zpomalení PC, občas problém s nastartováním Chromu

[cazzo]

Dobrý den, posílám pro kontrolu RSIT log a FRST log

Logfile of random's system information tool 1.16 (written by random/random)
Run by Jiří at 2018-06-02 12:04:51
Microsoft Windows 10 Home
System drive C: has 150 GB (33%) free of 460 GB
Total RAM: 3978 MB (40% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:05:15, on 02.06.2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.16299.0371)
Boot mode: Normal

Running processes:
C:\Windows\SysWOW64\UMonit64.exe
C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
C:\Program Files (x86)\GLPCCamera\monitorpad.exe
C:\Program Files (x86)\Stardock\ObjectDock Plus\ObjectDock.exe
C:\Program Files\trend micro\Jiří_RSITx64.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com/?pc=ACJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer13.msn.com/?pc=ACJB
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Jiří\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files (x86)\Stardock\ObjectDock Plus\ObjectDock.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Launch Manager Service (LMSvc) - Acer Incorporate - C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Quick Access Service (QASvc) - Acer Incorporate - C:\Program Files\Acer\Acer Quick Access\QASvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: User Experience Improvement Program (UEIPSvc) - acer - C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)

--
End of file - 10171 bytes

====== Enumerating Processes ======

C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\lsass.exe
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\fontdrvhost.exe
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
C:\WINDOWS\system32\dwm.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
c:\windows\system32\svchost.exe -k localservice -p -s nsi
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k localservice -p -s SEMgrSvc
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\system32\igfxCUIService.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\system32\WLANExt.exe 1662759954256
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
"C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe"
"C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
c:\windows\system32\svchost.exe -k netsvcs -p -s IKEEXT
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
"C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe"
"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
c:\windows\system32\svchost.exe -k networkservice -p -s TapiSrv
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
c:\windows\system32\svchost.exe -k localservice -p -s fdPHost
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s FDResPub
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
C:\WINDOWS\system32\dashost.exe
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\sihost.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s Browser
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -p -s PolicyAgent
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s HomeGroupProvider
c:\windows\system32\taskhostw.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
C:\WINDOWS\system32\ctfmon.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
C:\WINDOWS\Explorer.EXE
C:\Windows\SysWOW64\UMonit64.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup
"C:\Program Files\Acer\Acer Quick Access\QASvc.exe"
"C:\Program Files\Acer\Acer Quick Access\QAEvent.exe"
"C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe"
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s upnphost
"C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s Netman
"C:\Program Files\Acer\Acer Launch Manager\LMTray.exe"
"C:\Program Files\Acer\Acer Quick Access\QAMsg.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
C:\WINDOWS\system32\igfxEM.exe
C:\WINDOWS\system32\igfxHK.exe
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
C:\WINDOWS\system32\igfxTray.exe
"C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe"
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Acer\Acer Power Management\ePowerTray.exe"
C:\WINDOWS\system32\igfxext.exe -Embedding
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
"C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe"
C:\WINDOWS\System32\svchost.exe -k netsvcs -p
"C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe" task
"C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe" task
"C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe" -r "C:\Users\Jiří\AppData\Local\AOP SDK\Acer Infra\acer\SyncAgent" -u S-1-5-21-2734594728-343395219-3823349460-1001 -c 732 -s 540 -g "C:\ProgramData\acer\CCD"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\GLPCCamera\monitorpad.exe"
"C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe"
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
"C:\Program Files (x86)\Stardock\ObjectDock Plus\ObjectDock.exe"
"C:\Program Files (x86)\Stardock\ObjectDock Plus\Dock64.exe"
"C:\Program Files (x86)\Stardock\ObjectDock Plus\ObjectDockTray.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s BITS
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DsSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s QWAVE
c:\windows\system32\taskhostw.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s RmSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SensorService
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s NcdAutoSetup
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
"C:\Program Files\CCleaner\CCleaner64.exe" /monitor
C:\Windows\System32\smartscreen.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc
C:\WINDOWS\system32\AUDIODG.EXE 0x524
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s tiledatamodelsvc
"C:\Users\Jiří\Desktop\RSITx64.exe"

====== Scheduled tasks folder ======

C:\WINDOWS\system32\tasks\abDocsDllLoader - C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe task
C:\WINDOWS\system32\tasks\ACCAgent - C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe
C:\WINDOWS\system32\tasks\BacKGroundAgent - C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe task
C:\WINDOWS\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\WINDOWS\system32\tasks\ESET Windows 10 upgrade – Refresh settings - C:\Program Files\Common Files\AV\ESET Smart Security 8.0\upgrade.exe
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA1d0b995bf082813 - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\Launch Manager - "C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe"
C:\WINDOWS\system32\tasks\OneDrive Standalone Update Task-S-1-5-21-2734594728-343395219-3823349460-1001 - %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
C:\WINDOWS\system32\tasks\Power Management - "C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe"
C:\WINDOWS\system32\tasks\Quick Access - "C:\Program Files\Acer\Acer Quick Access\QALauncher.exe"
C:\WINDOWS\system32\tasks\Quick Access Quick Launcher - "C:\Program Files\Acer\Acer Quick Access\QALauncher.exe" -noui -normsvc
C:\WINDOWS\system32\tasks\UbtFrameworkService - "C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe"
C:\WINDOWS\system32\tasks\UMonitor Task - C:\Windows\SysWOW64\UMonit64.exe
C:\WINDOWS\system32\tasks\User_Feed_Synchronization-{01FA28F9-C04B-4783-A9F8-762159759CC1} - C:\Windows\system32\msfeedssync.exe sync
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTask - %windir%\System32\XblGameSaveTask.exe standby
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon - %windir%\System32\XblGameSaveTask.exe logon
C:\WINDOWS\system32\tasks\Microsoft\Windows\WwanSvc\NotificationTask - %SystemRoot%\System32\WiFiTask.exe wwan
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join - %SystemRoot%\System32\dsregcmd.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join - %SystemRoot%\System32\AutoWorkplace.exe join
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Recovery-Check - %SystemRoot%\System32\dsregcmd.exe /checkrecovery
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network - C:\Windows\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sih - %systemroot%\System32\sihclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sihboot - %systemroot%\System32\sihclient.exe /boot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -upload
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance - C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup - C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MpCmdRun.exe -IdleTask -TaskName WdCleanup
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan - C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MpCmdRun.exe Scan -ScheduleJob -ScanTrigger 55
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification - C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MpCmdRun.exe -IdleTask -TaskName WdVerification
C:\WINDOWS\system32\tasks\Microsoft\Windows\WCM\WiFiTask - %SystemRoot%\System32\WiFiTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WaaSMedic\PerformRemediation - %systemroot%\System32\WaaSMedic.exe None
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\AC Power Download - %systemroot%\system32\usoclient.exe StartDownload
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval - %systemroot%\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Reboot - %systemroot%\system32\MusNotification.exe RebootDialog
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan - %systemroot%\system32\usoclient.exe StartScan
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display - %systemroot%\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UNP\RunUpdateNotificationMgr - %windir%\System32\UNP\UpdateNotificationMgr.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition - %SystemRoot%\system32\ClipRenew.exe -e
C:\WINDOWS\system32\tasks\Microsoft\Windows\Subscription\LicenseAcquisition - %SystemRoot%\system32\ClipRenew.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization - %windir%\system32\defrag.exe -c -h -g -# -m 8 -i 13500
C:\WINDOWS\system32\tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask - %windir%\system32\speech_onecore\common\SpeechModelDownload.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceManagerTask - %windir%\system32\spaceman.exe /Work
C:\WINDOWS\system32\tasks\Microsoft\Windows\SMB\UninstallSMB1ClientTask - %windir%\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& %windir%\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Client"
C:\WINDOWS\system32\tasks\Microsoft\Windows\SMB\UninstallSMB1ServerTask - %windir%\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& %windir%\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Server"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SharedPC\Account Cleanup - %windir%\System32\rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Setup\Notifier - %windir%\system32\Notifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\PushToInstall\LoginCheck - %windir%\system32\sc.exe start pushtoinstall login
C:\WINDOWS\system32\tasks\Microsoft\Windows\PushToInstall\Registration - %windir%\system32\sc.exe start pushtoinstall registration
C:\WINDOWS\system32\tasks\Microsoft\Windows\Printing\EduPrintProv - %windir%\system32\eduprintprov.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\NlaSvc\WiFiTask - %SystemRoot%\System32\WiFiTask.exe nla
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\Lpksetup - C:\Windows\System32\lpksetup.exe -v
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\Mcbuilder - C:\Windows\System32\mcbuilder.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Cellular - %windir%\system32\ProvTool.exe /turn 7 /source CellStateChangeTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Logon - %windir%\system32\ProvTool.exe /turn 5 /source LogonIdleTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotificationWindows.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\WindowsActionDialog - %windir%\System32\WindowsActionDialog.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClient - %windir%\system32\dmclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload - %windir%\system32\dmclient.exe utcwnf
C:\WINDOWS\system32\tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask - %windir%\system32\MDMAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DUSM\dusmtask - %SystemRoot%\System32\dusmtask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskFootprint\Diagnostics - %windir%\system32\disksnapshot.exe -z
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\Device Information\Device - %windir%\system32\devicecensus.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Clip\License Validation - %SystemRoot%\system32\ClipUp.exe -p -s -o
C:\WINDOWS\system32\tasks\Microsoft\Windows\Chkdsk\SyspartRepair - %windir%\system32\bcdboot.exe %windir% /sysrepair
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierdaily - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierinstall - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup - %windir%\system32\dstokenclean.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattelrunner.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe

=========Google Chrome=========

C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek 1 Prezentace 0.10
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension aknpkdffaafgjchaibgeefbgmgeghloj
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty 0.10
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension felcaaldnbdncclmgdcncolpebgiejap 1 Tabulky 1.2
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension gffjhibehnempbkeheiccaincokdjbfe 0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google offline 1.4
Extension gighmmpiobklfepjocnamgkkbiglidom 1 AdBlock 3.30.1
Extension iiekfaemafmplemocgimeccahephhdgf 1 VratnePenize.cz Připomínáček 2.0.11.0
Extension kdmmkfaghgcicheaimnpffeeekheafkb 0 EasyHome Homestyler 4.0.0
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.73
Extension knebimhcckndhiglamoabbnifdkijidd 0
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik 1 GaiaAuthExtension 0.0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.7
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.4
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 6618.312.0.2
Extension pmeobdehlajlhbpcmodgllgfmblpjflc 1 Bubble Shooter
1.4
Extension pnjfmdhgadolaidlgcbdjbmjnkidlmdj 1 Dark Violet 1.5
Homepage: http://www.idnes.cz/
default_search_provider.search_url:
C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:

======Registry dump ======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-09-29 630168]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-06-24 13885696]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2015-01-28 5595848]
"GLSystray"=C:\Program Files (x86)\GLPCCamera\monitorpad.exe [2011-11-28 69632]
"CDAServer"=C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [2012-03-09 462712]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-06-29 53282944]
"OneDrive"=C:\Users\Jiří\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2018-05-01 1624224]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2017-04-11 9532120]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Stardock ObjectDock.lnk - C:\Program Files (x86)\Stardock\ObjectDock Plus\ObjectDock.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders" = credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"DSCAutomationHostEnabled"=2
"EnableCursorSuppression"=1
"EnableFullTrustStartupTasks"=2
"EnableUIADesktopToggle"=0
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"undockwithoutlogon"=1
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=0
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
"StubPath" = %SystemRoot%\inf\unregmp2.exe /ShowWMP
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath" = "C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.181\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

====== File associations ======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

====== List of files/folders created in the last 1 month ======

2018-06-02 07:42:51 ----HD---- C:\$WINDOWS.~BT
2018-05-19 21:52:53 ----A---- C:\WINDOWS\system32\Notifier.exe
2018-05-09 18:37:37 ----A---- C:\WINDOWS\system32\WpAXHolder.dll
2018-05-09 18:37:25 ----A---- C:\WINDOWS\SYSWOW64\TSpkg.dll
2018-05-09 18:37:25 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll
2018-05-09 18:37:25 ----A---- C:\WINDOWS\SYSWOW64\credssp.dll
2018-05-09 18:37:25 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2018-05-09 18:37:24 ----A---- C:\WINDOWS\SYSWOW64\wldp.dll
2018-05-09 18:37:24 ----A---- C:\WINDOWS\SYSWOW64\WinTypes.dll
2018-05-09 18:37:24 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2018-05-09 18:37:24 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2018-05-09 18:37:24 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2018-05-09 18:37:24 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2018-05-09 18:37:24 ----A---- C:\WINDOWS\system32\wldp.dll
2018-05-09 18:37:24 ----A---- C:\WINDOWS\system32\Wldap32.dll
2018-05-09 18:37:24 ----A---- C:\WINDOWS\system32\WinTypes.dll
2018-05-09 18:37:24 ----A---- C:\WINDOWS\system32\wintrust.dll
2018-05-09 18:37:24 ----A---- C:\WINDOWS\system32\windows.storage.dll
2018-05-09 18:37:24 ----A---- C:\WINDOWS\system32\wincorlib.dll
2018-05-09 18:37:24 ----A---- C:\WINDOWS\system32\schannel.dll
2018-05-09 18:37:24 ----A---- C:\WINDOWS\system32\profsvc.dll
2018-05-09 18:37:24 ----A---- C:\WINDOWS\system32\oleaut32.dll
2018-05-09 18:37:24 ----A---- C:\WINDOWS\system32\lsasrv.dll
2018-05-09 18:37:24 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2018-05-09 18:37:24 ----A---- C:\WINDOWS\system32\dcntel.dll
2018-05-09 18:37:24 ----A---- C:\WINDOWS\system32\crypt32.dll
2018-05-09 18:37:24 ----A---- C:\WINDOWS\system32\combase.dll
2018-05-09 18:37:24 ----A---- C:\WINDOWS\system32\ci.dll
2018-05-09 18:37:24 ----A---- C:\WINDOWS\system32\ByteCodeGenerator.exe
2018-05-09 18:37:24 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-05-09 18:37:24 ----A---- C:\WINDOWS\system32\aepic.dll
2018-05-09 18:37:23 ----A---- C:\WINDOWS\SYSWOW64\Wldap32.dll
2018-05-09 18:37:23 ----A---- C:\WINDOWS\SYSWOW64\netlogon.dll
2018-05-09 18:37:23 ----A---- C:\WINDOWS\SYSWOW64\crypt32.dll
2018-05-09 18:37:23 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2018-05-09 18:37:23 ----A---- C:\WINDOWS\SYSWOW64\aepic.dll
2018-05-09 18:37:23 ----A---- C:\WINDOWS\system32\wuuhosdeployment.dll
2018-05-09 18:37:23 ----A---- C:\WINDOWS\system32\wuuhext.dll
2018-05-09 18:37:23 ----A---- C:\WINDOWS\system32\wups2.dll
2018-05-09 18:37:23 ----A---- C:\WINDOWS\system32\wuaueng.dll
2018-05-09 18:37:23 ----A---- C:\WINDOWS\system32\usocore.dll
2018-05-09 18:37:23 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2018-05-09 18:37:23 ----A---- C:\WINDOWS\system32\UpdateAgent.dll
2018-05-09 18:37:23 ----A---- C:\WINDOWS\system32\netlogon.dll
2018-05-09 18:37:23 ----A---- C:\WINDOWS\system32\drivers\tm.sys
2018-05-09 18:37:23 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2018-05-09 18:37:23 ----A---- C:\WINDOWS\system32\dosvc.dll
2018-05-09 18:37:23 ----A---- C:\WINDOWS\system32\domgmt.dll
2018-05-09 18:37:23 ----A---- C:\WINDOWS\system32\diagtrack.dll
2018-05-09 18:37:22 ----A---- C:\WINDOWS\system32\MusNotification.exe
2018-05-09 18:37:21 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-05-09 18:37:21 ----A---- C:\WINDOWS\system32\twinui.appcore.dll
2018-05-09 18:37:21 ----A---- C:\WINDOWS\system32\ShareHost.dll
2018-05-09 18:37:21 ----A---- C:\WINDOWS\system32\eShims.dll
2018-05-09 18:37:21 ----A---- C:\WINDOWS\system32\cdp.dll
2018-05-09 18:37:21 ----A---- C:\WINDOWS\system32\browserexport.exe
2018-05-09 18:37:21 ----A---- C:\WINDOWS\system32\browserbroker.dll
2018-05-09 18:37:20 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2018-05-09 18:37:20 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-05-09 18:37:20 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-05-09 18:37:20 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2018-05-09 18:37:20 ----A---- C:\WINDOWS\system32\aadcloudap.dll
2018-05-09 18:37:20 ----A---- C:\WINDOWS\system32\aadauthhelper.dll
2018-05-09 18:37:19 ----A---- C:\WINDOWS\system32\wlidsvc.dll
2018-05-09 18:37:19 ----A---- C:\WINDOWS\system32\wlidprov.dll
2018-05-09 18:37:19 ----A---- C:\WINDOWS\system32\win32kbase.sys
2018-05-09 18:37:19 ----A---- C:\WINDOWS\system32\tquery.dll
2018-05-09 18:37:19 ----A---- C:\WINDOWS\system32\SearchProtocolHost.exe
2018-05-09 18:37:19 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2018-05-09 18:37:19 ----A---- C:\WINDOWS\system32\SearchFilterHost.exe
2018-05-09 18:37:19 ----A---- C:\WINDOWS\system32\mssvp.dll
2018-05-09 18:37:19 ----A---- C:\WINDOWS\system32\mssrch.dll
2018-05-09 18:37:19 ----A---- C:\WINDOWS\system32\mssprxy.dll
2018-05-09 18:37:19 ----A---- C:\WINDOWS\system32\mssph.dll
2018-05-09 18:37:19 ----A---- C:\WINDOWS\system32\mssitlb.dll
2018-05-09 18:37:19 ----A---- C:\WINDOWS\system32\MicrosoftAccountWAMExtension.dll
2018-05-09 18:37:19 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2018-05-09 18:37:19 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2018-05-09 18:37:19 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2018-05-09 18:37:19 ----A---- C:\WINDOWS\system32\D3D12.dll
2018-05-09 18:37:18 ----A---- C:\WINDOWS\system32\Windows.Internal.Management.dll
2018-05-09 18:37:18 ----A---- C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2018-05-09 18:37:18 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2018-05-09 18:37:18 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2018-05-09 18:37:18 ----A---- C:\WINDOWS\system32\win32kfull.sys
2018-05-09 18:37:18 ----A---- C:\WINDOWS\system32\rdpcore.dll
2018-05-09 18:37:18 ----A---- C:\WINDOWS\system32\ngccredprov.dll
2018-05-09 18:37:18 ----A---- C:\WINDOWS\system32\mdmregistration.dll
2018-05-09 18:37:18 ----A---- C:\WINDOWS\system32\mdmmigrator.dll
2018-05-09 18:37:18 ----A---- C:\WINDOWS\system32\LicenseManager.dll
2018-05-09 18:37:18 ----A---- C:\WINDOWS\system32\Geolocation.dll
2018-05-09 18:37:18 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2018-05-09 18:37:18 ----A---- C:\WINDOWS\system32\enrollmentapi.dll
2018-05-09 18:37:18 ----A---- C:\WINDOWS\system32\dmenrollengine.dll
2018-05-09 18:37:18 ----A---- C:\WINDOWS\system32\dmcertinst.exe
2018-05-09 18:37:18 ----A---- C:\WINDOWS\system32\DeviceEnroller.exe
2018-05-09 18:37:18 ----A---- C:\WINDOWS\system32\daxexec.dll
2018-05-09 18:37:18 ----A---- C:\WINDOWS\system32\DAFWSD.dll
2018-05-09 18:37:18 ----A---- C:\WINDOWS\system32\coredpus.dll
2018-05-09 18:37:18 ----A---- C:\WINDOWS\system32\BFE.DLL
2018-05-09 18:37:17 ----A---- C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-05-09 18:37:17 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-05-09 18:37:17 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2018-05-09 18:37:17 ----A---- C:\WINDOWS\system32\drivers\USBXHCI.SYS
2018-05-09 18:37:17 ----A---- C:\WINDOWS\system32\drivers\netbt.sys
2018-05-09 18:37:17 ----A---- C:\WINDOWS\system32\DeviceUpdateAgent.dll
2018-05-09 18:37:16 ----A---- C:\WINDOWS\SYSWOW64\UIRibbonRes.dll
2018-05-09 18:37:16 ----A---- C:\WINDOWS\SYSWOW64\UIRibbon.dll
2018-05-09 18:37:16 ----A---- C:\WINDOWS\system32\Windows.UI.Search.dll
2018-05-09 18:37:16 ----A---- C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2018-05-09 18:37:16 ----A---- C:\WINDOWS\system32\UIRibbonRes.dll
2018-05-09 18:37:16 ----A---- C:\WINDOWS\system32\UIRibbon.dll
2018-05-09 18:37:15 ----A---- C:\WINDOWS\system32\vbscript.dll
2018-05-09 18:37:15 ----A---- C:\WINDOWS\system32\twext.dll
2018-05-09 18:37:15 ----A---- C:\WINDOWS\system32\TSpkg.dll
2018-05-09 18:37:15 ----A---- C:\WINDOWS\system32\shlwapi.dll
2018-05-09 18:37:15 ----A---- C:\WINDOWS\system32\shell32.dll
2018-05-09 18:37:15 ----A---- C:\WINDOWS\system32\IdCtrls.dll
2018-05-09 18:37:15 ----A---- C:\WINDOWS\system32\credssp.dll
2018-05-09 18:37:15 ----A---- C:\WINDOWS\system32\comdlg32.dll
2018-05-09 18:37:15 ----A---- C:\WINDOWS\system32\comctl32.dll
2018-05-09 18:37:14 ----A---- C:\WINDOWS\system32\TokenBrokerUI.dll
2018-05-09 18:37:14 ----A---- C:\WINDOWS\system32\themecpl.dll
2018-05-09 18:37:14 ----A---- C:\WINDOWS\system32\SyncCenter.dll
2018-05-09 18:37:14 ----A---- C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2018-05-09 18:37:14 ----A---- C:\WINDOWS\system32\ntshrui.dll
2018-05-09 18:37:14 ----A---- C:\WINDOWS\system32\ninput.dll
2018-05-09 18:37:14 ----A---- C:\WINDOWS\system32\mstsc.exe
2018-05-09 18:37:14 ----A---- C:\WINDOWS\system32\msctf.dll
2018-05-09 18:37:14 ----A---- C:\WINDOWS\system32\InputSwitch.dll
2018-05-09 18:37:13 ----A---- C:\WINDOWS\system32\usercpl.dll
2018-05-09 18:37:13 ----A---- C:\WINDOWS\system32\twinui.dll
2018-05-09 18:37:13 ----A---- C:\WINDOWS\system32\mstscax.dll
2018-05-09 18:37:13 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2018-05-09 18:37:13 ----A---- C:\WINDOWS\system32\kernel32.dll
2018-05-09 18:37:13 ----A---- C:\WINDOWS\system32\AppxSysprep.dll
2018-05-09 18:37:13 ----A---- C:\WINDOWS\system32\AcSpecfc.dll
2018-05-09 18:37:12 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-05-09 18:37:12 ----A---- C:\WINDOWS\system32\authui.dll
2018-05-09 18:37:12 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-05-09 18:37:12 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-05-09 18:37:12 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-05-09 18:37:12 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2018-05-09 18:37:11 ----A---- C:\WINDOWS\system32\Windows.CloudStore.Schema.Shell.dll
2018-05-09 18:37:11 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2018-05-09 18:37:11 ----A---- C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2018-05-09 18:37:11 ----A---- C:\WINDOWS\system32\SettingsHandlers_User.dll
2018-05-09 18:37:11 ----A---- C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2018-05-09 18:37:11 ----A---- C:\WINDOWS\system32\AppResolver.dll
2018-05-09 18:37:09 ----A---- C:\WINDOWS\system32\StartTileData.dll
2018-05-09 18:37:09 ----A---- C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2018-05-09 18:37:08 ----A---- C:\WINDOWS\system32\win32appinventorycsp.dll
2018-05-09 18:37:08 ----A---- C:\WINDOWS\system32\WebRuntimeManager.dll
2018-05-09 18:37:08 ----A---- C:\WINDOWS\system32\pcasvc.dll
2018-05-09 18:37:08 ----A---- C:\WINDOWS\system32\pcalua.exe
2018-05-09 18:37:08 ----A---- C:\WINDOWS\system32\pcaevts.dll
2018-05-09 18:37:08 ----A---- C:\WINDOWS\system32\pcadm.dll
2018-05-09 18:37:08 ----A---- C:\WINDOWS\system32\invagent.dll
2018-05-09 18:37:08 ----A---- C:\WINDOWS\system32\appraiser.dll
2018-05-09 18:37:08 ----A---- C:\WINDOWS\system32\acmigration.dll
2018-05-09 18:37:07 ----A---- C:\WINDOWS\system32\wsecedit.dll
2018-05-09 18:37:07 ----A---- C:\WINDOWS\system32\devinv.dll
2018-05-09 18:37:07 ----A---- C:\WINDOWS\system32\aeinv.dll
2018-05-09 18:37:06 ----A---- C:\WINDOWS\system32\zipfldr.dll
2018-05-09 18:37:06 ----A---- C:\WINDOWS\system32\MCRecvSrc.dll
2018-05-09 18:37:06 ----A---- C:\WINDOWS\system32\generaltel.dll
2018-05-09 18:37:06 ----A---- C:\WINDOWS\system32\dwmcore.dll
2018-05-09 18:37:06 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2018-05-09 18:37:06 ----A---- C:\WINDOWS\system32\catsrvut.dll
2018-05-09 18:37:06 ----A---- C:\WINDOWS\system32\aitstatic.exe
2018-05-09 18:37:05 ----A---- C:\WINDOWS\system32\winresume.exe
2018-05-09 18:37:05 ----A---- C:\WINDOWS\system32\srpapi.dll
2018-05-09 18:37:05 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2018-05-09 18:37:05 ----A---- C:\WINDOWS\system32\comsvcs.dll
2018-05-09 18:37:05 ----A---- C:\WINDOWS\system32\appidsvc.dll
2018-05-09 18:37:05 ----A---- C:\WINDOWS\system32\appidapi.dll
2018-05-09 18:37:04 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2018-05-09 18:37:04 ----A---- C:\WINDOWS\system32\KernelBase.dll
2018-05-09 18:37:04 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2018-05-09 18:37:04 ----A---- C:\WINDOWS\system32\drivers\fltMgr.sys
2018-05-09 18:37:03 ----A---- C:\WINDOWS\system32\winload.exe
2018-05-09 18:37:03 ----A---- C:\WINDOWS\system32\ntdll.dll
2018-05-09 18:37:03 ----A---- C:\WINDOWS\system32\LogonController.dll
2018-05-09 18:37:03 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2018-05-09 18:37:03 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2018-05-09 18:37:03 ----A---- C:\WINDOWS\system32\credprovs.dll
2018-05-09 18:37:03 ----A---- C:\WINDOWS\system32\credprovhost.dll
2018-05-09 18:37:03 ----A---- C:\WINDOWS\system32\CredProv2faHelper.dll
2018-05-09 18:37:03 ----A---- C:\WINDOWS\system32\atmfd.dll
2018-05-09 18:37:02 ----A---- C:\WINDOWS\system32\t2embed.dll
2018-05-09 18:37:02 ----A---- C:\WINDOWS\system32\itss.dll
2018-05-09 18:37:02 ----A---- C:\WINDOWS\system32\itircl.dll
2018-05-09 18:37:02 ----A---- C:\WINDOWS\system32\hgcpl.dll
2018-05-09 18:37:02 ----A---- C:\WINDOWS\system32\gameux.dll
2018-05-09 18:37:02 ----A---- C:\WINDOWS\system32\fontsub.dll
2018-05-09 18:37:02 ----A---- C:\WINDOWS\system32\BitLockerCsp.dll
2018-05-09 18:37:02 ----A---- C:\WINDOWS\HelpPane.exe
2018-05-09 18:37:00 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2018-05-09 18:37:00 ----A---- C:\WINDOWS\system32\gdi32full.dll
2018-05-09 18:36:59 ----A---- C:\WINDOWS\system32\UserLanguagesCpl.dll
2018-05-09 18:36:59 ----A---- C:\WINDOWS\system32\urlmon.dll
2018-05-09 18:36:59 ----A---- C:\WINDOWS\system32\LockHostingFramework.dll
2018-05-09 18:36:59 ----A---- C:\WINDOWS\system32\LockController.dll
2018-05-09 18:36:59 ----A---- C:\WINDOWS\system32\LockAppBroker.dll
2018-05-09 18:36:59 ----A---- C:\WINDOWS\system32\AboveLockAppHost.dll
2018-05-09 18:36:58 ----A---- C:\WINDOWS\system32\wininet.dll
2018-05-09 18:36:58 ----A---- C:\WINDOWS\system32\msxml3.dll
2018-05-09 18:36:58 ----A---- C:\WINDOWS\system32\msisip.dll
2018-05-09 18:36:58 ----A---- C:\WINDOWS\system32\iertutil.dll
2018-05-09 18:36:57 ----A---- C:\WINDOWS\system32\WpcMon.exe
2018-05-09 18:36:57 ----A---- C:\WINDOWS\system32\SettingSyncPolicy.dll
2018-05-09 18:36:56 ----A---- C:\WINDOWS\system32\RDXTaskFactory.dll
2018-05-09 18:36:55 ----A---- C:\WINDOWS\system32\Wpc.dll
2018-05-09 18:36:55 ----A---- C:\WINDOWS\system32\SettingSync.dll
2018-05-09 18:36:55 ----A---- C:\WINDOWS\system32\SettingMonitor.dll
2018-05-09 18:36:55 ----A---- C:\WINDOWS\system32\fontext.dll
2018-05-09 18:36:55 ----A---- C:\WINDOWS\system32\CloudStorageWizard.exe
2018-05-09 18:36:55 ----A---- C:\WINDOWS\system32\CloudNotifications.exe
2018-05-09 18:36:55 ----A---- C:\WINDOWS\system32\BrowserSettingSync.dll
2018-05-09 18:36:55 ----A---- C:\WINDOWS\explorer.exe
2018-05-09 18:36:54 ----A---- C:\WINDOWS\SYSWOW64\ShareHost.dll
2018-05-09 18:36:54 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2018-05-09 18:36:54 ----A---- C:\WINDOWS\SYSWOW64\cdp.dll
2018-05-09 18:36:54 ----A---- C:\WINDOWS\system32\stobject.dll
2018-05-09 18:36:53 ----A---- C:\WINDOWS\SYSWOW64\wlidprov.dll
2018-05-09 18:36:53 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2018-05-09 18:36:53 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2018-05-09 18:36:53 ----A---- C:\WINDOWS\SYSWOW64\twinui.appcore.dll
2018-05-09 18:36:53 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2018-05-09 18:36:53 ----A---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2018-05-09 18:36:53 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2018-05-09 18:36:53 ----A---- C:\WINDOWS\SYSWOW64\mssph.dll
2018-05-09 18:36:53 ----A---- C:\WINDOWS\SYSWOW64\MicrosoftAccountWAMExtension.dll
2018-05-09 18:36:53 ----A---- C:\WINDOWS\SYSWOW64\D3D12.dll
2018-05-09 18:36:53 ----A---- C:\WINDOWS\SYSWOW64\aadauthhelper.dll
2018-05-09 18:36:52 ----A---- C:\WINDOWS\SYSWOW64\wsecedit.dll
2018-05-09 18:36:52 ----A---- C:\WINDOWS\SYSWOW64\wintrust.dll
2018-05-09 18:36:52 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2018-05-09 18:36:52 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2018-05-09 18:36:52 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Management.dll
2018-05-09 18:36:52 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2018-05-09 18:36:52 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2018-05-09 18:36:52 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2018-05-09 18:36:52 ----A---- C:\WINDOWS\SYSWOW64\srpapi.dll
2018-05-09 18:36:52 ----A---- C:\WINDOWS\SYSWOW64\rdpcore.dll
2018-05-09 18:36:52 ----A---- C:\WINDOWS\SYSWOW64\ngccredprov.dll
2018-05-09 18:36:52 ----A---- C:\WINDOWS\SYSWOW64\mdmregistration.dll
2018-05-09 18:36:52 ----A---- C:\WINDOWS\SYSWOW64\MCRecvSrc.dll
2018-05-09 18:36:52 ----A---- C:\WINDOWS\SYSWOW64\LicenseManager.dll
2018-05-09 18:36:52 ----A---- C:\WINDOWS\SYSWOW64\Geolocation.dll
2018-05-09 18:36:52 ----A---- C:\WINDOWS\SYSWOW64\dmenrollengine.dll
2018-05-09 18:36:52 ----A---- C:\WINDOWS\SYSWOW64\ByteCodeGenerator.exe
2018-05-09 18:36:52 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2018-05-09 18:36:51 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2018-05-09 18:36:51 ----A---- C:\WINDOWS\SYSWOW64\t2embed.dll
2018-05-09 18:36:51 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2018-05-09 18:36:51 ----A---- C:\WINDOWS\SYSWOW64\hgcpl.dll
2018-05-09 18:36:51 ----A---- C:\WINDOWS\SYSWOW64\fontsub.dll
2018-05-09 18:36:51 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2018-05-09 18:36:51 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2018-05-09 18:36:51 ----A---- C:\WINDOWS\SYSWOW64\credprovs.dll
2018-05-09 18:36:51 ----A---- C:\WINDOWS\SYSWOW64\credprovhost.dll
2018-05-09 18:36:51 ----A---- C:\WINDOWS\SYSWOW64\CredProv2faHelper.dll
2018-05-09 18:36:51 ----A---- C:\WINDOWS\SYSWOW64\comsvcs.dll
2018-05-09 18:36:51 ----A---- C:\WINDOWS\SYSWOW64\catsrvut.dll
2018-05-09 18:36:51 ----A---- C:\WINDOWS\SYSWOW64\BitLockerCsp.dll
2018-05-09 18:36:51 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2018-05-09 18:36:51 ----A---- C:\WINDOWS\SYSWOW64\AppResolver.dll
2018-05-09 18:36:51 ----A---- C:\WINDOWS\SYSWOW64\appidapi.dll
2018-05-09 18:36:50 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2018-05-09 18:36:50 ----A---- C:\WINDOWS\SYSWOW64\itss.dll
2018-05-09 18:36:50 ----A---- C:\WINDOWS\SYSWOW64\itircl.dll
2018-05-09 18:36:50 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2018-05-09 18:36:50 ----A---- C:\WINDOWS\SYSWOW64\gameux.dll
2018-05-09 18:36:49 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2018-05-09 18:36:49 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2018-05-09 18:36:49 ----A---- C:\WINDOWS\SYSWOW64\UserLanguagesCpl.dll
2018-05-09 18:36:49 ----A---- C:\WINDOWS\SYSWOW64\msisip.dll
2018-05-09 18:36:49 ----A---- C:\WINDOWS\SYSWOW64\LockAppBroker.dll
2018-05-09 18:36:49 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2018-05-09 18:36:49 ----A---- C:\WINDOWS\SYSWOW64\AboveLockAppHost.dll
2018-05-09 18:36:42 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Search.dll
2018-05-09 18:36:42 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2018-05-09 18:36:42 ----A---- C:\WINDOWS\SYSWOW64\twext.dll
2018-05-09 18:36:42 ----A---- C:\WINDOWS\SYSWOW64\SyncCenter.dll
2018-05-09 18:36:42 ----A---- C:\WINDOWS\SYSWOW64\SmartcardCredentialProvider.dll
2018-05-09 18:36:42 ----A---- C:\WINDOWS\SYSWOW64\shlwapi.dll
2018-05-09 18:36:42 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2018-05-09 18:36:42 ----A---- C:\WINDOWS\SYSWOW64\IdCtrls.dll
2018-05-09 18:36:42 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2018-05-09 18:36:42 ----A---- C:\WINDOWS\SYSWOW64\comdlg32.dll
2018-05-09 18:36:42 ----A---- C:\WINDOWS\SYSWOW64\comctl32.dll
2018-05-09 18:36:41 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2018-05-09 18:36:41 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2018-05-09 18:36:40 ----A---- C:\WINDOWS\SYSWOW64\usercpl.dll
2018-05-09 18:36:40 ----A---- C:\WINDOWS\SYSWOW64\TokenBrokerUI.dll
2018-05-09 18:36:40 ----A---- C:\WINDOWS\SYSWOW64\themeui.dll
2018-05-09 18:36:40 ----A---- C:\WINDOWS\SYSWOW64\themecpl.dll
2018-05-09 18:36:40 ----A---- C:\WINDOWS\SYSWOW64\mstsc.exe
2018-05-09 18:36:39 ----A---- C:\WINDOWS\SYSWOW64\stobject.dll
2018-05-09 18:36:39 ----A---- C:\WINDOWS\SYSWOW64\SettingMonitor.dll
2018-05-09 18:36:39 ----A---- C:\WINDOWS\SYSWOW64\ninput.dll
2018-05-09 18:36:39 ----A---- C:\WINDOWS\SYSWOW64\kernel32.dll
2018-05-09 18:36:39 ----A---- C:\WINDOWS\SYSWOW64\InputSwitch.dll
2018-05-09 18:36:39 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2018-05-09 18:36:39 ----A---- C:\WINDOWS\SYSWOW64\BrowserSettingSync.dll
2018-05-09 18:36:39 ----A---- C:\WINDOWS\SYSWOW64\AcSpecfc.dll
2018-05-09 18:36:38 ----A---- C:\WINDOWS\SYSWOW64\Wpc.dll
2018-05-09 18:36:38 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncPolicy.dll
2018-05-09 18:36:38 ----A---- C:\WINDOWS\SYSWOW64\SettingSync.dll
2018-05-09 18:36:38 ----A---- C:\WINDOWS\SYSWOW64\CloudStorageWizard.exe
2018-05-09 18:36:38 ----A---- C:\WINDOWS\SYSWOW64\CloudNotifications.exe
2018-05-09 18:36:38 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2018-05-09 18:36:38 ----A---- C:\WINDOWS\system32\drivers\msiscsi.sys
2018-05-09 18:36:33 ----A---- C:\WINDOWS\system32\ieframe.dll
2018-05-09 18:36:32 ----A---- C:\WINDOWS\system32\mshtml.dll
2018-05-09 18:36:32 ----A---- C:\WINDOWS\system32\IndexedDbLegacy.dll
2018-05-09 18:36:31 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2018-05-09 18:36:31 ----A---- C:\WINDOWS\system32\imgutil.dll
2018-05-09 18:36:31 ----A---- C:\WINDOWS\system32\EdgeManager.dll
2018-05-09 18:36:30 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2018-05-09 18:36:30 ----A---- C:\WINDOWS\system32\edgehtml.dll
2018-05-09 18:36:29 ----A---- C:\WINDOWS\system32\mshtmled.dll
2018-05-09 18:36:29 ----A---- C:\WINDOWS\system32\jscript9.dll
2018-05-09 18:36:29 ----A---- C:\WINDOWS\system32\ieproxy.dll
2018-05-09 18:36:29 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2018-05-09 18:36:29 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2018-05-09 18:36:29 ----A---- C:\WINDOWS\system32\Chakra.dll
2018-05-09 18:36:29 ----A---- C:\WINDOWS\system32\dxtrans.dll
2018-05-09 18:36:28 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2018-05-09 18:36:28 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2018-05-09 18:36:28 ----A---- C:\WINDOWS\system32\jscript.dll
2018-05-09 18:36:27 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2018-05-09 18:36:27 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2018-05-09 18:36:27 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2018-05-09 18:36:27 ----A---- C:\WINDOWS\SYSWOW64\EdgeManager.dll
2018-05-09 18:36:27 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2018-05-09 18:36:26 ----A---- C:\WINDOWS\SYSWOW64\webplatstorageserver.dll
2018-05-09 18:36:26 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2018-05-09 18:36:26 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2018-05-09 18:36:26 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2018-05-09 18:36:25 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2018-05-09 18:36:25 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2018-05-09 18:36:25 ----A---- C:\WINDOWS\SYSWOW64\IndexedDbLegacy.dll
2018-05-09 18:36:24 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2018-05-09 18:36:19 ----A---- C:\WINDOWS\system32\drivers\srv.sys
2018-05-09 18:36:08 ----A---- C:\WINDOWS\system32\hvix64.exe
2018-05-09 18:36:07 ----A---- C:\WINDOWS\system32\wmp.dll
2018-05-09 18:36:07 ----A---- C:\WINDOWS\system32\securekernel.exe
2018-05-09 18:36:07 ----A---- C:\WINDOWS\system32\hvloader.dll
2018-05-09 18:36:07 ----A---- C:\WINDOWS\system32\hvax64.exe
2018-05-09 18:36:07 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2018-05-09 18:36:07 ----A---- C:\WINDOWS\system32\drivers\http.sys
2018-05-09 18:36:06 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2018-05-09 18:36:04 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-05-09 18:36:04 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-05-09 18:36:03 ----A---- C:\WINDOWS\SYSWOW64\msvproc.dll
2018-05-09 18:36:03 ----A---- C:\WINDOWS\SYSWOW64\mfplat.dll
2018-05-09 18:36:03 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2018-05-09 18:36:03 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2018-05-09 18:36:03 ----A---- C:\WINDOWS\system32\msvproc.dll
2018-05-09 18:36:03 ----A---- C:\WINDOWS\system32\mfsrcsnk.dll
2018-05-09 18:36:03 ----A---- C:\WINDOWS\system32\mfplat.dll
2018-05-09 18:36:03 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2018-05-09 18:36:02 ----A---- C:\WINDOWS\SYSWOW64\mfsrcsnk.dll
2018-05-09 18:36:02 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll

====== List of files/folders modified in the last 1 month ======

2018-06-02 12:05:08 ----D---- C:\Program Files\trend micro
2018-06-02 12:05:02 ----D---- C:\WINDOWS\Temp
2018-06-02 12:04:55 ----D---- C:\WINDOWS\Prefetch
2018-06-02 12:00:10 ----D---- C:\WINDOWS\INF
2018-06-02 12:00:09 ----D---- C:\WINDOWS\LiveKernelReports
2018-06-02 12:00:09 ----D---- C:\Windows
2018-06-02 11:43:51 ----D---- C:\WINDOWS\system32\sru
2018-06-02 11:43:25 ----D---- C:\WINDOWS\system32\SleepStudy
2018-06-02 10:02:14 ----HD---- C:\Program Files\WindowsApps
2018-06-02 09:59:07 ----D---- C:\WINDOWS\AppReadiness
2018-06-02 08:56:28 ----SHD---- C:\System Volume Information
2018-06-02 07:45:13 ----D---- C:\WINDOWS\DeliveryOptimization
2018-06-02 07:43:17 ----DC---- C:\WINDOWS\Panther
2018-06-02 07:31:41 ----D---- C:\WINDOWS\Logs
2018-06-01 15:40:43 ----RD---- C:\WINDOWS\Microsoft.NET
2018-05-31 13:58:22 ----D---- C:\WINDOWS\system32\drivers\wd
2018-05-29 21:41:02 ----D---- C:\WINDOWS\system32\LogFiles
2018-05-25 12:02:53 ----D---- C:\WINDOWS\system32\config
2018-05-25 11:34:35 ----D---- C:\WINDOWS\system32\catroot2
2018-05-23 17:09:22 ----D---- C:\AdwCleaner
2018-05-21 06:52:38 ----D---- C:\Program Files (x86)\Acer
2018-05-21 06:48:50 ----SHD---- C:\Config.Msi
2018-05-19 22:02:34 ----D---- C:\WINDOWS\CbsTemp
2018-05-19 22:02:32 ----D---- C:\WINDOWS\WinSxS
2018-05-19 22:02:27 ----D---- C:\WINDOWS\System32
2018-05-18 06:49:00 ----D---- C:\WINDOWS\system32\Tasks
2018-05-17 23:54:09 ----SHD---- C:\WINDOWS\Installer
2018-05-17 23:52:02 ----RD---- C:\Program Files (x86)
2018-05-15 21:31:36 ----HD---- C:\ProgramData
2018-05-15 07:35:46 ----RD---- C:\WINDOWS\assembly
2018-05-14 06:45:53 ----D---- C:\WINDOWS\rescache
2018-05-09 19:20:19 ----D---- C:\WINDOWS\debug
2018-05-09 19:19:20 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2018-05-09 19:12:24 ----D---- C:\WINDOWS\system32\DriverStore
2018-05-09 19:11:45 ----D---- C:\WINDOWS\system32\drivers
2018-05-09 19:08:37 ----SD---- C:\WINDOWS\SYSWOW64\DiagSvcs
2018-05-09 19:08:37 ----D---- C:\WINDOWS\SYSWOW64\wbem
2018-05-09 19:08:37 ----D---- C:\WINDOWS\SYSWOW64\migration
2018-05-09 19:08:37 ----D---- C:\WINDOWS\SYSWOW64\en-US
2018-05-09 19:08:37 ----D---- C:\WINDOWS\SYSWOW64\Dism
2018-05-09 19:08:37 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2018-05-09 19:08:37 ----D---- C:\WINDOWS\SysWOW64
2018-05-09 19:08:33 ----D---- C:\WINDOWS\system32\wbem
2018-05-09 19:08:32 ----D---- C:\WINDOWS\system32\oobe
2018-05-09 19:08:32 ----D---- C:\WINDOWS\system32\migration
2018-05-09 19:08:32 ----D---- C:\WINDOWS\system32\en-US
2018-05-09 19:08:32 ----D---- C:\WINDOWS\system32\Dism
2018-05-09 19:08:31 ----SD---- C:\WINDOWS\system32\DiagSvcs
2018-05-09 19:08:31 ----D---- C:\WINDOWS\system32\cs-CZ
2018-05-09 19:08:31 ----D---- C:\WINDOWS\system32\Boot
2018-05-09 19:08:21 ----D---- C:\WINDOWS\ShellExperiences
2018-05-09 19:08:21 ----D---- C:\WINDOWS\servicing
2018-05-09 19:08:20 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2018-05-09 19:08:19 ----D---- C:\WINDOWS\apppatch
2018-05-09 19:08:18 ----D---- C:\Program Files\Windows Media Player
2018-05-09 19:08:18 ----D---- C:\Program Files (x86)\Windows Media Player
2018-05-09 12:09:49 ----D---- C:\WINDOWS\system32\MRT
2018-05-09 12:01:27 ----AC---- C:\WINDOWS\system32\MRT-KB890830.exe
2018-05-09 12:01:14 ----AC---- C:\WINDOWS\system32\MRT.exe

File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed

====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R0 edevmon;edevmon; C:\WINDOWS\system32\DRIVERS\edevmon.sys [2015-03-10 241880]
R0 epfwwfp;epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [2015-03-10 64208]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2017-09-29 56728]
R0 MBI;@oem7.inf,%MBI.SVCDESC%;Intel(R) Sideband Fabric Device Service; C:\WINDOWS\System32\drivers\MBI.sys [2013-12-10 29464]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-03-30 59808]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2015-03-10 246000]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2015-03-10 169792]
R1 EpfwLWF;@oem22.inf,%EpfwLWF_Desc%;Epfw NDIS LightWeight Filter; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [2015-03-10 44632]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2018-02-10 385536]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2015-03-10 222280]
R2 SSPORT;SSPORT; \??\C:\WINDOWS\system32\Drivers\SSPORT.sys [2013-12-09 11576]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2017-09-29 85504]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2017-09-29 60312]
R3 ETDI2C;@oem23.inf,%ELANI2CDeviceDesc%;ELAN I2C Filter Driver; C:\WINDOWS\system32\DRIVERS\ETDI2C.sys [2014-04-08 173384]
R3 iaioi2c;@oem25.inf,%Driver_Service.Desc%;I2C Controller Service; C:\WINDOWS\System32\drivers\iaioi2ce.sys [2013-11-11 67584]
R3 iwdbus;@oem18.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-12-01 38896]
R3 LMDriver;@oem28.inf,%LMDriver.SVCDESC%;Launch Manager Wireless Driver; C:\WINDOWS\System32\drivers\LMDriver.sys [2013-07-18 21360]
R3 RadioShim;@oem28.inf,%RadioShim.SVCDESC%;Shim for HID-KMDF Interface layer; C:\WINDOWS\System32\drivers\RadioShim.sys [2013-07-18 14680]
R3 RtkBtFilter;@oem14.inf,%BtFilt.SvcDesc%;Realtek Bluetooth Filter Driver; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [2016-01-15 615728]
R3 RTL8168;@oem17.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\System32\drivers\Rt630x64.sys [2014-05-08 871640]
R3 RTWlanE;@oem11.inf,%RTWlanE.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\WINDOWS\System32\drivers\rtwlane.sys [2015-06-11 4175104]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2017-09-29 37784]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-09-29 357272]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-09-29 63520]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2017-09-29 39832]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2017-09-29 118168]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-09-29 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2017-09-29 18432]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2018-03-13 1015296]
S3 dg_ssudbus;@oem0.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2016-09-05 131712]
S3 GeneStor;@oem21.inf,%GENESTOR.SvcDesc%;Genesys Logic Storage Driver; C:\WINDOWS\System32\drivers\GeneStor.sys [2014-04-28 111336]
S3 glavcam;GL USB2.0 UVC Camera Device; C:\WINDOWS\system32\DRIVERS\glavcam.sys [2015-12-14 3468032]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2017-09-29 73112]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2017-09-29 27136]
S3 HyperVideo;HyperVideo; C:\WINDOWS\System32\drivers\HyperVideo.sys [2018-03-30 28160]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-09-29 1723288]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2017-09-29 36864]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-09-29 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-09-29 88576]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-09-29 174592]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-09-29 39424]
S3 intaud_WaveExtensible;@oem16.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2015-12-01 50160]
S3 invdimm;@invdimm.inf,%invdimm.SvcDesc%;Microsoft iNVDIMM device driver; C:\WINDOWS\System32\drivers\invdimm.sys [2017-09-29 38912]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2017-09-29 26112]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2018-03-30 119808]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2017-09-29 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2017-09-29 55840]
S3 MBAMSwissArmy;MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [2017-11-26 252232]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2017-09-29 132608]
S3 netvsc;netvsc; C:\WINDOWS\System32\drivers\netvsc.sys [2018-03-30 192512]
S3 nvdimmn;@nvdimmn.inf,%nvdimmn.SvcDesc%;Microsoft NVDIMM-N device driver; C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-09-29 88576]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2017-09-29 100352]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2017-09-29 16896]
S3 ReFS;ReFS; C:\WINDOWS\system32\drivers\ReFS.sys [2017-09-29 1849752]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2017-09-29 103936]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2017-09-29 33176]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2017-09-30 56216]
S3 ssudmdm;@oem1.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2016-09-05 165504]

====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2010-05-18 345376]
R2 CCDMonitorService;CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2017-09-26 2278688]
R2 CDPUserSvc_3662f;CDPUserSvc_3662f; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted -p;"ServiceDll" = %SystemRoot%\System32\dusmsvc.dll
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2015-01-28 1349576]
R2 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2016-01-03 349728]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2016-05-03 337888]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [2013-07-02 733696]
R2 LMSvc;Launch Manager Service; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [2014-12-30 455912]
R2 OneSyncSvc_3662f;OneSyncSvc_3662f; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2012-04-24 254512]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2018-03-01 519152]
R3 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2014-07-22 2573032]
R3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; %SystemRoot%\System32\svchost.exe -k netsvcs -p;"ServiceDll" = %SystemRoot%\system32\InstallService.dll
R3 PimIndexMaintenanceSvc_3662f;PimIndexMaintenanceSvc_3662f; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R3 QASvc;Quick Access Service; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [2014-06-26 458984]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\RMapi.dll
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; %SystemRoot%\system32\svchost.exe -k LocalService -p;"ServiceDll" = %SystemRoot%\system32\SEMgrSvc.dll
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; %SystemRoot%\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" = %SystemRoot%\System32\CDPUserSvc.dll
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-03 327296]
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; %SystemRoot%\system32\svchost.exe -k appmodel -p;"ServiceDll" = %SystemRoot%\system32\CapabilityAccessManager.dll
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; %SystemRoot%\system32\svchost.exe -k DevicesFlow;"ServiceDll" = %SystemRoot%\System32\DevicesFlowBroker.dll
S3 DevicesFlowUserSvc_3662f;DevicesFlowUserSvc_3662f; C:\WINDOWS\system32\svchost.exe -k DevicesFlow;"ServiceDll" =
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; %SystemRoot%\System32\svchost.exe -k diagnostics;"ServiceDll" = %systemroot%\system32\DiagSvc.dll
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2017-12-08 43648]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; %SystemRoot%\System32\svchost.exe -k Camera;"ServiceDll" = %SystemRoot%\system32\FrameServer.dll
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2016-01-03 209952]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; %SystemRoot%\System32\svchost.exe -k GraphicsPerfSvcGroup;"ServiceDll" = %SystemRoot%\System32\GraphicsPerfSvc.dll
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted -p;"ServiceDll" = %SystemRoot%\System32\hvhostsvc.dll
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-25 169752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [2013-07-02 822232]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted -p;"ServiceDll" = %SystemRoot%\System32\IpxlatCfg.dll
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted -p;"ServiceDll" = %SystemRoot%\System32\irmon.dll
S3 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2017-08-07 6058960]
S3 MessagingService_3662f;MessagingService_3662f; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; %SystemRoot%\system32\svchost.exe -k netsvcs -p;"ServiceDll" = %SystemRoot%\System32\NaturalAuth.dll
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; %SystemRoot%\system32\svchost.exe -k PrintWorkflow;"ServiceDll" = %SystemRoot%\System32\PrintWorkflowService.dll
S3 PrintWorkflowUserSvc_3662f;PrintWorkflowUserSvc_3662f; C:\WINDOWS\system32\svchost.exe -k PrintWorkflow;"ServiceDll" =
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; %SystemRoot%\System32\svchost.exe -k netsvcs -p;"ServiceDll" = %SystemRoot%\system32\PushToInstall.dll
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; %SystemRoot%\system32\svchost.exe -k LocalService -p;"ServiceDll" = %SystemRoot%\System32\SharedRealitySvc.dll
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2018-03-30 956416]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; %SystemRoot%\System32\svchost.exe -k netsvcs -p;"ServiceDll" = %systemroot%\system32\Windows.SharedPC.AccountManager.dll

-----------------EOF-----------------

[cazzo]

FRST


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16.05.2018 01
Ran by Jiří (administrator) on NOTEBOOK (02-06-2018 12:07:07)
Running from C:\Users\Jiří\Desktop
Loaded Profiles: Jiří (Available Profiles: Jiří)
Platform: Windows 10 Home Version 1709 16299.431 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
() C:\Windows\SysWOW64\UMonit64.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
() C:\Program Files (x86)\GLPCCamera\monitorpad.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Stardock) C:\Program Files (x86)\Stardock\ObjectDock Plus\ObjectDock.exe
(Stardock) C:\Program Files (x86)\Stardock\ObjectDock Plus\Dock64.exe
(Microsoft) C:\Program Files (x86)\Stardock\ObjectDock Plus\ObjectDockTray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.16.17656.18052-0\MsMpEng.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.16.17656.18052-0\NisSrv.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5595848 2015-01-28] (ESET)
HKLM\...\Run: [GLSystray] => C:\Program Files (x86)\GLPCCamera\monitorpad.exe [69632 2011-11-28] ()
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] ()
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKU\S-1-5-21-2734594728-343395219-3823349460-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53282944 2015-06-29] (Skype Technologies S.A.)
HKU\S-1-5-21-2734594728-343395219-3823349460-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9532120 2017-04-11] (Piriform Ltd)
HKU\S-1-5-21-2734594728-343395219-3823349460-1001\...\MountPoints2: {63cd647d-57f0-11e7-82ec-2c600c46abdc} - "E:\Lenovo_Suite.exe"
Startup: C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk [2015-07-08]
ShortcutTarget: Stardock ObjectDock.lnk -> C:\Program Files (x86)\Stardock\ObjectDock Plus\ObjectDock.exe (Stardock)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 77.236.192.130 77.236.192.150
Tcpip\..\Interfaces\{412e878e-6a9e-4d1d-9b74-092ee66db1d1}: [DhcpNameServer] 77.236.192.130 77.236.192.150
Tcpip\..\Interfaces\{6200dada-bab8-40d5-8090-bf20c0c5aef4}: [DhcpNameServer] 77.236.192.130 77.236.192.150
Tcpip\..\Interfaces\{935d8d6d-fad2-4d8a-a83b-7bc21b78c9ba}: [DhcpNameServer] 40.32.1.66

Internet Explorer:
==================
HKU\S-1-5-21-2734594728-343395219-3823349460-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com/?pc=ACJB
HKU\S-1-5-21-2734594728-343395219-3823349460-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKU\S-1-5-21-2734594728-343395219-3823349460-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2734594728-343395219-3823349460-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)

FireFox:
========
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll [2016-01-03] ()

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.idnes.cz/
CHR StartupUrls: Default -> "hxxp://www.idnes.cz/","hxxp://www.google.com/"
CHR Profile: C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default [2018-06-02]
CHR Extension: (Prezentace) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-29]
CHR Extension: (YouTube) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-29]
CHR Extension: (Tabulky) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-29]
CHR Extension: (AdBlock) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-05-24]
CHR Extension: (VratnePenize.cz Připomínáček) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\iiekfaemafmplemocgimeccahephhdgf [2018-04-06]
CHR Extension: (EasyHome Homestyler) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdmmkfaghgcicheaimnpffeeekheafkb [2017-05-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-29]
CHR Extension: (Chrome Media Router) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-02]
CHR Extension: (Bubble Shooter\r\n) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmeobdehlajlhbpcmodgllgfmblpjflc [2016-09-29]
CHR Extension: (Dark Violet) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnjfmdhgadolaidlgcbdjbmjnkidlmdj [2017-03-29]
CHR Profile: C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-06-02]
CHR Profile: C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\System Profile [2018-06-02]
CHR Extension: (Prezentace Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-15]
CHR Extension: (Dokumenty Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-15]
CHR Extension: (Disk Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-15]
CHR Extension: (YouTube) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-15]
CHR Extension: (Vyhledávání Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-15]
CHR Extension: (Tabulky Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-15]
CHR Extension: (Gmail) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-15]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2278688 2017-09-26] (Acer Incorporated)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1349576 2015-01-28] (ESET)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-07-22] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [349728 2016-01-03] (WildTangent)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel(R) Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [455912 2014-12-30] (Acer Incorporate)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [234240 2014-07-15] (acer)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\NisSrv.exe [4682552 2018-05-31] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MsMpEng.exe [101096 2018-05-31] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [246000 2015-03-10] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [241880 2015-03-10] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [169792 2015-03-10] (ESET)
R2 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [222280 2015-03-10] (ESET)
R1 EpfwLWF; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [44632 2015-03-10] (ESET)
R0 epfwwfp; C:\WINDOWS\System32\DRIVERS\epfwwfp.sys [64208 2015-03-10] (ESET)
R3 ETDI2C; C:\WINDOWS\system32\DRIVERS\ETDI2C.sys [173384 2014-04-08] (ELAN Microelectronic Corp.)
S3 GeneStor; C:\WINDOWS\System32\drivers\GeneStor.sys [111336 2014-04-28] (GenesysLogic)
S3 glavcam; C:\WINDOWS\system32\DRIVERS\glavcam.sys [3468032 2015-12-14] (Windows (R) Codename Longhorn DDK provider)
R3 iaioi2c; C:\WINDOWS\System32\drivers\iaioi2ce.sys [67584 2013-11-11] (Intel Corporation)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21360 2013-07-18] (Acer Incorporated)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [252232 2017-11-26] (Malwarebytes)
R0 MBI; C:\WINDOWS\System32\drivers\MBI.sys [29464 2013-12-10] (Intel Corporation)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14680 2013-07-18] (Acer Incorporated)
R3 RtkBtFilter; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [615728 2016-01-15] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [4175104 2015-06-11] (Realtek Semiconductor Corporation )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [88592 2014-01-16] (Intel Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2018-05-31] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [313384 2018-05-31] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61992 2018-05-31] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-06-02 12:07 - 2018-06-02 12:10 - 000016183 _____ C:\Users\Jiří\Desktop\FRST.txt
2018-06-02 11:55 - 2018-06-02 11:55 - 002413056 _____ (Farbar) C:\Users\Jiří\Desktop\FRST64.exe
2018-06-02 11:53 - 2018-06-02 11:53 - 001329152 _____ C:\Users\Jiří\Desktop\RSITx64.exe
2018-06-02 07:42 - 2018-06-02 07:43 - 000000000 ___HD C:\$WINDOWS.~BT
2018-05-28 14:12 - 2018-05-28 14:12 - 000118542 _____ C:\Users\Jiří\Desktop\PODLAHY cn svoboda V2.xlsx
2018-05-21 16:20 - 2018-05-21 16:48 - 1212097204 _____ C:\Users\Jiří\Desktop\Já padouch 3 Cz Dabing,novinky 2017.avi
2018-05-19 21:52 - 2018-05-04 11:37 - 000278448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Notifier.exe
2018-05-18 08:21 - 2018-05-18 08:21 - 007197299 _____ C:\Users\Jiří\Desktop\Burza_ srozumitelne_Money_Management.pdf
2018-05-17 10:04 - 2018-05-17 10:04 - 000059049 _____ C:\Users\Jiří\Desktop\vypis-99046.pdf
2018-05-15 06:32 - 2018-05-15 06:32 - 001587099 _____ C:\Users\Jiří\Desktop\Manual_bezpecnosti_KMG.pdf
2018-05-12 11:57 - 2018-05-12 12:00 - 339646650 _____ C:\Users\Jiří\Desktop\AC KidFit Pardubice Kráska a Zvíře Kutná Hora..MP4
2018-05-12 11:56 - 2018-05-12 11:59 - 309671107 _____ C:\Users\Jiří\Desktop\AC KidFit Pardubice Kráska a Zvíře Hradec Králové.MP4
2018-05-11 08:08 - 2018-05-11 08:08 - 000111104 _____ C:\Users\Jiří\Desktop\skladove_zasoby_08-05-2018.xls
2018-05-09 18:37 - 2018-05-03 09:56 - 001092016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-05-09 18:37 - 2018-05-03 09:56 - 000924648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-05-09 18:37 - 2018-05-03 09:54 - 000748448 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-05-09 18:37 - 2018-05-03 09:54 - 000608160 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-05-09 18:37 - 2018-05-03 09:53 - 000461216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-05-09 18:37 - 2018-05-03 09:53 - 000300448 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-05-09 18:37 - 2018-05-03 09:52 - 001568160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-05-09 18:37 - 2018-05-03 09:52 - 001415296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-05-09 18:37 - 2018-05-03 09:52 - 000137112 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-05-09 18:37 - 2018-05-03 09:50 - 000664992 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-05-09 18:37 - 2018-05-03 09:50 - 000423328 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-05-09 18:37 - 2018-05-03 09:50 - 000069536 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-05-09 18:37 - 2018-05-03 09:49 - 000035232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-05-09 18:37 - 2018-05-03 09:48 - 002002336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-05-09 18:37 - 2018-05-03 09:48 - 000793960 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2018-05-09 18:37 - 2018-05-03 09:48 - 000272288 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-05-09 18:37 - 2018-05-03 09:47 - 008600472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-05-09 18:37 - 2018-05-03 09:47 - 001209760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-05-09 18:37 - 2018-05-03 09:45 - 002395040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-05-09 18:37 - 2018-05-03 09:45 - 000711936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-05-09 18:37 - 2018-05-03 09:43 - 000702568 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2018-05-09 18:37 - 2018-05-03 09:43 - 000373664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2018-05-09 18:37 - 2018-05-03 09:41 - 000540064 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-05-09 18:37 - 2018-05-03 09:38 - 002574240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-05-09 18:37 - 2018-05-03 09:37 - 000749984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-05-09 18:37 - 2018-05-03 09:37 - 000408992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-05-09 18:37 - 2018-05-03 09:36 - 007675792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-05-09 18:37 - 2018-05-03 09:36 - 000437664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2018-05-09 18:37 - 2018-05-03 09:36 - 000247200 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-05-09 18:37 - 2018-05-03 09:35 - 002472864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2018-05-09 18:37 - 2018-05-03 09:35 - 000358496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2018-05-09 18:37 - 2018-05-03 09:34 - 021356824 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-05-09 18:37 - 2018-05-03 09:34 - 000070864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2018-05-09 18:37 - 2018-05-03 08:43 - 000594056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2018-05-09 18:37 - 2018-05-03 08:39 - 000212896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-05-09 18:37 - 2018-05-03 08:28 - 000061024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2018-05-09 18:37 - 2018-05-03 08:19 - 003663360 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-05-09 18:37 - 2018-05-03 08:19 - 001300992 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-05-09 18:37 - 2018-05-03 08:19 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-05-09 18:37 - 2018-05-03 08:18 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2018-05-09 18:37 - 2018-05-03 08:18 - 000400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-05-09 18:37 - 2018-05-03 08:18 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2018-05-09 18:37 - 2018-05-03 08:17 - 007545344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-05-09 18:37 - 2018-05-03 08:16 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2018-05-09 18:37 - 2018-05-03 08:16 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadauthhelper.dll
2018-05-09 18:37 - 2018-05-03 08:16 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2018-05-09 18:37 - 2018-05-03 08:16 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-05-09 18:37 - 2018-05-03 08:16 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2018-05-09 18:37 - 2018-05-03 08:16 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2018-05-09 18:37 - 2018-05-03 08:16 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2018-05-09 18:37 - 2018-05-03 08:15 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\itircl.dll
2018-05-09 18:37 - 2018-05-03 08:15 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2018-05-09 18:37 - 2018-05-03 08:14 - 000623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2018-05-09 18:37 - 2018-05-03 08:13 - 000253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2018-05-09 18:37 - 2018-05-03 08:12 - 000657408 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2018-05-09 18:37 - 2018-05-03 08:12 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2018-05-09 18:37 - 2018-05-03 08:11 - 000595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-05-09 18:37 - 2018-05-03 08:09 - 008432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-05-09 18:37 - 2018-05-03 08:09 - 003405824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-05-09 18:37 - 2018-05-03 08:09 - 002784256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-05-09 18:37 - 2018-05-03 08:09 - 002086400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-05-09 18:37 - 2018-05-03 08:09 - 001548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-05-09 18:37 - 2018-05-03 08:09 - 001344000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-05-09 18:37 - 2018-05-03 08:06 - 003630080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2018-05-09 18:37 - 2018-05-03 08:05 - 001717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2018-05-09 18:37 - 2018-05-03 08:05 - 000483840 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2018-05-09 18:37 - 2018-05-03 08:05 - 000389120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2018-05-09 18:37 - 2018-05-03 08:03 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2018-05-09 18:37 - 2018-05-03 08:03 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-05-09 18:37 - 2018-05-03 08:03 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2018-05-09 18:37 - 2018-05-03 08:02 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2018-05-09 18:37 - 2018-05-03 08:00 - 002902528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-05-09 18:37 - 2018-05-03 07:57 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2018-05-09 18:37 - 2018-05-03 07:57 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2018-05-09 18:37 - 2018-05-03 07:50 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-05-09 18:37 - 2018-04-16 00:07 - 001463344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-05-09 18:37 - 2018-04-16 00:04 - 000779952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-05-09 18:37 - 2018-04-16 00:03 - 000128408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2018-05-09 18:37 - 2018-04-15 23:51 - 002513920 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-05-09 18:37 - 2018-04-15 23:50 - 001925760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2018-05-09 18:37 - 2018-04-15 23:49 - 001954056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-05-09 18:37 - 2018-04-15 23:49 - 000563632 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2018-05-09 18:37 - 2018-04-15 23:49 - 000382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2018-05-09 18:37 - 2018-04-15 23:48 - 005859248 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-05-09 18:37 - 2018-04-15 23:48 - 001638424 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-05-09 18:37 - 2018-04-15 23:47 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2018-05-09 18:37 - 2018-04-15 23:38 - 003180720 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2018-05-09 18:37 - 2018-04-15 23:38 - 000979360 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2018-05-09 18:37 - 2018-04-15 23:33 - 001269616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2018-05-09 18:37 - 2018-04-15 23:32 - 001416392 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2018-05-09 18:37 - 2018-04-15 23:29 - 001873944 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2018-05-09 18:37 - 2018-04-15 23:28 - 000688064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-05-09 18:37 - 2018-04-15 23:26 - 007384576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-05-09 18:37 - 2018-04-15 23:25 - 000661920 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2018-05-09 18:37 - 2018-04-15 23:25 - 000327008 _____ (Microsoft Corporation) C:\WINDOWS\system32\shlwapi.dll
2018-05-09 18:37 - 2018-04-15 23:24 - 000063656 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2018-05-09 18:37 - 2018-04-15 22:47 - 001929712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-05-09 18:37 - 2018-04-15 22:47 - 001323336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-05-09 18:37 - 2018-04-15 22:36 - 002386832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2018-05-09 18:37 - 2018-04-15 22:36 - 001575896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2018-05-09 18:37 - 2018-04-15 22:36 - 000832648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2018-05-09 18:37 - 2018-04-15 22:16 - 003995136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2018-05-09 18:37 - 2018-04-15 22:15 - 003490816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2018-05-09 18:37 - 2018-04-15 22:14 - 000436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2018-05-09 18:37 - 2018-04-15 22:14 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2018-05-09 18:37 - 2018-04-15 22:14 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2018-05-09 18:37 - 2018-04-15 22:14 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-05-09 18:37 - 2018-04-15 22:14 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-05-09 18:37 - 2018-04-15 22:14 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProv2faHelper.dll
2018-05-09 18:37 - 2018-04-15 22:14 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2018-05-09 18:37 - 2018-04-15 22:13 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2018-05-09 18:37 - 2018-04-15 22:13 - 000084992 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2018-05-09 18:37 - 2018-04-15 22:12 - 017160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-05-09 18:37 - 2018-04-15 22:12 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-05-09 18:37 - 2018-04-15 22:12 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2018-05-09 18:37 - 2018-04-15 22:12 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2018-05-09 18:37 - 2018-04-15 22:11 - 000531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-05-09 18:37 - 2018-04-15 22:11 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountWAMExtension.dll
2018-05-09 18:37 - 2018-04-15 22:11 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2018-05-09 18:37 - 2018-04-15 22:11 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2018-05-09 18:37 - 2018-04-15 22:11 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\eShims.dll
2018-05-09 18:37 - 2018-04-15 22:10 - 001576960 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-05-09 18:37 - 2018-04-15 22:10 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-05-09 18:37 - 2018-04-15 22:10 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2018-05-09 18:37 - 2018-04-15 22:10 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2018-05-09 18:37 - 2018-04-15 22:10 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2018-05-09 18:37 - 2018-04-15 22:10 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2018-05-09 18:37 - 2018-04-15 22:10 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2018-05-09 18:37 - 2018-04-15 22:09 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_User.dll
2018-05-09 18:37 - 2018-04-15 22:09 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2018-05-09 18:37 - 2018-04-15 22:08 - 000859648 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2018-05-09 18:37 - 2018-04-15 22:08 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2018-05-09 18:37 - 2018-04-15 22:08 - 000627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2018-05-09 18:37 - 2018-04-15 22:08 - 000583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.Schema.Shell.dll
2018-05-09 18:37 - 2018-04-15 22:08 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2018-05-09 18:37 - 2018-04-15 22:08 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2018-05-09 18:37 - 2018-04-15 22:08 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2018-05-09 18:37 - 2018-04-15 22:08 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\twext.dll
2018-05-09 18:37 - 2018-04-15 22:08 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2018-05-09 18:37 - 2018-04-15 22:07 - 008031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-05-09 18:37 - 2018-04-15 22:07 - 005195776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-05-09 18:37 - 2018-04-15 22:07 - 003367936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2018-05-09 18:37 - 2018-04-15 22:07 - 001495552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-05-09 18:37 - 2018-04-15 22:07 - 001425408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-05-09 18:37 - 2018-04-15 22:07 - 000837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-05-09 18:37 - 2018-04-15 22:07 - 000792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-05-09 18:37 - 2018-04-15 22:07 - 000702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2018-05-09 18:37 - 2018-04-15 22:07 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2018-05-09 18:37 - 2018-04-15 22:07 - 000477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2018-05-09 18:37 - 2018-04-15 22:07 - 000406016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2018-05-09 18:37 - 2018-04-15 22:07 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2018-05-09 18:37 - 2018-04-15 22:07 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2018-05-09 18:37 - 2018-04-15 22:07 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2018-05-09 18:37 - 2018-04-15 22:07 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2018-05-09 18:37 - 2018-04-15 22:07 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2018-05-09 18:37 - 2018-04-15 22:07 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2018-05-09 18:37 - 2018-04-15 22:07 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2018-05-09 18:37 - 2018-04-15 22:06 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2018-05-09 18:37 - 2018-04-15 22:06 - 000820224 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2018-05-09 18:37 - 2018-04-15 22:06 - 000721920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-05-09 18:37 - 2018-04-15 22:06 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2018-05-09 18:37 - 2018-04-15 22:06 - 000377856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-05-09 18:37 - 2018-04-15 22:06 - 000139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2018-05-09 18:37 - 2018-04-15 22:05 - 004113408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-05-09 18:37 - 2018-04-15 22:05 - 000863744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2018-05-09 18:37 - 2018-04-15 22:05 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2018-05-09 18:37 - 2018-04-15 22:04 - 002523136 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2018-05-09 18:37 - 2018-04-15 22:04 - 002490880 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2018-05-09 18:37 - 2018-04-15 22:04 - 002209280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-05-09 18:37 - 2018-04-15 22:04 - 001236480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-05-09 18:37 - 2018-04-15 22:04 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2018-05-09 18:37 - 2018-04-15 22:04 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-05-09 18:37 - 2018-04-15 22:04 - 000976896 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2018-05-09 18:37 - 2018-04-15 22:04 - 000884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2018-05-09 18:37 - 2018-04-15 22:04 - 000621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2018-05-09 18:37 - 2018-04-15 22:04 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2018-05-09 18:37 - 2018-04-15 22:03 - 004772352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2018-05-09 18:37 - 2018-04-15 22:03 - 003177472 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-05-09 18:37 - 2018-04-15 22:03 - 002976256 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-05-09 18:37 - 2018-04-15 22:03 - 002857984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-05-09 18:37 - 2018-04-15 22:03 - 002741248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-05-09 18:37 - 2018-04-15 22:03 - 002628608 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-05-09 18:37 - 2018-04-15 22:03 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2018-05-09 18:37 - 2018-04-15 22:03 - 001224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2018-05-09 18:37 - 2018-04-15 22:03 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2018-05-09 18:37 - 2018-04-15 22:03 - 000825856 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2018-05-09 18:37 - 2018-04-15 22:02 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-05-09 18:37 - 2018-04-15 22:01 - 000518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2018-05-09 18:37 - 2018-04-15 22:00 - 002223616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2018-05-09 18:37 - 2018-04-15 22:00 - 001739264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2018-05-09 18:37 - 2018-04-15 22:00 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-05-09 18:37 - 2018-04-15 22:00 - 000682496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2018-05-09 18:37 - 2018-04-15 22:00 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2018-05-09 18:37 - 2018-04-15 22:00 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2018-05-09 18:37 - 2018-04-15 22:00 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2018-05-09 18:37 - 2018-04-15 22:00 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2018-05-09 18:37 - 2018-04-15 22:00 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2018-05-09 18:37 - 2018-04-15 22:00 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ByteCodeGenerator.exe
2018-05-09 18:37 - 2018-04-15 21:59 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2018-05-09 18:37 - 2018-04-15 21:58 - 001472000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2018-05-09 18:37 - 2018-04-15 21:58 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2018-05-09 18:36 - 2018-05-03 09:57 - 000599448 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-05-09 18:36 - 2018-05-03 09:51 - 001056152 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-05-09 18:36 - 2018-05-03 09:50 - 001206688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-05-09 18:36 - 2018-05-03 09:48 - 000077216 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-05-09 18:36 - 2018-05-03 09:36 - 002710736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-05-09 18:36 - 2018-05-03 09:32 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-05-09 18:36 - 2018-05-03 08:44 - 000595448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2018-05-09 18:36 - 2018-05-03 08:36 - 025254400 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-05-09 18:36 - 2018-05-03 08:31 - 006092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-05-09 18:36 - 2018-05-03 08:31 - 002193688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-05-09 18:36 - 2018-05-03 08:29 - 000285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2018-05-09 18:36 - 2018-05-03 08:26 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-05-09 18:36 - 2018-05-03 08:25 - 020290248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-05-09 18:36 - 2018-05-03 08:18 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2018-05-09 18:36 - 2018-05-03 08:16 - 023674880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-05-09 18:36 - 2018-05-03 08:16 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-05-09 18:36 - 2018-05-03 08:16 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-05-09 18:36 - 2018-05-03 08:15 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll
2018-05-09 18:36 - 2018-05-03 08:14 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-05-09 18:36 - 2018-05-03 08:14 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2018-05-09 18:36 - 2018-05-03 08:13 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2018-05-09 18:36 - 2018-05-03 08:12 - 000816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-05-09 18:36 - 2018-05-03 08:12 - 000672768 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-05-09 18:36 - 2018-05-03 08:09 - 008068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-05-09 18:36 - 2018-05-03 08:09 - 004723712 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-05-09 18:36 - 2018-05-03 08:09 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-05-09 18:36 - 2018-05-03 08:09 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-05-09 18:36 - 2018-05-03 08:08 - 001597952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-05-09 18:36 - 2018-05-03 08:08 - 000808960 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-05-09 18:36 - 2018-05-03 08:07 - 001822720 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-05-09 18:36 - 2018-05-03 08:04 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2018-05-09 18:36 - 2018-05-03 08:00 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2018-05-09 18:36 - 2018-05-03 08:00 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2018-05-09 18:36 - 2018-05-03 07:59 - 018924544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-05-09 18:36 - 2018-05-03 07:58 - 006467072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-05-09 18:36 - 2018-05-03 07:58 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-05-09 18:36 - 2018-05-03 07:57 - 019354624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-05-09 18:36 - 2018-05-03 07:57 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itircl.dll
2018-05-09 18:36 - 2018-05-03 07:57 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadauthhelper.dll
2018-05-09 18:36 - 2018-05-03 07:57 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2018-05-09 18:36 - 2018-05-03 07:57 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-05-09 18:36 - 2018-05-03 07:56 - 002677248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-05-09 18:36 - 2018-05-03 07:56 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2018-05-09 18:36 - 2018-05-03 07:56 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2018-05-09 18:36 - 2018-05-03 07:55 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-05-09 18:36 - 2018-05-03 07:54 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-05-09 18:36 - 2018-05-03 07:53 - 007813120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2018-05-09 18:36 - 2018-05-03 07:53 - 006060544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-05-09 18:36 - 2018-05-03 07:53 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2018-05-09 18:36 - 2018-05-03 07:53 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-05-09 18:36 - 2018-05-03 07:52 - 003662848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-05-09 18:36 - 2018-05-03 07:52 - 000664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-05-09 18:36 - 2018-05-03 07:52 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-05-09 18:36 - 2018-05-03 07:51 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-05-09 18:36 - 2018-05-03 07:51 - 001560064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-05-09 18:36 - 2018-05-03 07:50 - 001474560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-05-09 18:36 - 2018-05-03 07:49 - 003430400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2018-05-09 18:36 - 2018-05-03 07:48 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2018-05-09 18:36 - 2018-05-03 07:48 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2018-05-09 18:36 - 2018-05-03 07:48 - 000328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
2018-05-09 18:36 - 2018-05-03 07:47 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2018-05-09 18:36 - 2018-04-15 23:57 - 000279968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2018-05-09 18:36 - 2018-04-15 23:34 - 000230304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2018-05-09 18:36 - 2018-04-15 23:33 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-05-09 18:36 - 2018-04-15 23:32 - 003904296 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-05-09 18:36 - 2018-04-15 23:30 - 002268024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2018-05-09 18:36 - 2018-04-15 23:29 - 001779936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-05-09 18:36 - 2018-04-15 23:29 - 000198440 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2018-05-09 18:36 - 2018-04-15 23:26 - 002711176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-05-09 18:36 - 2018-04-15 23:26 - 001506200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-05-09 18:36 - 2018-04-15 23:25 - 001430768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2018-05-09 18:36 - 2018-04-15 23:25 - 000092032 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2018-05-09 18:36 - 2018-04-15 23:23 - 001101208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-05-09 18:36 - 2018-04-15 22:47 - 001615712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-05-09 18:36 - 2018-04-15 22:47 - 001490856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2018-05-09 18:36 - 2018-04-15 22:47 - 001433360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-05-09 18:36 - 2018-04-15 22:47 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-05-09 18:36 - 2018-04-15 22:47 - 000311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2018-05-09 18:36 - 2018-04-15 22:38 - 003485392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-05-09 18:36 - 2018-04-15 22:38 - 001123464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2018-05-09 18:36 - 2018-04-15 22:38 - 000444280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2018-05-09 18:36 - 2018-04-15 22:37 - 000747416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2018-05-09 18:36 - 2018-04-15 22:36 - 000543920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2018-05-09 18:36 - 2018-04-15 22:35 - 002462704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2018-05-09 18:36 - 2018-04-15 22:34 - 006482664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-05-09 18:36 - 2018-04-15 22:34 - 001524776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-05-09 18:36 - 2018-04-15 22:34 - 001456104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2018-05-09 18:36 - 2018-04-15 22:34 - 001017048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-05-09 18:36 - 2018-04-15 22:34 - 000572312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2018-05-09 18:36 - 2018-04-15 22:34 - 000279472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shlwapi.dll
2018-05-09 18:36 - 2018-04-15 22:34 - 000166408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2018-05-09 18:36 - 2018-04-15 22:34 - 000077552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2018-05-09 18:36 - 2018-04-15 22:34 - 000052248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2018-05-09 18:36 - 2018-04-15 22:15 - 000674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockController.dll
2018-05-09 18:36 - 2018-04-15 22:14 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2018-05-09 18:36 - 2018-04-15 22:14 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2018-05-09 18:36 - 2018-04-15 22:14 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProv2faHelper.dll
2018-05-09 18:36 - 2018-04-15 22:12 - 013704704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-05-09 18:36 - 2018-04-15 22:11 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2018-05-09 18:36 - 2018-04-15 22:11 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2018-05-09 18:36 - 2018-04-15 22:10 - 000571904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2018-05-09 18:36 - 2018-04-15 22:10 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-05-09 18:36 - 2018-04-15 22:10 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountWAMExtension.dll
2018-05-09 18:36 - 2018-04-15 22:10 - 000218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2018-05-09 18:36 - 2018-04-15 22:10 - 000192000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2018-05-09 18:36 - 2018-04-15 22:10 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
2018-05-09 18:36 - 2018-04-15 22:09 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2018-05-09 18:36 - 2018-04-15 22:09 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2018-05-09 18:36 - 2018-04-15 22:09 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2018-05-09 18:36 - 2018-04-15 22:09 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2018-05-09 18:36 - 2018-04-15 22:08 - 006576128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-05-09 18:36 - 2018-04-15 22:08 - 003181568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-05-09 18:36 - 2018-04-15 22:08 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2018-05-09 18:36 - 2018-04-15 22:08 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2018-05-09 18:36 - 2018-04-15 22:08 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2018-05-09 18:36 - 2018-04-15 22:08 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingMonitor.dll
2018-05-09 18:36 - 2018-04-15 22:07 - 012689920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-05-09 18:36 - 2018-04-15 22:07 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-05-09 18:36 - 2018-04-15 22:07 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2018-05-09 18:36 - 2018-04-15 22:07 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2018-05-09 18:36 - 2018-04-15 22:07 - 000158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twext.dll
2018-05-09 18:36 - 2018-04-15 22:07 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2018-05-09 18:36 - 2018-04-15 22:07 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2018-05-09 18:36 - 2018-04-15 22:06 - 013660672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-05-09 18:36 - 2018-04-15 22:06 - 011924480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-05-09 18:36 - 2018-04-15 22:06 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2018-05-09 18:36 - 2018-04-15 22:05 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2018-05-09 18:36 - 2018-04-15 22:05 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2018-05-09 18:36 - 2018-04-15 22:05 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2018-05-09 18:36 - 2018-04-15 22:05 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-05-09 18:36 - 2018-04-15 22:04 - 012833280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-05-09 18:36 - 2018-04-15 22:04 - 002464768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-05-09 18:36 - 2018-04-15 22:04 - 001342464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2018-05-09 18:36 - 2018-04-15 22:04 - 001230848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2018-05-09 18:36 - 2018-04-15 22:04 - 000997376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2018-05-09 18:36 - 2018-04-15 22:04 - 000965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2018-05-09 18:36 - 2018-04-15 22:04 - 000648704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2018-05-09 18:36 - 2018-04-15 22:04 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2018-05-09 18:36 - 2018-04-15 22:04 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2018-05-09 18:36 - 2018-04-15 22:04 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2018-05-09 18:36 - 2018-04-15 22:03 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2018-05-09 18:36 - 2018-04-15 22:03 - 004248064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-05-09 18:36 - 2018-04-15 22:03 - 003287040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncCenter.dll
2018-05-09 18:36 - 2018-04-15 22:03 - 002814976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2018-05-09 18:36 - 2018-04-15 22:03 - 002462208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2018-05-09 18:36 - 2018-04-15 22:03 - 002413568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2018-05-09 18:36 - 2018-04-15 22:03 - 000920064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-05-09 18:36 - 2018-04-15 22:03 - 000826880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-05-09 18:36 - 2018-04-15 22:03 - 000697344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2018-05-09 18:36 - 2018-04-15 22:03 - 000695296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2018-05-09 18:36 - 2018-04-15 22:03 - 000508928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2018-05-09 18:36 - 2018-04-15 22:03 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2018-05-09 18:36 - 2018-04-15 22:03 - 000402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2018-05-09 18:36 - 2018-04-15 22:03 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2018-05-09 18:36 - 2018-04-15 22:03 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2018-05-09 18:36 - 2018-04-15 22:03 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2018-05-09 18:36 - 2018-04-15 22:02 - 004814336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-05-09 18:36 - 2018-04-15 22:02 - 001669120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2018-05-09 18:36 - 2018-04-15 22:02 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2018-05-09 18:36 - 2018-04-15 22:02 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2018-05-09 18:36 - 2018-04-15 22:01 - 001509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2018-05-09 18:36 - 2018-04-15 22:01 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2018-05-09 18:36 - 2018-04-15 22:01 - 000366592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2018-05-09 18:36 - 2018-04-15 22:01 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2018-05-09 18:36 - 2018-04-15 22:01 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ByteCodeGenerator.exe
2018-05-09 18:36 - 2018-04-15 22:00 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2018-05-09 18:36 - 2018-04-15 22:00 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2018-05-09 18:36 - 2018-04-15 21:59 - 001332736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-03-24 20:48 - 2015-01-11 08:10 - 000000852 _____ C:\WINDOWS\system32\Drivers\RTKHDRC1.DAT
2022-03-24 20:48 - 2015-01-11 08:10 - 000000852 _____ C:\WINDOWS\system32\Drivers\RTKHDRC0.DAT
2022-03-24 19:22 - 2015-01-11 08:10 - 000000712 _____ C:\WINDOWS\system32\Drivers\RTEQEX1.DAT
2022-03-24 19:22 - 2015-01-11 08:10 - 000000712 _____ C:\WINDOWS\system32\Drivers\RTEQEX0.DAT
2018-06-02 12:07 - 2016-07-15 00:54 - 000000000 ____D C:\FRST
2018-06-02 12:05 - 2015-11-01 09:36 - 000000000 ____D C:\Program Files\trend micro
2018-06-02 12:00 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-06-02 12:00 - 2017-09-29 15:44 - 000000000 ____D C:\WINDOWS\INF
2018-06-02 11:43 - 2017-12-08 09:49 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-06-02 10:02 - 2017-09-29 15:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-06-02 09:59 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-06-02 08:55 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-06-02 07:43 - 2017-11-30 02:36 - 000000000 ___DC C:\WINDOWS\Panther
2018-06-02 07:30 - 2017-12-08 10:29 - 000004194 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{01FA28F9-C04B-4783-A9F8-762159759CC1}
2018-05-31 13:58 - 2018-03-17 11:05 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-05-25 11:39 - 2017-06-06 13:05 - 000000000 ____D C:\Users\Jiří\AppData\Local\ConnectedDevicesPlatform
2018-05-25 11:37 - 2015-07-08 17:29 - 000000000 __SHD C:\Users\Jiří\IntelGraphicsProfiles
2018-05-25 11:35 - 2017-12-08 10:29 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-05-25 11:34 - 2017-12-08 09:57 - 000000000 ____D C:\Users\Jiří
2018-05-25 11:34 - 2017-09-29 10:45 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2018-05-23 17:09 - 2015-10-27 10:57 - 000000000 ____D C:\AdwCleaner
2018-05-21 06:52 - 2014-08-29 14:40 - 000000000 ____D C:\Program Files (x86)\Acer
2018-05-19 22:02 - 2017-09-29 15:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-05-18 06:49 - 2017-12-08 10:29 - 000003468 _____ C:\WINDOWS\System32\Tasks\ESET Windows 10 upgrade – Refresh settings
2018-05-18 06:49 - 2015-07-08 17:45 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-05-17 23:51 - 2017-12-08 10:29 - 000003502 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d0b995bf082813
2018-05-17 23:51 - 2017-12-08 10:29 - 000003348 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-05-17 10:17 - 2015-07-10 16:41 - 000000000 ____D C:\Users\Jiří\Desktop\faktury
2018-05-16 10:40 - 2015-11-19 16:59 - 000000000 ____D C:\Users\Jiří\Desktop\podlahy
2018-05-15 21:35 - 2015-07-08 17:36 - 000000000 ____D C:\Users\Jiří\AppData\Local\clear.fi
2018-05-15 21:31 - 2014-08-29 14:40 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2018-05-15 21:24 - 2015-11-06 11:19 - 000000000 ____D C:\Users\Jiří\Desktop\filmy
2018-05-14 06:45 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\rescache
2018-05-09 19:19 - 2017-12-08 10:24 - 002581362 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-05-09 19:19 - 2017-09-30 16:31 - 001169198 _____ C:\WINDOWS\system32\perfh005.dat
2018-05-09 19:19 - 2017-09-30 16:31 - 000274294 _____ C:\WINDOWS\system32\perfc005.dat
2018-05-09 19:15 - 2015-09-16 14:33 - 000000000 ___RD C:\Users\Jiří\3D Objects
2018-05-09 19:15 - 2015-07-09 09:18 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-05-09 19:13 - 2017-12-08 09:49 - 000409368 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-05-09 19:08 - 2017-09-29 15:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2018-05-09 19:08 - 2017-09-29 15:46 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2018-05-09 19:08 - 2017-09-29 15:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-05-09 19:08 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-05-09 19:08 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-05-09 19:08 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-05-09 19:08 - 2017-09-29 10:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-05-09 19:08 - 2017-09-29 10:45 - 000000000 ____D C:\WINDOWS\servicing
2018-05-09 12:09 - 2015-07-08 22:44 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-05-09 12:01 - 2017-10-10 23:12 - 141696960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-05-09 12:01 - 2015-07-08 22:44 - 141696960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories =======

2009-03-13 13:13 - 2009-03-13 13:13 - 018447396 _____ (ZJMedia Digital Technology Ltd.) C:\Users\Jiří\AppData\Roaming\WinAVI_All_In_One_Converter.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-28 07:02

==================== End of FRST.txt ============================

[cazzo]

Addition


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16.05.2018 01
Ran by Jiří (02-06-2018 12:13:05)
Running from C:\Users\Jiří\Desktop
Windows 10 Home Version 1709 16299.431 (X64) (2017-12-08 08:37:19)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2734594728-343395219-3823349460-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2734594728-343395219-3823349460-503 - Limited - Disabled)
Guest (S-1-5-21-2734594728-343395219-3823349460-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2734594728-343395219-3823349460-1003 - Limited - Enabled)
Jiří (S-1-5-21-2734594728-343395219-3823349460-1001 - Administrator - Enabled) => C:\Users\Jiří
WDAGUtilityAccount (S-1-5-21-2734594728-343395219-3823349460-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personální firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.10.2002 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2001 - Acer Incorporated)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.00.3009 - Acer Incorporated)
abMusic (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 3.01.2003.6 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 4.00.2001.1 - Acer Incorporated)
Acer Care Center (HKLM\...\{A424844F-CDB3-45E2-BB77-1DDE4A091E76}) (Version: 1.00.3008 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8115 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8106.0 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3016.0 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.02.3005 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.02.3005 - Acer Incorporated)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Aloha TriPeaks (HKLM-x32\...\WTA-d8884658-a3a3-49ff-a943-40212e268b16) (Version: 2.2.0.98 - WildTangent) Hidden
Anti-Twin (Installation 09.08.2016) (HKLM-x32\...\Anti-Twin 2016-08-09 20.56.24) (Version: - Joerg Rosenthal, Germany)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.25.2001.0 - Acer Incorporated)
Bejeweled 2 Deluxe (HKLM-x32\...\WTA-24b3a06c-c08a-4fef-ab97-f5786467fbdf) (Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.)
Botanicula (HKLM-x32\...\GOGPACKBOTANICULA_is1) (Version: 2.0.0.9 - GOG.com)
CCleaner (HKLM\...\CCleaner) (Version: 5.29 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Common Desktop Agent (HKLM\...\{A38002C3-BA08-466A-A813-7F9D578B13A1}) (Version: 1.62.0 - OEM) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.4609.02 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
ELAN HIDI2C Filter Driver X64 13.6.1.1_WHQL (HKLM\...\Elantech) (Version: 13.6.1.1 - ELAN Microelectronic Corp.)
ESET Smart Security (HKLM\...\{E4BA35A7-9715-4405-951E-E60B4ED0C7B0}) (Version: 8.0.312.3 - ESET, spol s r. o.)
Farm to Fork Collector's Edition (HKLM-x32\...\WTA-e9cba4fb-692d-4cb1-a5c6-cf2bca403bf7) (Version: 3.0.2.59 - WildTangent) Hidden
Fotogalerie (HKLM-x32\...\{F37D360D-9308-4BB1-8515-DC6B637B9486}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Foxit PhantomPDF (HKLM-x32\...\{2DF18CA8-86F2-4F3A-A1BF-A2A7D39B9161}) (Version: 7.0.49.127 - Foxit Software Inc.)
Game Explorer Categories - genres (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 11.0.0.7 - WildTangent, Inc.)
Game Explorer Categories - main (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 11.0.0.7 - WildTangent, Inc.)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.2.1.1002 - Genesys Logic)
GL USB2.0 UVC Camera Device (HKLM-x32\...\{9897BBD8-013A-49F3-928E-866A59B6E00C}) (Version: 15.12.14.0 - GenesysLogic)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 66.0.3359.181 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (HKLM-x32\...\WTA-60ccfa3a-ad79-430e-bd63-9726dd1a1a21) (Version: 3.0.2.59 - WildTangent) Hidden
HappyFoto DESIGNER 5.4 (HKLM-x32\...\HappyFoto-Designer_is1) (Version: - )
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.70.305.16316 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Jewel Match 3 (HKLM-x32\...\WTA-4b26b522-b2d1-4d31-9c4c-2ab3fae7cea7) (Version: 3.0.2.59 - WildTangent) Hidden
Jpeg Resampler Vs 6+ (HKLM-x32\...\JpegResampler2010_is1) (Version: - Jpeg Resampler)
King Oddball (HKLM-x32\...\WTA-b397ffa3-81c6-4ff6-a7ef-8f0fb8044da0) (Version: 3.0.2.48 - WildTangent) Hidden
LUXOR Evolved (HKLM-x32\...\WTA-ef0dbeb0-374e-40e5-a39b-e652d0cb29fe) (Version: 2.2.0.98 - WildTangent) Hidden
Mafia (HKLM-x32\...\{C72D7008-266D-4DD8-BF3C-296B736127F6}) (Version: 1.02 - )
Magic Academy (HKLM-x32\...\WTA-edfa565e-d176-46f3-854d-52fda73a3950) (Version: 2.2.0.98 - WildTangent) Hidden
Machinarium (HKLM-x32\...\Machinarium) (Version: CZ/14.02.2010 - Amanita Design, s.r.o.)
Malwarebytes verze 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2734594728-343395219-3823349460-1001\...\OneDriveSetup.exe) (Version: 18.065.0329.0002 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{3D2CF65C-B544-4308-B996-700D3E5F6C4C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
ObjectDock Plus (HKLM-x32\...\ObjectDock Plus2.01) (Version: 2.01 - Stardock Corporation)
Peggle Nights (HKLM-x32\...\WTA-cf3728f0-56b8-4ebb-a9c1-369c097ecfee) (Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-609a45e7-50b1-48d6-994f-cc4e668152a5) (Version: 3.0.2.59 - WildTangent) Hidden
Polar Bowler 1st Frame (HKLM-x32\...\WTA-b3de6d7e-a89c-4b32-9727-7870aae0882f) (Version: 3.0.2.59 - WildTangent) Hidden
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.816.818.061114 - REALTEK Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.32.508.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.213.243 - REALTEK Semiconductor Corp.)
Samorost 3 (HKLM-x32\...\1452686647_is1) (Version: 2.0.0.4 - GOG.com)
SketchUp 2015 (HKLM\...\{6496C7D3-51A9-48BC-8524-BEAEDD827791}) (Version: 15.0.9350 - Trimble Navigation Limited)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation)
Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
The Chronicles of Emerland Solitaire (HKLM-x32\...\WTA-7c444bfc-466c-4cfb-a8b2-07e761aba589) (Version: 3.0.2.51 - WildTangent) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM-x32\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
Trinklit Supreme (HKLM-x32\...\WTA-6123a031-cd2e-439a-9287-da7f3ac6e189) (Version: 2.2.0.98 - WildTangent) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer) (Version: 4.0.11.13 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
Xerox Easy Printer Manager (HKLM-x32\...\Xerox Easy Printer Manager) (Version: 1.03.97.00(21.04.2014) - Xerox Corporation.)
Xerox Easy Wireless Setup (HKLM-x32\...\Xerox Easy Wireless Setup) (Version: 3.70.18.0 - Xerox Corporation)
Xerox Phaser 3020 (HKLM-x32\...\Xerox Phaser 3020) (Version: 1.01 (20.05.2014) - Xerox Corporation)
Xerox Phaser 3020 XPS (Windows 8) (HKLM-x32\...\Xerox Phaser 3020 XPS (Windows 8)) (Version: 3.03.13.02:11 - Xerox Corporation)
Zobrazit uživatelskou příručku (HKLM-x32\...\Xerox View User Guide ) (Version: 3.60.45.0 - )
Zuma's Revenge (HKLM-x32\...\WTA-b549525d-72f6-43a5-8bdc-de87d24eefe0) (Version: 2.2.0.97 - WildTangent) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2734594728-343395219-3823349460-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2015-01-28] (ESET)
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2015-01-27] (Foxit Software Inc.)
ContextMenuHandlers1-x32: [JRcm] -> {C20B9A7B-ED5B-4CEB-B2A6-F1F62E99C539} => C:\Program Files (x86)\JpegResampler2010\JRcm.dll [2010-08-19] ()
ContextMenuHandlers1-x32: [JRcm64] -> {013BF2A8-A4B1-11DF-A865-F509E0D72085} => C:\Program Files (x86)\JpegResampler2010\JRcm64.dll [2010-09-07] ()
ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers2: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2015-01-28] (ESET)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers3-x32: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Intel Corporation)
ContextMenuHandlers6: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2015-01-28] (ESET)
ContextMenuHandlers6-x32: [JRcm] -> {C20B9A7B-ED5B-4CEB-B2A6-F1F62E99C539} => C:\Program Files (x86)\JpegResampler2010\JRcm.dll [2010-08-19] ()
ContextMenuHandlers6-x32: [JRcm64] -> {013BF2A8-A4B1-11DF-A865-F509E0D72085} => C:\Program Files (x86)\JpegResampler2010\JRcm64.dll [2010-09-07] ()
ContextMenuHandlers6-x32: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers6-x32: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers6-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-02] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0024B7CD-B998-4205-BEA4-AD91C027412E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MpCmdRun.exe [2018-05-31] (Microsoft Corporation)
Task: {123C1691-7C39-408F-94C2-1721172BA06C} - System32\Tasks\UMonitor Task => C:\Windows\SysWOW64\UMonit64.exe [2014-03-05] ()
Task: {16CADA61-ABBF-4F41-9888-BCAA635E5CF9} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {194E1671-A152-40CC-8679-8426A47F9797} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {445A8771-9C2E-4C68-872B-E657BEB15C93} - System32\Tasks\ESET Windows 10 upgrade – Refresh settings => C:\Program Files\Common Files\AV\ESET Smart Security 8.0\upgrade.exe [2018-05-03] (ESET)
Task: {5231895E-E9F0-419A-9440-8A749DC79D8C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MpCmdRun.exe [2018-05-31] (Microsoft Corporation)
Task: {52A242A9-C69B-4936-983C-96559C3E9BE8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {65D42460-89C9-4910-B917-775C34DE562D} - System32\Tasks\abDocsDllLoader => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [2017-09-28] ()
Task: {672B1260-0286-4BAA-8D10-1C63CE436E73} - System32\Tasks\GoogleUpdateTaskMachineUA1d0b995bf082813 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-08] (Google Inc.)
Task: {6A4D2AF2-3551-4E6C-A56A-F69C4BC7494C} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-07-22] (Acer Incorporated)
Task: {6C6C3050-2846-418D-B912-083C76DF499A} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-13] (TODO: <Company name>)
Task: {72E655E7-5E91-44CC-B573-EAE47EC4C343} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {73B94ECB-4EA7-4DD7-8598-6A673A699B0D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {7591762E-C410-41E1-A1FF-28249A7D40D8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-08] (Google Inc.)
Task: {791B621A-4D78-4524-9974-0F548AB86718} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-12-30] (Acer Incorporate)
Task: {80258CCD-1038-4F6E-BAD3-76763F171CFC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-04-11] (Piriform Ltd)
Task: {8CE25B6B-D78A-48E6-9814-BEDB4907328C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MpCmdRun.exe [2018-05-31] (Microsoft Corporation)
Task: {94474833-CE4E-49F2-A2BD-77259DBCF273} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-08] (Google Inc.)
Task: {9AE1F2EF-A97E-490F-8F01-11BEA0E12D70} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {9DE62D6B-9329-40F3-AE46-7A98ACC9E18C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MpCmdRun.exe [2018-05-31] (Microsoft Corporation)
Task: {A1D39E1E-77AA-4EFA-B744-4EF574C47D02} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {A2400B58-E403-4DE0-A49C-AF5C4407A117} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {A368C537-BDAF-4CAE-8B2B-F64F18E251F0} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2017-09-26] (Acer Incorporated)
Task: {A46AF1C4-9D26-4982-B589-A82BDA90E9E1} - \WPD\SqmUpload_S-1-5-21-2734594728-343395219-3823349460-1001 -> No File <==== ATTENTION
Task: {A6E10883-F4A2-4825-8369-F262C7A8E81A} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2014-08-30] ()
Task: {B4FE837E-8CB0-43D7-AFE8-CD8EECF474FE} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {BCCAB4CB-E7B2-4CFC-BBA8-B547E84236B5} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {BCDB2DDA-FF11-417F-9542-717506F63476} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe [2018-05-04] (Microsoft Corporation)
Task: {D15360E3-2617-4113-87F0-2491DD1F6E92} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {D2ABABAC-3A02-4474-8429-62FB550DFC23} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {D331AF12-A38E-42DF-BF2F-ABBBBD545D2D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {E5650C02-491A-4F1D-8859-8A242E19E9FB} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {F2069A50-D39C-43AB-BFE2-E6BBD8A0EA6D} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-09-29 15:41 - 2017-09-29 15:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2016-12-22 15:48 - 2013-12-10 11:43 - 000034304 _____ () C:\WINDOWS\System32\sxj2mlm.dll
2014-08-29 14:43 - 2012-04-24 12:43 - 000254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2011-11-12 01:49 - 2011-11-12 01:49 - 000730624 _____ () C:\Program Files (x86)\Stardock\ObjectDock Plus\Dock64.dll
2014-08-29 14:47 - 2014-07-01 23:13 - 000111872 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2015-01-11 08:02 - 2014-03-05 10:49 - 000053248 _____ () C:\Windows\SysWOW64\UMonit64.exe
2018-03-13 23:45 - 2018-02-22 02:26 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-03-13 23:45 - 2018-02-22 02:21 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-09-28 18:21 - 2017-09-28 18:21 - 001769312 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
2016-05-25 16:27 - 2011-11-28 11:44 - 000069632 _____ () C:\Program Files (x86)\GLPCCamera\monitorpad.exe
2012-03-09 10:58 - 2012-03-09 10:58 - 000462712 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2012-03-09 10:58 - 2012-03-09 10:58 - 000057208 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2017-09-22 16:14 - 2017-09-22 16:14 - 000202528 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2017-09-22 16:17 - 2017-09-22 16:17 - 000654072 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2017-09-22 16:17 - 2017-09-22 16:17 - 000641312 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2017-09-22 16:16 - 2017-09-22 16:16 - 000119072 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2017-12-08 10:03 - 2017-12-08 10:03 - 000015136 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2017-09-26 13:35 - 2017-09-26 13:35 - 000013088 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2017-09-26 13:34 - 2017-09-26 13:34 - 000277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
2011-11-12 01:49 - 2011-11-12 01:49 - 000626688 _____ () C:\Program Files (x86)\Stardock\ObjectDock Plus\DockShellHook.dll
2011-08-11 22:12 - 2011-08-11 22:12 - 000807936 _____ () C:\Program Files (x86)\Stardock\ObjectDock Plus\CrashRpt.dll
2011-08-11 22:12 - 2011-08-11 22:12 - 000053760 _____ () C:\Program Files (x86)\Stardock\ObjectDock Plus\zlib.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2016-09-29 10:14 - 000000753 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2734594728-343395219-3823349460-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jiří\Desktop\general_lee_by_apacz-d329z39.jpg
DNS Servers: 77.236.192.130 - 77.236.192.150
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "abDocsDllLoader"
HKLM\...\StartupApproved\Run32: => "BCSSync"
HKU\S-1-5-21-2734594728-343395219-3823349460-1001\...\StartupApproved\StartupFolder: => "Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk"
HKU\S-1-5-21-2734594728-343395219-3823349460-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_7828127F1A53D39B6B999E302F8D13D8"
HKU\S-1-5-21-2734594728-343395219-3823349460-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2734594728-343395219-3823349460-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2734594728-343395219-3823349460-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{35BB169D-F417-4DA6-9680-1C1B71F5D292}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3ECEC6F6-3BA0-4220-BA40-F71193663EBC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{FDB64A06-5FE8-446C-BE70-5DF9184AAFFF}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{F02555BB-78D5-4FE0-A918-FDA448E326C2}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{1AF0556E-0C62-480D-9168-0C0195380877}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{40FEB7DE-72A8-4E4A-A51A-39A01FA90657}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{D60F86D8-10BF-48A1-8DFB-7B5118701A35}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{DB679FAE-794D-47C8-B730-D0B88DA9F171}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{C1765A33-D86B-4BC7-AAEC-4F29465AE640}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{510CE7AF-BA93-4FA9-85CC-A72DD68E0694}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{02564043-D309-4267-A65C-360F3236E4F3}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{C5860471-9E72-4C62-95E4-BF0C20D62A2A}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{79304971-11DB-4294-BBCF-F4637667643F}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{1783CC7A-F790-4BEA-9628-00B446DFC7FA}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{3776A2D7-F7A7-4718-BE3E-0B93839BA5BF}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{1C69B0ED-1D28-4B80-B3C8-F573655D097C}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{CABC2898-5851-40FE-9743-47815501E778}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{11D05BA7-3C42-453C-9018-668173B63DBA}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{B5D0D322-88CC-4CA5-9494-D00CC758E40D}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{8EB7D356-7A9B-47C2-A058-CD5615ED8E93}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{EF9FCF53-55CD-4780-A309-F2024F48486B}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{A269BE1F-E2E2-4544-9CA4-58904006C706}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{49B848D9-5BBE-46F4-88DE-17D85B05BE11}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{1B69453D-28FE-4599-8C59-A91360EE7E43}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{E11403B9-6985-44D5-89FD-A0CB06941354}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{66D84AB7-4C65-4D15-9154-47E85C4FE613}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{5E4BDF43-1BFD-4793-8CEA-81CCADA99661}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{001F3E03-004B-43A8-9B86-CDE2624D4CB2}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{78760D68-C9AF-4672-9521-9927C8161AF5}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{31D6E8B4-FAAF-439C-AE74-C9543580AEEF}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{CE478840-1BB3-493F-9D28-92DF9C803C23}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{073D4D50-1688-4F10-B771-6A3CA05734CC}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{3225E7C0-BADC-4291-9507-333D63C386D2}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{A13B0531-1D19-4C0F-A390-B1895B85A5AD}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{57A19041-AB75-4704-A607-38EB3B41FA80}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{8B2C2BDB-18DD-4437-9A9F-18F3356CADE7}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{11FED678-36A8-4F75-98A9-AD8FFFDC0A99}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{BF70DB2F-2ABD-45BE-9053-25276F8BF699}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{4286B8C2-B2C2-4B62-AF6B-1F3B678CD856}] => (Allow) LPort=1900
FirewallRules: [{A1738748-84CE-4BE8-9AF4-FB9F9DA11F15}] => (Allow) LPort=2869
FirewallRules: [{CC6C8559-852D-4E63-BA5B-24F9EA13EBB9}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{DF73818D-6B99-4C3E-B6AF-24466EAD4112}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{CC780E66-0E13-4587-9ABA-7107F6811C2D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{5C4C0C0A-F873-4BE7-853E-329E668D5265}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{835964D5-0C4B-4618-83E6-258EEC51CBED}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{C1EE11B5-E62A-47D3-93B0-09B9C3E61DE1}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{E7481793-995D-45A6-A373-0255B69C2944}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{532ED3D6-819E-4B5C-9C42-C2226D7F017E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{A93C90E2-4637-4954-A0D8-92C577F29912}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [UDP Query User{C248263F-5F85-43BA-B3F0-5E1B5C30538E}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{E4463AB9-4DF8-447B-A906-410698A7EEAA}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{74284651-902D-433D-9336-39FFCCF176D5}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{D894535B-5F8B-4F12-8D06-101536B8AD96}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{342632F5-BCAA-48E1-8EF0-249C915A5A1E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{EAF02D7E-E5EC-43A3-BC6A-78E147D46A9A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{9C7FEA45-DDE1-4BC2-AD3B-C38D83605483}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{89BA57E2-87A0-4935-94BD-85E7A68A2C82}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{71A3436F-00E4-4A45-826C-13B7AAFB470D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{24EE5A7F-C8C7-4E66-B15A-679EC151F05B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{0932FD75-0089-427E-B38B-246A51570343}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{45D85427-93AD-4C82-9FEE-060989E059AA}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{601B3809-DACA-4711-B108-58E334B1A937}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{F228ABF0-8752-499A-AA33-44A0B912667B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{F16F2B15-2B62-4578-8359-B35631C183A8}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{03598547-79D7-4A32-8D9F-22B5F8085A19}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{E989BC44-EDED-43ED-B673-B2EE7B281A64}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{E26B1ED0-AF93-4AFE-8D0D-6E1D7058C536}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{69B4F9C9-8E9D-4C17-8BA6-3631781AAB58}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{8082EB6D-7F9F-4842-AE14-5CFF941C9560}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{029A0B76-23E9-4D2B-883D-D165419341BD}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{0FAB8CAD-30E5-4B1C-84DE-22DA5D9694D4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{B6AA2687-06C2-42B4-8F26-6ED11399628F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{8FF4F836-E6BD-4FD1-83D0-5EDDAFC14352}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{7A23EAF7-C5C9-43D3-9A69-02ECFD61C463}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{180A7452-3A5F-4169-95A4-790F72E4C065}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{04970D25-C851-4372-ADC7-DE30C6BAE5DF}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{D75D7061-37C1-4A87-9B02-18050FC057B2}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{8FFD7BBB-0009-47A2-97CF-748B6035F31B}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{7545002E-41DD-4141-9441-FE145C4886B6}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{F63B0517-E2DE-425B-AE55-EE4F78A4809B}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{DFE963E3-D114-48A6-84CE-D26E132A9399}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{4703E519-AF36-40D1-8A21-032538E7F0BB}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{6B0982E2-B7CF-4ABB-A6CB-B757A20780E3}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{7567631B-D0C1-43F3-97D7-63267B78BB8B}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{EF166C6C-4DF4-408A-99E8-D43862DF7787}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{63B78E1B-0830-4A97-BB5F-CD61A92AB156}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{27DBC32E-F8FA-46A9-BF20-F550E0140BED}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{F22DCBE4-7C44-491E-827E-AC5802CD2A61}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{B2E93C1B-8F99-4C89-A66D-436E752E6CFE}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{5E496B72-69CC-43D2-BF4F-7282BD3B448A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{1B49AB93-2067-4399-8EF8-B654A887724F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{5D38390B-CC21-4441-A490-67FB45FA3C73}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{A15F5486-BC19-4FE5-BE85-F159920D484A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{FD6D2835-1507-495F-BED1-30CD70EBBDB6}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{BA58ADF1-DAF7-4C5E-AC60-1AFBA36C34D4}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{A7F7E79E-2822-4058-81DF-F8E83EF2E5A6}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Application.exe
FirewallRules: [{5657EAD9-AEF1-41E7-A882-9CFBF90BFE13}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Application.exe
FirewallRules: [{CEE07C8A-B64B-490E-9224-196BCB1B3150}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.OrderSupplies.exe
FirewallRules: [{F41DCE75-001A-41BC-BA52-D3EEFDC55AE6}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.OrderSupplies.exe
FirewallRules: [{BF3A8AD9-F900-4A70-B3A5-C443E77EA9E7}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Alert.exe
FirewallRules: [{F0952DDD-380B-4542-834F-23A8C2C15814}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Alert.exe
FirewallRules: [{AEB7D726-CEA7-4C2C-89D2-478A0C034368}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\uninstall.exe
FirewallRules: [{38116F41-DA8C-4C66-86E0-16C4EEF9BDBE}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\uninstall.exe
FirewallRules: [{746E85FD-8DE5-4F52-8E84-A1917F5A5187}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\CDAS2PC\Xerox.CDAS2PC.exe
FirewallRules: [{743E02A0-470F-420A-8E22-899AC641364C}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\CDAS2PC\Xerox.CDAS2PC.exe
FirewallRules: [{F93F34B2-1136-462E-8EB2-5CBF20A48314}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{7A2C85C2-E746-4811-A4D2-9CA88AE02EB0}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{5B01B75D-BEAA-4A2B-91DB-D9770A2179F9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

09-05-2018 11:55:14 Windows Update
19-05-2018 22:00:43 Windows Update
02-06-2018 08:55:00 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/02/2018 12:16:33 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_ON došlo k chybě.

Error: (06/02/2018 12:16:28 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_ON došlo k chybě.

Error: (06/02/2018 12:16:23 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_ON došlo k chybě.

Error: (06/02/2018 12:16:18 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_ON došlo k chybě.

Error: (06/02/2018 12:16:13 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_ON došlo k chybě.

Error: (06/02/2018 12:16:08 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_ON došlo k chybě.

Error: (06/02/2018 12:16:03 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_ON došlo k chybě.

Error: (06/02/2018 12:15:58 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_ON došlo k chybě.


System errors:
=============
Error: (06/02/2018 11:44:57 AM) (Source: DCOM) (EventID: 10016) (User: NOTEBOOK)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli notebook\Jiří (SID: S-1-5-21-2734594728-343395219-3823349460-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (06/02/2018 10:17:22 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x8024200d): Aktualizace funkcí na Windows 10, verze 1803.

Error: (06/02/2018 10:05:53 AM) (Source: DCOM) (EventID: 10016) (User: NOTEBOOK)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli notebook\Jiří (SID: S-1-5-21-2734594728-343395219-3823349460-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (06/02/2018 10:04:21 AM) (Source: DCOM) (EventID: 10016) (User: NOTEBOOK)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli notebook\Jiří (SID: S-1-5-21-2734594728-343395219-3823349460-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (06/02/2018 09:34:35 AM) (Source: DCOM) (EventID: 10016) (User: NOTEBOOK)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli notebook\Jiří (SID: S-1-5-21-2734594728-343395219-3823349460-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (06/02/2018 08:42:00 AM) (Source: DCOM) (EventID: 10010) (User: NOTEBOOK)
Description: Server microsoft.windowscommunicationsapps_17.9126.21785.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/02/2018 08:35:58 AM) (Source: DCOM) (EventID: 10016) (User: NOTEBOOK)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli notebook\Jiří (SID: S-1-5-21-2734594728-343395219-3823349460-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (06/02/2018 07:45:18 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


Windows Defender:
===================================
Date: 2018-05-29 14:25:21.809
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {561C8A21-D66D-4522-AE9A-23E655D2F7C0}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-05-28 07:04:46.512
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {42E25D4F-B075-4F88-8012-BE871EE0179C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-05-23 07:22:31.830
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Comine.A!bat
ID: 2147684070
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Jiří\AppData\Roaming\Adobe\Flash Player\File Cache\hddef.bat
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
Verze podpisu: AV: 1.267.1795.0, AS: 1.267.1795.0, NIS: 1.267.1795.0
Verze modulu: AM: 1.1.14800.3, NIS: 1.1.14800.3

Date: 2018-05-23 07:15:35.734
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Comine.A!bat
ID: 2147684070
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Jiří\AppData\Roaming\Adobe\Flash Player\File Cache\hddef.bat
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
Verze podpisu: AV: 1.267.1795.0, AS: 1.267.1795.0, NIS: 1.267.1795.0
Verze modulu: AM: 1.1.14800.3, NIS: 1.1.14800.3

Date: 2018-05-23 07:15:30.353
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Comine.A!bat
ID: 2147684070
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Jiří\AppData\Roaming\Adobe\Flash Player\File Cache\hddef.bat
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
Verze podpisu: AV: 1.267.1795.0, AS: 1.267.1795.0, NIS: 1.267.1795.0
Verze modulu: AM: 1.1.14800.3, NIS: 1.1.14800.3

Date: 2018-05-28 14:01:04.472
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.

Date: 2018-05-28 08:52:55.204
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.

Date: 2018-05-26 16:54:32.083
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.

Date: 2018-05-25 18:40:42.236
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.

Date: 2018-05-25 11:54:46.139
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.269.69.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.14901.4
Kód chyby: 0x80240016
Popis chyby ři zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===================================

Date: 2018-06-02 12:13:27.536
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-06-02 12:13:27.532
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-06-02 11:58:26.293
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-06-02 11:58:26.289
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-06-02 11:43:31.188
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-06-02 11:43:31.184
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-06-02 11:43:26.808
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-06-02 11:43:26.801
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Celeron(R) CPU N2940 @ 1.83GHz
Percentage of memory in use: 64%
Total physical RAM: 3977.7 MB
Available physical RAM: 1430.91 MB
Total Virtual: 5449.7 MB
Available Virtual: 1950.68 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:449.07 GB) (Free:145.96 GB) NTFS

\\?\Volume{fc79652d-5f16-4e0e-8e0d-44ebfaa2dede}\ (Recovery) (Fixed) (Total:0.59 GB) (Free:0.3 GB) NTFS
\\?\Volume{294011b8-0190-4e36-b639-cb4a88f5fdb9}\ (ESP) (Fixed) (Total:0.29 GB) (Free:0.24 GB) FAT32
\\?\Volume{dc0f015b-eb2d-4edd-b55e-bcf2eab8b1eb}\ (Push Button Reset) (Fixed) (Total:15.68 GB) (Free:2.36 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: F44F442E)

Partition: GPT.

==================== End of Addition.txt ============================

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[cazzo]

# -------------------------------
# Malwarebytes AdwCleaner 7.1.1.0
# -------------------------------
# Build: 04-27-2018
# Database: 2018-06-01.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-02-2018
# Duration: 00:00:25
# OS: Windows 10 Home
# Cleaned: 4
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{6200dada-bab8-40d5-8090-bf20c0c5aef4}|DhcpNameServer - "77.236.192.130"
Deleted HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{412e878e-6a9e-4d1d-9b74-092ee66db1d1}|DhcpNameServer - "77.236.192.130"
Deleted HKLM\System\CurrentControlSet\Services\Tcpip\Parameters|DhcpNameServer - "77.236.192.130"
Deleted HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{935d8d6d-fad2-4d8a-a83b-7bc21b78c9ba}|DhcpNameServer - "40.32.1.66"

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************


########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

[Rudy]

OK. Teď dejte log FRST: https://forum.viry.cz/viewtopic.php?f=13&t=152707 .

[cazzo]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16.05.2018 01
Ran by Jiří (administrator) on NOTEBOOK (02-06-2018 17:09:47)
Running from C:\Users\Jiří\Desktop
Loaded Profiles: Jiří (Available Profiles: Jiří)
Platform: Windows 10 Home Version 1709 16299.431 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.16.17656.18052-0\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Windows\SysWOW64\UMonit64.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.16.17656.18052-0\NisSrv.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
() C:\Program Files (x86)\GLPCCamera\monitorpad.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Stardock) C:\Program Files (x86)\Stardock\ObjectDock Plus\ObjectDock.exe
(Stardock) C:\Program Files (x86)\Stardock\ObjectDock Plus\Dock64.exe
(Microsoft) C:\Program Files (x86)\Stardock\ObjectDock Plus\ObjectDockTray.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5595848 2015-01-28] (ESET)
HKLM\...\Run: [GLSystray] => C:\Program Files (x86)\GLPCCamera\monitorpad.exe [69632 2011-11-28] ()
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] ()
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKU\S-1-5-21-2734594728-343395219-3823349460-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53282944 2015-06-29] (Skype Technologies S.A.)
HKU\S-1-5-21-2734594728-343395219-3823349460-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9532120 2017-04-11] (Piriform Ltd)
HKU\S-1-5-21-2734594728-343395219-3823349460-1001\...\MountPoints2: {63cd647d-57f0-11e7-82ec-2c600c46abdc} - "E:\Lenovo_Suite.exe"
Startup: C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk [2015-07-08]
ShortcutTarget: Stardock ObjectDock.lnk -> C:\Program Files (x86)\Stardock\ObjectDock Plus\ObjectDock.exe (Stardock)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 77.236.192.130 77.236.192.150
Tcpip\..\Interfaces\{412e878e-6a9e-4d1d-9b74-092ee66db1d1}: [DhcpNameServer] 77.236.192.150
Tcpip\..\Interfaces\{6200dada-bab8-40d5-8090-bf20c0c5aef4}: [DhcpNameServer] 77.236.192.130 77.236.192.150

Internet Explorer:
==================
HKU\S-1-5-21-2734594728-343395219-3823349460-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com/?pc=ACJB
HKU\S-1-5-21-2734594728-343395219-3823349460-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKU\S-1-5-21-2734594728-343395219-3823349460-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2734594728-343395219-3823349460-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)

FireFox:
========
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll [2016-01-03] ()

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.idnes.cz/
CHR StartupUrls: Default -> "hxxp://www.idnes.cz/","hxxp://www.google.com/"
CHR Profile: C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default [2018-06-02]
CHR Extension: (Prezentace) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-29]
CHR Extension: (YouTube) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-29]
CHR Extension: (Tabulky) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-29]
CHR Extension: (AdBlock) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-05-24]
CHR Extension: (VratnePenize.cz Připomínáček) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\iiekfaemafmplemocgimeccahephhdgf [2018-04-06]
CHR Extension: (EasyHome Homestyler) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdmmkfaghgcicheaimnpffeeekheafkb [2017-05-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-29]
CHR Extension: (Chrome Media Router) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-02]
CHR Extension: (Bubble Shooter\r\n) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmeobdehlajlhbpcmodgllgfmblpjflc [2016-09-29]
CHR Extension: (Dark Violet) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnjfmdhgadolaidlgcbdjbmjnkidlmdj [2017-03-29]
CHR Profile: C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-06-02]
CHR Profile: C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\System Profile [2018-06-02]
CHR Extension: (Prezentace Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-15]
CHR Extension: (Dokumenty Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-15]
CHR Extension: (Disk Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-15]
CHR Extension: (YouTube) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-15]
CHR Extension: (Vyhledávání Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-15]
CHR Extension: (Tabulky Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-15]
CHR Extension: (Gmail) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-15]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2278688 2017-09-26] (Acer Incorporated)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1349576 2015-01-28] (ESET)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-07-22] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [349728 2016-01-03] (WildTangent)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel(R) Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [455912 2014-12-30] (Acer Incorporate)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [234240 2014-07-15] (acer)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\NisSrv.exe [4682552 2018-05-31] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MsMpEng.exe [101096 2018-05-31] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [246000 2015-03-10] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [241880 2015-03-10] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [169792 2015-03-10] (ESET)
R2 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [222280 2015-03-10] (ESET)
R1 EpfwLWF; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [44632 2015-03-10] (ESET)
R0 epfwwfp; C:\WINDOWS\System32\DRIVERS\epfwwfp.sys [64208 2015-03-10] (ESET)
R3 ETDI2C; C:\WINDOWS\system32\DRIVERS\ETDI2C.sys [173384 2014-04-08] (ELAN Microelectronic Corp.)
S3 GeneStor; C:\WINDOWS\System32\drivers\GeneStor.sys [111336 2014-04-28] (GenesysLogic)
S3 glavcam; C:\WINDOWS\system32\DRIVERS\glavcam.sys [3468032 2015-12-14] (Windows (R) Codename Longhorn DDK provider)
R3 iaioi2c; C:\WINDOWS\System32\drivers\iaioi2ce.sys [67584 2013-11-11] (Intel Corporation)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21360 2013-07-18] (Acer Incorporated)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [252232 2017-11-26] (Malwarebytes)
R0 MBI; C:\WINDOWS\System32\drivers\MBI.sys [29464 2013-12-10] (Intel Corporation)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14680 2013-07-18] (Acer Incorporated)
R3 RtkBtFilter; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [615728 2016-01-15] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [4175104 2015-06-11] (Realtek Semiconductor Corporation )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [88592 2014-01-16] (Intel Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2018-05-31] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [313384 2018-05-31] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61992 2018-05-31] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-06-02 14:12 - 2018-06-02 14:12 - 000001842 _____ C:\Users\Jiří\Desktop\AdwCleaner[S00pred_cistenim].txt
2018-06-02 14:07 - 2018-06-02 14:07 - 007271632 _____ (Malwarebytes) C:\Users\Jiří\Desktop\adwcleaner_7.1.1.exe
2018-06-02 12:13 - 2018-06-02 12:16 - 000057054 _____ C:\Users\Jiří\Desktop\Addition.txt
2018-06-02 12:07 - 2018-06-02 17:13 - 000015999 _____ C:\Users\Jiří\Desktop\FRST.txt
2018-06-02 11:55 - 2018-06-02 11:55 - 002413056 _____ (Farbar) C:\Users\Jiří\Desktop\FRST64.exe
2018-06-02 11:53 - 2018-06-02 11:53 - 001329152 _____ C:\Users\Jiří\Desktop\RSITx64.exe
2018-06-02 07:42 - 2018-06-02 07:43 - 000000000 ___HD C:\$WINDOWS.~BT
2018-05-28 14:12 - 2018-05-28 14:12 - 000118542 _____ C:\Users\Jiří\Desktop\PODLAHY cn svoboda V2.xlsx
2018-05-21 16:20 - 2018-05-21 16:48 - 1212097204 _____ C:\Users\Jiří\Desktop\Já padouch 3 Cz Dabing,novinky 2017.avi
2018-05-19 21:52 - 2018-05-04 11:37 - 000278448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Notifier.exe
2018-05-18 08:21 - 2018-05-18 08:21 - 007197299 _____ C:\Users\Jiří\Desktop\Burza_ srozumitelne_Money_Management.pdf
2018-05-17 10:04 - 2018-05-17 10:04 - 000059049 _____ C:\Users\Jiří\Desktop\vypis-99046.pdf
2018-05-15 06:32 - 2018-05-15 06:32 - 001587099 _____ C:\Users\Jiří\Desktop\Manual_bezpecnosti_KMG.pdf
2018-05-12 11:57 - 2018-05-12 12:00 - 339646650 _____ C:\Users\Jiří\Desktop\AC KidFit Pardubice Kráska a Zvíře Kutná Hora..MP4
2018-05-12 11:56 - 2018-05-12 11:59 - 309671107 _____ C:\Users\Jiří\Desktop\AC KidFit Pardubice Kráska a Zvíře Hradec Králové.MP4
2018-05-11 08:08 - 2018-05-11 08:08 - 000111104 _____ C:\Users\Jiří\Desktop\skladove_zasoby_08-05-2018.xls
2018-05-09 18:37 - 2018-05-03 09:56 - 001092016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-05-09 18:37 - 2018-05-03 09:56 - 000924648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-05-09 18:37 - 2018-05-03 09:54 - 000748448 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-05-09 18:37 - 2018-05-03 09:54 - 000608160 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-05-09 18:37 - 2018-05-03 09:53 - 000461216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-05-09 18:37 - 2018-05-03 09:53 - 000300448 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-05-09 18:37 - 2018-05-03 09:52 - 001568160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-05-09 18:37 - 2018-05-03 09:52 - 001415296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-05-09 18:37 - 2018-05-03 09:52 - 000137112 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-05-09 18:37 - 2018-05-03 09:50 - 000664992 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-05-09 18:37 - 2018-05-03 09:50 - 000423328 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-05-09 18:37 - 2018-05-03 09:50 - 000069536 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-05-09 18:37 - 2018-05-03 09:49 - 000035232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-05-09 18:37 - 2018-05-03 09:48 - 002002336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-05-09 18:37 - 2018-05-03 09:48 - 000793960 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2018-05-09 18:37 - 2018-05-03 09:48 - 000272288 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-05-09 18:37 - 2018-05-03 09:47 - 008600472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-05-09 18:37 - 2018-05-03 09:47 - 001209760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-05-09 18:37 - 2018-05-03 09:45 - 002395040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-05-09 18:37 - 2018-05-03 09:45 - 000711936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-05-09 18:37 - 2018-05-03 09:43 - 000702568 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2018-05-09 18:37 - 2018-05-03 09:43 - 000373664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2018-05-09 18:37 - 2018-05-03 09:41 - 000540064 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-05-09 18:37 - 2018-05-03 09:38 - 002574240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-05-09 18:37 - 2018-05-03 09:37 - 000749984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-05-09 18:37 - 2018-05-03 09:37 - 000408992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-05-09 18:37 - 2018-05-03 09:36 - 007675792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-05-09 18:37 - 2018-05-03 09:36 - 000437664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2018-05-09 18:37 - 2018-05-03 09:36 - 000247200 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-05-09 18:37 - 2018-05-03 09:35 - 002472864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2018-05-09 18:37 - 2018-05-03 09:35 - 000358496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2018-05-09 18:37 - 2018-05-03 09:34 - 021356824 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-05-09 18:37 - 2018-05-03 09:34 - 000070864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2018-05-09 18:37 - 2018-05-03 08:43 - 000594056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2018-05-09 18:37 - 2018-05-03 08:39 - 000212896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-05-09 18:37 - 2018-05-03 08:28 - 000061024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2018-05-09 18:37 - 2018-05-03 08:19 - 003663360 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-05-09 18:37 - 2018-05-03 08:19 - 001300992 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-05-09 18:37 - 2018-05-03 08:19 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-05-09 18:37 - 2018-05-03 08:18 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2018-05-09 18:37 - 2018-05-03 08:18 - 000400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-05-09 18:37 - 2018-05-03 08:18 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2018-05-09 18:37 - 2018-05-03 08:17 - 007545344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-05-09 18:37 - 2018-05-03 08:16 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2018-05-09 18:37 - 2018-05-03 08:16 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadauthhelper.dll
2018-05-09 18:37 - 2018-05-03 08:16 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2018-05-09 18:37 - 2018-05-03 08:16 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-05-09 18:37 - 2018-05-03 08:16 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2018-05-09 18:37 - 2018-05-03 08:16 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2018-05-09 18:37 - 2018-05-03 08:16 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2018-05-09 18:37 - 2018-05-03 08:15 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\itircl.dll
2018-05-09 18:37 - 2018-05-03 08:15 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2018-05-09 18:37 - 2018-05-03 08:14 - 000623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2018-05-09 18:37 - 2018-05-03 08:13 - 000253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2018-05-09 18:37 - 2018-05-03 08:12 - 000657408 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2018-05-09 18:37 - 2018-05-03 08:12 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2018-05-09 18:37 - 2018-05-03 08:11 - 000595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-05-09 18:37 - 2018-05-03 08:09 - 008432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-05-09 18:37 - 2018-05-03 08:09 - 003405824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-05-09 18:37 - 2018-05-03 08:09 - 002784256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-05-09 18:37 - 2018-05-03 08:09 - 002086400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-05-09 18:37 - 2018-05-03 08:09 - 001548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-05-09 18:37 - 2018-05-03 08:09 - 001344000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-05-09 18:37 - 2018-05-03 08:06 - 003630080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2018-05-09 18:37 - 2018-05-03 08:05 - 001717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2018-05-09 18:37 - 2018-05-03 08:05 - 000483840 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2018-05-09 18:37 - 2018-05-03 08:05 - 000389120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2018-05-09 18:37 - 2018-05-03 08:03 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2018-05-09 18:37 - 2018-05-03 08:03 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-05-09 18:37 - 2018-05-03 08:03 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2018-05-09 18:37 - 2018-05-03 08:02 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2018-05-09 18:37 - 2018-05-03 08:00 - 002902528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-05-09 18:37 - 2018-05-03 07:57 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2018-05-09 18:37 - 2018-05-03 07:57 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2018-05-09 18:37 - 2018-05-03 07:50 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-05-09 18:37 - 2018-04-16 00:07 - 001463344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-05-09 18:37 - 2018-04-16 00:04 - 000779952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-05-09 18:37 - 2018-04-16 00:03 - 000128408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2018-05-09 18:37 - 2018-04-15 23:51 - 002513920 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-05-09 18:37 - 2018-04-15 23:50 - 001925760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2018-05-09 18:37 - 2018-04-15 23:49 - 001954056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-05-09 18:37 - 2018-04-15 23:49 - 000563632 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2018-05-09 18:37 - 2018-04-15 23:49 - 000382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2018-05-09 18:37 - 2018-04-15 23:48 - 005859248 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-05-09 18:37 - 2018-04-15 23:48 - 001638424 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-05-09 18:37 - 2018-04-15 23:47 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2018-05-09 18:37 - 2018-04-15 23:38 - 003180720 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2018-05-09 18:37 - 2018-04-15 23:38 - 000979360 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2018-05-09 18:37 - 2018-04-15 23:33 - 001269616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2018-05-09 18:37 - 2018-04-15 23:32 - 001416392 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2018-05-09 18:37 - 2018-04-15 23:29 - 001873944 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2018-05-09 18:37 - 2018-04-15 23:28 - 000688064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-05-09 18:37 - 2018-04-15 23:26 - 007384576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-05-09 18:37 - 2018-04-15 23:25 - 000661920 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2018-05-09 18:37 - 2018-04-15 23:25 - 000327008 _____ (Microsoft Corporation) C:\WINDOWS\system32\shlwapi.dll
2018-05-09 18:37 - 2018-04-15 23:24 - 000063656 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2018-05-09 18:37 - 2018-04-15 22:47 - 001929712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-05-09 18:37 - 2018-04-15 22:47 - 001323336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-05-09 18:37 - 2018-04-15 22:36 - 002386832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2018-05-09 18:37 - 2018-04-15 22:36 - 001575896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2018-05-09 18:37 - 2018-04-15 22:36 - 000832648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2018-05-09 18:37 - 2018-04-15 22:16 - 003995136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2018-05-09 18:37 - 2018-04-15 22:15 - 003490816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2018-05-09 18:37 - 2018-04-15 22:14 - 000436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2018-05-09 18:37 - 2018-04-15 22:14 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2018-05-09 18:37 - 2018-04-15 22:14 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2018-05-09 18:37 - 2018-04-15 22:14 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-05-09 18:37 - 2018-04-15 22:14 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-05-09 18:37 - 2018-04-15 22:14 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProv2faHelper.dll
2018-05-09 18:37 - 2018-04-15 22:14 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2018-05-09 18:37 - 2018-04-15 22:13 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2018-05-09 18:37 - 2018-04-15 22:13 - 000084992 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2018-05-09 18:37 - 2018-04-15 22:12 - 017160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-05-09 18:37 - 2018-04-15 22:12 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-05-09 18:37 - 2018-04-15 22:12 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2018-05-09 18:37 - 2018-04-15 22:12 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2018-05-09 18:37 - 2018-04-15 22:11 - 000531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-05-09 18:37 - 2018-04-15 22:11 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountWAMExtension.dll
2018-05-09 18:37 - 2018-04-15 22:11 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2018-05-09 18:37 - 2018-04-15 22:11 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2018-05-09 18:37 - 2018-04-15 22:11 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\eShims.dll
2018-05-09 18:37 - 2018-04-15 22:10 - 001576960 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-05-09 18:37 - 2018-04-15 22:10 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-05-09 18:37 - 2018-04-15 22:10 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2018-05-09 18:37 - 2018-04-15 22:10 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2018-05-09 18:37 - 2018-04-15 22:10 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2018-05-09 18:37 - 2018-04-15 22:10 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2018-05-09 18:37 - 2018-04-15 22:10 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2018-05-09 18:37 - 2018-04-15 22:09 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_User.dll
2018-05-09 18:37 - 2018-04-15 22:09 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2018-05-09 18:37 - 2018-04-15 22:08 - 000859648 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2018-05-09 18:37 - 2018-04-15 22:08 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2018-05-09 18:37 - 2018-04-15 22:08 - 000627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2018-05-09 18:37 - 2018-04-15 22:08 - 000583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.Schema.Shell.dll
2018-05-09 18:37 - 2018-04-15 22:08 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2018-05-09 18:37 - 2018-04-15 22:08 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2018-05-09 18:37 - 2018-04-15 22:08 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2018-05-09 18:37 - 2018-04-15 22:08 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\twext.dll
2018-05-09 18:37 - 2018-04-15 22:08 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2018-05-09 18:37 - 2018-04-15 22:07 - 008031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-05-09 18:37 - 2018-04-15 22:07 - 005195776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-05-09 18:37 - 2018-04-15 22:07 - 003367936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2018-05-09 18:37 - 2018-04-15 22:07 - 001495552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-05-09 18:37 - 2018-04-15 22:07 - 001425408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-05-09 18:37 - 2018-04-15 22:07 - 000837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-05-09 18:37 - 2018-04-15 22:07 - 000792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-05-09 18:37 - 2018-04-15 22:07 - 000702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2018-05-09 18:37 - 2018-04-15 22:07 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2018-05-09 18:37 - 2018-04-15 22:07 - 000477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2018-05-09 18:37 - 2018-04-15 22:07 - 000406016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2018-05-09 18:37 - 2018-04-15 22:07 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2018-05-09 18:37 - 2018-04-15 22:07 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2018-05-09 18:37 - 2018-04-15 22:07 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2018-05-09 18:37 - 2018-04-15 22:07 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2018-05-09 18:37 - 2018-04-15 22:07 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2018-05-09 18:37 - 2018-04-15 22:07 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2018-05-09 18:37 - 2018-04-15 22:07 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2018-05-09 18:37 - 2018-04-15 22:06 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2018-05-09 18:37 - 2018-04-15 22:06 - 000820224 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2018-05-09 18:37 - 2018-04-15 22:06 - 000721920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-05-09 18:37 - 2018-04-15 22:06 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2018-05-09 18:37 - 2018-04-15 22:06 - 000377856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-05-09 18:37 - 2018-04-15 22:06 - 000139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2018-05-09 18:37 - 2018-04-15 22:05 - 004113408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-05-09 18:37 - 2018-04-15 22:05 - 000863744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2018-05-09 18:37 - 2018-04-15 22:05 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2018-05-09 18:37 - 2018-04-15 22:04 - 002523136 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2018-05-09 18:37 - 2018-04-15 22:04 - 002490880 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2018-05-09 18:37 - 2018-04-15 22:04 - 002209280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-05-09 18:37 - 2018-04-15 22:04 - 001236480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-05-09 18:37 - 2018-04-15 22:04 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2018-05-09 18:37 - 2018-04-15 22:04 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-05-09 18:37 - 2018-04-15 22:04 - 000976896 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2018-05-09 18:37 - 2018-04-15 22:04 - 000884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2018-05-09 18:37 - 2018-04-15 22:04 - 000621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2018-05-09 18:37 - 2018-04-15 22:04 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2018-05-09 18:37 - 2018-04-15 22:03 - 004772352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2018-05-09 18:37 - 2018-04-15 22:03 - 003177472 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-05-09 18:37 - 2018-04-15 22:03 - 002976256 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-05-09 18:37 - 2018-04-15 22:03 - 002857984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-05-09 18:37 - 2018-04-15 22:03 - 002741248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-05-09 18:37 - 2018-04-15 22:03 - 002628608 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-05-09 18:37 - 2018-04-15 22:03 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2018-05-09 18:37 - 2018-04-15 22:03 - 001224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2018-05-09 18:37 - 2018-04-15 22:03 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2018-05-09 18:37 - 2018-04-15 22:03 - 000825856 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2018-05-09 18:37 - 2018-04-15 22:02 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-05-09 18:37 - 2018-04-15 22:01 - 000518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2018-05-09 18:37 - 2018-04-15 22:00 - 002223616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2018-05-09 18:37 - 2018-04-15 22:00 - 001739264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2018-05-09 18:37 - 2018-04-15 22:00 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-05-09 18:37 - 2018-04-15 22:00 - 000682496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2018-05-09 18:37 - 2018-04-15 22:00 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2018-05-09 18:37 - 2018-04-15 22:00 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2018-05-09 18:37 - 2018-04-15 22:00 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2018-05-09 18:37 - 2018-04-15 22:00 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2018-05-09 18:37 - 2018-04-15 22:00 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2018-05-09 18:37 - 2018-04-15 22:00 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ByteCodeGenerator.exe
2018-05-09 18:37 - 2018-04-15 21:59 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2018-05-09 18:37 - 2018-04-15 21:58 - 001472000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2018-05-09 18:37 - 2018-04-15 21:58 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2018-05-09 18:36 - 2018-05-03 09:57 - 000599448 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-05-09 18:36 - 2018-05-03 09:51 - 001056152 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-05-09 18:36 - 2018-05-03 09:50 - 001206688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-05-09 18:36 - 2018-05-03 09:48 - 000077216 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-05-09 18:36 - 2018-05-03 09:36 - 002710736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-05-09 18:36 - 2018-05-03 09:32 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-05-09 18:36 - 2018-05-03 08:44 - 000595448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2018-05-09 18:36 - 2018-05-03 08:36 - 025254400 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-05-09 18:36 - 2018-05-03 08:31 - 006092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-05-09 18:36 - 2018-05-03 08:31 - 002193688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-05-09 18:36 - 2018-05-03 08:29 - 000285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2018-05-09 18:36 - 2018-05-03 08:26 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-05-09 18:36 - 2018-05-03 08:25 - 020290248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-05-09 18:36 - 2018-05-03 08:18 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2018-05-09 18:36 - 2018-05-03 08:16 - 023674880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-05-09 18:36 - 2018-05-03 08:16 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-05-09 18:36 - 2018-05-03 08:16 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-05-09 18:36 - 2018-05-03 08:15 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll
2018-05-09 18:36 - 2018-05-03 08:14 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-05-09 18:36 - 2018-05-03 08:14 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2018-05-09 18:36 - 2018-05-03 08:13 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2018-05-09 18:36 - 2018-05-03 08:12 - 000816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-05-09 18:36 - 2018-05-03 08:12 - 000672768 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-05-09 18:36 - 2018-05-03 08:09 - 008068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-05-09 18:36 - 2018-05-03 08:09 - 004723712 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-05-09 18:36 - 2018-05-03 08:09 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-05-09 18:36 - 2018-05-03 08:09 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-05-09 18:36 - 2018-05-03 08:08 - 001597952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-05-09 18:36 - 2018-05-03 08:08 - 000808960 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-05-09 18:36 - 2018-05-03 08:07 - 001822720 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-05-09 18:36 - 2018-05-03 08:04 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2018-05-09 18:36 - 2018-05-03 08:00 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2018-05-09 18:36 - 2018-05-03 08:00 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2018-05-09 18:36 - 2018-05-03 07:59 - 018924544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-05-09 18:36 - 2018-05-03 07:58 - 006467072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-05-09 18:36 - 2018-05-03 07:58 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-05-09 18:36 - 2018-05-03 07:57 - 019354624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-05-09 18:36 - 2018-05-03 07:57 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itircl.dll
2018-05-09 18:36 - 2018-05-03 07:57 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadauthhelper.dll
2018-05-09 18:36 - 2018-05-03 07:57 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2018-05-09 18:36 - 2018-05-03 07:57 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-05-09 18:36 - 2018-05-03 07:56 - 002677248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-05-09 18:36 - 2018-05-03 07:56 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2018-05-09 18:36 - 2018-05-03 07:56 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2018-05-09 18:36 - 2018-05-03 07:55 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-05-09 18:36 - 2018-05-03 07:54 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-05-09 18:36 - 2018-05-03 07:53 - 007813120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2018-05-09 18:36 - 2018-05-03 07:53 - 006060544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-05-09 18:36 - 2018-05-03 07:53 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2018-05-09 18:36 - 2018-05-03 07:53 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-05-09 18:36 - 2018-05-03 07:52 - 003662848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-05-09 18:36 - 2018-05-03 07:52 - 000664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-05-09 18:36 - 2018-05-03 07:52 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-05-09 18:36 - 2018-05-03 07:51 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-05-09 18:36 - 2018-05-03 07:51 - 001560064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-05-09 18:36 - 2018-05-03 07:50 - 001474560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-05-09 18:36 - 2018-05-03 07:49 - 003430400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2018-05-09 18:36 - 2018-05-03 07:48 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2018-05-09 18:36 - 2018-05-03 07:48 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2018-05-09 18:36 - 2018-05-03 07:48 - 000328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
2018-05-09 18:36 - 2018-05-03 07:47 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2018-05-09 18:36 - 2018-04-15 23:57 - 000279968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2018-05-09 18:36 - 2018-04-15 23:34 - 000230304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2018-05-09 18:36 - 2018-04-15 23:33 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-05-09 18:36 - 2018-04-15 23:32 - 003904296 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-05-09 18:36 - 2018-04-15 23:30 - 002268024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2018-05-09 18:36 - 2018-04-15 23:29 - 001779936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-05-09 18:36 - 2018-04-15 23:29 - 000198440 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2018-05-09 18:36 - 2018-04-15 23:26 - 002711176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-05-09 18:36 - 2018-04-15 23:26 - 001506200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-05-09 18:36 - 2018-04-15 23:25 - 001430768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2018-05-09 18:36 - 2018-04-15 23:25 - 000092032 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2018-05-09 18:36 - 2018-04-15 23:23 - 001101208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-05-09 18:36 - 2018-04-15 22:47 - 001615712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-05-09 18:36 - 2018-04-15 22:47 - 001490856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2018-05-09 18:36 - 2018-04-15 22:47 - 001433360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-05-09 18:36 - 2018-04-15 22:47 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-05-09 18:36 - 2018-04-15 22:47 - 000311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2018-05-09 18:36 - 2018-04-15 22:38 - 003485392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-05-09 18:36 - 2018-04-15 22:38 - 001123464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2018-05-09 18:36 - 2018-04-15 22:38 - 000444280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2018-05-09 18:36 - 2018-04-15 22:37 - 000747416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2018-05-09 18:36 - 2018-04-15 22:36 - 000543920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2018-05-09 18:36 - 2018-04-15 22:35 - 002462704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2018-05-09 18:36 - 2018-04-15 22:34 - 006482664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-05-09 18:36 - 2018-04-15 22:34 - 001524776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-05-09 18:36 - 2018-04-15 22:34 - 001456104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2018-05-09 18:36 - 2018-04-15 22:34 - 001017048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-05-09 18:36 - 2018-04-15 22:34 - 000572312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2018-05-09 18:36 - 2018-04-15 22:34 - 000279472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shlwapi.dll
2018-05-09 18:36 - 2018-04-15 22:34 - 000166408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2018-05-09 18:36 - 2018-04-15 22:34 - 000077552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2018-05-09 18:36 - 2018-04-15 22:34 - 000052248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2018-05-09 18:36 - 2018-04-15 22:15 - 000674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockController.dll
2018-05-09 18:36 - 2018-04-15 22:14 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2018-05-09 18:36 - 2018-04-15 22:14 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2018-05-09 18:36 - 2018-04-15 22:14 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProv2faHelper.dll
2018-05-09 18:36 - 2018-04-15 22:12 - 013704704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-05-09 18:36 - 2018-04-15 22:11 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2018-05-09 18:36 - 2018-04-15 22:11 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2018-05-09 18:36 - 2018-04-15 22:10 - 000571904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2018-05-09 18:36 - 2018-04-15 22:10 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-05-09 18:36 - 2018-04-15 22:10 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountWAMExtension.dll
2018-05-09 18:36 - 2018-04-15 22:10 - 000218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2018-05-09 18:36 - 2018-04-15 22:10 - 000192000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2018-05-09 18:36 - 2018-04-15 22:10 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
2018-05-09 18:36 - 2018-04-15 22:09 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2018-05-09 18:36 - 2018-04-15 22:09 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2018-05-09 18:36 - 2018-04-15 22:09 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2018-05-09 18:36 - 2018-04-15 22:09 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2018-05-09 18:36 - 2018-04-15 22:08 - 006576128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-05-09 18:36 - 2018-04-15 22:08 - 003181568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-05-09 18:36 - 2018-04-15 22:08 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2018-05-09 18:36 - 2018-04-15 22:08 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2018-05-09 18:36 - 2018-04-15 22:08 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2018-05-09 18:36 - 2018-04-15 22:08 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingMonitor.dll
2018-05-09 18:36 - 2018-04-15 22:07 - 012689920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-05-09 18:36 - 2018-04-15 22:07 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-05-09 18:36 - 2018-04-15 22:07 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2018-05-09 18:36 - 2018-04-15 22:07 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2018-05-09 18:36 - 2018-04-15 22:07 - 000158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twext.dll
2018-05-09 18:36 - 2018-04-15 22:07 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2018-05-09 18:36 - 2018-04-15 22:07 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2018-05-09 18:36 - 2018-04-15 22:06 - 013660672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-05-09 18:36 - 2018-04-15 22:06 - 011924480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-05-09 18:36 - 2018-04-15 22:06 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2018-05-09 18:36 - 2018-04-15 22:05 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2018-05-09 18:36 - 2018-04-15 22:05 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2018-05-09 18:36 - 2018-04-15 22:05 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2018-05-09 18:36 - 2018-04-15 22:05 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-05-09 18:36 - 2018-04-15 22:04 - 012833280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-05-09 18:36 - 2018-04-15 22:04 - 002464768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-05-09 18:36 - 2018-04-15 22:04 - 001342464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2018-05-09 18:36 - 2018-04-15 22:04 - 001230848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2018-05-09 18:36 - 2018-04-15 22:04 - 000997376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2018-05-09 18:36 - 2018-04-15 22:04 - 000965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2018-05-09 18:36 - 2018-04-15 22:04 - 000648704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2018-05-09 18:36 - 2018-04-15 22:04 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2018-05-09 18:36 - 2018-04-15 22:04 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2018-05-09 18:36 - 2018-04-15 22:04 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2018-05-09 18:36 - 2018-04-15 22:03 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2018-05-09 18:36 - 2018-04-15 22:03 - 004248064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-05-09 18:36 - 2018-04-15 22:03 - 003287040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncCenter.dll
2018-05-09 18:36 - 2018-04-15 22:03 - 002814976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2018-05-09 18:36 - 2018-04-15 22:03 - 002462208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2018-05-09 18:36 - 2018-04-15 22:03 - 002413568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2018-05-09 18:36 - 2018-04-15 22:03 - 000920064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-05-09 18:36 - 2018-04-15 22:03 - 000826880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-05-09 18:36 - 2018-04-15 22:03 - 000697344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2018-05-09 18:36 - 2018-04-15 22:03 - 000695296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2018-05-09 18:36 - 2018-04-15 22:03 - 000508928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2018-05-09 18:36 - 2018-04-15 22:03 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2018-05-09 18:36 - 2018-04-15 22:03 - 000402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2018-05-09 18:36 - 2018-04-15 22:03 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2018-05-09 18:36 - 2018-04-15 22:03 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2018-05-09 18:36 - 2018-04-15 22:03 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2018-05-09 18:36 - 2018-04-15 22:02 - 004814336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-05-09 18:36 - 2018-04-15 22:02 - 001669120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2018-05-09 18:36 - 2018-04-15 22:02 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2018-05-09 18:36 - 2018-04-15 22:02 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2018-05-09 18:36 - 2018-04-15 22:01 - 001509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2018-05-09 18:36 - 2018-04-15 22:01 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2018-05-09 18:36 - 2018-04-15 22:01 - 000366592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2018-05-09 18:36 - 2018-04-15 22:01 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2018-05-09 18:36 - 2018-04-15 22:01 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ByteCodeGenerator.exe
2018-05-09 18:36 - 2018-04-15 22:00 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2018-05-09 18:36 - 2018-04-15 22:00 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2018-05-09 18:36 - 2018-04-15 21:59 - 001332736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-03-24 20:48 - 2015-01-11 08:10 - 000000852 _____ C:\WINDOWS\system32\Drivers\RTKHDRC1.DAT
2022-03-24 20:48 - 2015-01-11 08:10 - 000000852 _____ C:\WINDOWS\system32\Drivers\RTKHDRC0.DAT
2022-03-24 19:22 - 2015-01-11 08:10 - 000000712 _____ C:\WINDOWS\system32\Drivers\RTEQEX1.DAT
2022-03-24 19:22 - 2015-01-11 08:10 - 000000712 _____ C:\WINDOWS\system32\Drivers\RTEQEX0.DAT
2018-06-02 17:09 - 2016-07-15 00:54 - 000000000 ____D C:\FRST
2018-06-02 17:05 - 2017-12-08 09:49 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-06-02 15:54 - 2017-11-30 02:36 - 000000000 ___DC C:\WINDOWS\Panther
2018-06-02 14:32 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-06-02 14:24 - 2017-09-29 15:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-06-02 14:23 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-06-02 14:18 - 2017-06-06 13:05 - 000000000 ____D C:\Users\Jiří\AppData\Local\ConnectedDevicesPlatform
2018-06-02 14:17 - 2015-07-08 17:29 - 000000000 __SHD C:\Users\Jiří\IntelGraphicsProfiles
2018-06-02 14:14 - 2017-12-08 10:29 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-06-02 14:13 - 2017-09-29 10:45 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2018-06-02 14:11 - 2017-12-08 10:29 - 000004194 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{01FA28F9-C04B-4783-A9F8-762159759CC1}
2018-06-02 14:10 - 2015-10-27 10:57 - 000000000 ____D C:\AdwCleaner
2018-06-02 12:05 - 2015-11-01 09:36 - 000000000 ____D C:\Program Files\trend micro
2018-06-02 12:00 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-06-02 12:00 - 2017-09-29 15:44 - 000000000 ____D C:\WINDOWS\INF
2018-05-31 13:58 - 2018-03-17 11:05 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-05-25 11:34 - 2017-12-08 09:57 - 000000000 ____D C:\Users\Jiří
2018-05-21 06:52 - 2014-08-29 14:40 - 000000000 ____D C:\Program Files (x86)\Acer
2018-05-19 22:02 - 2017-09-29 15:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-05-18 06:49 - 2017-12-08 10:29 - 000003468 _____ C:\WINDOWS\System32\Tasks\ESET Windows 10 upgrade – Refresh settings
2018-05-18 06:49 - 2015-07-08 17:45 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-05-17 23:51 - 2017-12-08 10:29 - 000003502 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d0b995bf082813
2018-05-17 23:51 - 2017-12-08 10:29 - 000003348 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-05-17 10:17 - 2015-07-10 16:41 - 000000000 ____D C:\Users\Jiří\Desktop\faktury
2018-05-16 10:40 - 2015-11-19 16:59 - 000000000 ____D C:\Users\Jiří\Desktop\podlahy
2018-05-15 21:35 - 2015-07-08 17:36 - 000000000 ____D C:\Users\Jiří\AppData\Local\clear.fi
2018-05-15 21:31 - 2014-08-29 14:40 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2018-05-15 21:24 - 2015-11-06 11:19 - 000000000 ____D C:\Users\Jiří\Desktop\filmy
2018-05-14 06:45 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\rescache
2018-05-09 19:19 - 2017-12-08 10:24 - 002581362 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-05-09 19:19 - 2017-09-30 16:31 - 001169198 _____ C:\WINDOWS\system32\perfh005.dat
2018-05-09 19:19 - 2017-09-30 16:31 - 000274294 _____ C:\WINDOWS\system32\perfc005.dat
2018-05-09 19:15 - 2015-09-16 14:33 - 000000000 ___RD C:\Users\Jiří\3D Objects
2018-05-09 19:15 - 2015-07-09 09:18 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-05-09 19:13 - 2017-12-08 09:49 - 000409368 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-05-09 19:08 - 2017-09-29 15:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2018-05-09 19:08 - 2017-09-29 15:46 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2018-05-09 19:08 - 2017-09-29 15:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-05-09 19:08 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-05-09 19:08 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-05-09 19:08 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-05-09 19:08 - 2017-09-29 10:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-05-09 19:08 - 2017-09-29 10:45 - 000000000 ____D C:\WINDOWS\servicing
2018-05-09 12:09 - 2015-07-08 22:44 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-05-09 12:01 - 2017-10-10 23:12 - 141696960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-05-09 12:01 - 2015-07-08 22:44 - 141696960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories =======

2009-03-13 13:13 - 2009-03-13 13:13 - 018447396 _____ (ZJMedia Digital Technology Ltd.) C:\Users\Jiří\AppData\Roaming\WinAVI_All_In_One_Converter.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-28 07:02

==================== End of FRST.txt ============================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKU\S-1-5-21-2734594728-343395219-3823349460-1001\...\MountPoints2: {63cd647d-57f0-11e7-82ec-2c600c46abdc} - "E:\Lenovo_Suite.exe"
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d0b995bf082813
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[cazzo]

Fix result of Farbar Recovery Scan Tool (x64) Version: 02.06.2018
Ran by Jiří (02-06-2018 18:32:11) Run:1
Running from C:\Users\Jiří\Desktop
Loaded Profiles: Jiří (Available Profiles: Jiří)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKU\S-1-5-21-2734594728-343395219-3823349460-1001\...\MountPoints2: {63cd647d-57f0-11e7-82ec-2c600c46abdc} - "E:\Lenovo_Suite.exe"
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d0b995bf082813
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
End
*****************

Processes closed successfully.
"HKU\S-1-5-21-2734594728-343395219-3823349460-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{63cd647d-57f0-11e7-82ec-2c600c46abdc}" => removed successfully
HKLM\Software\Classes\CLSID\{63cd647d-57f0-11e7-82ec-2c600c46abdc} => not found
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d0b995bf082813 => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 9199616 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 75175222 B
Java, Flash, Steam htmlcache => 523 B
Windows/system/drivers => 3272662 B
Edge => 305 B
Chrome => 391401983 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => -464 B
NetworkService => 1874 B
Jiří => 9151871 B

RecycleBin => 2593870 B
EmptyTemp: => 468.1 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 18:33:06 ====

[Rudy]

Smazáno. Nastala nějaká změna?

[cazzo]

zatím se to tváří dobře, uvidím, nezlobilo to pořád, jen občas, tak se ukáže. Velmi děkuji za pomoc a ochotu a posílám drobný příspěvek na provoz fóra. Mějte se.

[Rudy]

Za příspěvek děkujeme a vy nemáte zač!