04-11 14:47 - 001217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2019-04-11 14:47 - 2019-04-11 14:47 - 001179680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-04-11 14:47 - 2019-04-11 14:47 - 001145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2019-04-11 14:47 - 2019-04-11 14:47 - 000998712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2019-04-11 14:47 - 2019-04-11 14:47 - 000981816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-04-11 14:47 - 2019-04-11 14:47 - 000948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2019-04-11 14:47 - 2019-04-11 14:47 - 000927232 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-04-11 14:47 - 2019-04-11 14:47 - 000888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2019-04-11 14:47 - 2019-04-11 14:47 - 000872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-04-11 14:47 - 2019-04-11 14:47 - 000865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2019-04-11 14:47 - 2019-04-11 14:47 - 000821048 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2019-04-11 14:47 - 2019-04-11 14:47 - 000809784 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-04-11 14:47 - 2019-04-11 14:47 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2019-04-11 14:47 - 2019-04-11 14:47 - 000769536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-04-11 14:47 - 2019-04-11 14:47 - 000737080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-04-11 14:47 - 2019-04-11 14:47 - 000730936 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2019-04-11 14:47 - 2019-04-11 14:47 - 000725928 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-04-11 14:47 - 2019-04-11 14:47 - 000699392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2019-04-11 14:47 - 2019-04-11 14:47 - 000660480 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2019-04-11 14:47 - 2019-04-11 14:47 - 000620560 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-04-11 14:47 - 2019-04-11 14:47 - 000598544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2019-04-11 14:47 - 2019-04-11 14:47 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-04-11 14:47 - 2019-04-11 14:47 - 000579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2019-04-11 14:47 - 2019-04-11 14:47 - 000553784 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-04-11 14:47 - 2019-04-11 14:47 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-04-11 14:47 - 2019-04-11 14:47 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2019-04-11 14:47 - 2019-04-11 14:47 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_PCDisplay.dll
2019-04-11 14:47 - 2019-04-11 14:47 - 000474928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-04-11 14:47 - 2019-04-11 14:47 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2019-04-11 14:47 - 2019-04-11 14:47 - 000461112 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-04-11 14:47 - 2019-04-11 14:47 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-04-11 14:47 - 2019-04-11 14:47 - 000407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2019-04-11 14:47 - 2019-04-11 14:47 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll
2019-04-11 14:47 - 2019-04-11 14:47 - 000332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2019-04-11 14:47 - 2019-04-11 14:47 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2019-04-11 14:47 - 2019-04-11 14:47 - 000322568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-04-11 14:47 - 2019-04-11 14:47 - 000301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2019-04-11 14:47 - 2019-04-11 14:47 - 000257696 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2019-04-11 14:47 - 2019-04-11 14:47 - 000241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedPCCSP.dll
2019-04-11 14:47 - 2019-04-11 14:47 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.CredentialProvider.dll
2019-04-11 14:47 - 2019-04-11 14:47 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2019-04-11 14:47 - 2019-04-11 14:47 - 000147496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-04-11 14:47 - 2019-04-11 14:47 - 000143880 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2019-04-11 14:47 - 2019-04-11 14:47 - 000134456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2019-04-11 14:47 - 2019-04-11 14:47 - 000115360 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2019-04-11 14:47 - 2019-04-11 14:47 - 000107832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2019-04-11 14:47 - 2019-04-11 14:47 - 000071208 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-04-11 14:47 - 2019-04-11 14:47 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntlanman.dll
2019-04-11 14:47 - 2019-04-11 14:47 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-04-11 14:47 - 2019-04-11 14:47 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscapi.dll
2019-04-11 14:47 - 2019-04-11 14:47 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2019-04-11 14:47 - 2019-04-11 14:47 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\RpcPing.exe
2019-04-11 14:47 - 2019-04-11 14:47 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscdll.dll
2019-04-11 14:46 - 2019-04-11 14:46 - 017513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-04-11 14:46 - 2019-04-11 14:46 - 009682744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-04-11 14:46 - 2019-04-11 14:46 - 007883776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-04-11 14:46 - 2019-04-11 14:46 - 007645608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-04-11 14:46 - 2019-04-11 14:46 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AI.MachineLearning.dll
2019-04-11 14:46 - 2019-04-11 14:46 - 003982848 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-04-11 14:46 - 2019-04-11 14:46 - 003657728 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-04-11 14:46 - 2019-04-11 14:46 - 003384832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-04-11 14:46 - 2019-04-11 14:46 - 003377976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-04-11 14:46 - 2019-04-11 14:46 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-04-11 14:46 - 2019-04-11 14:46 - 002842624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-04-11 14:46 - 2019-04-11 14:46 - 002469376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-04-11 14:46 - 2019-04-11 14:46 - 002438368 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-04-11 14:46 - 2019-04-11 14:46 - 002189312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-04-11 14:46 - 2019-04-11 14:46 - 002042368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-04-11 14:46 - 2019-04-11 14:46 - 001844448 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2019-04-11 14:46 - 2019-04-11 14:46 - 001830200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-04-11 14:46 - 2019-04-11 14:46 - 001671680 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2019-04-11 14:46 - 2019-04-11 14:46 - 001605120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-04-11 14:46 - 2019-04-11 14:46 - 001478968 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2019-04-11 14:46 - 2019-04-11 14:46 - 001315328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2019-04-11 14:46 - 2019-04-11 14:46 - 001311232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2019-04-11 14:46 - 2019-04-11 14:46 - 001256448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-04-11 14:46 - 2019-04-11 14:46 - 001133568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2019-04-11 14:46 - 2019-04-11 14:46 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2019-04-11 14:46 - 2019-04-11 14:46 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-04-11 14:46 - 2019-04-11 14:46 - 001054200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-04-11 14:46 - 2019-04-11 14:46 - 001035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2019-04-11 14:46 - 2019-04-11 14:46 - 001007616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-04-11 14:46 - 2019-04-11 14:46 - 000984888 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2019-04-11 14:46 - 2019-04-11 14:46 - 000926208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2019-04-11 14:46 - 2019-04-11 14:46 - 000882176 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2019-04-11 14:46 - 2019-04-11 14:46 - 000877056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2019-04-11 14:46 - 2019-04-11 14:46 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-04-11 14:46 - 2019-04-11 14:46 - 000855040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2019-04-11 14:46 - 2019-04-11 14:46 - 000807424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2019-04-11 14:46 - 2019-04-11 14:46 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-04-11 14:46 - 2019-04-11 14:46 - 000611840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2019-04-11 14:46 - 2019-04-11 14:46 - 000609792 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-04-11 14:46 - 2019-04-11 14:46 - 000568632 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-04-11 14:46 - 2019-04-11 14:46 - 000552448 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2019-04-11 14:46 - 2019-04-11 14:46 - 000551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2019-04-11 14:46 - 2019-04-11 14:46 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-04-11 14:46 - 2019-04-11 14:46 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2019-04-11 14:46 - 2019-04-11 14:46 - 000508208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2019-04-11 14:46 - 2019-04-11 14:46 - 000506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2019-04-11 14:46 - 2019-04-11 14:46 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2019-04-11 14:46 - 2019-04-11 14:46 - 000386360 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2019-04-11 14:46 - 2019-04-11 14:46 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-04-11 14:46 - 2019-04-11 14:46 - 000263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiCloudStore.dll
2019-04-11 14:46 - 2019-04-11 14:46 - 000246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2019-04-11 14:46 - 2019-04-11 14:46 - 000183296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2019-04-11 14:46 - 2019-04-11 14:46 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2019-04-11 14:46 - 2019-04-11 14:46 - 000159272 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2019-04-11 14:46 - 2019-04-11 14:46 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2019-04-11 14:46 - 2019-04-11 14:46 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2019-04-11 14:46 - 2019-04-11 14:46 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll
2019-04-11 14:46 - 2019-04-11 14:46 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2019-04-11 14:46 - 2019-04-11 14:46 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2019-04-11 14:46 - 2019-04-11 14:46 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2019-04-11 14:46 - 2019-04-11 14:46 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\negoexts.dll
2019-04-11 14:46 - 2019-04-11 14:46 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2019-04-11 14:46 - 2019-04-11 14:46 - 000097808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2019-04-11 14:46 - 2019-04-11 14:46 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2019-04-11 14:46 - 2019-04-11 14:46 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2019-04-11 14:46 - 2019-04-11 14:46 - 000039736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WppRecorder.sys
2019-04-11 14:45 - 2019-04-11 14:45 - 007687576 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 004991112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 003557888 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 003334496 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 002995712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 002720256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-04-11 14:45 - 2019-04-11 14:45 - 002592816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 002022304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 001892864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 001856000 ____R (The ICU Project) C:\WINDOWS\system32\icuin.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 001616384 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 001567232 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 001496576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 001259320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2019-04-11 14:45 - 2019-04-11 14:45 - 001213752 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 001191728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 001053192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2019-04-11 14:45 - 2019-04-11 14:45 - 001022616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 000982880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 000974352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvstore.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 000871792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 000865784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 000850760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 000822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe
2019-04-11 14:45 - 2019-04-11 14:45 - 000799568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 000793832 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 000766480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 000761280 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 000757664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-04-11 14:45 - 2019-04-11 14:45 - 000756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 000676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 000675096 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 000651064 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-04-11 14:45 - 2019-04-11 14:45 - 000604008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 000580024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 000522752 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 000513040 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 000506168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 000485192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 000463672 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 000407504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 000404792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-04-11 14:45 - 2019-04-11 14:45 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 000386872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 000385024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 000384312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 000368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 000343984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 000300032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 000283032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 000273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 000264704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 000255128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmBroker.exe
2019-04-11 14:45 - 2019-04-11 14:45 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 000169784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2019-04-11 14:45 - 2019-04-11 14:45 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 000159112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winquic.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 000157496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2019-04-11 14:45 - 2019-04-11 14:45 - 000156984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winquic.sys
2019-04-11 14:45 - 2019-04-11 14:45 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvsetup.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\negoexts.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 000098664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpr.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 000089336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpr.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\KdsCli.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2019-04-11 14:45 - 2019-04-11 14:45 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 000035640 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-04-11 14:45 - 2019-04-11 14:45 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-04-11 14:45 - 2019-04-11 14:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-04-11 14:45 - 2019-04-11 14:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-04-11 14:45 - 2019-04-11 14:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-04-11 14:45 - 2019-04-11 14:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-04-11 14:45 - 2019-04-11 14:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-04-11 14:45 - 2019-04-11 14:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-04-11 14:45 - 2019-04-11 14:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-04-11 14:45 - 2019-04-11 14:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-04-11 14:44 - 2019-04-11 14:44 - 002017792 _____ C:\WINDOWS\system32\rdpnano.dll
2019-04-11 14:44 - 2019-04-11 14:44 - 001672704 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-04-11 14:44 - 2019-04-11 14:44 - 001253688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-04-11 14:44 - 2019-04-11 14:44 - 001044280 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-04-11 14:44 - 2019-04-11 14:44 - 000651792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-04-11 14:44 - 2019-04-11 14:44 - 000607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2019-04-11 14:44 - 2019-04-11 14:44 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\objsel.dll
2019-04-11 14:44 - 2019-04-11 14:44 - 000421392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-04-11 14:44 - 2019-04-11 14:44 - 000306488 _____ (Microsoft Corporation) C:\WINDOWS\system32\computestorage.dll
2019-04-11 14:44 - 2019-04-11 14:44 - 000300344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2019-04-11 14:44 - 2019-04-11 14:44 - 000234808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2019-04-11 14:44 - 2019-04-11 14:44 - 000195896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-04-11 14:44 - 2019-04-11 14:44 - 000131384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2019-04-11 14:44 - 2019-04-11 14:44 - 000095544 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-04-11 14:44 - 2019-04-11 14:44 - 000090424 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-04-05 11:43 - 2019-04-05 11:43 - 000003240 _____ C:\Users\lpopo\AppData\Local\recently-used.xbel
2019-04-02 22:43 - 2019-04-02 22:43 - 000091039 _____ C:\Users\lpopo\Desktop\Mama-s-Boy(0000106719).srt

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-16 21:13 - 2018-09-15 09:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-04-16 20:29 - 2019-01-12 22:36 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-04-16 20:06 - 2018-03-27 10:15 - 000000000 ____D C:\Users\Public\Speedup Sessions
2019-04-16 20:04 - 2016-08-30 21:27 - 000000000 __SHD C:\Users\lpopo\IntelGraphicsProfiles
2019-04-16 20:03 - 2017-07-21 16:54 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-04-16 20:02 - 2019-01-12 23:17 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-04-16 20:01 - 2018-09-15 08:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-04-16 20:01 - 2016-10-15 19:46 - 000000000 ____D C:\Users\lpopo\AppData\Roaming\IObit
2019-04-16 20:00 - 2016-10-14 22:34 - 000000000 ____D C:\AdwCleaner
2019-04-16 19:58 - 2019-01-12 22:45 - 000000000 ____D C:\Users\lpopo
2019-04-16 18:57 - 2016-12-26 05:07 - 000000000 ____D C:\Users\lpopo\AppData\Local\ElevatedDiagnostics
2019-04-16 18:47 - 2018-09-15 09:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-04-16 18:47 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-04-16 18:10 - 2018-09-15 09:31 - 000000000 ____D C:\WINDOWS\INF
2019-04-16 18:06 - 2018-06-08 22:32 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-04-16 17:52 - 2018-06-13 12:35 - 000000000 ____D C:\Users\lpopo\AppData\Roaming\Spotify
2019-04-16 17:40 - 2016-12-26 03:03 - 000000000 ____D C:\ProgramData\RFA_Backups
2019-04-16 04:47 - 2016-09-09 23:31 - 000000000 ____D C:\Users\lpopo\AppData\Roaming\vlc
2019-04-16 03:23 - 2016-10-10 21:47 - 000000000 ____D C:\Users\lpopo\Downloads\X
2019-04-15 21:12 - 2016-09-02 23:15 - 000000000 ____D C:\Users\lpopo\AppData\Roaming\uTorrent
2019-04-15 03:03 - 2018-06-19 00:23 - 000000000 ____D C:\KMPlayer
2019-04-14 03:28 - 2016-08-30 22:34 - 000000000 ____D C:\Users\lpopo\Desktop\Music_Lubosh
2019-04-13 01:53 - 2018-04-11 15:21 - 005243021 _____ C:\WINDOWS\SysWOW64\STPackager.1
2019-04-12 18:52 - 2017-06-11 19:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2019-04-12 18:47 - 2018-06-08 19:54 - 000194136 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2019-04-12 18:47 - 2018-06-08 19:54 - 000192152 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2019-04-12 14:34 - 2018-05-17 22:42 - 000000000 ____D C:\Users\lpopo\AppData\Roaming\WhatsApp
2019-04-12 10:28 - 2018-06-13 12:37 - 000000000 ____D C:\Users\lpopo\AppData\Local\Spotify
2019-04-12 10:19 - 2019-01-12 23:00 - 001693636 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-04-12 10:19 - 2018-09-15 19:32 - 000718018 _____ C:\WINDOWS\system32\perfh005.dat
2019-04-12 10:19 - 2018-09-15 19:32 - 000145062 _____ C:\WINDOWS\system32\perfc005.dat
2019-04-11 15:15 - 2019-01-12 22:36 - 000470696 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-04-11 15:10 - 2018-09-15 09:33 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-04-11 15:10 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-04-11 15:10 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-04-11 15:10 - 2018-09-15 08:09 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-04-11 15:09 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-04-11 14:59 - 2018-09-15 09:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-04-11 11:32 - 2018-11-16 02:16 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-11 11:32 - 2018-11-16 02:16 - 000002264 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-04-11 00:19 - 2019-01-30 02:52 - 000000000 ____D C:\Users\lpopo\Desktop\POVEDENOSTI
2019-04-10 22:49 - 2016-10-15 19:46 - 000000000 ____D C:\ProgramData\ProductData
2019-04-10 11:11 - 2016-08-31 00:27 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-04-10 10:57 - 2016-08-31 00:27 - 131129288 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-04-09 18:13 - 2019-01-12 23:17 - 000004666 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-04-09 18:13 - 2019-01-12 23:17 - 000004506 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2019-04-09 18:13 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-04-09 18:12 - 2019-01-08 19:05 - 004234808 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2019-04-09 18:12 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-04-08 11:00 - 2017-02-07 16:06 - 000000000 ____D C:\Users\lpopo\Desktop\FAKTURY
2019-04-07 23:28 - 2018-10-14 01:46 - 000000000 ____D C:\Users\lpopo\Downloads\Star.Wars.Episode.IV.A.New.Hope.1977.1080p.Bluray.x264.anoXmous
2019-04-07 23:26 - 2018-09-01 17:07 - 000000000 ____D C:\Users\lpopo\Downloads\Zoe.2018.1080p.AMZN.WEB-DL.DDP5.1.H.264-NTG[EtHD]
2019-04-05 11:47 - 2016-09-05 12:16 - 000000000 ____D C:\Users\lpopo\AppData\Local\gtk-2.0
2019-04-05 11:47 - 2016-09-05 12:11 - 000000000 ____D C:\Users\lpopo\.gimp-2.8
2019-04-04 15:16 - 2017-12-02 17:21 - 000000000 ____D C:\Users\lpopo\AppData\Local\Packages
2019-04-01 20:02 - 2019-03-14 02:06 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-04-01 20:02 - 2019-03-14 02:06 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-04-01 00:52 - 2019-01-12 23:17 - 000003380 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1132476843-1612301917-2949182917-1001
2019-04-01 00:51 - 2019-01-12 22:45 - 000002369 _____ C:\Users\lpopo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-04-01 00:51 - 2016-08-30 21:32 - 000000000 ___RD C:\Users\lpopo\OneDrive
2019-03-31 05:42 - 2017-03-18 23:38 - 000000000 ____D C:\Users\lpopo\Downloads\The.Autopsy.of.Jane.Doe.2016.HDRip.XViD-ETRG
2019-03-29 14:30 - 2018-11-09 15:23 - 000000000 ____D C:\Users\lpopo\Desktop\TELEFON - věci
2019-03-29 11:53 - 2015-09-12 02:48 - 000000000 ____D C:\ProgramData\Package Cache
2019-03-28 16:07 - 2016-08-30 22:28 - 000000000 ____D C:\Users\lpopo\Desktop\COPY
2019-03-28 11:25 - 2019-01-12 23:17 - 000003470 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-03-28 11:25 - 2019-01-12 23:17 - 000003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-03-27 20:43 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-03-20 16:05 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\LiveKernelReports

==================== Files in the root of some directories =======

2019-04-05 11:43 - 2019-04-05 11:43 - 000003240 _____ () C:\Users\lpopo\AppData\Local\recently-used.xbel
2018-09-24 19:32 - 2018-09-24 19:32 - 000000000 _____ () C:\Users\lpopo\AppData\Local\{2F14CD53-4A5D-4956-8332-BA293B1EDEBD}
2017-12-01 15:40 - 2017-12-01 15:40 - 000000000 _____ () C:\Users\lpopo\AppData\Local\{3666F618-D3A8-4CE4-9E9C-D16111B6213D}

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================



Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15.04.2019 01
Ran by lpopo (16-04-2019 21:18:12)
Running from C:\Users\lpopo\Desktop
Windows 10 Home Version 1809 17763.437 (X64) (2019-01-12 21:20:14)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1132476843-1612301917-2949182917-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1132476843-1612301917-2949182917-503 - Limited - Disabled)
Guest (S-1-5-21-1132476843-1612301917-2949182917-501 - Limited - Disabled)
lpopo (S-1-5-21-1132476843-1612301917-2949182917-1001 - Administrator - Enabled) => C:\Users\lpopo
WDAGUtilityAccount (S-1-5-21-1132476843-1612301917-2949182917-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {88AE6B46-DC3C-455A-A21B-085F285A3546}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {33CF8AA2-FA06-4AD4-98AB-332D53DD7FFB}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1132476843-1612301917-2949182917-1001\...\uTorrent) (Version: 3.5.5.45146 - BitTorrent Inc.)
12 Labours of Hercules III: Girl Power (HKLM-x32\...\WTA-428eae2c-9e05-492a-985a-f36ddac22115) (Version: 3.0.2.118 - WildTangent) Hidden
7-Zip 16.04 (HKLM-x32\...\7-Zip) (Version: 16.04 - Igor Pavlov)
abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.10.2001 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2001 - Acer Incorporated)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.03.2003 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.08.2003.3 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3001 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8109 - Acer Incorporated)
Acer Quick Access (HKLM\...\{E3678E72-78E3-4F91-A9FB-913876FF6DA2}) (Version: 2.00.3005 - Acer Incorporated)
Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 2.01.3002 - Acer Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.171 - Adobe)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0) (Version: 18.0.0 - Adobe Systems Incorporated)
Avira (HKLM-x32\...\{606c7b25-e58d-4e72-82dd-4a0e4e163086}) (Version: 1.2.114.16977 - Avira Operations GmbH & Co. KG)
Avira (HKLM-x32\...\{9c4627af-2a2f-4e06-aa50-e0d70979e4b6}) (Version: 1.2.132.16752 - Avira Operations GmbH & Co. KG)
Avira (HKLM-x32\...\{BE930E27-DF4B-44AF-8037-EB0A1D419787}) (Version: 1.2.132.16752 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{d2c9315d-82be-4e7a-8d9f-ccbe716c2552}) (Version: 1.2.113.25350 - Avira Operations GmbH & Co. KG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.45.1165 - Avira Operations GmbH & Co. KG)
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.19.2.21196 - Avira Operations GmbH & Co. KG)
Avira Scout (HKLM-x32\...\Avira Scout) (Version: 17.6.3071.2851 - Avira Operations GmbH & Co. KG)
Avira Software Updater (HKLM-x32\...\{4BFBF6CA-2D9E-4A54-8B79-5CEC1545C0FE}) (Version: 2.0.6.13175 - Avira Operations GmbH & Co. KG)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 4.8.0.7455 - Avira Operations GmbH & Co. KG)
Brother MFL-Pro Suite DCP-7070DW (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)
Classic Shell (HKLM\...\{383BB30A-B4A7-4666-9A83-22CFA8640097}) (Version: 4.3.0 - IvoSoft)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.1.0230 - Disc Soft Ltd)
Dino Storm (HKLM-x32\...\WildTangentGDF-acer-dinostorm) (Version: 13.0.0.6 - WildTangent) Hidden
Foxit PhantomPDF (HKLM-x32\...\{A4023BDF-82D5-412D-9D58-8C2819EBFE2E}) (Version: 7.0.410.326 - Foxit Software Inc.)
Game Explorer Categories - genres (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 13.0.0.6 - WildTangent, Inc.)
Game Explorer Categories - main (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 13.0.0.6 - WildTangent, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.103 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.32.7 - Google Inc.) Hidden
Home Makeover (HKLM-x32\...\WTA-f2bf7eb9-e377-484f-8cde-dbb7152c6ea8) (Version: 3.0.2.59 - WildTangent) Hidden
HT Web Cam 3.0 (HKLM-x32\...\{5648AC64-925E-48FB-BD1B-9511323E7D8A}) (Version: 3.0 - )
Intel Security True Key (HKLM\...\TrueKey) (Version: 4.19.108.1 - Intel Security)
Intel(R) Chipset Device Software (HKLM-x32\...\{c6cff78a-cccb-49d5-be68-ae0ec5f0d48a}) (Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 2.0.0.1067 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{DC5673D2-228D-45BC-B9BB-9610CE67DFC0}) (Version: 17.1.1524.1353 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c92e37dd-de51-4a9e-abfc-54c4b71d1b72}) (Version: 18.11.0 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{84DB01CB-7EB7-4261-9249-99A32768D991}) (Version: 1.0.0.523 - Intel Corporation)
Jewel Match 3 (HKLM-x32\...\WTA-b9eca6f0-f350-409b-80b6-7cfb979d1682) (Version: 2.2.0.97 - WildTangent) Hidden
Jewel Match Snowscapes (HKLM-x32\...\WTA-d55a4c69-9aca-46c0-bd47-30a8aafd5860) (Version: 3.0.2.118 - WildTangent) Hidden
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.0.0.0 - PandoraTV)
Magic Academy (HKLM-x32\...\WTA-4f8f4d42-f753-460a-acd0-d2dc96643b21) (Version: 2.2.0.97 - WildTangent) Hidden
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1132476843-1612301917-2949182917-1001\...\OneDriveSetup.exe) (Version: 19.033.0218.0011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 47.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 47.0.2 (x86 en-US)) (Version: 47.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.2.6148 - Mozilla)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
OpenOffice 4.1.2 (HKLM-x32\...\{69D27D4C-36CE-4CB2-A290-C38B0A990955}) (Version: 4.12.9782 - Apache Software Foundation)
Polar Bowler 1st Frame (HKLM-x32\...\WTA-34fb3df7-7fa1-468d-b159-6c215f62b392) (Version: 3.0.2.59 - WildTangent) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.31213 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7503 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.5 - VS Revo Group, Ltd.)
Rory's Restaurant (HKLM-x32\...\WTA-50fce378-1db4-4ede-903b-d8bba2a72c0d) (Version: 3.0.2.126 - WildTangent) Hidden
Runefall (HKLM-x32\...\WTA-a45a3a05-8eaf-448a-b0c5-1c16a11f485c) (Version: 3.0.2.126 - WildTangent) Hidden
Spotify (HKU\S-1-5-21-1132476843-1612301917-2949182917-1001\...\Spotify) (Version: 1.1.4.197.g92d52c4f - Spotify AB)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.75813 - TeamViewer)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
Vegas World (HKLM-x32\...\WildTangentGDF-acer-vegasworld) (Version: 13.0.0.6 - WildTangent) Hidden
Villagers and Heroes (HKLM-x32\...\WildTangentGDF-acer-villagersandheroes) (Version: 13.0.0.6 - WildTangent) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WhatsApp (HKU\S-1-5-21-1132476843-1612301917-2949182917-1001\...\WhatsApp) (Version: 0.3.2386 - WhatsApp)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer) (Version: 4.0.11.16 - WildTangent) Hidden
Windows Driver Package - Intel Corporation (iagpioe) System (05/21/2015 604.10120.2652.361) (HKLM\...\AF9226384B030787C4D0F761A23F48F7649D6D17) (Version: 05/21/2015 604.10120.2652.361 - Intel Corporation)
Windows Driver Package - Intel Corporation (iai2ce) System (05/21/2015 604.10120.2654.367) (HKLM\...\B37036F6A0766DAC3E418F6CAE67005C5F3A8C40) (Version: 05/21/2015 604.10120.2654.367 - Intel Corporation)
Windows Driver Package - Intel Corporation (iauarte) System (05/21/2015 604.10120.2653.391) (HKLM\...\1D4FF76A05A14FF5BA3636A41E0AB237F3A55E14) (Version: 05/21/2015 604.10120.2653.391 - Intel Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1132476843-1612301917-2949182917-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-05-06] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-05-06] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-05-06] (Acer Incorporated -> Acer Incorporated)
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2015-01-28] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2019-04-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {ef263503-8f0e-3e6a-ae2e-fe0b4b441d52} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2018-03-22] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => -> No File
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {3d52b24d-33bb-3895-99ea-a0156f24a3f9} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2018-03-22] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2018-04-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {cefaf456-bc17-3f4b-b7d9-75070925911b} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2018-03-22] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers5: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => -> No File
ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2019-04-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\System32\StartMenuHelper64.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers6: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => -> No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1489BC81-54FA-4985-8FC6-7209B94A4A21} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {16B3A079-8015-4AD8-B243-BF9C45DD947B} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_171_pepper.exe (Adobe Inc. -> Adobe)
Task: {1CBBA4BC-F976-4259-BF88-DC8EE0B95B52} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Inc. -> Adobe)
Task: {1F0AB5D3-C89D-4BB0-90A5-5153BF1905F8} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {3B3B0D22-F0BD-44B4-AF70-77195BE5A064} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe (Acer Incorporated -> TODO: <Company name>)
Task: {3FE6AD1B-5AEA-4EDD-8644-B2B06A775D10} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {46F49342-9D2F-414C-9C09-8932165453B0} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {4D11E542-9CFD-4C26-B61D-AF792B4B6664} - System32\Tasks\abDocsDllLoader => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe (Acer Incorporated -> )
Task: {6D2805E2-8299-4EDF-91E2-FD6EB3F685BD} - System32\Tasks\FUBTrackingByPLD => C:\OEM\Preload\FubTracking\FubTracking.exe (Acer Incorporated -> )
Task: {75A9F6B5-D6F4-483F-93A1-F71C09D1A8B5} - System32\Tasks\Avira\System Speedup\TestScheduler => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {778BD377-28C8-482C-B7D3-DEAB27CE4121} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
Task: {7C67E3C8-42AF-4739-985C-F89EF853A194} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe (Acer Incorporated -> Acer Incorporated)
Task: {7CD26B00-06F5-4B96-B5B2-4AD4622A1F6B} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG )
Task: {9E2B723A-F89E-410F-9779-1A4D1BF5CB6C} - System32\Tasks\AviraScoutUpdateTaskMachineCore => C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {B3548838-D065-418B-BA9A-4B27CB1C9203} - System32\Tasks\AviraScoutUpdateTaskMachineUA => C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {BC1C50A5-B532-432A-97A8-5B81C50577C3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {D5BAAF13-C0EE-4F7B-9EC0-13FD3B6C39C0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {F3873BCF-06BB-429D-A4BE-7BB16860D8A6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2015-02-26 19:12 - 2015-02-26 19:12 - 000330240 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
2018-06-29 15:31 - 2012-07-05 13:32 - 000084480 _____ (Brother Industries, Ltd.) [File not signed] C:\WINDOWS\system32\BrNetSti.dll
2018-06-29 15:31 - 2005-04-22 06:36 - 000143360 _____ () [File not signed] C:\WINDOWS\system32\BrSNMP64.dll
2016-07-30 09:05 - 2016-07-30 09:05 - 000289240 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\WINDOWS\System32\StartMenuHelper64.dll
2018-06-29 15:31 - 2012-09-06 21:06 - 000393216 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
2018-06-29 15:31 - 2012-09-06 21:11 - 001327104 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
2019-02-13 02:51 - 2019-02-13 02:51 - 000880128 _____ (ServiceStack) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\ServiceStack.Text\49a4445407b43e421849622e3f959eae\ServiceStack.Text.ni.dll
2019-01-12 22:49 - 2019-01-12 22:49 - 000065536 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.6195_none_3b1209fdc9ac7774\vcomp.dll
2018-06-29 15:31 - 2009-02-27 16:38 - 000139264 ____R () [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2018-06-29 15:31 - 2012-09-06 21:02 - 000155648 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcAssoc.dll
2018-06-29 15:31 - 2012-07-17 13:36 - 000094208 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcLCze.dll
2018-06-29 15:31 - 2012-07-06 13:33 - 000098304 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcDlgRc.dll
2018-06-29 15:31 - 2012-07-06 13:33 - 017694720 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcGrImg.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1132476843-1612301917-2949182917-1001\...\amazon.com -> amazon.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-12 01:38 - 2015-07-10 13:02 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\TXE Components\DAL\;C:\Program Files (x86)\Intel\TXE Components\DAL\;C:\Program Files\Intel\TXE Components\IPT\;C:\Program Files (x86)\Intel\TXE Components\IPT\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1132476843-1612301917-2949182917-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\lpopo\Desktop\TELEFON - věci\IMG-20181231-WA0006.jpg
DNS Servers: 195.250.128.34 - 212.20.96.34
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: 0059871482719104mcinstcleanup => 2
MSCONFIG\Services: Fax => 3
HKLM\...\StartupApproved\StartupFolder: => "O&O Defrag Tray.lnk"
HKLM\...\StartupApproved\Run: => "Classic Start Menu"
HKLM\...\StartupApproved\Run: => "rfagent"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run32: => "abDocsDllLoader"
HKU\S-1-5-21-1132476843-1612301917-2949182917-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1132476843-1612301917-2949182917-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{4EAAD3C4-70AC-4E57-801F-C2FC60C677A4}] => (Allow) C:\Users\lpopo\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{61663858-3093-48C6-9C11-4BA3757C3524}] => (Allow) C:\Users\lpopo\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{73B6B949-ADDE-4B1A-BDD5-B445BE249FF2}C:\users\lpopo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lpopo\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{EFB128A7-B8D7-403D-87CA-0367EE96EEB2}C:\users\lpopo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lpopo\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0FF0F28C-2D1F-422B-99BD-FEE1C7C1FB35}] => (Allow) LPort=54925
FirewallRules: [UDP Query User{A13B81C3-11E2-4BBA-96F2-EE85E9BB03AD}C:\users\lpopo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lpopo\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{451DA473-BDF5-4792-885B-30B6B4F3B372}C:\users\lpopo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lpopo\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{79335C2F-97B2-40AA-8478-EC22FE191C2F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{77047FE5-5BE3-46C4-9880-2EDCA9AD130E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{AC4F09D0-A1A1-491B-A6C8-7B850DA5B4AB}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{030AD213-B01A-4478-8883-98ACC90362D1}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{EC3208F3-2858-4033-948B-9FC0C05D4036}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [{7456B177-F3A4-4680-BA3F-C029A641E7C8}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [TCP Query User{78DA100F-A97C-4AC2-8B65-82479C66C957}C:\users\lpopo\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\lpopo\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{08551117-F6D1-4E14-8E14-8816782F181A}C:\users\lpopo\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\lpopo\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{1301F4E0-F3DC-4B98-AEDA-104A10B49F32}C:\users\lpopo\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\lpopo\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{0B69B59E-9955-484A-A932-76B30AA9CC81}C:\users\lpopo\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\lpopo\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{4711C933-270A-4865-9722-CA4F9BC1F271}C:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) C:\program files (x86)\soulseekqt\soulseekqt.exe () [File not signed]
FirewallRules: [UDP Query User{15241132-F13A-4BAF-8B97-4D7316EAB0FE}C:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) C:\program files (x86)\soulseekqt\soulseekqt.exe () [File not signed]
FirewallRules: [TCP Query User{BD24A9CC-58FC-43BC-A668-9A57226AB84D}C:\program files (x86)\ht web cam 3.0\htwebcam.exe] => (Allow) C:\program files (x86)\ht web cam 3.0\htwebcam.exe (Honest technology ) [File not signed]
FirewallRules: [UDP Query User{CBBBA648-7BCC-44C2-B733-D819D4453CF6}C:\program files (x86)\ht web cam 3.0\htwebcam.exe] => (Allow) C:\program files (x86)\ht web cam 3.0\htwebcam.exe (Honest technology ) [File not signed]
FirewallRules: [{AA7046A8-CB26-4658-AFC5-58ED7892B3D4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{4250A8CE-EC62-43BA-A406-B56222BA911C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{A84396B6-BCC9-4FF8-AAE4-9417C877A85D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{A18F6DE2-A465-4949-8E3F-22FC9FADCF03}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{FCBD7852-ECA7-49CE-878E-19F8D4DFF3C4}] => (Allow) C:\Program Files (x86)\Avira\Scout\Application\scout.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{61481365-51F7-40C5-99BC-847DED8520D1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{11496030-314E-46C8-A201-F0D16DEE76A1}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Wireless Connectivity Solutions -> )
FirewallRules: [{3CB0501E-5B45-4222-AE41-A3955183F44B}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{75E9E759-48B4-43CD-95FB-6D22728FAD74}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{B9470459-30DB-4DBD-A8C2-4FDCB3D9639D}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/16/2019 06:19:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program mmc.exe verze 10.0.17763.1 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 2194

Čas spuštění: 01d4f46f16afc00e

Čas ukončení: 27

Cesta k aplikaci: C:\Windows\System32\mmc.exe

ID hlášení: 8d69c42e-b9e6-42ab-9880-c70614b764ba

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (04/16/2019 06:11:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program mmc.exe verze 10.0.17763.1 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 1ffc

Čas spuštění: 01d4f46ece4ceeeb

Čas ukončení: 116

Cesta k aplikaci: C:\Windows\System32\mmc.exe

ID hlášení: 604261fc-d003-44d5-b23b-270cbd39a831

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (04/16/2019 05:10:52 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.


Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: DoSnapshotSet

Error: (04/16/2019 10:15:48 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (04/15/2019 05:56:23 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (04/14/2019 05:02:13 AM) (Source: AviraOptimizerHost) (EventID: 0) (User: )
Description: Event-ID 0

Error: (04/14/2019 12:29:15 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (04/13/2019 04:23:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Microsoft.Photos.exe verze 2019.19021.18010.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 27a4

Čas spuštění: 01d4f203cc817a5b

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19021.18010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

ID hlášení: 8a7af5bb-a0ad-4fd9-9208-aceee6dc59dc

Úplný název balíčku s chybou: Microsoft.Windows.Photos_2019.19021.18010.0_x64__8wekyb3d8bbwe

ID aplikace relativní podle balíčku s chybou: App

Typ zablokování: Quiesce


System errors:
=============
Error: (04/16/2019 08:10:06 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.SecurityAppBroker
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/16/2019 08:10:06 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscBrokerManager
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/16/2019 08:07:00 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-F6D2N2T4)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli LAPTOP-F6D2N2T4\lpopo (SID: S-1-5-21-1132476843-1612301917-2949182917-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/16/2019 08:05:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Wireless PAN DHCP Server byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/16/2019 08:03:52 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/16/2019 08:03:51 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/16/2019 08:03:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba UEIPSvc neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (04/16/2019 08:03:15 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby UEIPSvc bylo dosaženo časového limitu (30000 ms).


Windows Defender:
===================================
Date: 2019-02-08 10:53:12.232
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu: 1.285.1118.0
Předchozí verze podpisu: 1.285.573.0
Zdroj aktualizace: Uživatel
Typ podpisu: Antispywarový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.15600.4
Předchozí verze modulu: 1.1.15600.4
Kód chyby: 0x80509004
Popis chyby :Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.

Date: 2019-02-08 10:53:12.213
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu: 1.285.1118.0
Předchozí verze podpisu: 1.285.573.0
Zdroj aktualizace: Uživatel
Typ podpisu: Antivirový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.15600.4
Předchozí verze modulu: 1.1.15600.4
Kód chyby: 0x80509004
Popis chyby :Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.

Date: 2019-01-31 10:21:03.076
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu: 1.285.541.0
Předchozí verze podpisu: 1.283.3392.0
Zdroj aktualizace: Složka aktualizace podpisů
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.15600.4
Předchozí verze modulu: 1.1.15600.4
Kód chyby: 0x80004004
Popis chyby :Operace přerušena

Date: 2019-01-31 10:21:03.069
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu: 1.285.541.0
Předchozí verze podpisu: 1.283.3392.0
Zdroj aktualizace: Složka aktualizace podpisů
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.15600.4
Předchozí verze modulu: 1.1.15600.4
Kód chyby: 0x80004004
Popis chyby :Operace přerušena

Date: 2019-01-14 03:26:32.537
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.283.2134.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15500.2
Kód chyby: 0x80240016
Popis chyby :Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===================================

Date: 2019-04-04 20:57:53.013
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Acer\shellext\x64\shellext_win.dll that did not meet the Microsoft signing level requirements.

Date: 2019-04-04 20:57:52.983
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Acer\shellext\x64\shellext_win.dll that did not meet the Microsoft signing level requirements.

Date: 2019-04-04 20:57:52.857
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Acer\shellext\x64\shellext_win.dll that did not meet the Microsoft signing level requirements.

Date: 2019-03-30 00:55:30.452
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Acer\shellext\x64\shellext_win.dll that did not meet the Microsoft signing level requirements.

Date: 2019-03-30 00:55:30.423
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Acer\shellext\x64\shellext_win.dll that did not meet the Microsoft signing level requirements.

Date: 2019-03-30 00:55:30.347
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Acer\shellext\x64\shellext_win.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Pentium(R) CPU N3700 @ 1.60GHz
Percentage of memory in use: 87%
Total physical RAM: 3919.27 MB
Available physical RAM: 476.97 MB
Total Virtual: 7119.27 MB
Available Virtual: 1692.94 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:465.16 GB) (Free:26.52 GB) NTFS

\\?\Volume{add38ea6-cde4-4ebc-8256-9d775b330848}\ (Recovery) (Fixed) (Total:0.49 GB) (Free:0.09 GB) NTFS
\\?\Volume{0c74ea3b-1f7b-43e9-b210-8028c341d550}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: CBD95A23)

Partition: GPT.

==================== End of Addition.txt ============================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Nestandardní chování notebooku

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKU\S-1-5-21-1132476843-1612301917-2949182917-1001 -> DefaultScope {5CC363B1-F2E6-4A33-B833-D05CA07CB8A7} URL =
SearchScopes: HKU\S-1-5-21-1132476843-1612301917-2949182917-1001 -> {6A73C339-328C-422E-9E30-D39FC8877701} URL =
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\lpopo\AppData\Local\{2F14CD53-4A5D-4956-8332-BA293B1EDEBD}
C:\Users\lpopo\AppData\Local\{3666F618-D3A8-4CE4-9E9C-D16111B6213D}
ContextMenuHandlers1: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => -> No File
ContextMenuHandlers6: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => -> No File
Task: {1489BC81-54FA-4985-8FC6-7209B94A4A21} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {BC1C50A5-B532-432A-97A8-5B81C50577C3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {F3873BCF-06BB-429D-A4BE-7BB16860D8A6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Trasheek
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 21 úno 2009 20:32

Re: Nestandardní chování notebooku

#7 Příspěvek od Trasheek »

Fix result of Farbar Recovery Scan Tool (x64) Version: 15.04.2019 01
Ran by lpopo (16-04-2019 22:32:20) Run:1
Running from C:\Users\lpopo\Desktop
Loaded Profiles: lpopo (Available Profiles: lpopo)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKU\S-1-5-21-1132476843-1612301917-2949182917-1001 -> DefaultScope {5CC363B1-F2E6-4A33-B833-D05CA07CB8A7} URL =
SearchScopes: HKU\S-1-5-21-1132476843-1612301917-2949182917-1001 -> {6A73C339-328C-422E-9E30-D39FC8877701} URL =
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\lpopo\AppData\Local\{2F14CD53-4A5D-4956-8332-BA293B1EDEBD}
C:\Users\lpopo\AppData\Local\{3666F618-D3A8-4CE4-9E9C-D16111B6213D}
ContextMenuHandlers1: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => -> No File
ContextMenuHandlers6: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => -> No File
Task: {1489BC81-54FA-4985-8FC6-7209B94A4A21} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {BC1C50A5-B532-432A-97A8-5B81C50577C3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {F3873BCF-06BB-429D-A4BE-7BB16860D8A6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully
"HKU\S-1-5-21-1132476843-1612301917-2949182917-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-1132476843-1612301917-2949182917-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A73C339-328C-422E-9E30-D39FC8877701} => removed successfully
HKLM\Software\Classes\CLSID\{6A73C339-328C-422E-9E30-D39FC8877701} => not found
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
C:\Users\lpopo\AppData\Local\{2F14CD53-4A5D-4956-8332-BA293B1EDEBD} => moved successfully
C:\Users\lpopo\AppData\Local\{3666F618-D3A8-4CE4-9E9C-D16111B6213D} => moved successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\UAContextMenu => removed successfully
HKLM\Software\Classes\CLSID\{A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\UAContextMenu => removed successfully
HKLM\Software\Classes\CLSID\{A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\UAContextMenu => removed successfully
HKLM\Software\Classes\CLSID\{A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1489BC81-54FA-4985-8FC6-7209B94A4A21}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1489BC81-54FA-4985-8FC6-7209B94A4A21}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BC1C50A5-B532-432A-97A8-5B81C50577C3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BC1C50A5-B532-432A-97A8-5B81C50577C3}" => removed successfully
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F3873BCF-06BB-429D-A4BE-7BB16860D8A6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F3873BCF-06BB-429D-A4BE-7BB16860D8A6}" => removed successfully
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 120689448 B
Java, Flash, Steam htmlcache => 1032 B
Windows/system/drivers => 2662800 B
Edge => 3004154 B
Chrome => 191758071 B
Firefox => 41280716 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 250716 B
LocalService => 0 B
NetworkService => 18537560 B
NetworkService => 0 B
lpopo => 40887456 B

RecycleBin => 0 B
EmptyTemp: => 409.7 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 22:41:18 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Nestandardní chování notebooku

#8 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Trasheek
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 21 úno 2009 20:32

Re: Nestandardní chování notebooku

#9 Příspěvek od Trasheek »

Ten problém, co jsem měl s pracovním adminem, je pryč, díky moc. Co zůstalo je, že při zapnutí počítače se systém strašně pomalu rozjíždí a když zapnu Spotify, musím čekat i několik minut, než se všechno načte. Ale možná to je prostě výkonem nebo nastavením počítače...

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Nestandardní chování notebooku

#10 Příspěvek od Rudy »

OK.
1. Zkuste defragmentovat disk.
2. Kolik je volného místa na disku.
3. Jak velký je adresář C:\Users\lpopo\plocha.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Trasheek
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 21 úno 2009 20:32

Re: Nestandardní chování notebooku

#11 Příspěvek od Trasheek »

Přeinstaloval jsem několik programů a udělal doporučený úklid – stav je o poznání lepší. Teď už budu určitě pořádnější, díky moc za pomoc! :idea:

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Nestandardní chování notebooku

#12 Příspěvek od Rudy »

Rádo se stalo! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno